V2EX = way to explore
V2EX 是一个关于分享和探索的地方
现在注册
已注册用户请  登录
introle
V2EX  ›  程序员

假 apple id 登录页 大家小心

  •  
  •   introle · 2019-01-27 14:44:10 +08:00 · 11383 次点击
    这是一个创建于 2127 天前的主题,其中的信息可能已经有所发展或是发生改变。

    收到一封邮件让更新苹果账户信息 点击后就跳到这个假网站了

    https://iclou-locked-itun.com/cgi-bin.appIe-update-information/#!&page=signin

    37 条回复    2019-02-11 23:05:23 +08:00
    ooee2016
        1
    ooee2016  
       2019-01-27 14:51:32 +08:00
    什么原理啊 这么牛逼
    gabon
        2
    gabon  
       2019-01-27 14:56:19 +08:00 via Android
    手机点了一下跳转的好像就是 www.Apple.com ,看域名是官网吧,cname。还有其它的问题吗
    lovedebug
        3
    lovedebug  
       2019-01-27 15:18:43 +08:00
    怀疑是不是专门用来截取 cookie 的
    sutra
        4
    sutra  
       2019-01-27 16:38:25 +08:00
    钓鱼获取 AppleID 密码的。主要用来解锁失窃的 iPhone。
    dmjob2015222
        5
    dmjob2015222  
       2019-01-27 16:50:25 +08:00
    看网址,应该是官方的?但是怎么跳过去的??
    whwq2012
        6
    whwq2012  
       2019-01-27 16:52:09 +08:00 via Android
    真的是假网站吗,看不出
    crab
        7
    crab  
       2019-01-27 17:03:43 +08:00
    这 302 跳转,怎么那么多说官方。
    mcone
        8
    mcone  
       2019-01-27 17:17:43 +08:00   ❤️ 1
    居然楼上一堆说是官方的……现在 V 站难道是第二个知乎了啊(捂脸)

    不懂跳转就算了,求求你们别学会查 whois 好吗???
    >创建时间 2019 年 01 月 27 日
    >过期时间 2020 年 01 月 27 日
    challenge55
        9
    challenge55  
       2019-01-27 17:18:25 +08:00 via Android
    开个二次验证 急死他
    flyz
        10
    flyz  
       2019-01-27 17:19:23 +08:00 via Android
    跳过去就是官网,这是什么钓鱼技术???
    xfspace
        11
    xfspace  
       2019-01-27 17:22:26 +08:00 via Android   ❤️ 1
    curl -vvv "https://iclou-locked-itun.com/cgi-bin.appIe-update-information/" -A "Mozilla/5.0 (Linux; Android 8.0.0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/71.0.3578.99 Mobile Safari/537.36"
    * Trying 173.212.250.252...
    * TCP_NODELAY set
    * Connected to iclou-locked-itun.com (173.212.250.252) port 443 (#0)
    * ALPN, offering h2
    * ALPN, offering http/1.1
    * successfully set certificate verify locations:
    * CAfile: none
    CApath: /etc/ssl/certs
    * TLSv1.3 (OUT), TLS handshake, Client hello (1):
    * TLSv1.3 (IN), TLS handshake, Server hello (2):
    * TLSv1.2 (IN), TLS handshake, Certificate (11):
    * TLSv1.2 (IN), TLS handshake, Server key exchange (12):
    * TLSv1.2 (IN), TLS handshake, Server finished (14):
    * TLSv1.2 (OUT), TLS handshake, Client key exchange (16):
    * TLSv1.2 (OUT), TLS change cipher, Change cipher spec (1):
    * TLSv1.2 (OUT), TLS handshake, Finished (20):
    * TLSv1.2 (IN), TLS handshake, Finished (20):
    * SSL connection using TLSv1.2 / ECDHE-RSA-AES256-GCM-SHA384
    * ALPN, server accepted to use http/1.1
    * Server certificate:
    * subject: CN=iclou-locked-itun.com
    * start date: Jan 26 00:00:00 2019 GMT
    * expire date: Apr 26 23:59:59 2019 GMT
    * subjectAltName: host "iclou-locked-itun.com" matched cert's "iclou-locked-itun.com"
    * issuer: C=US; ST=TX; L=Houston; O=cPanel, Inc.; CN=cPanel, Inc. Certification Authority
    * SSL certificate verify ok.
