Created
June 16, 2020 17:04
-
-
Save cmtsij/bf3e5489763e58f00a0009a61c6e2db1 to your computer and use it in GitHub Desktop.
凱擘 redirect hijack
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Normal: (reponse 204) | |
$ wget http://connectivitycheck.gstatic.com/generate_204 | |
--2020-06-17 00:58:49-- http://connectivitycheck.gstatic.com/generate_204 | |
Resolving connectivitycheck.gstatic.com (connectivitycheck.gstatic.com)... 172.217.24.3, 2404:6800:4008:800::2003 | |
Connecting to connectivitycheck.gstatic.com (connectivitycheck.gstatic.com)|172.217.24.3|:80... connected. | |
HTTP request sent, awaiting response... 204 No Content | |
2020-06-17 00:58:49 (0.00 B/s) - ‘generate_204.1’ saved [0] | |
KBRO hijack: (reponse 302 redirect to http://192.168.81.72/redirect/R3_CHC.php) | |
$ wget http://connectivitycheck.gstatic.com/generate_204 | |
--2020-06-17 00:45:42-- http://connectivitycheck.gstatic.com/generate_204 | |
Resolving connectivitycheck.gstatic.com (connectivitycheck.gstatic.com)... 172.217.24.3, 2404:6800:4008:800::2003 | |
Connecting to connectivitycheck.gstatic.com (connectivitycheck.gstatic.com)|172.217.24.3|:80... connected. | |
HTTP request sent, awaiting response... 302 Found | |
Location: http://192.168.81.72/redirect/R3_CHC.php [following] | |
--2020-06-17 00:45:42-- http://192.168.81.72/redirect/R3_CHC.php | |
Connecting to 192.168.81.72:80... connected. | |
HTTP request sent, awaiting response... 200 OK | |
Length: 801 [text/html] | |
Saving to: ‘generate_204’ | |
Other KBRO hijack page: | |
http://192.168.81.72/redirect/R1_CHC.php => 繳費通知(未過期) | |
http://192.168.81.72/redirect/R2_CHC.php => 繳費通知(己過期) | |
http://192.168.81.72/redirect/R3_CHC.php => 維護通知 |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment