Long time music network Download music crack! - Vulnerability warning-the black bar safety net

2006-08-07T00:00:00
ID MYHACK58:62200610942
Type myhack58
Reporter 佚名
Modified 2006-08-07T00:00:00

Description

Long time music network: http://www.99music.net The music really much, how to break through the limit to download songs?

Now teach you how to achieve: 1. Put ie's temporary folder all the contents emptied. 2. Open http://www.99music.net/song_3.asp?id=25330&act=dx To view the temporary files home file: song_3. asp? id=2 5 3 3 0&act=dx, url.js that au_25330.js These three files are copied to the desktop, will become song_3[1]. htm, url.js[1], The au_25330[1]. js 3. Open song_3[1]. htm, found at:

CODE:

[Copy to clipboard]

document. write("<embed src='" + SVIP + "" + Music_25330[0] + "' width='3 0 0' autostart='true' height='6 0'>");

And

CODE:

[Copy to clipboard]

<script language=JavaScript type=text/JavaScript src=http://www. 99music. net/audio/au_25330. js></script>

Know why should we choose to view au_25330. js the. 4. Open au_25330[1]. js

CODE:

[Copy to clipboard]

var Music_25330=new Array("hk/aidai/2003-04/0 1. ra","Vitamin vitamin","love","2 5 3 3 0","8 2 5","1 9 5 7","");

Saw hk/aidai/2003-04/0 1. ra this? Find the right most one on from the success of the nearly half :) So far we've put the song The absolute path to get to the half, this time you might say: http://www.99music.nethk/aidai/2003-04/01.ra Not that the song of the absolute path? Hey, most of the case is this. But a long time music is not the same. See Step 3 of the SVIP this stuff? Oh, we first no matter, the next step is to uncover its mysterious veil 5. Open url[1]. js:

CODE:

[Copy to clipboard]

url1="http://119.99music.net/" service1="for Telecom users to use"

url2="http://24.99music.net/" service2="for Telecom users to use"

url3="http://51.99music.net/" service3="fit Netcom, railcom and other users to use"

url4="http://25.99music.net/" service4="fit Netcom, railcom and other users to use"

url5="http://38.99music.net/" service5="for Telecom users to use"

url6="http://126.99music.net/" service6="alternate"

url7="http://2.99music.net/" service7="for Telecom users to use"

IF SV="" THEN sss=second(now())

IF right(sss/5100,2)=0 0 THEN SVIP=url1 SVT="①" ELSE IF right(sss/5100,2)=2 0 THEN SVIP=url2 SVT="②" ELSE IF right(sss/5100,2)=4 0 THEN SVIP=url3 SVT="③" ELSE IF right(sss/5100,2)=6 0 THEN SVIP=url4 SVT="④" ELSE SVIP=url5 SVT="⑤" END IF END IF END IF END IF

ELSE SELECT Case SV Case 6 SVIP=url6 SVT="⑥" Case 5 SVIP=url5 SVT="⑤" Case 4 SVIP=url4 SVT="④" Case 3 SVIP=url3 SVT="③" Case 2 SVIP=url2 SVT="②" Case 1 SVIP=url1 SVT="①" END SELECT END IF

Do not look do not know, wow, I have 7 servers, the songs address or a random distribution, the algorithm is: sss=second(now()) right(sss/5*100,2) Day! Well, here we no matter so much, not is 7 a server, a personal test. 6. Respectively, in the ie address bar enter: http://119.99music.net/hk/aidai/2003-04/01.ra http://24.99music.net/hk/aidai/2003-04/01.ra http://51.99music.net/hk/aidai/2003-04/01.ra http://25.99music.net/hk/aidai/2003-04/01.ra http://38.99music.net/hk/aidai/2003-04/01.ra http://126.99music.net/hk/aidai/2003-04/01.ra http://2.99music.net/hk/aidai/2003-04/01.ra Ha ha, see not: Front 6 A Address in the browser and enter the result, as shown: ! The seventh address in the browser and enter the result, as shown: ! 7. So far, the hack is working to come to an end, if my analysis is not mistaken, A seventh address is the real song address! We found a long time music network to do the two times the song path of the process: Time is the only web App on, the second is an application of the anti-down chain process. Don't know I analysis right, if friends are interested in, you can then analyze the crack. This dedicated ugly