详尽分析:AV终结者采用重定向劫持技术(转)

转载 2011年01月14日 00:23:00

详尽分析:AV终结者采用重定向劫持技术


该病毒利用了IFEO重定向劫持技术,使大量的杀毒软件和安全相关工具无法运行;会破坏安全模式,使中毒用户无法在安全模式下查杀病毒;会下载大量病毒到用户计算机来盗取用户有价值的信息和某些帐号;能通过可移动存储介质传播。

 

 

 


1.生成文件


%programfiles%/Common Files/Microsoft Shared/MSInfo/{随机8位字母+数字名字}.dat
C:/Program Files/Common Files/Microsoft Shared/MSInfo/{随机8位字母+数字名字}.dll
%windir%/{随机8位字母+数字名字}.hlp
%windir%/Help/{随机8位字母+数字名字}.chm
也有可能生成如下文件
%sys32dir%/{随机字母}.exe
替换%sys32dir%/verclsid.exe文件

2.生成以下注册表项来达到使病毒随系统启动而启动的目的。


HKEY_CLASSES_ROOT/CLSID/"随机CLSID"//InprocServer32 "病毒文件全路径" 
HKEY_LOCAL_MACHINE/SOFTWARE/Classes/CLSID/"随机CLSID" "病毒文件全路径" 
HKEY_LOCAL_MACHINE/SOFTWARE/Microsoft/Windows/CurrentVersion/Explorer/ShellExecuteHooks "
生成的随机CLSID" ""
HKEY_LOCAL_MACHINE/SOFTWARE/Microsoft/Windows/CurrentVersion/Run "随机字符串" "病毒文件全路径"

