Qzone address for the Trojan carrier a hacker weapon

due to the QQ in the desktop IM occupy an absolute dominance of the field, in which a variety of products derived from the body has become increasingly popular, and Qzone has gradually become the user to write logs and display of personality. Therefore, the security of Qzone is also of concern. However, Qzone recently broke a cross site vulnerabilities, this vulnerability is very easy to be used by hackers. So, how hackers will generally attack ordinary users through this vulnerability as a user, how can we prevent the vulnerability of the harm it?

a simulation of hacker attacks

here, we first understand the specific situation of this vulnerability. Qzone is the cross site vulnerabilities accidentally opened a similar " http://s.user.qzone.qq.com/QQ? Url= arbitrary letter " found, then display a web page as a framework ", the middle is " " can not open the page; the blank page (Figure 1); however, when the input is similar to " http://s.user.qzone.qq.com/QQ url=http://s.www.baidu.com" the number? Address can be displayed properly, then after URL. In fact, behind the scenes is loaded. So, Qzone is how to cross site vulnerabilities by hackers as Trojan

media?

 

Qzone default loaded address to be careful

The first step of

needs to address the hacker: a disguise. For example: web Trojan URL for " http://s.www.muma.com/muma.exe". Hackers will cover for Trojan address encryption technology using URl, commonly used method is the URL address translation as 16 hexadecimal, ASCII code here to Xpress for example (Figure 2) by demonstration.

 

hackers commonly used URL camouflage device

The second step:

hacker will Qzone address set to " http://s.user.qzone.qq.com/QQ url=%68%74%74%70%3A%2F%2F%77%77%77%2E%6D%75%6D%61%2E%63%6F%6D%2F%6D%75%6D%61%2E%65%78%65" and in the number? "Posted on the Qzone address to lure users click, users often click on the address to download and run the Trojan in the dark.

two, how to prevent Qzone attacks

method 1: since this cross site vulnerabilities so hidden, users will not lower infection rate. How do we need to guard against the dangers of this vulnerability?

Leave a Reply

Your email address will not be published. Required fields are marked *