当前位置: 代码迷 >> Web开发 >> 证据确凿:360偷偷下传用户资料,每隔半个小时一次
  详细解决方案

证据确凿:360偷偷下传用户资料,每隔半个小时一次

热度:241   发布时间:2012-09-02 21:00:34.0
证据确凿:360偷偷上传用户资料,每隔半个小时一次
这是我用Wireshark抓到的数据包
POST /upload.php HTTP/1.1

Content-Type: multipart/form-data; boundary=---------------------------7d83e2d7a141e

Accept-Encoding: gzip

Host: up.f.360.cn

Content-Length: 1998

Cache-Control: no-cache

Cookie: B=ID=739191265759926:V=2:S=53c7c9433f; __utma=148900148.326659550.1275141945.1275141945.1275531076.2; __utmz=148900148.1275531076.2.2.utmcsr=google|utmccn=(organic)|utmcmd=organic|utmctr=360



-----------------------------7d83e2d7a141e

Content-Disposition: form-data; name="attribute"



<?xml version="1.0" encoding="UTF-8" ?><attribute><version>1.0</version><client><product><![CDATA[360safe]]></product><module><![CDATA[newspy_killer]]></module><version><![CDATA[1]]></version><wservicever><![CDATA[]]></wservicever><extinfo><![CDATA[]]></extinfo></client><os><version><![CDATA[5.1.2.0]]></version><windir><![CDATA[C:\WINDOWS]]></windir><sysdir><![CDATA[C:\WINDOWS\system32]]></sysdir></os><info><name><![CDATA[360_formal_1283517590.log.up]]></name><md5>4a0245f7e1958aba3dd290d04eb01ff7</md5><path><![CDATA[C:\Documents and Settings\James\Application Data\360Safe\LogInfo\360_formal_1283517590.log.up]]></path><class>important_log</class><uninstall_name><![CDATA[]]></uninstall_name><filesize></filesize><sign>0</sign><product><![CDATA[]]></product><sign_corp><![CDATA[]]></sign_corp><corp><![CDATA[]]></corp><filetimestamp></filetimestamp><desc><![CDATA[]]></desc><soft_edition></soft_edition><file_edition></file_edition><sign360></sign360><shell></shell><drivertype></drivertype></info></attribute>

-----------------------------7d83e2d7a141e

Content-Disposition: form-data; name="type"



client_log

-----------------------------7d83e2d7a141e

Content-Disposition: form-data; name="vk"



8f7c9ace

-----------------------------7d83e2d7a141e

Content-Disposition: form-data; name="mid"



6f5ef1e945ea77eb32b25eda5e5681e0

-----------------------------7d83e2d7a141e

Content-Disposition: form-data; name="specimen_cont"; filename="C:\DOCUME~1\James\LOCALS~1\Temp\4a0245f7e1958aba3dd290d04eb01ff7.zip"

Content-Type: application/octet-stream



PK..........#=`...e...l... ...4a0245f7e1958aba3dd290d04eb01ff7UT
.....L...L...L..A
.0..........Il..UJ.? V............@.@..4y.\.T..j...M.......u.n......x....x^Xp...W.....
....8.nv..PK............#=`...e...l... ......... .......4a0245f7e1958aba3dd290d04eb01ff7UT......LPK..........W.........

-----------------------------7d83e2d7a141e--

HTTP/1.1 200 OK

Server: nginx/0.7.67

Date: Fri, 03 Sep 2010 13:06:45 GMT

Content-Type: text/html

Transfer-Encoding: chunked

Connection: close

Vary: Accept-Encoding

X-Powered-By: PHP/5.2.10

Content-Encoding: gzip



15

..........3..!.......

0





------解决方案--------------------
嗯. 对于这类软件, 一定要找个网络嗅探软件, 拷问两三天后,再决定是否用它.

唉.. 现在国内的哪个软件不偷东西?

基本上没有了.
所以, 我一般电脑里装的都是这些优秀软件的最早期的版本. 那些版本经过考察, 还没有加入偷东西的代码.

但是QQ 是强制升级的. 没有办法了..只能任由它强奸....
------解决方案--------------------