3.生成以下注册表项来进行文件映像劫持,从而试图阻止相关安全软件运行,并执行病毒体。


HKEY_LOCAL_MACHINE/SOFTWARE/Microsoft/Windows NT/CurrentVersion/Image File Execution
Options/360rpt.exe Debugger "病毒文件全路径"
HKEY_LOCAL_MACHINE/SOFTWARE/Microsoft/Windows NT/CurrentVersion/Image File Execution
Options/360Safe.exe Debugger "病毒文件全路径"
HKEY_LOCAL_MACHINE/SOFTWARE/Microsoft/Windows NT/CurrentVersion/Image File Execution
Options/360tray.exe Debugger "病毒文件全路径"
HKEY_LOCAL_MACHINE/SOFTWARE/Microsoft/Windows NT/CurrentVersion/Image File Execution
Options/adam.exe Debugger "病毒文件全路径"
HKEY_LOCAL_MACHINE/SOFTWARE/Microsoft/Windows NT/CurrentVersion/Image File Execution
Options/AgentSvr.exe Debugger "病毒文件全路径"
HKEY_LOCAL_MACHINE/SOFTWARE/Microsoft/Windows NT/CurrentVersion/Image File Execution
Options/AppSvc32.exe Debugger "病毒文件全路径"
HKEY_LOCAL_MACHINE/SOFTWARE/Microsoft/Windows NT/CurrentVersion/Image File Execution
Options/autoruns.exe Debugger "病毒文件全路径"
HKEY_LOCAL_MACHINE/SOFTWARE/Microsoft/Windows NT/CurrentVersion/Image File Execution
Options/avgrssvc.exe Debugger "病毒文件全路径"
HKEY_LOCAL_MACHINE/SOFTWARE/Microsoft/Windows NT/CurrentVersion/Image File Execution
Options/AvMonitor.exe Debugger "病毒文件全路径"
HKEY_LOCAL_MACHINE/SOFTWARE/Microsoft/Windows NT/CurrentVersion/Image File Execution
Options/avp.com Debugger "病毒文件全路径"
HKEY_LOCAL_MACHINE/SOFTWARE/Microsoft/Windows NT/CurrentVersion/Image File Execution
Options/avp.exe Debugger "病毒文件全路径"
HKEY_LOCAL_MACHINE/SOFTWARE/Microsoft/Windows NT/CurrentVersion/Image File Execution
Options/CCenter.exe Debugger "病毒文件全路径"
HKEY_LOCAL_MACHINE/SOFTWARE/Microsoft/Windows NT/CurrentVersion/Image File Execution
Options/ccSvcHst.exe Debugger "病毒文件全路径"
HKEY_LOCAL_MACHINE/SOFTWARE/Microsoft/Windows NT/CurrentVersion/Image File Execution
Options/FileDsty.exe Debugger "病毒文件全路径"
HKEY_LOCAL_MACHINE/SOFTWARE/Microsoft/Windows NT/CurrentVersion/Image File Execution
Options/FTCleanerShell.exe Debugger "病毒文件全路径"
HKEY_LOCAL_MACHINE/SOFTWARE/Microsoft/Windows NT/CurrentVersion/Image File Execution
Options/HijackThis.exe Debugger "病毒文件全路径"
HKEY_LOCAL_MACHINE/SOFTWARE/Microsoft/Windows NT/CurrentVersion/Image File Execution
Options/IceSword.exe Debugger "病毒文件全路径"
HKEY_LOCAL_MACHINE/SOFTWARE/Microsoft/Windows NT/CurrentVersion/Image File Execution
Options/iparmo.exe Debugger "病毒文件全路径"
HKEY_LOCAL_MACHINE/SOFTWARE/Microsoft/Windows NT/CurrentVersion/Image File Execution
Options/Iparmor.exe Debugger "病毒文件全路径"
HKEY_LOCAL_MACHINE/SOFTWARE/Microsoft/Windows NT/CurrentVersion/Image File Execution
Options/isPwdSvc.exe Debugger "病毒文件全路径"
HKEY_LOCAL_MACHINE/SOFTWARE/Microsoft/Windows NT/CurrentVersion/Image File Execution
Options/kabaload.exe Debugger "病毒文件全路径"
HKEY_LOCAL_MACHINE/SOFTWARE/Microsoft/Windows NT/CurrentVersion/Image File Execution
Options/KaScrScn.SCR Debugger "病毒文件全路径"
HKEY_LOCAL_MACHINE/SOFTWARE/Microsoft/Windows NT/CurrentVersion/Image File Execution
Options/KASMain.exe Debugger "病毒文件全路径"
HKEY_LOCAL_MACHINE/SOFTWARE/Microsoft/Windows NT/CurrentVersion/Image File Execution
Options/KASTask.exe Debugger "病毒文件全路径"
HKEY_LOCAL_MACHINE/SOFTWARE/Microsoft/Windows NT/CurrentVersion/Image File Execution
Options/KAV32.exe Debugger "病毒文件全路径"
HKEY_LOCAL_MACHINE/SOFTWARE/Microsoft/Windows NT/CurrentVersion/Image File Execution
Options/KAVDX.exe Debugger "病毒文件全路径"
HKEY_LOCAL_MACHINE/SOFTWARE/Microsoft/Windows NT/CurrentVersion/Image File Execution
Options/KAVPFW.exe Debugger "病毒文件全路径"
HKEY_LOCAL_MACHINE/SOFTWARE/Microsoft/Windows NT/CurrentVersion/Image File Execution
Options/KAVSetup.exe Debugger "病毒文件全路径"
HKEY_LOCAL_MACHINE/SOFTWARE/Microsoft/Windows NT/CurrentVersion/Image File Execution
Options/KAVStart.exe Debugger "病毒文件全路径"
HKEY_LOCAL_MACHINE/SOFTWARE/Microsoft/Windows NT/CurrentVersion/Image File Execution
Options/KISLnchr.exe Debugger "病毒文件全路径"
HKEY_LOCAL_MACHINE/SOFTWARE/Microsoft/Windows NT/CurrentVersion/Image File Execution
Options/KMailMon.exe Debugger "病毒文件全路径"
HKEY_LOCAL_MACHINE/SOFTWARE/Microsoft/Windows NT/CurrentVersion/Image File Execution
Options/KMFilter.exe Debugger "病毒文件全路径"
HKEY_LOCAL_MACHINE/SOFTWARE/Microsoft/Windows NT/CurrentVersion/Image File Execution
Options/KPFW32.exe Debugger "病毒文件全路径"
HKEY_LOCAL_MACHINE/SOFTWARE/Microsoft/Windows NT/CurrentVersion/Image File Execution
Options/KPFW32X.exe Debugger "病毒文件全路径"
HKEY_LOCAL_MACHINE/SOFTWARE/Microsoft/Windows NT/CurrentVersion/Image File Execution
Options/KPFWSvc.exe Debugger "病毒文件全路径"
HKEY_LOCAL_MACHINE/SOFTWARE/Microsoft/Windows NT/CurrentVersion/Image File Execution
Options/KRegEx.exe Debugger "病毒文件全路径"
HKEY_LOCAL_MACHINE/SOFTWARE/Microsoft/Windows NT/CurrentVersion/Image File Execution
Options/KRepair.COM Debugger "病毒文件全路径"
HKEY_LOCAL_MACHINE/SOFTWARE/Microsoft/Windows NT/CurrentVersion/Image File Execution
Options/KsLoader.exe Debugger "病毒文件全路径"
HKEY_LOCAL_MACHINE/SOFTWARE/Microsoft/Windows NT/CurrentVersion/Image File Execution
Options/KVCenter.kxp Debugger "病毒文件全路径"
HKEY_LOCAL_MACHINE/SOFTWARE/Microsoft/Windows NT/CurrentVersion/Image File Execution
Options/KvDetect.exe Debugger "病毒文件全路径"
HKEY_LOCAL_MACHINE/SOFTWARE/Microsoft/Windows NT/CurrentVersion/Image File Execution
Options/KvfwMcl.exe Debugger "病毒文件全路径"
HKEY_LOCAL_MACHINE/SOFTWARE/Microsoft/Windows NT/CurrentVersion/Image File Execution
Options/KVMonXP.kxp Debugger "病毒文件全路径"
HKEY_LOCAL_MACHINE/SOFTWARE/Microsoft/Windows NT/CurrentVersion/Image File Execution
Options/KVMonXP_1.kxp Debugger "病毒文件全路径"
HKEY_LOCAL_MACHINE/SOFTWARE/Microsoft/Windows NT/CurrentVersion/Image File Execution
Options/kvol.exe Debugger "病毒文件全路径"
HKEY_LOCAL_MACHINE/SOFTWARE/Microsoft/Windows NT/CurrentVersion/Image File Execution
Options/kvolself.exe Debugger "病毒文件全路径"
HKEY_LOCAL_MACHINE/SOFTWARE/Microsoft/Windows NT/CurrentVersion/Image File Execution
Options/KvReport.kxp Debugger "病毒文件全路径"
HKEY_LOCAL_MACHINE/SOFTWARE/Microsoft/Windows NT/CurrentVersion/Image File Execution
Options/KVScan.kxp Debugger "病毒文件全路径"
HKEY_LOCAL_MACHINE/SOFTWARE/Microsoft/Windows NT/CurrentVersion/Image File Execution
Options/KVSrvXP.exe Debugger "病毒文件全路径"
HKEY_LOCAL_MACHINE/SOFTWARE/Microsoft/Windows NT/CurrentVersion/Image File Execution
Options/KVStub.kxp Debugger "病毒文件全路径"
HKEY_LOCAL_MACHINE/SOFTWARE/Microsoft/Windows NT/CurrentVersion/Image File Execution
Options/kvupload.exe Debugger "病毒文件全路径"