    > GET /cgi-bin.appIe-update-information/ HTTP/1.1
    > Host: iclou-locked-itun.com
    > User-Agent: Mozilla/5.0 (Linux; Android 8.0.0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/71.0.3578.99 Mobile Safari/537.36
    > Accept: */*
    >
    < HTTP/1.1 302 Moved Temporarily
    < Date: Sun, 27 Jan 2019 09:20:23 GMT
    < Server: Apache
    < Location: http://www.apple.com
    < Content-Length: 0
    < Content-Type: text/html; charset=UTF-8
    <
    * Connection #0 to host iclou-locked-itun.com left intact


    做了较验 检验不过做 302 apple.com
    crab
        12
    crab  
       2019-01-27 17:25:54 +08:00   ❤️ 1
    @flyz cookies 中的 user 如果不存在符合的值就直接跳转到 apple 官网,确保用户是从首页进来。
    yangsimonguo
        13
    yangsimonguo  
       2019-01-27 18:47:14 +08:00   ❤️ 1
    @crab “确保用户是从首页进来”这句话能再说明白些吗?用户指被钓者?首页指[这个网站](iclou-locked-itun.com/)的首页?
    uasier
        14
    uasier  
       2019-01-27 19:34:23 +08:00
    Jessepinkman
        15
    Jessepinkman  
       2019-01-27 19:44:14 +08:00
    var a883846=('7475-7387-7841-1874<--!-->8ffd4c024bd6de08598a87129957e81a<--!-->5679-9636-4311-8144');var a968843='IwCwcFGZTVyo0VxVPBcS7SFZiW+COvqSL3l3PsBtMysSQ8ku2Jw0OLF/i5xYLI0Ad1ObVFdmRcjbUjSTzWJxEhXUotE48lLEOWkBen0av5aXPkxo7BT6e35yjlioh+SaJ94AtCyB3PsvAoUYB9uL18M7n3ept1wurqO/qbef/fssdYpEWT1vLD7UxzagfE1vygtK0bQ98TkhsKUVDO58PWiwpXlXaBRn4c0LMvb3DT4syQRFxLViGBBhBj7Fdy28y6qNGYn4jJ/Mhm/jfab/igiiyN1gk8jNPpBwKGa2KlQ2fheVlfak4b1Z0jU95cVwEIA1xHdTI7/vtku/q7B1l1Z6bcTFR1WacZxO9aB5mUFJESx0YJLFaZbex47wzOjtYM1hzxrVwRay46BYFa6bqbqqlQkk96mo8x8/bUA8hItSyTShrFqLa4JFi+Xlw1eBFqxdeHitQI0XLqRXw5n13MV2g082EXGGdazsuJx3E8SGqYu0u6/XEZYM+/TTgZoldaZV4FBIPUM+MgpP12BLj1Z6OYu12n+XxkYE3AeM6g5sKHs+s8mAJYqO//lFkrVX4RBAEIpvS2ZV0KS9li6URWYAm7TjbI8L7qcSMdFeWZMxEukh0MpeLUjgYoJsoUFx0U8EF2i5pbOs4SuXLGBQQ8pnMYMfbQy5OKcezujcmQ4Ue0c7M8d8RVqqhan2my4f7NTdZM2hGer650WbZcrAGIsOvGYtiTYpobRc1Hd3Hi1LpxqahNtbf/ggNonHuUS7VIuHE+DpQ60nSf4SCUoUIGF1z0oz5DKenKHrxbNt0Y/QVKJR286DDlqUXybzbiuToCxjpkbudBSRt7VTikYy7mXJKb+RjCTQXsBNwAVcHVj+pM+nNIwLh45eHZI3TBfOI8EOOPZWe45900ixHlZ7CTdvy9cqdjr29Y7t5FCEZQrEra1tWlcEOwWKPsRPzfSyL4RB7Qg9CeI7OX+QQ0UXSlMmz7w/ZhQXDvg3hNWrEJ4PJZrlAv8Oyx8DWiifQsFSQ/cqtGEtmd3bjA9vfVDh5/RsbbU8KRsG/LQr2kNOHWDbhA1BvTDV507JEE1f7MdnZFwBKudepwRu+yUQ3NFdWz7NIdtXybGgBwctFMrRuVQFKfIFbHPl17qwvvXl4EBl5dXOjV6iLHvPe6BCsW25pBxau5kiEVlcB++SeNlCoounxI4JlC7sS2G/h+hxJra2PY/RCnGJJHR4IbUuOrCopEzV4l2FB5uFp7RfzTbFBEtLQRz48l4eGomC0wULZhlm6gLFrQs173XCcPMZOg86JeBKyA9LOePjFMfBste7C3nUafw4xgsPIcXHQolevE1ygVyQDvXlmii+eyO5vKANj04/xU5G46Z8l/Hw9iD33j82u0YkZ2RaAyp+CSM1D2vZN9jf6aCuX4pWnzK/plX+FKkwe7c2dLX858ArnRsVJSMFHBlkbYu8rYGSPRYHnNnpTAdGNjfc/vLGZn8YeS9E+rd1IWauFSYnWhEuWJTw2SAso3GSl+GYpeJKldO2nYzu8fcTmJw+jVt8fY5K+Dsbd+v/qKYQDFcCBa19nQfztRSjga5EjPdVlQULr+zOmMl9B0S21tLRui4e9NMvBow5SPayCw+V5p+XeH+emdKtSvNx30mMX9ABklyWuBZUevw698gcCKOobnMnMEgYaf+aQJ9Ds9cDSNGXg8RjnQZndBaCI1XkavGyID8SkHbtd4ugTOkqD7KL80rkmq+sG6GM3gMSUnR8P8KhWRgs94MpTzQG5/lQmRz4REsn7HVDBzD/sEoYzzGyyAm1FluYkYZLcJCVR8Czh0tC3NxZuLBg6LrdB5LseSqBYrodmmaSryoKumGhlcF0mj1ePhDDk9oL8ZgWIDk7CBF7Vr3VCBZeNYu1rIvaDrQCT41xcf/hQztXnXVb178Qkce9AJc+xgEnNBhS0vKyTpfk1Dj1D+BsvNmy7GTlB8MLJikEKhehxjbJoAuJ2ggs/PIN+zItp8Z79LCHNqmvPoZtL0gvbT1Da8Z4Bqv48cHNswDWV0TlN2jkh19Vvf13dGiQMU6Zd1XvnnWxYvn1pDXVqHVQHXc7h6FB+5GnVf90gWBX4k/ZAsd6SCy4f7bh+fTHb1bd1HFOHbhDenFvWqe/j+1+K04Zc/fpxJkgmDqDz+wBWnWapS2Eo5qU+VyA6HXPx/lE53AV0z6UmCZTOOrag231F/AEO6cpnH/pyc7d/wW2yy0cyGEZwL/RondCUine771+H9xM/KSTKmQhV/BDLioeABqVf1Nmf5lwsEMdzEWWWMdX26HGfCkoJDPlznxddYJvJ/PKDF//aWVnjaGrInsDruCtXpzjauNUp/9zQU1bRrdBu6VNSQ0IzLTeOjQLuSP5ZS2P3cuaxkQU/maOuvN9npG32MFt+KUUTqgJRZ615RXyw4t5LgThF5EizwkoIOiqGEhQhJhwFtHlNyNQnNSEFDpPSt9iZ13E7S4AWFzALEqItssy1zN6NtSJvAeTLciSwhaSmUNkweDYvoqFZKdIZP7ZbGQDP5oGDoVaAMF8oDArbpPIwdZcBPZ5qQpY/owxi2zJYaAoGy89RpasedttZj3ushHM+HZ6XksaUaK5qNABH9HPBizTdYBGJ8BpQAPM7+luZLnbDVFQuWs9GGpTn6k08JoX602ut6l9Bibry2MmmqAebt+m/9PNoxSnN8TSBurtmmHeN569MS+TNGpvrUd1OjIx3JPl+HGCGRW+32Jlk1OD5YXWHqJu+7V8r7opwNzsihkGMUrx86Wzblkl4X7Z9k7vEdcezFFDXKOcxNOxI/YTgYYhU8jnNXmg8yRXGHaH+JNg5lbCeXTzW5vU9BU0Cqify+epsFae5G2jzK+hZiaOVlUfKrKkLgrruOs69H+i4bWGdjW3wk/4ACVKiS9zP8J/gQBm0oC1fuMlYEt3Tcg7W0DCkuk9KvIcZk8rmbh4soxLTyfLL74RgP/S8+QSWIIG4gPEndiFC1yln8RRjTTxgqU6cM8RzsPp7ObwMDmRqyNOtJ+3+/YM5SD+FAw72S5+KTzYVrfB92tPd/O0niBlKJSKKd2w3aBUur3himeJkTXDeNBo0svVXQvre90rgP8FZkp/fQWt9X0j7h7+A5gXNmq4rSfs/Iei6U6SxeAeiqx3HBedM/u8ZxCh6yBJ7VJeQIbNYB1gPvjfOIVH6rMSyTosoYzdNqxjEiXOdmld/Jf0A51n1P5vjqEuEsqNyNVAVPymPcAJSle13dCTmVM18VxbMlsczdWEQLXiSXCEzXzTyvJzM++I3vwe7s1vsINCxa9PdGWeIcu1/EYA+3si5+9iLtcCLKsVbb48RzolyP0wGui9mHSxNjsCvNhFOnkSodkIaV1fTIhDDEwf8LmKiZqauCsIpIiK58cbG/ZO0f8maEAEvVB6wWsIGtEUuMNW1wHIIgHhVIRF3wAnG0BzpYqAiMstSjoUKWUrr3Z6C2bs3eiE4tZseX95phnxBCzPVsNrUBUo1w6xzkJ1SNCJoF4UhtxQro5rIjNgn4N52qYBpdbDL0ycsvLhHh2YnoMcdeh3Vt6+lzW/7qA8GidktWR3vzZ/1UUmxS+T7wQSk/HxlTUy5IsT/gu3+sNngb38s4/HTN8y1X9CTKdlU87Zrs09bPNQgEkFoI8acHG8RP/2B+X6j/G2HQxDys/7dHd2RbXKbCftqKTWb3FP+V2PijHWNhCgKLpsH50rTcJNTDm25BpewJwreyX1bzTrQ9Y0SjazTtGe44KrBcCJIOWt2+2SWMz0ZOHIC5s/nNXuIIy7MoPl+Ru0q5KA+l8Vj5n49HNC3NcyzkWoVb3NuU3mknb7X7pyyXriekW/HmO2ZxnKYNVx+ir0LBPNvVEWZXP+/naT41c/cPdhtbgywVLjBX+yvVP8K8ezsgxzxdX6eDDoJP88HISo5NtzrOdzHDullGvdN/DnT+Qomo9xBVbJRGhsHbwhoUynauvz+TdHybeJ9yDFPDbhDR5zpL8dyWzzYTx5np/DNwfxMzcZBS6ZI4vQclPhhhQGYfT3aLrpFWNy0RIWkJVRtIFXg6GfFVt9YrR8ihD+rlqEgnHGlilahM+alR+SbE4H9f7kXIy9mWnSa1k23rytnGjtu1jHLtdo9oEJkcpRVucLpvK49dGjiRp3PZvVOaVPnO65/NfzYnSDwqKLLemE0iRRb7/8O04Sz+5ZtN3bokw/TJuy0L0BYrnriTLqiGbuKm2hE64k3l5YooY6n7o4GjJRbIeZSdjiOPPxRtu6BBPzxUO5ZQuMOOuTwLRw6g6wLf7NmqtSxuuoboGkqmaII7PFikJ/t0kkvQconPvGHxiJs84oNXHwmXesBz1fmcAUTrPa4ir94qi8lqRqEML7ar+CO/kAbbIrU+PfgjulxnSNLPO7Hez8Zylyc8ao1g56mVBqJA1fcAyMc7jauIYZ4sYK5d6lj+O47LVuF516A/kd/Dl3Ur5ZeisUffSky77vHsTLnX29G6dm2BSXPcZaYWrF6sw4GIVaMthq5u3JqggX5bLNSHl/6XEiJWU4pQFTSByWncjzkYSEy1Z3WrIIkuMJLwSIKDQChdOJp1EUVjXHhQKh4ZK6LBO8U6spLtV4OXKo9qgHwzB54kXQF7j9IHFiKL5FWmOHQYca4B3FPX7S9E97RSjshVpZeOkt7rD+A0RRgdBRGFREd494OcoE7zEE2Q5mL+FpAIGgtKu6U0A5IBYOtXc9d5rU8AdOiu4igLlCRyoGhw+jd+OkwUmVx/cdUY12zfozndeBDqGa0Sz9lGkec7CmBNP52owajze5HQd1/XujTfRXpQbzlShJ387wCeCNuNd0j1HH7BroxAYLJ2MWg02q8SHHO/VJmAAmeziclYJR39HcNBU7yWtIliL/azYEmV/NIbhNPBu0lmbLingcB0+X5fqrsSoT8tdFuMpfveiTyoUJ2/XYfrjLef6ZnKs2DViDc/5GkQog40ydWu3aIURbj0c76fKP9zViYEEnfDFXmPokPcV1vdK8FLX3F9v8x+4cv9DsWL6Zc7nkXTi+svKI5RCxaum+6glE+RHJsOY+TsXdkA1mr99DjIbhPvBLiiLxmK0gtn4t/6iw6xiSaUvcmcUtI15ZhiAhfOYEEaL6PbNhdXFl4QS1CI3WSmSA5yOZRIE0nq0GdyvVed9lOJuGf90tFZiZchoEvGGm8pvPLbU8OlCs/sLn1tE+sRv9ydq2eO8glF2AG9SiqZoZcRZU6eKCZp/0rtRMRbpIgOo8pkadQ347CXXMmrRSjzFXQbRnPbXFCMcYIahru/ETwBdiFK10GTgeJw9Yb4jZz3i5yNPan/mQfsOrbsfjhSyw2lnP4CfOwRuRHeucPtgMuj6yq73XHhwoDX5h/ti45/nXqZx+0hGbe227Djcp53+B3xXoeSEAYYVKA315fMQzOeCQNVd+CxRVJ8gJqedgAhA4w8d4Yf41+l/R9tZltITm1KjMciRxwaYQU7Nftd3L7aJfOcOiiiSUwRrwacsBM5mpMT0alQp3m8oRzOVGtFMBSBh5x2o1/GkAW5hQcKOiAmworBrTeBCDWgxXKn3hmXcNc20qf7ISNCZBKoAhvGjt9Eq30v8LXNZiqLcKGdcj2omJNgoGVfjp+lxXT2oCxgiyIBBUNXb01IAqezuaqWjYjOgwEnCcuxnQkbqrFwwu9mwfmHBiHFrhPsYFH2kokdRI1E/IOo8wN6rIW0M66mqK0n6KAc2aVejp9oQ4bTmGT4ZYBFUhehgf4Aztiu3baySZroLouUGFo5bJ1J0v3SqzAJ8bgyHVZ7+Akh/lZEzOkAxhJaBVR++3oCyE1cOUR0FlvQlva6BHwxTgSA5OkRvOjKQsdGaeghMDUFwBm4I/ofaivlIji6m+8W8MSJVW4gX+3f/h094tWNfc1cbtlprcX4SEPa5KXxSqclMLFdpFho0OtmL6ihpgKoqotaZPJDukbOFfWJcLi6gcFerkXlwN1Z4Boikr5s+tAfIPmV4q9IxRfYAHdfqESM8iQjgyr9vM/DNCidgvjIM0UmD/AADD8sfaEntVPYxkm9mUnt5HJR6smUXByCDDaeT0J2++d3y6BcqWeHBGHX/eQdPs0+c/BbgQEZYwtpoXIJVOfaPr5Q2XD/3dY4owuR8CeWEZnclqMenyp3vdZqr4JtVnkCLuzxDjFzOkj0nYDSj34H/vIXgNgcjL2XTWe7xBItFnu3LSxyyYsTqf3KzQDBsw/61P2/PccVYvYavfzs5tNlJnPw0jqvakntO9qAC9J0h3BOAgDV4vxxhDv4pGdAAnjQiKqYPIA6dWyMiqMFejturpQV6b645CLhqPPBBtyWYqnFWLEBqI7o3NlawWvqEej/T4nKiK6fStWyxN7BIcEBvLGrL7o8by027KJvZKB+QLjPSbgMCR+7mtjLDBRDQEElomMG0j+/z+1SSN9+FOw4ryFblpVJdP9KomK2SbStAxyXkmN/8p0O3jZSKHX/MrOUi8oNy4B2+BjcqdVHkmhSvHLx0Qw8E47pQ36Fn/zQQN/QWALBuK45lzCx0bSBC1QeEywrB23Kvuw8OI9DPIG2mtD06LsYa+E9ZRRxowSsDvIiN79QEsoKCp8dsb31b+KMvrQ4DDhok+D+N7ZvT0xc7EjAIE5S23NP