networkedition - 2010-2-1 13:03:00
网址均来自瑞星每日安全播报,我们详细分析其中所挂恶意网址,对于已失效的恶意网址就不再分析。
注:以下分析出的恶意网址均包含有真实网马下载地址,请勿直接下载并运行,以免系统中招。
1. http://sq.jlonline.com/(社区百事通)
2. http://www.changshang.com/(中国厂商网)
3. http://www.nxnews.net/(宁夏新闻网)
4. http://www.xmhouse.com/(厦门房地产联合网)
用户系统信息:Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1) ; .NET CLR 2.0.50727; .NET CLR 3.0.4506.2152; .NET CLR 3.5.30729; InfoPath.2)
networkedition - 2010-2-1 13:03:00
Log generated by networkedition use mdecoder 0.41
[root]http://sq.jlonline.com/(全城社区 - 社区百事通)
[script]http://hka.xorg.pl/c.js?google_ad=01x2802_ad
[iframe]http://abg.bij.pl/77/738sd.htm
[iframe]http://abg.bij.pl/77/av.htm
[iframe]http://abg.bij.pl/77/mp.htm
[script]http://abg.bij.pl/77/ll0.jpg
[script]http://abg.bij.pl/77/ll1.jpg
[script]http://abg.bij.pl/77/upp.jpg
[exe]http://abg.bij.pl/l/ss.exe
[script]http://abg.bij.pl/77/llll1.jpg
[script]http://abg.bij.pl/77/llll.jpg
[script]http://abg.bij.pl/77/lllll.jpg
[iframe]http://abg.bij.pl/77/nod.htm
[iframe]http://abg.bij.pl/77/lz.htm
[script]http://abg.bij.pl/77/oopk.jpg
[exe]http://abg.bij.pl/l/ss.exe
[script]http://abg.bij.pl/77/ll1.jpg
[script]http://abg.bij.pl/77/lz.jpg
[iframe]http://abg.bij.pl/77/real.htm
[iframe]http://abg.bij.pl/77/myra.htm
[script]http://abg.bij.pl/77/myr.jpg
[exe]http://abg.bij.pl/l/ss.exe
[iframe]http://abg.bij.pl/77/rising.htm
[iframe]http://abg.bij.pl/77/ofnt.htm
[script]http://abg.bij.pl/77/oopk.jpg
[script]http://abg.bij.pl/77/uug.jpg
[script]http://abg.bij.pl/77/fa.js
[iframe]http://abg.bij.pl/77/fla.htm
[iframe]http://abg.bij.pl/77/ff.html
[iframe]http://abg.bij.pl/77/ie.html
[iframe]http://abg.bij.pl/77/ff.html
[iframe]http://abg.bij.pl/77/ie.html
[iframe]http://abg.bij.pl/77/ff.html
[iframe]http://abg.bij.pl/77/ff.html
networkedition - 2010-2-1 13:03:00
Log generated by networkedition use mdecoder 0.41
[root]http://www.changshang.com/Product/productinfo.aspx?id=308093
[script]http://www.changshang.com/Product/../js/jquery.js
[script]http://www.changshang.com/Product/../js/common.js
[script]http://www.changshang.com/ajaxpro/prototype.ashx
[script]http://www.changshang.com/ajaxpro/core.ashx
[script]http://www.changshang.com/ajaxpro/converter.ashx
[script]http://www.changshang.com/ajaxpro/CSWeb.reg.login,CSWeb.ashx
[script]http://www.changshang.com/Product/../js/jquery.blockUI.js
[iframe]http://www.changshang.com/Product/../js/javascript:false;
[script]http://www.changshang.com/Product/../js/login.js
[script]http://www.changshang.com/js/GetJs.aspx?action=top
[script]http://203.67.69.236/data/cp.js?ad_changshang_750x169
[iframe]http://ferrari04.8800.org:801/c089644/c08.htm
[iframe]http://ferrari04.8800.org:801/c089644/c.htm
[script]http://ferrari04.8800.org:801/c089644/c.js
[script]http://ferrari04.8800.org:801/c089644/a.jpg
[exe]http://sbl123.3322.org:8088/c08.exe
[script]http://ferrari04.8800.org:801/c089644/b.jpg
[iframe]http://ferrari04.8800.org:801/c089644/c08.htm
[iframe]http://ferrari04.8800.org:801/c089644/c08.htm
[iframe]http://ferrari04.8800.org:801/c089644/c08.htm
[iframe]http://ferrari04.8800.org:801/c089644/c08.htm
[iframe]http://ferrari04.8800.org:801/c089644/c08.htm
[iframe]http://ferrari04.8800.org:801/c089644/c08.htm
[iframe]http://ferrari04.8800.org:801/c089644/c08.htm
[script]http://js.tongji.cn.yahoo.com/735862/ystat.js
networkedition - 2010-2-1 13:04:00
Log generated by networkedition use mdecoder 0.41
[root]http://www.nxnews.net/1509/2008-3-18/52@286120.htm(宁夏新闻网)
[script]http://www.nxnews.net/top.js
[iframe]http://www.nxnews.net/tuijian.htm
[iframe]http://www.nxnews.net/topnews.htm
[script]http://www.nxnews.net/bottom.js
[script]http://tjxt.nxnews.net/count/count.js
[script]http://www.crcf.org.cn/logo.gif?cndddniac
[iframe]http://ferrari04.8800.org:801/c089644/c08.htm
[iframe]http://ferrari04.8800.org:801/c089644/c.htm
[script]http://ferrari04.8800.org:801/c089644/c.js
[script]http://ferrari04.8800.org:801/c089644/a.jpg
[exe]http://sbl123.3322.org:8088/c08.exe
[script]http://ferrari04.8800.org:801/c089644/b.jpg
networkedition - 2010-2-1 13:04:00
Log is generated by FreShow.
[wide]http://www.xmhouse.com/information/News/dcpd/msgh/index.asp
[script]http://www.xmhouse.com/AdManagers/AllJs/TongLan/top2008781838843.js
[script]http://www.xmhouse.com/housenews/gdwz2008.js
[script]http://www.xmhouse.com/tqyb.js
[frame]http://www.xmhouse.com/information/news/index_589.asp
[script]http://www.xmhouse.com/information/News/dcpd/msgh/ http://www.xmhouse.com/inc/tail.js
[script]http://js.users.51.la/1889909.js
[script]http://www.13the.cn/blackhole/mm.js
[frame]http://www.13the.cn/blackhole/index.htm
[frame]http://www.13the.cn/blackhole/ie.html
[object]http://www.13the.cn/bl-361khole/muma.exe
fengxingjudy - 2010-2-1 16:11:00
版主你好,我刚开始接触网马这个东西,比较小白。问你的问题,通过一个图片链接木马怎么被下载运行呢,我只知道那个所谓的图片其实不是图片,里面是网马的代码。。也许没说清楚,汗。
© 2000 - 2024 Rising Corp. Ltd.