HKEY_LOCAL_MACHINE/SOFTWARE/Microsoft/Windows NT/CurrentVersion/Image File Execution
Options/kvwsc.exe Debugger "病毒文件全路径"
HKEY_LOCAL_MACHINE/SOFTWARE/Microsoft/Windows NT/CurrentVersion/Image File Execution
Options/KvXP.kxp Debugger "病毒文件全路径"
HKEY_LOCAL_MACHINE/SOFTWARE/Microsoft/Windows NT/CurrentVersion/Image File Execution
Options/KvXP_1.kxp Debugger "病毒文件全路径"
HKEY_LOCAL_MACHINE/SOFTWARE/Microsoft/Windows NT/CurrentVersion/Image File Execution
Options/KWatch.exe Debugger "病毒文件全路径"
HKEY_LOCAL_MACHINE/SOFTWARE/Microsoft/Windows NT/CurrentVersion/Image File Execution
Options/KWatch9x.exe Debugger "病毒文件全路径"
HKEY_LOCAL_MACHINE/SOFTWARE/Microsoft/Windows NT/CurrentVersion/Image File Execution
Options/KWatchX.exe Debugger "病毒文件全路径"
HKEY_LOCAL_MACHINE/SOFTWARE/Microsoft/Windows NT/CurrentVersion/Image File Execution
Options/loaddll.exe Debugger "病毒文件全路径"
HKEY_LOCAL_MACHINE/SOFTWARE/Microsoft/Windows NT/CurrentVersion/Image File Execution
Options/MagicSet.exe Debugger "病毒文件全路径"
HKEY_LOCAL_MACHINE/SOFTWARE/Microsoft/Windows NT/CurrentVersion/Image File Execution
Options/mcconsol.exe Debugger "病毒文件全路径"
HKEY_LOCAL_MACHINE/SOFTWARE/Microsoft/Windows NT/CurrentVersion/Image File Execution
Options/mmqczj.exe Debugger "病毒文件全路径"
HKEY_LOCAL_MACHINE/SOFTWARE/Microsoft/Windows NT/CurrentVersion/Image File Execution
Options/mmsk.exe Debugger "病毒文件全路径"
HKEY_LOCAL_MACHINE/SOFTWARE/Microsoft/Windows NT/CurrentVersion/Image File Execution
Options/NAVSetup.exe Debugger "病毒文件全路径"
HKEY_LOCAL_MACHINE/SOFTWARE/Microsoft/Windows NT/CurrentVersion/Image File Execution
Options/nod32krn.exe Debugger "病毒文件全路径"
HKEY_LOCAL_MACHINE/SOFTWARE/Microsoft/Windows NT/CurrentVersion/Image File Execution
Options/nod32kui.exe Debugger "病毒文件全路径"
HKEY_LOCAL_MACHINE/SOFTWARE/Microsoft/Windows NT/CurrentVersion/Image File Execution
Options/PFW.exe Debugger "病毒文件全路径"
HKEY_LOCAL_MACHINE/SOFTWARE/Microsoft/Windows NT/CurrentVersion/Image File Execution
Options/PFWLiveUpdate.exe Debugger "病毒文件全路径"
HKEY_LOCAL_MACHINE/SOFTWARE/Microsoft/Windows NT/CurrentVersion/Image File Execution
Options/QHSET.exe Debugger "病毒文件全路径"
HKEY_LOCAL_MACHINE/SOFTWARE/Microsoft/Windows NT/CurrentVersion/Image File Execution
Options/Ras.exe Debugger "病毒文件全路径"
HKEY_LOCAL_MACHINE/SOFTWARE/Microsoft/Windows NT/CurrentVersion/Image File Execution
Options/Rav.exe Debugger "病毒文件全路径"
HKEY_LOCAL_MACHINE/SOFTWARE/Microsoft/Windows NT/CurrentVersion/Image File Execution
Options/RavMon.exe Debugger "病毒文件全路径"
HKEY_LOCAL_MACHINE/SOFTWARE/Microsoft/Windows NT/CurrentVersion/Image File Execution
Options/RavMonD.exe Debugger "病毒文件全路径"
HKEY_LOCAL_MACHINE/SOFTWARE/Microsoft/Windows NT/CurrentVersion/Image File Execution
Options/RavStub.exe Debugger "病毒文件全路径"
HKEY_LOCAL_MACHINE/SOFTWARE/Microsoft/Windows NT/CurrentVersion/Image File Execution
Options/RavTask.exe Debugger "病毒文件全路径"
HKEY_LOCAL_MACHINE/SOFTWARE/Microsoft/Windows NT/CurrentVersion/Image File Execution
Options/RegClean.exe Debugger "病毒文件全路径"
HKEY_LOCAL_MACHINE/SOFTWARE/Microsoft/Windows NT/CurrentVersion/Image File Execution
Options/rfwcfg.exe Debugger "病毒文件全路径"
HKEY_LOCAL_MACHINE/SOFTWARE/Microsoft/Windows NT/CurrentVersion/Image File Execution
