In general, what will happen if you see unfamiliar words? I think it must be translated on the Internet. I personally am no exception. Let's take a look at the feelings of famous translations.
Let's first look at the differences between different translation software.
It seems that there is no difference, but if the user clicks "show example usage of words", that is, this icon
Next, a translation example randomly selected by Google is displayed, all of which come from different websites. You can switch to more than one website to view the example.
Okay. Let's take a look at Baidu translation ....
Have you seen it? These are all websites that match the keyword randomly selected by Google Baidu from the search engine for reference. Maybe someone will ask at this time, what? Let's take a closer look at what you really want to say. If a user translates a word but does not know it very well, what will he do, at this time, isn't these similar usage playing a key role? You may also ask, what role does this play in security? When a user clicks on a website, he may just want to see how the example Article can help him better understand the translation. This is an excellent opportunity for hackers. Let's look at my example.
According to the ranking translated by Baidu, this website ranks second, and the user's click possibility is around 60%-70%. After selecting a website, let's see it ..
I found a place to post comments here. You can guess what I did. First, I tested whether there are cross-site vulnerabilities in the comments of the website. The tests show that there are yes.
Most people may now understand what I am doing. I am using Baidu translation recommendations to trick users into clicking on the website, then insert malicious code similar to xss in the website, causing the user to be infected with Trojans or be attacked by malicious code.
Let's take a look. If I enter the jump code in the comment, and then if the website we specified is infected with a Trojan, the user will suffer !!!
View my demo
Look, it's challenging my website ..
Okay, let's sort out our ideas.
1. First, determine what you want to do, such as Trojan Horse and chicken, increase website views, and obtain user cookies?
2. Make sure that your hackering website has a high possibility (the user clicks for the first time)
3. Try to identify website vulnerabilities!
4. Batch launch of vulnerabilities to translation recommendation websites. In this way, there are only a large number of users suffering from these vulnerabilities. I have searched Baidu translation. The most recommended websites are article.yeeyan.org, what I want to say is, if, even if you change the dns of the website article.yeeyan.org, even if it is an hour or a day, imagine the number of users who have gone to Baidu translation in a day. Think about it again. Basically, this website will appear every time you translate. the user clicks rate is very high. Next, your goal is achieved !!
Okay, this article is here.
Start building with 50+ products and up to 12 months usage for Elastic Compute Service
1 on 1 presale consultation
24/7 Technical Support 6 Free Tickets per Quarter Faster Response
Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.
A comprehensive suite of global cloud computing services to power your business
Payment Methods We Support
