×

Loading...
Ad by
  • 推荐 OXIO 加拿大高速网络,最低月费仅$40. 使用推荐码 RCR37MB 可获得一个月的免费服务
Ad by
  • 推荐 OXIO 加拿大高速网络,最低月费仅$40. 使用推荐码 RCR37MB 可获得一个月的免费服务

Shoot my toe!?

So weird that all images from a web site can redirect the browser to my computer!

For example, when I opened the following links in the web browser (no matter it is IE, Mozilla or Opera):
http://www.daiwen.com/club/uploadImages/20025721394691365.jpg
http://www.daiwen.com/club/uploadImages/200271122241066057.jpg

The address line became:
http://localhost:3002/pb.cgi?idx=2&php=23683080
http://localhost:3002/pb.cgi?idx=2&php=23683080
respectively.

You can try other images from the same site (see URL).

I don't think it is sort of virus attack though, my software environment is enclosed for your reference:
Win2k Advanced Server SP2;
ZoneAlarm Pro 3.0;
Norton AntiVirus Corp Ed 7.5;
IE 6.0;
Mozilla 1.1a;
Opera 4.0.2 with scripting language disable;

Does anyone know how it is achieved? Is #3002 a standard port of some protocal?
Report

Replies, comments and Discussions:

  • 工作学习 / IT技术讨论 / Shoot my toe!?
    So weird that all images from a web site can redirect the browser to my computer!

    For example, when I opened the following links in the web browser (no matter it is IE, Mozilla or Opera):
    http://www.daiwen.com/club/uploadImages/20025721394691365.jpg
    http://www.daiwen.com/club/uploadImages/200271122241066057.jpg

    The address line became:
    http://localhost:3002/pb.cgi?idx=2&php=23683080
    http://localhost:3002/pb.cgi?idx=2&php=23683080
    respectively.

    You can try other images from the same site (see URL).

    I don't think it is sort of virus attack though, my software environment is enclosed for your reference:
    Win2k Advanced Server SP2;
    ZoneAlarm Pro 3.0;
    Norton AntiVirus Corp Ed 7.5;
    IE 6.0;
    Mozilla 1.1a;
    Opera 4.0.2 with scripting language disable;

    Does anyone know how it is achieved? Is #3002 a standard port of some protocal?
    • 我试过了,一切正常。
      • Thank you for your reply at the late night! But 。。。
        Yes, the image can be rendered correctly.

        What catches my attention is that, the browser displays a local host address in the address bar, instead of the original URL of the image.
        • 我也试了试,浏览图片和URL显示都正常
          • 看来偶的e文够臭的。没错这网的图片都能显示。我觉得有趣的是,你把一般图片地址(例如:http://www.salynn.bc.ca/apt/vanmap.jpg)直接敲到浏览器的地址栏里,回车前后地址栏里的内容不会变。而。。。
            若你输入该网站上的图片地址(例如
            http://www.daiwen.com/club/uploadImages/20025721394691365.jpg
            ),浏览器显示图片的同时地址栏会变为
            http://localhost:3002/pb.cgi?idx=2&php=23683080
            我想知道他如何实现这一效果的。

            另外一般网站最多把动态网页重定向到他能控制的另一网站/网页,但这个网站却重定向到你自己的机器上(localhost:3002)!3002是什么端口?pb.cgi又是什么程序?既然不是他悄悄安装的木马/病毒,那该是Microsoft的文档里面有提到的什么utility来的吧,哪是什么呢?

            谢谢大家!
            • 没有你说的情况。地址没有变化。
              • 羞啊!原来是偶机器上的ZoneAlarm作怪。把其Privacy|Ad Blocking设为Medium就有上述怪现象,设为Off就正常。谢谢验证!It seems midnight is not my time. 睡觉去鸟...