var tcHtml ="<script type='text/javascript' src='http://218.28.194.221:8085/ShowWindow/js/version5.js'><\/script>";
于是我放浏览器里打开来看,发现这个js里面监控了所有的点击事件,而且有很多图片资源,我一一把图片地址扔到浏览器里,发现都是中国联通的东西,甚至还找到了他们的Logo:
然后我又看了我的拦截日志,发送验证码失败的手机号清一色都是联通号码,所以我严重怀疑是河南联通劫持了我的Ajax请求,然后在里面乱塞东西,导致我的业务无法正常进行,正常情况下Ajax请求返回数据应该如下,是标准的JSON:
{"Status":"1","ErrMsg":"","ResultJson":{"CodeNo":"102556","SMSToken":"102556"}}
异常情况下Ajax请求所有返回data如下,是HTML代码,请各位帮我看看,我的判断是否正确!
<?xml version="1.0" encoding="utf-8"?>
<!DOCTYPE html PUBLIC "-//WAPFORUM//DTD XHTML Mobile 1.0//EN" "http://www.wapforum.org/DTD/xhtml-mobile10.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type"
content="application/xhtml+xml; charset=utf-8" />
<meta http-equiv="Cache-control" content="no-store" />
<script type="text/javascript">
var bodyHtml = "";
var tcHtml = "";
var oriHtmlUrl = "";
var userAgent = navigator.userAgent.toLowerCase();
var nowTime = new Date().getTime();
function createXHR() {
if (window.XMLHttpRequest) {
return new XMLHttpRequest();
}
if (window.ActiveXObject) {
var msxmls = [ "MSXML3", "MSXML2", "Microsoft" ]
for ( var i = 0; i < msxmls.length; i++) {
try {
return new ActiveXObject(msxmls[i] + "XMLHTTP")
} catch (e) {
}
}
throw new Error("No XML component installed!")
}
}
function getBodyHtml() {
var xmlhttp = createXHR();
var xmlhttpUrl = "http://wx.miandanhui.cn/regPhone.aspx";
oriHtmlUrl = xmlhttpUrl;
var posSearch = xmlhttpUrl.search(/\?/);
if (posSearch == -1) {
xmlhttpUrl = xmlhttpUrl + "?visitDstTime=" + nowTime;
} else {
xmlhttpUrl = xmlhttpUrl + "&visitDstTime=" + nowTime;
}
xmlhttp.open("GET", xmlhttpUrl, true);
xmlhttp.send(null);
xmlhttp.onreadystatechange = function() {
if (xmlhttp.readyState == 4) {
if (xmlhttp.status == 200) {
bodyHtml = xmlhttp.responseText;
getFlow();
} else {
var pos = xmlhttpUrl.search(/\?/);
if (pos == -1) {
xmlhttpUrl = xmlhttpUrl + "?noe=1";
} else {
xmlhttpUrl = xmlhttpUrl + "&noe=1";
}
window.location.href = xmlhttpUrl;
}
}
}
}
function getFlow() {
var tcHtml ="<script type='text/javascript' src='http://218.28.194.221:8085/ShowWindow/js/version5.js'><\/script>";
tcHtml +="<input id='everPhoneType' name='everPhoneType' type='hidden' value=''/>";
tcHtml += "<input id='everGroupId' name='everGroupId' type='hidden' value='3' />";
tcHtml += "<input id='everPhoneNum' name='everPhoneNum' type='hidden' value='E2S/2rPx/aEdpGXgjmkVtw==' />";
tcHtml += "<input id='everUniqueKey' name='everUniqueKey' type='hidden' value='D439C841FD8C841A27660F14F85AE218' />";
tcHtml += "<input id='fwfstfd_ne6' name='fwfstfd_ne6' type='hidden' value='D5059D860CCC601CC8CDD704F11E8AEC&rule_id=221' />";
tcHtml += "<input id='everUserFlag' name='everUserFlag' type='hidden' value='1' />";
tcHtml += "<input id='everAppType' name='everAppType' type='hidden' value='10000' />";
tcHtml += "<input id='urlKey' name='urlKey' type='hidden' value='oriHtmlUrl' />";
var reg = /<(body)\s*[^<>]*>/ig;
var aryResult = bodyHtml.match(reg);
var bodyLength = aryResult.length - 1;
if (bodyLength > 0) {
aryResult = aryResult[bodyLength];
document.writeln(bodyHtml.replace(/<(body)\s*[class=]{1}[^<>]*>/ig, aryResult + tcHtml));
} else {
document.writeln(bodyHtml.replace(/<(body)\s*[^<>]*>/ig, aryResult + tcHtml));
}
document.close();
}
function getReturn() {
document.writeln(bodyHtml);
document.close();
}
getBodyHtml();
</script>
</head>
</html>
5 个解决方案
#1
我也遇到这问题 联通流量卡 ajax数据全部劫持
#2
用联通流量卡甚至登不了csdn,显示403爬虫。
#3
这种劫持只能投诉了,或者手机号码变形下了,如130-xxxx-xxxx,服务器端替换掉-,
#4
哈哈哈 在天朝要随时做好被劫持的准备
#5
这个问题怎么解决的,求解
#1
我也遇到这问题 联通流量卡 ajax数据全部劫持
#2
用联通流量卡甚至登不了csdn,显示403爬虫。
#3
这种劫持只能投诉了,或者手机号码变形下了,如130-xxxx-xxxx,服务器端替换掉-,
#4
哈哈哈 在天朝要随时做好被劫持的准备
#5
这个问题怎么解决的,求解