Website traffic deception and hung it to the newbie section-Vulnerability warning-the black bar safety net

ID MYHACK58:62200818668
Type myhack58
Reporter 佚名
Modified 2008-03-31T00:00:00


Recently, I received some netizens Complain, saying that using a proxy IP visit the web site, always out of the blue to jump to another site, when removing a proxy IP, access to the site has returned to normal. And some even more, use a proxy IP when visiting a website, computers often poisoning.

To address this problem, the author of this thing to do a bit of research.

First, select a resource-rich point of proxy website that collect a number of available proxy IP, I to the ring finger proxy Forum http://bbs. 8 5 5 8. org to collect more than a thousand strips friends just sent to the http proxy.

The agent collected after starting the test, first, write a special batch of test tools for all the selected agent to be tested, test method and the online common method, the use of the program through a proxy to access the Baidu. If you want to return the page source with Baidu on the page source code, we as normal can be with a proxy IP.

At the same time, for each test the normal of the proxy, access the web page obtained when the page content are all automatically saved.

Well, below we take a look at For more than a thousand proxy after the test results.

First of all, we got all the proxy after successful testing of the information, and as a web page file saved, as shown in Figure 1.


Figure 1 save the proxy after successful testing of the information

Note carefully look at, here we get the file's sizes. Where the agent is to access the Baidu website, test it out, in theory it should be, all the file content should be the same size, are Baidu site web code size. Why does this happen, we went with questions to the next step.

We use first a size of the file and Baidu is not the same agent to give it a try(Baidu home file code size is 3KB left and right, we chose a proxy in IE on the settings as shown in Figure 2)。


Select proxy and set after set after we access the Zhongguancun Online website, http://www. zol. com. cn, in the browser input: Zhongguancun Online website.

Figure 3 Input Zhongguancun Online website

Situation arose, we did not get access to the Zhongguancun online content. But there has been so a website such as Figure 4)。


Figure 4 The emergence of non-object of the web page

Why this is so. This is the proxy server. The use of technological means, in accepting the received access time, load the access URL of the content which is hidden, or quickly jump to the other trick flow website.

In the test the proxy IP in the process, we also found another interesting problem, that is, Baidu is newspaper toxic, we look again at Figure 5.


Figure 5 detects Baidu has a virus

This is in a test proxy, use the proxy to access Baidu website, which is the proxy server loaded with some other malicious code to Baidu's web pages. Not really Baidu toxic. But the proxy server in play.