Options/RfwMain.exe Debugger "病毒文件全路径"
HKEY_LOCAL_MACHINE/SOFTWARE/Microsoft/Windows NT/CurrentVersion/Image File Execution
Options/rfwProxy.exe Debugger "病毒文件全路径"
HKEY_LOCAL_MACHINE/SOFTWARE/Microsoft/Windows NT/CurrentVersion/Image File Execution
Options/rfwsrv.exe Debugger "病毒文件全路径"
HKEY_LOCAL_MACHINE/SOFTWARE/Microsoft/Windows NT/CurrentVersion/Image File Execution
Options/RsAgent.exe Debugger "病毒文件全路径"
HKEY_LOCAL_MACHINE/SOFTWARE/Microsoft/Windows NT/CurrentVersion/Image File Execution
Options/Rsaupd.exe Debugger "病毒文件全路径"
HKEY_LOCAL_MACHINE/SOFTWARE/Microsoft/Windows NT/CurrentVersion/Image File Execution
Options/runiep.exe Debugger "病毒文件全路径"
HKEY_LOCAL_MACHINE/SOFTWARE/Microsoft/Windows NT/CurrentVersion/Image File Execution
Options/safelive.exe Debugger "病毒文件全路径"
HKEY_LOCAL_MACHINE/SOFTWARE/Microsoft/Windows NT/CurrentVersion/Image File Execution
Options/scan32.exe Debugger "病毒文件全路径"
HKEY_LOCAL_MACHINE/SOFTWARE/Microsoft/Windows NT/CurrentVersion/Image File Execution
Options/shcfg32.exe Debugger "病毒文件全路径"
HKEY_LOCAL_MACHINE/SOFTWARE/Microsoft/Windows NT/CurrentVersion/Image File Execution
Options/SmartUp.exe Debugger "病毒文件全路径"
HKEY_LOCAL_MACHINE/SOFTWARE/Microsoft/Windows NT/CurrentVersion/Image File Execution
Options/SREng.exe Debugger "病毒文件全路径"
HKEY_LOCAL_MACHINE/SOFTWARE/Microsoft/Windows NT/CurrentVersion/Image File Execution
Options/symlcsvc.exe Debugger "病毒文件全路径"
HKEY_LOCAL_MACHINE/SOFTWARE/Microsoft/Windows NT/CurrentVersion/Image File Execution
Options/SysSafe.exe Debugger "病毒文件全路径"
HKEY_LOCAL_MACHINE/SOFTWARE/Microsoft/Windows NT/CurrentVersion/Image File Execution
Options/TrojanDetector.exe Debugger "病毒文件全路径"
HKEY_LOCAL_MACHINE/SOFTWARE/Microsoft/Windows NT/CurrentVersion/Image File Execution
Options/Trojanwall.exe Debugger "病毒文件全路径"
HKEY_LOCAL_MACHINE/SOFTWARE/Microsoft/Windows NT/CurrentVersion/Image File Execution
Options/TrojDie.kxp Debugger "病毒文件全路径"
HKEY_LOCAL_MACHINE/SOFTWARE/Microsoft/Windows NT/CurrentVersion/Image File Execution
Options/UIHost.exe Debugger "病毒文件全路径"
HKEY_LOCAL_MACHINE/SOFTWARE/Microsoft/Windows NT/CurrentVersion/Image File Execution
Options/UmxAgent.exe Debugger "病毒文件全路径"
HKEY_LOCAL_MACHINE/SOFTWARE/Microsoft/Windows NT/CurrentVersion/Image File Execution
Options/UmxAttachment.exe Debugger "病毒文件全路径"
HKEY_LOCAL_MACHINE/SOFTWARE/Microsoft/Windows NT/CurrentVersion/Image File Execution
Options/UmxCfg.exe Debugger "病毒文件全路径"
HKEY_LOCAL_MACHINE/SOFTWARE/Microsoft/Windows NT/CurrentVersion/Image File Execution
Options/UmxFwHlp.exe Debugger "病毒文件全路径"
HKEY_LOCAL_MACHINE/SOFTWARE/Microsoft/Windows NT/CurrentVersion/Image File Execution
Options/UmxPol.exe Debugger "病毒文件全路径"
HKEY_LOCAL_MACHINE/SOFTWARE/Microsoft/Windows NT/CurrentVersion/Image File Execution
Options/UpLive.EXE.exe Debugger "病毒文件全路径"
HKEY_LOCAL_MACHINE/SOFTWARE/Microsoft/Windows NT/CurrentVersion/Image File Execution
Options/WoptiClean.exe Debugger "病毒文件全路径"
HKEY_LOCAL_MACHINE/SOFTWARE/Microsoft/Windows NT/CurrentVersion/Image File Execution
Options/zxsweep.exe Debugger "病毒文件全路径"
HKEY_LOCAL_MACHINE/SYSTEM/CurrentControlSet/Services/wscsvc Start dword:00000004