1ECFxCRNjqj6iRT4UUSIGaFpCP5A5vsvXO/JsiUSnMfGW2ES4SoWfKUyqljHH7lKn/APHUniqwbdmCHIQCcQeBvKoRyYRuGcU3xlBdc3B9YTOujWUJ5PpwS42QS/9x/zU7DmxuyBS5GqIoRtZ2713wyLjYlXpIEs5/yS+rFIbGdXsmWCPmKbSaDsU2IBdNHoc6PvfgDYoRJ7dHWJM4OIfYki3qJi8BlzFKRYND1beGESx7Sn6eMNcP+cFpwhqVpdRsm7RQQutfLdWF5lCGhWenBs2WRH+Y+n9gQtm2p+sBaPPVfry+5X1DMCr03qsAQrF3XFsO0tyUaCWtPMy5prkqUGoh78l81hsjI/Rc4xNibZEluSXjftsvP3WRARdj+4zbSwnUJNq1QpXoOd3H36pUfIJxORO9TQNjWaqsMluzm3eQGgK8pB6W6jn4Owjcb8YZMDG94JB/sGp7UDR9bDRmDlL4vYiRsREZsCLkhz9ET4A15vYHYT9S2AkL2Wf2dmedFfFKlvjsA3ROyTfeu7798V/ZMGHJ2pevyxPFz4DWFmjrMHIHVhiTDb56Kk9PUdIw/dvoeul/p2a176QqKM0BySOfSsRZZ5bB8T5qxFjMk5iYuo7OAYE+PRrETceVn1kaIOz5WVIQhQ34XxlfvJQuzuyiFRH6mhF2HDDQ1PR9dk5dfSv4RHCZ6U04TAstW7JoVh5G5u4Kp6/28WciNf81eS0dAOGIQ9zyozHDmC64hQ6M9LeqUa+THrcYYbpuH5wI7HJLXkpLV9E9sPCYW0W5SSoY45QkTq2nvpTz01HCSfMBwxnBdM8j4Mu10B/XIqhEbRWz6ybq5TIteGcz3CX3HsNem+pCcK2jEqQjLQG60SJOBCn+bTldifecme70TGnF2oyxXNNI4WLKF/WOW1QQvMWXPwmhJsWf6AfDIHvXOSw67dLeVzkVSN87tV/eC79YTtMrNXcVIjVlvM+vYl/5i7YJWPc+iWWRcT5FlRQcSd2ScituwiTWARzdRDlgF85fTmxHWvAwFEbU+uequ8o5h8aqAG9YZ/kURjvEoU4Gobo+vKGGNzSi2QBrRKeijXTztRKfvS2nJsunR7VKqLfsQjAaQucMZ6zSfYgopqChEEh7UovV71LI64EoJ6DSMddiuQshglhGCi/u4LXPRlHZoaHEhimXSesHVZsgytI+lAAIqGFNHzUIUQcDuDGQ9NgzIptWZ410TFje0kffhIvTFGemjWjBuGTb2pgF31Bl6+T2yC3YdP+qxBNVz2I56KG/v/7bXQDdwGgl1UFqSQ75ULs7+btTevcaAWIlbjUd7MJanttwVE60dZpDWgZl+e7IErfhNnrTZhIZMon9LsxQvISpLgkrs1ZouPK34FD5cruvqUKYPrq4juYpi4VxQFD43lhCO7EFBMSXDsidhRvGPt8BpBB/dOQjLVs/YAUe7d+9M6qWYD6QnK4ZbSEz25Y48gt6l3L6KwApLQVV2dZbt2rWGe2i4TXmL6/AEjx4s+jBT27ktiueSBTMLv62kRPVpJesRmE7mQS7Aw2PGsfN3hbtNe3WGzDBdPogzuZ+ksfifVF4iP5cmUSIPVW2t7hufgJ5QH6B4jXeBMMFAkrJ3wBaCr8O3zrBvU0gRlXEuxnkEijhXVGwXGpRVKYcuZiAcMVQomT2odaSb83qT0fNZFVlxdq82VF3K/9ZHISKI8NunKgQOKAq4z/xs40ny1winZTSWaLDASv2iex2l1uVg/tQwq1pTdN0yvZS46wqF23DrUyj+xhmkT9ETITW6BE2KjKQGn6PuMkTLwbT+/z5nSYl0OsNWvFlVZGTCR6BlWq3tXThMBUNqdL8WfM7DyHm0l6hTuTgGtQ/BtK9/02XwHYAVD9MxI+4yeOBsMLw05PlKD+49rKjmeUOZOnuGGEAl4/3qgS0wBPl7HrJ7QxpPfXR24