HaCKeD By : lvlr.hack,网站被伊斯兰黑客黑掉怎么办?

2012年1月18日 发表评论 阅读评论

闪电博客这期检查友链并互访,大吃一惊,忽然发现友链中的小杰博客被黑了,而且黑客在他首页挂了张很吊的图,主页里不排除被植入了木马js脚本,目前我好奇,正在研究中,如何解决还属难题。

为了保证安全,暂时先把他的链接撤下来。

小杰博客网站链接:http://www.xiaojie.me/

被黑后的首页,显示内容:

HaCKeD By : lvlr.hack

- – - – - – - – - – - – - – - – - – - – - – -

HaCked By lvlr.hack

lvlr.hack@msn.COM

- – - – - – - – - –

greets to : ali ahmady ,mr feeling, ali TOOFAN
status : If you hate Islam,We hate anyone who does not hate you

显示的部分图片:

被黑网页源代码闪电博客先帖出来吧:

<title>HackeD By lvlr.hack</title>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=windows-1252">
<link REL="SHORTCUT ICON" HREF="http://www.fileden.com/files/2010/12/26/3045728/Mzh04208.gif">
<style type="text/css">
.auto-style1 {
    font-family: Impact;
    font-size: large;
    color: #FFFFFF;
}
.auto-style2 {
    font-family: "Courier New", Courier, monospace;
    font-size: large;
    color: #FFFFFF;
}
.auto-style3 {
    font-family: "Courier New", Courier, monospace;
}
</style>
</head>
</head>
<body bgcolor="#000000" background="http://www.fileden.com/files/2010/12/26/3045728/HaCK%202.gif" style="background-attachment: fixed">
<div align="center">
    <table border="1" width="57%" height="451" background="http://www.fileden.com/files/2010/12/26/3045728/10101.gif" style="border-collapse: collapse" bordercolor="#666666">
        <tr>
            <td nowrap>
            <p align="center"><b>
            <font face="Arial Black" size="5" color="#FFFFFF">- – - – - – </font>
            <font face="Arial Black" size="5" color="#333333">- – - – - – - – -
            -</font><font face="Arial Black" size="5" color="#FFFFFF"> – - – - –
            – -</font></b></p>
            <p align="center">
            <font face="Impact" color="#666666" size="5"><b>
            <u>
            HaCKeD By</u> : </b>lvlr.hack</font></p>
            <p align="center"><b>
            <font face="Arial Black" size="5" color="#FFFFFF">- – - – - – </font>
            <font face="Arial Black" size="5" color="#333333">- – - – - – - – -
            -</font><font face="Arial Black" size="5" color="#FFFFFF"> – - – - –
            – -</font></b></p>
            <p align="center">
            <img border="0" src="http://upload.sa3eka.com/uploads/images/s61e380c1da.gif" width="350" height="60"></p>
             <p class=style2 align=center><img border="0" align=center src="http://www.play-files.net/images/1301491675-2je5ic8.png" width="321" height="272"></p>
            <p align="center" class="auto-style1">HaCked By lvlr.hack</p>
            <p align="center">&nbsp;</p>
            <p align="center">&nbsp;</p>
            <p align="center">
            <font size="5" color="#FFFFFF" class="auto-style3">
            <u><b>
            <span lang="en-us">&nbsp;lvlr.hack@msn</span></b></u><span lang="en-us">.</span></font><span class="auto-style2"><strong>COM</strong></span></p>
            <p align="center">&nbsp;</p>
            <p align="center"><b>
            <font face="Impact" size="5" color="#333333">- – - – - – - – - -</font></b></p>
            <p align="center"><br>
            <br>
            </p>
            <div align="center">
                    <SCRIPT LANGUAGE="JavaScript">
/*
An object-oriented Typing Text script, to allow for multiple instances.
A script that causes any text inside any text element to be "typed out", one letter at a time. Note that any HTML tags will not be included in the typed output, to prevent them from causing problems. Tested in Firefox v1.5.0.1, Opera v8.52, Konqueror v3.5.1, and IE v6.
Browsers that do not support this script will simply see the text fully displayed from the start, including any HTML tags.
Functions defined:
  TypingText(element, [interval = 100,] [cursor = "",] [finishedCallback = function(){return}]):
    Create a new TypingText object around the given element.  Optionally
    specify a delay between characters of interval milliseconds.
    cursor allows users to specify some HTML to be appended to the end of
    the string whilst typing.  Optionally, can also be a function which
    accepts the current text as an argument.  This allows the user to
    create a "dynamic cursor" which changes depending on the latest character
    or the current length of the string.
    finishedCallback allows advanced scripters to supply a function
    to be executed on finishing.  The function must accept no arguments.
  TypingText.run():
    Run the effect.
  static TypingText.runAll():
    Run all TypingText-enabled objects on the page.
*/
TypingText = function(element, interval, cursor, finishedCallback) {
  if((typeof document.getElementById == "undefined") || (typeof element.innerHTML == "undefined")) {
    this.running = true;    // Never run.
