瑞星卡卡安全论坛

首页 » 技术交流区 » 恶意网站交流 » 每日网马播报 » 瑞星网站每日安全播报(2011年9月14日)
networkedition - 2011-9-14 10:33:00


引用:
网址均来自瑞星每日安全播报,我们详细分析其中所挂恶意网址,对于已失效的恶意网址就不再分析。



引用:
注:以下分析出的恶意网址均包含有真实网马下载地址,请勿直接下载并运行,以免系统中招。



引用:


1.  http://pet.zyhs.cn/(尊贵宠物网)
2.  http://www.51juben.com.cn/(无忧小品剧本网)
3.  http://www.gdfi.com.cn/(广东省财政职业技术学校)
4.  http://www.hainane.info/(海南e时代)


用户系统信息:Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 5.1; Trident/4.0; GTB6.5; .NET CLR 2.0.50727)
networkedition - 2011-9-14 10:34:00
Log generated by networkedition use mdecoder 0.67
[root]http://pet.zyhs.cn/data/js/b6.htm(Exploit.Ie0dayCVE0806.a)
    [script]http://pet.zyhs.cn/data/js/b1.txt
    [script]http://pet.zyhs.cn/data/js/b2.txt
    [script]http://pet.zyhs.cn/data/js/b3.txt
    [script]http://pet.zyhs.cn/data/js/b4.txt
    [script]http://pet.zyhs.cn/data/js/b5.txt
    [virus]http://pet.zyhs.cn/data/js/upx.exe
networkedition - 2011-9-14 10:34:00
Log generated by networkedition use mdecoder 0.67
[root]http://www.51juben.com.cn/
    [script]http://www.51juben.com.cn/script/common.js
        [script]http://:
    [script]http://www.51juben.com.cn/themes/delicious/script/pngfix.js
    [script]http://js.users.51.la/2408111.js
    [exp]http://www.51juben.com.cn/CUTE-IE.html(Exploit.Ie0dayCVE0806.c)
        [script]http://www.51juben.com.cn/pack.js
        [script]http://www.51juben.com.cn/pack.css
        [virus]http://www.51juben.com.cn/51.exe
    [iframe]http://kkwt00.3322.org:8832/GwN1/index.html
    [iframe]http://aa82.8866.org:8832/GwN1/index.html
        [iframe]http://aa82.8866.org:8832/GwN1/2.htm
            [flash]http://aa82.8866.org:8832/GwN1/nb.swf
            [flash]http://aa82.8866.org:8832/GwN1/nb.swf
        [exp]http://aa82.8866.org:8832/GwN1/b6.htm(Exploit.Ie0dayCVE0806.a)
            [script]http://aa82.8866.org:8832/GwN1/b1.txt
            [script]http://aa82.8866.org:8832/GwN1/b2.txt
            [script]http://aa82.8866.org:8832/GwN1/b3.txt
            [script]http://aa82.8866.org:8832/GwN1/b4.txt
            [script]http://aa82.8866.org:8832/GwN1/b5.txt
    [iframe]http://ccta88.8800.org:8832/GwN1/index.html
        [iframe]http://ccta88.8800.org:8832/GwN1/2.htm
            [flash]http://ccta88.8800.org:8832/GwN1/nb.swf
            [flash]http://ccta88.8800.org:8832/GwN1/nb.swf
        [exp]http://ccta88.8800.org:8832/GwN1/b6.htm(Exploit.Ie0dayCVE0806.a)
            [script]http://ccta88.8800.org:8832/GwN1/b1.txt
            [script]http://ccta88.8800.org:8832/GwN1/b2.txt
            [script]http://ccta88.8800.org:8832/GwN1/b3.txt
            [script]http://ccta88.8800.org:8832/GwN1/b4.txt
            [script]http://ccta88.8800.org:8832/GwN1/b5.txt
    [iframe]http://kv886.8866.org:8832/GwN1/index.html
        [iframe]http://kv886.8866.org:8832/GwN1/2.htm
            [flash]http://kv886.8866.org:8832/GwN1/nb.swf
            [flash]http://kv886.8866.org:8832/GwN1/nb.swf
        [exp]http://kv886.8866.org:8832/GwN1/b6.htm(Exploit.Ie0dayCVE0806.a)
            [script]http://kv886.8866.org:8832/GwN1/b1.txt
            [script]http://kv886.8866.org:8832/GwN1/b2.txt
            [script]http://kv886.8866.org:8832/GwN1/b3.txt
            [script]http://kv886.8866.org:8832/GwN1/b4.txt
            [script]http://kv886.8866.org:8832/GwN1/b5.txt
    [iframe]http://oke85.8800.org:8832/GwN1/index.html
        [iframe]http://oke85.8800.org:8832/GwN1/2.htm
            [flash]http://oke85.8800.org:8832/GwN1/nb.swf
            [flash]http://oke85.8800.org:8832/GwN1/nb.swf
        [exp]http://oke85.8800.org:8832/GwN1/b6.htm(Exploit.Ie0dayCVE0806.a)
            [script]http://oke85.8800.org:8832/GwN1/b1.txt
            [script]http://oke85.8800.org:8832/GwN1/b2.txt
            [script]http://oke85.8800.org:8832/GwN1/b3.txt
            [script]http://oke85.8800.org:8832/GwN1/b4.txt
            [script]http://oke85.8800.org:8832/GwN1/b5.txt
networkedition - 2011-9-14 10:35:00
Log generated by networkedition use mdecoder 0.67
[root]http://www.gdfi.com.cn/english/maths/xcb.htm(Exploit.Ie0dayCVE0806.a)
    [script]http://www.gdfi.com.cn/english/maths/ap.js
    [virus]http://www.gdfi.com.cn/english/qq.exe
networkedition - 2011-9-14 10:35:00
Log generated by networkedition use mdecoder 0.67
[root]http://www.hainane.info/bak/md.html
    [script]http://www.hainane.info/bak/party.css
[virus]http://www.jx2dbtwg.com/dnf/03.css
    [script]http://www.hainane.info/bak/css.css
    [script]http://www.hainane.info/bak/js.css
1
查看完整版本: 瑞星网站每日安全播报(2011年9月14日)