SUWla+xmIFHR8142PqhI3psykQFvYN85XXYppwsf88urmgyoDWWsvcpUQbiy8ZflCNyXn+Vie1fW95KOyXPTnqHFoZi1iJFTzGvfbifdIARovIgnUR1qk2dFNUl252DzGWSCh/cuYzjaNljd1yufXsDWWq59Msr5zruFEuvShKmBHz73i9m22DCXBg1vu9fz2LsewMx+3g2I5azYMC1vmnN7ILHAjX9JLbzeZtuVHoGMexUPGODeMnoAChmPTP3gc6XbtmIOFPi82rAHgM87tvVnD0YDjMD+nTzkXg70peNE2ScLzShGanetrwiMnZY0+kRiQWVMcMODS4Cy04MTZpQNgwmvSZ8ZtHm95WsVBfGyGpgeIVPlM+0vzLdU1DCSNFllsG3VVU3odxUDIXZ+Xh6oltC2TCcTJAjPZCU/lc5e6ijBNTLQGnCgHB0/YW+QXwIkCNUBipIdj/iUJL5fLvHZtILSEbYKudq71tyBHz1K6pEyUPDvrbNIzwdS8Ne1FhTAk5I2qmRGnwUKqEwmfWugWx1f1+RTUO3qmJ9YKqXHC5u6ev5EanRDWHRfTShBpGt+6dk5GJv54gk8IK59Zf9WW3ZLAVggyBuBRXNlr6SWZP4Z8QxHeYi39jkvqLm2Z8TGvYbvAKMlyFLZATcLU+BNdDnoFDV40p7bpS68yIVmG7EM99dOtigsy17J/cTzTdajh8sZBS4MxSJIltlunKinl+hKYZDj6+dVY/2QxVl4tWTc4xUS3Pi1xz9XQbxq9J7j4OrULaw5fGEOGqVHwOBwcKNPQTrQfuiJsdTMM+2YpLDZ9PNTF+5/SSuLSXMRQrjpvbMlwRWbWUyFfSX2CQekHDHZ6BURMqLth0VYkdYobDCiBZ8/Kd8INyw7YxpPH0JhwxaJqUByq1+kkcvmhKjqXN3xBHTE7QFsTk8RqhJbFN2WmnskKkpcHTDzskFaqEaVnbNPsw/+a3GPfOsbTZCqwWXTT2XjkkYpIS0Q1z2luCv105Fz3ub0SUnhBECqV/ahkWA4IaDAPT9oLqDbtnjMd4frl5NVxr9fIhlKSeZNW887aIrHTnG6z5j7vGosrq31OnkW1TcoOTGbOM0qX9LfXTuFte9Ud4NSBJGzfPzzuIAxxNRSKwYc1aZa3cPppuiDUgvZhru5jKQCpMS8+6qtBFuXrwbHo3dQL+DnULA5Ps27QDvCC26tt+r5DJ/yhKDJIVb1W3/YqpKvX6Y6c6BTulDNRi6YKkOCRFFdzHjZX11v7GbSv90YlNxk
    realfreesky
        16
    realfreesky  
       2019-01-27 19:48:38 +08:00 via iPad
    @crab 这种做法有点严谨呀
    xiangyuecn
        17
    xiangyuecn  
       2019-01-27 20:26:41 +08:00
    大惊小怪,怕主域名被疼迅傻叉屏蔽吗,搞一堆小域名障眼法。最终显示的域名对了就行了呗,管他从哪里跳来的。
    顺带骂句傻 X 百毒

    wjm2038
        18
    wjm2038  
       2019-01-27 20:35:31 +08:00 via Android   ❤️ 2
    @xiangyuecn 你真的懂电脑么?这明显就是钓鱼网站啊,很多都是如果你不是从特定位置来的或者条件不符合跳转到伪装的官网。fiddler 谁都会用。再说了 Apple 还怕 tx ?
    frylkrttj
        19
    frylkrttj  
       2019-01-27 21:00:27 +08:00
    这和搜索引擎跳转难道不是一样么?
    qwertyegg
        20
    qwertyegg  
       2019-01-27 21:06:04 +08:00
    有点意思,第一次打开自动跳转到 apple.com 了,第二次打开的时候没跳转还是这个钓鱼页面.
