网站(==清华大学航天航空学院==)被黑客植入木马
今日,log.mtian.net接网友networkedition上报,网站(主页标题:==清华大学航天航空学院==)(URL:http://hy.tsinghua.edu.cn/)被黑客植入网页木马。
系统有漏洞的用户访问该页面将可能被安装木马病毒等恶意程序,可以导致电脑被黑客控制并且被
窃取敏感信息。以下是网友networkedition对该网站其中一个页面的挂马分析:
Log generated by networkedition use mdecoder 0.54
[root]http://hy.tsinghua.edu.cn/index.asp(==清华大学航天航空学院==)
[flash]http://hy.tsinghua.edu.cn/images/Movie1.swf
[iframe]http://www.lblp.com.cn/admin/webedit/SysImage/bg/18.htm
[iframe]http://www.lblp.com.cn/admin/webedit/dialog/about/cf.html
[iframe]http://www.lblp.com.cn/admin/webedit/dialog/about/ok.html
[iframe]http://www.lblp.com.cn/admin/webedit/dialog/about/cfox.htm
[iframe]http://www.lblp.com.cn/admin/webedit/dialog/about/snow.htm
[iframe]http://www.lblp.com.cn/admin/webedit/dialog/about/xi.htm
[script]http://www.lblp.com.cn/admin/webedit/dialog/about/swfobject.js
[iframe]http://www.lblp.com.cn/admin/webedit/dialog/about/cfl.htm
[iframe]http://www.lblp.com.cn/admin/webedit/dialog/about/ff.html
[flash]http://www.lblp.com.cn/admin/webedit/dialog/about/music.swf
[script]http://www.lblp.com.cn/admin/webedit/dialog/about/ff.js
[exe]http://laso.3322.org/y.exe
[iframe]http://www.lblp.com.cn/admin/webedit/dialog/about/ie.html
[flash]http://www.lblp.com.cn/admin/webedit/dialog/about/music.swf
[script]http://www.lblp.com.cn/admin/webedit/dialog/about/ie.js
[exe]http://laso.3322.org/y.exe
[iframe]http://www.lblp.com.cn/admin/webedit/dialog/about/ff.html
[iframe]http://www.lblp.com.cn/admin/webedit/dialog/about/ie.html
[iframe]http://www.lblp.com.cn/admin/webedit/dialog/about/ie.html
[iframe]http://www.lblp.com.cn/admin/webedit/dialog/about/ff.html
[iframe]http://www.lblp.com.cn/admin/webedit/dialog/about/xf.htm
[script]http://www.lblp.com.cn/admin/webedit/dialog/about/swfobject.js
[iframe]http://www.lblp.com.cn/admin/webedit/dialog/about/cfl.htm
[iframe]http://www.lblp.com.cn/admin/webedit/dialog/about/xi.htm
[exp]http://www.lblp.com.cn/admin/webedit/dialog/about/n6.htm(Exploit.Ie0dayCVE0806.c)
[script]http://www.lblp.com.cn/admin/webedit/dialog/about/x.jpg
[script]http://www.lblp.com.cn/admin/webedit/dialog/about/a.jpg
[virus]http://laso.3322.org/y.exe
[script]http://www.lblp.com.cn/admin/webedit/dialog/about/b.jpg
[script]http://www.lblp.com.cn/admin/webedit/dialog/about/c.jpg
[script]http://www.lblp.com.cn/admin/webedit/dialog/about/d.jpg
[exp]http://www.lblp.com.cn/admin/webedit/dialog/about/n7.htm(Exploit.Ie0dayCVE0806.a)
[script]http://www.lblp.com.cn/admin/webedit/dialog/about/AHHS.js
[script]http://www.lblp.com.cn/admin/webedit/dialog/about/AHHS2.js
[script]http://www.lblp.com.cn/admin/webedit/dialog/about/AHHS3.js
[virus]http://laso.3322.org/y.exe
[iframe]http://www.lblp.com.cn/admin/webedit/dialog/about/cfox2.htm
[exp]http://www.lblp.com.cn/admin/webedit/dialog/about/of.htm(Exploit.OfficeSpreadsheet.a)
[script]http://www.lblp.com.cn/admin/webedit/dialog/about/n90.jpg
[script]http://www.lblp.com.cn/admin/webedit/dialog/about/n93.jpg
[virus]http://laso.3322.org/y.exe
[script]http://www.lblp.com.cn/admin/webedit/dialog/about/n95.jpg
