校园网络随机劫持网页，来看看是干嘛的！

来人看看，是不是再干坏事啊。

先访问劫持网页，再访问原本网页。

• 劫持网页

<html> <head> <script language="Javascript">setTimeout("location.replace(location.href.split(\"#\")[0])",2000);</script&t; <script type="text/Javascript" src="http://1.1.1.2:89/cookie/flash.js"></script> <script language="Javascript">setURL("1.1.1.2");supFlash("18446744072909971032");</script> </head> <body> <object classid="clsid:d27cdb6e-ae6d-11cf-96b8-444553540000" codebase="http://fpdownload.macromedia.com/pub/shockwave/cabs/flash/swflash.cab#version=7,0,0,0" width="0" height="0" id="m" align="center"><param name="allowScriptAccess" value="always" /> <param name="movie" value="http://1.1.1.2:89/cookie/flashcookie.swf" /> <param name="quality" value="high" /> <param name="FlashVars" value="srv=1.1.1.2" /> <embed src="http://1.1.1.2:89/cookie/flashcookie.swf"FlashVars="srv=1.1.1.2" quality="high" width="0" height="0" name="m" align="center" allowScriptAccess="always" type="application/x-shockwave-flash"pluginspage="http://www.macromedia.com/go/getflashplayer" /> </object> </body 

• flash.js

var url = ""; function setURL(ip){url = "http://"+ip+":89/cookie/flashcookie.html";} function loadPage(){location.replace(location.href.split("#")[0]);} ////add by yxf@2014/08/27 /** *@描 述：增加 UA 判断，排除移动终端上报 cookies 值和时间间隔值 *@返回值： * true, 允许上报； false ，不允许上报 */ function IsCanReport2Ac(){ var strUseAgent = navigator.userAgent.toLowerCase(); //非 windows nt var isWinNt = strUseAgent.indexOf("windows nt") > -1; if (!isWinNt){ return false;} //移动终端 var isMobile = strUseAgent.indexOf("mobile") > -1; if (isMobile){ return false;} //为 Android var isAndroid = strUseAgent.indexOf("android") > -1; if (isAndroid){ return false;} //为 ios var isIOS = !!strUseAgent.match(/\(i[^;]+;( u;)? cpu.+mac os x/); if (isIOS){ return false;} //为 Symbian var isSymbian = strUseAgent.indexOf("symbian") > -1; if (isSymbian){ return false;} //为 iPhone var isIPhOne= strUseAgent.indexOf("iphone") > -1; if (isIPhone){ return false;} //为 ipad var isIPad = strUseAgent.indexOf("ipad") > -1; if (isIPad){ return false;} //为 ipod var isIPod = strUseAgent.indexOf("ipod") > -1; if (isIPod){ return false;} //排除一些误判的 app 特征字符串 var isInvalidAppPos = strUseAgent.search(/ baidubrowser\/\d/);//-- 百度一下客户端 if (-1 != isInvalidAppPos){ return false;} return true; } ////end by yxf // 写 cookies function setCookie(name,value) { var Days = 30; var exp = new Date(); exp.setTime(exp.getTime() + Days*24*60*60*1000); document.cookie = name + "="+ escape (value) + ";expires=" + exp.toGMTString(); } // 读取 cookies function getCookie(name) { var arr,reg=new RegExp("(^| )"+name+"=([^;]*)(;|$)"); if(arr=document.cookie.match(reg)){ return (arr[2]); }else{ return null; } } function supFlash(cookie) { if (false === IsCanReport2Ac()){ loadPage(); return; } // 获取本地 cookie 值 var td_cookie = getCookie("td_cookie"); if (td_cookie == cookie){ loadPage(); return; } setCookie("td_cookie", cookie); var flash = 0; var judgeIE = !-[1,]; var ua = navigator.userAgent.toLowerCase(); if (ua.indexOf("taobrowser") > 0 || ua.indexOf("lbbrowser") > 0) { loadPage(); return; } var isIE = judgeIE || ua.indexOf("msie") > 0 || ua.indexOf("trident/7.0") > 0; if(isIE){ try{ var swf1 = new ActiveXObject('ShockwaveFlash.ShockwaveFlash'); flash = 1; } catch(e){ flash = 0; } } else { try{ var swf2 = navigator.plugins['Shockwave Flash']; if(swf2 == undefined){ flash = 0; } else { flash = 1; } } catch(e){ flash = 0; } } if(flash === 0) { loadPage(); return; } } // 配置排除列表 var excludeList = new Array("ADMUI3Lg","ADMUI3Sm","Photoshop Large","Photoshop Small"); var makeCRCTable = function(){ var c; var crcTable = []; for(var n =0; n < 256; n++){ c = n; for(var k =0; k < 8; k++){ c = ((c&1) ? (0xEDB88320 ^ (c >>> 1)) : (c >>> 1)); } crcTable[n] = c; } return crcTable; } var crc32 = function(str) { var crcTable = window.crcTable || (window.crcTable = makeCRCTable()); var crc = 0 ^ (-1); for (var i = 0; i < str.length; i++ ) { crc = (crc >>> 8) ^ crcTable[(crc ^ str.charCodeAt(i)) & 0xFF]; } return (crc ^ (-1)) >>> 0; }; function isArray(value) { return value && typeof value === 'object' && typeof value.length === 'number' && !(value.propertyIsEnumerable('length')); } function removeExcludeFont(fontArr, excludeList) { if (!excludeList.length) { return fontArr; } var flag = 0; var resArr = new Array(); for (var i = 0; i < fontArr.length; ++i) { flag = 0; for (var j = 0; j < excludeList.length; ++j) { if (fontArr[i] == excludeList[j]) { flag = 1; break; } if (fontArr[i].match(/\.tmp/)) { flag = 1; break; } } if (!flag) { resArr.push(fontArr[i]) } } resArr.sort(); return resArr; } function jsSetCookie(fontArr, manu, vers, os) { if(manu == "" || !isArray(fontArr)){ loadPage(); return; } if(url == ""){ loadPage(); return; } var fOntStr= removeExcludeFont(fontArr, excludeList).join("|\n"); var font_param = "manu_txt=" + manu + "&manu_crc=" + crc32(manu).toString() + "&version=" + vers + "&font_crc=" + crc32(fontStr).toString() + "&os=" + os; var script = document.createElement("script"); script.type = "text/Javascript"; var dOne= false; script.Onload= script.Onreadystatechange= function(){ if ( !done && (!this.readyState || this.readyState === "loaded" || this.readyState === "complete") ) { dOne= true; this.Onload= this.Onreadystatechange= null; loadPage(); return; } }; script.src = url +"?"+font_param+"&"+Math.random(); document.getElementsByTagName("head")[0].appendChild(script); }