昨天一直上不了http://www.equn.com/，今天一打开，主页有所改变，仔细一端详，才发现有
Connecting to Www.ggflying.Com QQ:77020779 834862 . . . . . . . . . . .
USer : 'or''='

PaSSWOrD : 'or''='

Connected ....
Hacked By ggflying

gghacker@126.com

----------------I can fly!

_______^-^ Www.ggflying.Com ^-^_______

I can fly !!!...... byebye............



好象是被入侵了，不知道服务器上有什么损失没有。希望这个ggflying有点黑客道德和准则，不恶意破坏，只善意提醒。

很明显是利用验证漏洞！

<HTML><HEAD><TITLE>hacked by ggflying QQ:77020779</TITLE>
<SCRIPT language=javascript
type=text/javascript></SCRIPT>

<META http-equiv=Content-Type content="text/html; charset=iso-8859-1">
<SCRIPT language=javascript>

<!--

function Is() {

    var agent = navigator.userAgent.toLowerCase();

    this.major = parseInt(navigator.appVersion);

    this.minor = parseFloat(navigator.appVersion);

    this.ns  = ((agent.indexOf('mozilla')!=-1) && ((agent.indexOf('spoofer')==-1) && (agent.indexOf('compatible') == -1)));

    this.ns2 = (this.ns && (this.major == 2));

    this.ns3 = (this.ns && (this.major == 3));

    this.ns4b = (this.ns && (this.major == 4) && (this.minor <= 4.03));

    this.ns4 = (this.ns && (this.major >= 4));

    this.ie   = (agent.indexOf("msie") != -1);

    this.ie3  = (this.ie && (this.major == 2));

    this.ie4  = (this.ie && (this.major >= 4));

    this.op3 = (agent.indexOf("opera") != -1);

}



var is = new Is()



if(is.ns4) {

    doc = "document";

    sty = "";

    htm = ".document"

} else if(is.ie4) {

    doc = "document.all";

    sty = ".style";

    htm = ""

}



var text1 = "", text2 = "", count = 0, count2=0;

msg = new Array();



msg[0] = "<font face=tahoma size=2><b>Connecting to Www.ggflying.Com QQ:77020779 834862 </b> . . . . . . . . . . .";

msg[1] = " <b>USer : 'or''=' ";

msg[2] = " PaSSWOrD : 'or''=' ";

msg[3] = " Connected .... <br> <b> Hacked By ggflying  ";

msg[4] = "   gghacker@126.com <br><br>----------------I can fly!    ";

msg[5] = "_______^-^  Www.ggflying.Com  ^-^_______";

msg[6] = " I can fly !!!...... byebye............ ";

msg[7] = "  see you next !!! ";



text = msg[0].split("");

前好几年就一直在提出的漏洞: "'or''=' "漏洞,《电脑爱好者》2001年曾经专题讨论过的，怎么现在还是出问题？后来不是说改进过ASP论坛的此类漏洞的吗？
USer : 'or''='
PaSSWOrD : 'or''='

目前主页还是一片被黑的迹象，黑了也好，我们也该改改版面了，快冬天了，我想是不是将原来消暑的清凉淡淡兰色改为火红？

被黑截图“欣赏”：



该黑客的文字动态效果也是盗用当年*****攻击—……*……—%（（美国******￥#%￥—……的JAVA代码..............

<HTML><HEAD><TITLE>hacked by ggflying QQ:77020779</TITLE>
<SCRIPT language=javascript
type=text/javascript></SCRIPT>

<META http-equiv=Content-Type content="text/html; charset=iso-8859-1">
<SCRIPT language=javascript>

<!--

function Is() {

    var agent = navigator.userAgent.toLowerCase();

    this.major = parseInt(navigator.appVersion);

    this.minor = parseFloat(navigator.appVersion);

    this.ns  = ((agent.indexOf('mozilla')!=-1) && ((agent.indexOf('spoofer')==-1) && (agent.indexOf('compatible') == -1)));

    this.ns2 = (this.ns && (this.major == 2));

    this.ns3 = (this.ns && (this.major == 3));

    this.ns4b = (this.ns && (this.major == 4) && (this.minor <= 4.03));

    this.ns4 = (this.ns && (this.major >= 4));

    this.ie   = (agent.indexOf("msie") != -1);

    this.ie3  = (this.ie && (this.major == 2));

    this.ie4  = (this.ie && (this.major >= 4));

    this.op3 = (agent.indexOf("opera") != -1);

}



var is = new Is()



if(is.ns4) {

    doc = "document";

    sty = "";

    htm = ".document"

} else if(is.ie4) {

    doc = "document.all";

    sty = ".style";

    htm = ""

}



var text1 = "", text2 = "", count = 0, count2=0;

msg = new Array();



msg[0] = "<font face=tahoma size=2><b>Connecting to Www.ggflying.Com QQ:77020779 834862 </b> . . . . . . . . . . .";

msg[1] = " <b>USer : 'or''=' ";

msg[2] = " PaSSWOrD : 'or''=' ";

msg[3] = " Connected .... <br> <b> Hacked By ggflying  ";

msg[4] = "   gghacker@126.com <br><br>----------------I can fly!    ";

msg[5] = "_______^-^  Www.ggflying.Com  ^-^_______";

msg[6] = " I can fly !!!...... byebye............ ";

msg[7] = "  see you next !!! ";



text = msg[0].split("");



function writetext(){



        text1 ='<tt>'+text2 + '<b style="color:#00FF00">'+text[count]+'</b></tt>';



        text2 += text[count];



        fillHTML = eval(doc + '["nothing"]' + htm);



    if(is.ns4) {

                fillHTML.write(text1);

                fillHTML.close();

        } else {

                fillHTML.innerHTML = text1;

        }



        if (!(count >= text.length-1)){

                count+=1;

                setTimeout('writetext()',1);

        }

        else{

                count=0;

                text2+='<p>'

                if (count2!=6){

                        count2++

                        text = eval('msg['+count2+'].split("")');

                        setTimeout('writetext()',5);

                }

        }

}
<!-- Pyara style baby .. -->

那个Www.ggflying.Com一直打不开，不然搞个反入侵玩玩，呵呵……

主页被黑效果暂时保留，留待公安部介入解决。

再次“欣赏”一下该黑客的文字特效：

[此贴子已经被作者于2004-10-12 13:16:21编辑过]

好啊，要不我联系一下中国鹰派联盟上的朋友？

又来了，这次黑得什么也没剩下。

严重关注此事，要一究到底！
同时也希望加强服务器安全，杜绝次类事件的再次发生。

现在主页上了链接全部没了！

中午1：20时的截图：

下午5：10时的截图：

[此贴子已经被作者于2004-10-12 17:28:26编辑过]

也好，以后欢迎黑客常来，提醒我们该改版了，主页也的确有必要全部重做了，以前一直狠不下心来，现在正好..................

http://www.equn.com/ofs   没了，我上面的教程图片也没了，也好，我的几个原创教程陆续的发现了些错误，前些时vmzy和count给我指出过一些错误的，正好改改了...........