    dmjob2015222
        21
    dmjob2015222  
       2019-01-27 21:10:35 +08:00
    @qwertyegg 果然 ,然后果断注册一波: [email protected]
    dmjob2015222
        22
    dmjob2015222  
       2019-01-27 21:11:30 +08:00
    @xiangyuecn 小伙,这么明显的钓鱼,值得用工具么??
    dmjob2015222
        23
    dmjob2015222  
       2019-01-27 21:12:43 +08:00
    @xiangyuecn,最简单的安全都没有处理:密码使用明文,
    xiangyuecn
        24
    xiangyuecn  
       2019-01-27 21:15:19 +08:00
    @wjm2038 溜了,溜了。如果大部分人都会看地址,并且可以看到(可以看到,可以看到),就没有这种链接什么事了。百毒也不会被骂了(狗头保命。没遇到#20 这种,我这每次打开都跳官网,看样子你价值比我高很多呀。
    dot2017
        25
    dot2017  
       2019-01-27 21:22:50 +08:00
    赶快把这个网站往隔壁 loc 一丢,说求压力测试,瞬间能 d 到他生活不能自理#滑稽
    xiangyuecn
        26
    xiangyuecn  
       2019-01-27 21:23:52 +08:00
    @dmjob2015222 #23 没明白你说的啥意思哦,没发现密码明文呀
    wdlth
        27
    wdlth  
       2019-01-27 22:03:13 +08:00
    非 DigiCert EV SSL 请勿诈骗
    zea
        28
    zea  
       2019-01-27 23:00:35 +08:00
    firefox 已开始提示危险网站……
    dmjob2015222
        29
    dmjob2015222  
       2019-01-27 23:10:05 +08:00
    @xiangyuecn 自己随便搞个账号,测试一下就明白了!
    xiangyuecn
        30
    xiangyuecn  
       2019-01-27 23:34:22 +08:00
    @dmjob2015222 是 iclou-locked-itun . com 域名下输入用户名密码,还是 apple . com 下输入用户名密码?虽然已经打不开了,但如果是 302 跳转到了 apple 网站下,可以放心大胆输入密码。如果还是在 iclou-locked-itun . com 域下面,那就真钓鱼。应该是这样理解。关键在于他有没让我输密码,302 跳走了,可能我价值太低,小水管要节省流量吧。哈哈

    另:不能理解微博 sdk oauth 登录的安全性,没有安装微博客户端 app 要调起微博登录,他们自家 sdk 就弹一个网页让你输用户名密码。。。每次打开就感觉像打开了钓鱼页面一样,神奇的操作。反正我是从来没有这样登录过,没有一点公信力。
    kersbal
        31
    kersbal  
       2019-01-28 02:42:13 +08:00   ❤️ 1
    浏览器动作挺快的
    ![]( )
    crystone
        32
    crystone  
       2019-01-28 08:56:31 +08:00
    这么明显的钓鱼还讨论半天也是无语
    用最新版浏览器的好处就是有钓鱼提示,当然说的是原版
    Stlin
        33
    Stlin  
       2019-01-28 10:57:48 +08:00
    chrome 报红了
    huaxing0211
        34
    huaxing0211  
       2019-01-28 11:35:46 +08:00
    firefox 直接显示诈骗网站!
    yangxin0
        35
    yangxin0  
       2019-01-28 16:08:38 +08:00
    用 1password 就不会中招
    chtcrack
        36
    chtcrack  
       2019-01-28 16:50:48 +08:00
    您要访问的网站是欺骗性网站
    iclou-locked-itun.com 上的攻击者可能会诱骗您做一些危险的事情,例如安装软件或泄露您的个人信息(如密码、电话号码或信用卡信息)。
    kisara
        37
    kisara  
       2019-02-11 23:05:23 +08:00
    双重验证 想骗我密码就骗吧 骗了也没用
    关于   ·   帮助文档   ·   博客   ·   API   ·   FAQ   ·   实用小工具   ·   2765 人在线   最高记录 6679   ·     Select Language
    创意工作者们的社区
    World is powered by solitude
    VERSION: 3.9.8.5 · 23ms · UTC 14:50 · PVG 22:50 · LAX 06:50 · JFK 09:50
    Developed with CodeLauncher
    ♥ Do have faith in what you're doing.