4.修改以下注册表,导致无法显示隐藏文件。


HKEY_CURRENT_USER/Software/Microsoft/Windows/CurrentVersion/Explorer/Advanced Hidden
dword:00000002
HKEY_LOCAL_MACHINE/SOFTWARE/Microsoft/Windows/CurrentVersion/Explorer/Advanced/Folder/Hidd
en/SHOWALL CheckedValue dword:00000000

5.修改以下服务的启动类型来禁止Windows的自更新和系统自带的防火墙。


HKEY_LOCAL_MACHINE/SYSTEM/CurrentControlSet/Services/SharedAccess Start dword:00000004
HKEY_LOCAL_MACHINE/SYSTEM/CurrentControlSet/Services/wuauserv Start dword:00000004

6.删除以下注册表项,使用户无法进入安全模式。


HKEY_CURRENT_USER/SYSTEM/CurrentControlSet/Control/SafeBoot/Minimal/{4D36E967-E325-11CE-
BFC1-08002BE10318}
HKEY_CURRENT_USER/SYSTEM/ControlSet001/Control/SafeBoot/Minimal/{4D36E967-E325-11CE-BFC1-
08002BE10318}

7.连接网络下载病毒:


hxxp://www.webxxx.com/xxx.exe

8.关闭杀毒软件实时监控窗口,如瑞星、卡巴,通过自动点击"跳过"按钮来逃过查杀。

9.尝试关闭包含以下关键字窗口:


Anti
AgentSvr
CCenter
Rsaupd
SmartUp
FileDsty
RegClean
360tray
360safe
kabaload
safelive
KASTask
KPFW32
KPFW32X
KvXP_1
KVMonXP_1
KvReport
KvXP
KVMonXP
nter
TrojDie
avp.com
KRepair.COM
Trojan
KvNative
Virus
Filewall
Kaspersky
JiangMin
RavMonD
RavStub
RavTask
adam
cSet
PFWliveUpdate
mmqczj
Trojanwall
Ras.exe
runiep.exe
avp.exe
PFW.exe
rising
ikaka
.duba
kingsoft
木马
社区
aswBoot
...

