cNotes 検索 一覧 カテゴリ

インジェクション - x.js 2

Published: 2010/12/08

関連:インジェクション - x.js

namepath
jswnq.com/x.js
bjdtpy.com/x.js

x.jsの中身はこれ。飛ばされる先が変わっています。

namepath
yyyyaus.9966.org:8843/GwN2/index.html?1

その中身がこれ

その後ダウンロードされるのがこれ。
namepath
f1.ad58.info:8843/xx/gwn2.css

その正体はこれ。

http://www.virustotal.com/file-scan/report.html?id=82e2ec053aea3cdc17f5fd81988c57ea0616b2524274810661b5e7803b81c7cb-1291429392


   Domain Name: JSWNQ.COM
   Registrar: HICHINA ZHICHENG TECHNOLOGY LTD.
   Whois Server: grs.hichina.com
   Referral URL: http://www.net.cn
   Name Server: DNS7.HICHINA.COM
   Name Server: DNS8.HICHINA.COM
   Status: ok
   Updated Date: 09-jul-2010
   Creation Date: 26-jul-2005
   Expiration Date: 26-jul-2012
 
 121.199.114.138
 netnum:        121.196.0.0 - 121.199.255.255
 netname:        HICHINA
 descr:          HiChina Web Solutions (Beijing) Limited
 descr:          No.27 Gulouwai Avenue,Dongcheng District, Beijing 100011,China
 country:        CN
   Domain Name: BJDTPY.COM
   Registrar: GODADDY.COM, INC.
   Whois Server: whois.godaddy.com
   Referral URL: http://registrar.godaddy.com
   Name Server: NS1.DNSPOD.NET
   Name Server: NS2.DNSPOD.NET
   Name Server: NS3.DNSPOD.NET
   Name Server: NS4.DNSPOD.NET
   Name Server: NS5.DNSPOD.NET
   Name Server: NS6.DNSPOD.NET
   Status: clientDeleteProhibited
   Status: clientRenewProhibited
   Status: clientTransferProhibited
   Status: clientUpdateProhibited
   Updated Date: 27-mar-2010
   Creation Date: 04-apr-2009
   Expiration Date: 04-apr-2011
 
 61.237.237.50
 inetnum:        61.232.0.0 - 61.237.255.255
 netname:        CRTC
 country:        CN
 Domain ID:D34375236-LRMS
 Domain Name:AD58.INFO
 Created On:28-Aug-2010 15:00:59 UTC
 Last Updated On:27-Oct-2010 20:35:31 UTC
 Expiration Date:28-Aug-2011 15:00:59 UTC
 Sponsoring Registrar:GoDaddy.com Inc. (R171-LRMS)
 Status:CLIENT DELETE PROHIBITED
 Status:CLIENT RENEW PROHIBITED
 Status:CLIENT TRANSFER PROHIBITED
 Status:CLIENT UPDATE PROHIBITED
 Registrant Country:CN
 
 58.221.36.243
 inetnum:        58.208.0.0 - 58.223.255.255
 netname:        CHINANET-JS
 descr:          CHINANET jiangsu province network
 descr:          China Telecom
 descr:          A12,Xin-Jie-Kou-Wai Street
 descr:          Beijing 100088
 country:        CN

[カテゴリ:インジェクション観察日記]

by jyake