用于攻击Google的代码现在公开了
来源:百度文库 编辑:神马文学网 时间:2024/06/02 06:04:59
上个月用于攻击Google等公司的IE攻击代码于1月14日递交到恶意程序分析网站Wepawet。攻击主要依赖于运行在Windows XP上的Internet Explorer 6,但经过修改它也可能适用于IE7等较新版本的IE浏览器。当被攻击者点击了恶意网页后,攻击者能使用该代码在受害者的机器上运行未许可的软件。微软已就这一漏洞发布了安全通知,它的例行安全补丁发布定在2月9日,但鉴于情况紧急,软件巨人也可能会提前发布修复补丁。安全研究人员指出,Windows Vista或Windows 7上利用这一漏洞难度更大,但不是没有可能。德国联邦信息安全办公室甚至建议用户使用非IE浏览器。
PS;File ccc[1].ht_MD5 1aea206aa64ebeabb07237f1e2230d0fAnalysis Started 2010-01-14 13:05:32Report Generated 2010-01-14 13:05:39Jsand version 1.03.02Detector Result Jsand 1.03.02suspicious
PS;
Wepawet (alpha)
Home | About | Sample Reports | Support | NewsAnalysis report for ccc[1].ht_
Sample Overview
Detection results
Warning:
- When analyzing a file (rather than a URL), Jsand does not examine external resources, such as iframes and scripts. In addition, properties such as document.location, document.referer, and document.cookie, which are sometimes used by malicious scripts, are not set.
This may affect the detection of malicious code.
Exploits
No exploits were identified.Deobfuscation results
Evals
var n = unescape("%u0c0d%u0c0d");while (n.length <= 524288)n += n;n = n.substring(0, 524269 - sc.length);var x = new Array();for (var i = 0; i < 200; i ++ ){ x[i] = n + sc;}
(repeated 1 time)