10.注入Explorer.exe和TIMPlatform.exe反弹连接,以逃过防火墙的内墙的审核。

11.隐藏病毒进程,但是可以通过结束桌面进程显示出来。

12.在硬盘分区生成文件:autorun.inf 和 随机字母+数字组成的病毒复制体,并修改“NoDriveTypeAutoRun”使病毒可以随可移动存储介质传播。

 

av终结者特征及防治方法

AV终极者特征:进程中可以发现:iflvsnh.exe和pkyykil.exe 两个文件.每个分区都1. 禁用所有杀毒软件以相关安全工具,让用户电脑失去安全保障;2. 破坏安全模式,致使用户根本无法进...
  • tgw2000
  • tgw2000
  • 2015年01月20日 16:49
  • 279

关于应用宝劫持的技术分析

你有没有遇到过下面这些情况: 在手机上下载 XX 应用安装包时,打开下载回来的安装包后发现根本不是 XX 应用,而是应用宝 一些应用提示更新,更新包下载完成之后,你发现根本不是这个应用的安...
  • oShenLi1
  • oShenLi1
  • 2016年10月28日 11:08
  • 759

HTTPS 前端劫持

前言 在之前介绍的流量劫持文章里,曾提到一种『HTTPS 向下降级』的方案 —— 将页面中的 HTTPS 超链接全都替换成 HTTP 版本,让用户始终以明文的形式进行通信。 看到这,也许大家都会想...
  • xijingre
  • xijingre
  • 2015年07月08日 14:42
  • 363

关于互联网流量劫持分析及可选的解决方案

前段时间因为公司的一款手机APP产品经常遭到流量劫持,严重影响用户体验,因此对互联网流量劫持的原因以及可行方案进行了一些研究和测试,趁着清明三天小长假躺床上养病,梳理一下。全文都是po主根据之前一段时...
  • sinat_31828101
  • sinat_31828101
  • 2016年01月12日 00:25
  • 2196

分析两种实现SSL会话劫持的典型技术

自SSL问世以来,在其应用范围越来越广泛同时,多种针对SSL协议本身的缺陷或者其不规范引用的SSL会话劫持方法也随之出现,下面将详细分析两种典型的SSL会话劫持的实现原理和实现条件。【读者如果想要参考...
  • wo16fafafa
  • wo16fafafa
  • 2016年08月25日 10:46
  • 1544

网站dns被劫持,网站域名被劫持,域名跳转到别的网站的最新解决方法

网站dns被劫持,网站域名被劫持,域名跳转到别的网站的最新解决方法,怎么解决?励志哥分享出现网站域名跳转到其他网站,这一现象很可能是域名被劫持。 【网站域名被劫持——概念】    ...
  • lizhiww
  • lizhiww
  • 2017年01月16日 17:59
  • 1701

对301重定向到HTTPS前遭遇中间人攻击的分析

由于不能改变用户的输入习惯,很多网站在实现全站HTTPS后,选择通过配置强制301的方式让用户的http请求重定向到https,以保障网站的安全性。然而,在用户发起http请求的时候,仍然存在有中间人...
  • zhuyiquan
  • zhuyiquan
  • 2017年05月23日 21:40
  • 658

android AV同步详解

本文主要介绍 android 多媒体中,音视频同步问题。 以下是详细说明: 先提及一个背景基础知识:  Stagefright中,audio的数据输出是通过AudioTrack中的call...
  • WAN8180192
  • WAN8180192
  • 2015年12月20日 13:35
  • 2066

关于EasyCap和av转usb的图像采集卡问题

转载请注明出处:http://my.csdn.NET/ye_shen_wei_mian 刚才打开了万年不用的网易邮箱,发现很久之前在一个EasyCap的读取视频博客下的留言,居然有很多人发邮...
  • ye_shen_wei_mian
  • ye_shen_wei_mian
  • 2016年12月24日 12:28
  • 656

百度快照劫持技术解析

最近有人出售搜索引擎劫持技术,此技术可迅速提高网站排名,而且不易发现。 大家可以试下:用百度搜索气枪关键词发现排名靠前的都是gov的站,但是快照内容是气枪网站的相关内容,点击进去也是气枪的网站。...
  • god_7z1
  • god_7z1
  • 2013年01月03日 10:54
  • 632
内容举报
返回顶部
收藏助手
不良信息举报
您举报文章:详尽分析:AV终结者采用重定向劫持技术(转)
举报原因:
原因补充:

(最多只允许输入30个字)