    return;
  }
  this.element = element;
  this.finishedCallback = (finishedCallback ? finishedCallback : function() { return; });
  this.interval = (typeof interval == "undefined" ? 20 : interval);
  this.origText = this.element.innerHTML;
  this.unparsedOrigText = this.origText;
  this.cursor = (cursor ? cursor : "");
  this.currentText = "";
  this.currentChar = 0;
  this.element.typingText = this;
  if(this.element.id == "") this.element.id = "typingtext" + TypingText.currentIndex++;
  TypingText.all.push(this);
  this.running = false;
  this.inTag = false;
  this.tagBuffer = "";
  this.inHTMLEntity = false;
  this.HTMLEntityBuffer = "";
}
TypingText.all = new Array();
TypingText.currentIndex = 0;
TypingText.runAll = function() {
  for(var i = 0; i < TypingText.all.length; i++) TypingText.all[i].run();
}
TypingText.prototype.run = function() {
  if(this.running) return;
  if(typeof this.origText == "undefined") {
    setTimeout("document.getElementById(‘" + this.element.id + "’).typingText.run()", this.interval);    // We haven’t finished loading yet.  Have patience.
    return;
  }
  if(this.currentText == "") this.element.innerHTML = "";
//  this.origText = this.origText.replace(/<([^<])*>/, "");     // Strip HTML from text.
  if(this.currentChar < this.origText.length) {
    if(this.origText.charAt(this.currentChar) == "<" && !this.inTag) {
      this.tagBuffer = "<";
      this.inTag = true;
      this.currentChar++;
      this.run();
      return;
    } else if(this.origText.charAt(this.currentChar) == ">" && this.inTag) {
      this.tagBuffer += ">";
      this.inTag = false;
      this.currentText += this.tagBuffer;
      this.currentChar++;
      this.run();
      return;
    } else if(this.inTag) {
      this.tagBuffer += this.origText.charAt(this.currentChar);
      this.currentChar++;
      this.run();
      return;
    } else if(this.origText.charAt(this.currentChar) == "&" && !this.inHTMLEntity) {
      this.HTMLEntityBuffer = "&";
      this.inHTMLEntity = true;
      this.currentChar++;
      this.run();
      return;
    } else if(this.origText.charAt(this.currentChar) == ";" && this.inHTMLEntity) {
      this.HTMLEntityBuffer += ";";
      this.inHTMLEntity = false;
      this.currentText += this.HTMLEntityBuffer;
      this.currentChar++;
      this.run();
      return;
    } else if(this.inHTMLEntity) {
      this.HTMLEntityBuffer += this.origText.charAt(this.currentChar);
      this.currentChar++;
      this.run();
      return;
    } else {
      this.currentText += this.origText.charAt(this.currentChar);
    }
    this.element.innerHTML = this.currentText;
    this.element.innerHTML += (this.currentChar < this.origText.length – 1 ? (typeof this.cursor == "function" ? this.cursor(this.currentText) : this.cursor) : "");
    this.currentChar++;
    setTimeout("document.getElementById(‘" + this.element.id + "’).typingText.run()", this.interval);
  } else {
    this.currentText = "";
    this.currentChar = 0;
        this.running = false;
        this.finishedCallback();
  }
}
</script>
<style>
td{align: center; font-family: Bradley Hand ITC; font-size: 12pt; color: white}
a{align: center; font-family: Bradley Hand ITC; font-size: 12pt; color: red}
</style>
<div
id="example1"></div>
<p id="exampe2">
    <b>greets to</b>        :  ali ahmady ,mr feeling, ali TOOFAN
  <br>
<b>status</b>        : If you hate Islam,We hate anyone who does not hate you!
  <br>
</p><script type="text/javascript">
//Define first typing example:
new TypingText(document.getElementById("example1"));
//Define second typing example (use "slashing" cursor at the end):
new TypingText(document.getElementById("example2"), 50, function(i){
var ar = new Array("_"," ","_","_"); return " " + ar[i.length %
ar.length]; });
//Type out examples:
TypingText.runAll();
</script>
                <div align="center">
                    <p align="center"><b>
                    <font face="Arial Black" size="5" color="#FFFFFF">- – - – -
                    – </font><font face="Arial Black" size="5" color="#333333">-
                    – - – - – - – - -</font><font face="Arial Black" size="5" color="#FFFFFF">
                    – - – - – - -</font></b></div>
            </div>
            </td>
        </tr>
        <tr>
            <td nowrap>
            &nbsp;</td>
        </tr>
    </table>
</div>

网站被黑解决方案:
目前闪电博客还没想到,只能恢复备份吧,这也很无奈,能找到漏洞并修复漏洞那就更好了。

伊斯兰黑客攻陷网站名单
谷歌百度一找发现这个伊斯兰黑客军团很吊的,许多网站中招,列出如下:
www.dristal.com
mumuphotography.com
camillemaalawy.com
usawhitesmiles.com
linden-musique.com

伊朗黑客
也许这个黑客出自伊朗民间黑客,搜索Google英文发现有人介绍可能是iranian hackers所为,当然,真是不是伊朗人咱也不清楚,这年头黑客当道啊!


转载请注明来自:[闪电博客]http://shandian.biz/1963.html

分类: 建站教程 标签:
  1. 爱微博客
    2012年7月2日15:44 | #1

    一个小站怎么会被黑?