the iframe of the anti-plug-crack-vulnerability warning-the black bar safety net

2009-03-03T00:00:00
ID MYHACK58:62200922377
Type myhack58
Reporter 佚名
Modified 2009-03-03T00:00:00

Description

Author: emptiness prodigal heart

See Monyer of the article: the iframe of the anti-Plug and plug-on http://hi.baidu.com/monyer/blog/item/108c718d9aedcf15b21bba56.html

The code is as follows:

the <script> window. onload = function(){ if(top!= self){ var f = document. createElement("form"); f. action=location; f. target="_parent"; document. body. appendChild(f); f. submit(); } }; </script>

Forced to submit, I carefully looked at this article, then practice the next, found two onload will later overwrite the previous onload is.

And the defense code in the operation of the"body"。

So this code must be applied to page most below.

Then looked before

the iframe of the anti-plug with a strong plug of

http://hi.baidu.com/monyer/blog/item/1551b68f453f78e9f11f3667.html

Find the attacker may control at least a period of JS, so it can“override”it.

Finally Monyer gives a solution.

However, a closer look, there are still big problems.

Last night at YY, JS has a SLEEP function, so the code behind, etc. on the“six months”before the implementation, and that his scheme will fail.

So the test actually successful.

In the morning and everyone talking about this thing, is fiercely against the next, the original JS didn't have this function on. That behind does not execute the JS error is. Embarrassing is...

After careful study, finally thought of to crack of method. HOOK up.

Look at the code, I put monyer code in there, then do not let him to perform well.

the <head> </head> the <body> Oh and...

</body> the <script>

document. createElement = function(test) { var f = new Object(); f. action=location; f. target="_parent";

f. submit = function (){}; return f; } document. body. appendChild = function(test){}

window. onload = function(){alert(1);}

//----------------------------The following is Monyer method. As is copy. window. onload = function(){ if(top!= self){ var f = document. createElement("form"); f. action=location; f. target="_parent"; document. body. appendChild(f); f. submit(); } }; //Advertising time http://www. inbreak. net alert('hackedbykxlzx'); </script>

Do a class, HOOK off this method all used up. Hey.... and At the same time ensure that the back of the JS executed correctly.