[script]http://www.lblp.com.cn/admin/webedit/dialog/about/n97.jpg
log.mtian.net提醒大家安装防网马软件来防范此类挂马网页的攻击,并及时检查并安装系统及第 三方软件的补丁。
Log generated by networkedition use mdecoder 0.54
[root]http://hy.tsinghua.edu.cn/index.asp(==清华大学航天航空学院==)
[flash]http://hy.tsinghua.edu.cn/images/Movie1.swf
[iframe]http://www.lblp.com.cn/admin/webedit/SysImage/bg/18.htm
[iframe]http://www.lblp.com.cn/admin/webedit/dialog/about/cf.html
[iframe]http://www.lblp.com.cn/admin/webedit/dialog/about/ok.html
[iframe]http://www.lblp.com.cn/admin/webedit/dialog/about/cfox.htm
[iframe]http://www.lblp.com.cn/admin/webedit/dialog/about/snow.htm
[iframe]http://www.lblp.com.cn/admin/webedit/dialog/about/xi.htm
[script]http://www.lblp.com.cn/admin/webedit/dialog/about/swfobject.js
[iframe]http://www.lblp.com.cn/admin/webedit/dialog/about/cfl.htm
[iframe]http://www.lblp.com.cn/admin/webedit/dialog/about/ff.html
[flash]http://www.lblp.com.cn/admin/webedit/dialog/about/music.swf
[script]http://www.lblp.com.cn/admin/webedit/dialog/about/ff.js
[exe]http://laso.3322.org/y.exe
[iframe]http://www.lblp.com.cn/admin/webedit/dialog/about/ie.html
[flash]http://www.lblp.com.cn/admin/webedit/dialog/about/music.swf
[script]http://www.lblp.com.cn/admin/webedit/dialog/about/ie.js
[exe]http://laso.3322.org/y.exe
[iframe]http://www.lblp.com.cn/admin/webedit/dialog/about/ff.html
[iframe]http://www.lblp.com.cn/admin/webedit/dialog/about/ie.html
[iframe]http://www.lblp.com.cn/admin/webedit/dialog/about/ie.html
[iframe]http://www.lblp.com.cn/admin/webedit/dialog/about/ff.html
[iframe]http://www.lblp.com.cn/admin/webedit/dialog/about/xf.htm
[script]http://www.lblp.com.cn/admin/webedit/dialog/about/swfobject.js
[iframe]http://www.lblp.com.cn/admin/webedit/dialog/about/cfl.htm
[iframe]http://www.lblp.com.cn/admin/webedit/dialog/about/xi.htm
[exp]http://www.lblp.com.cn/admin/webedit/dialog/about/n6.htm(Exploit.Ie0dayCVE0806.c)
[script]http://www.lblp.com.cn/admin/webedit/dialog/about/x.jpg
[script]http://www.lblp.com.cn/admin/webedit/dialog/about/a.jpg
[virus]http://laso.3322.org/y.exe
[script]http://www.lblp.com.cn/admin/webedit/dialog/about/b.jpg
[script]http://www.lblp.com.cn/admin/webedit/dialog/about/c.jpg
[script]http://www.lblp.com.cn/admin/webedit/dialog/about/d.jpg
[exp]http://www.lblp.com.cn/admin/webedit/dialog/about/n7.htm(Exploit.Ie0dayCVE0806.a)
[script]http://www.lblp.com.cn/admin/webedit/dialog/about/AHHS.js
[script]http://www.lblp.com.cn/admin/webedit/dialog/about/AHHS2.js
[script]http://www.lblp.com.cn/admin/webedit/dialog/about/AHHS3.js
[virus]http://laso.3322.org/y.exe
[iframe]http://www.lblp.com.cn/admin/webedit/dialog/about/cfox2.htm
[exp]http://www.lblp.com.cn/admin/webedit/dialog/about/of.htm(Exploit.OfficeSpreadsheet.a)
[script]http://www.lblp.com.cn/admin/webedit/dialog/about/n90.jpg
[script]http://www.lblp.com.cn/admin/webedit/dialog/about/n93.jpg
[virus]http://laso.3322.org/y.exe
[script]http://www.lblp.com.cn/admin/webedit/dialog/about/n95.jpg
[script]http://www.lblp.com.cn/admin/webedit/dialog/about/n97.jpg
log.mtian.net提醒大家安装防网马软件来防范此类挂马网页的攻击,并及时检查并安装系统及第 三方软件的补丁。
分类:
最新评论