Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

前段时间valine被攻击留下的信息,有谁能看明白这是在攻击什么? #411

Open
appotry opened this issue Aug 19, 2022 · 2 comments
Open

前段时间valine被攻击留下的信息,有谁能看明白这是在攻击什么? #411

appotry opened this issue Aug 19, 2022 · 2 comments

Comments

@appotry
Copy link

appotry commented Aug 19, 2022

https://gist.github.com/appotry/188ff41addfd544e62143057d026dde9

数据上传到gist了,这个是把js代码特殊方法编码为括号攻击的么?

看到有个onload,这似乎是调用入口?
@xCss
Copy link
Owner

xCss commented Aug 20, 2022

新版v1.5.x已经解决了这个问题。
那串代码访问了这个地址:https://unpkg.com/crazy-image-cyfan-host@0.0.0-27cc517063c38d287a6af3eb2e0d99fc992f6eda651f9077cbe1e82600ac19c5

可以参考迷渡大佬的文章: https://justjavac.com/javascript/2012/05/24/can-you-explain-why-10.html

image

@appotry
Copy link
Author

appotry commented Aug 20, 2022

这篇文章看的似懂非懂 ,这个是把onload内容放到控制台运行测试?

有没有方法还原这段诡异的代码,使之可以人类阅读

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@appotry @xCss