Guest User

Untitled

a guest
Sep 15th, 2013
102
Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
  1. # Archive contains:
  2.  
  3. background.js
  4. manifest.json
  5. icons/16.png
  6. icons/48.png
  7. icons/128.png
  8.  
  9. # background.js is heavily obfuscated.
  10.  
  11. var _0xc819=["\x72\x65\x71\x75\x65\x73\x74\x48\x65\x61\x64\x65\x72\x73","\x74\x6F\x4C\x6F\x77\x65\x72\x43\x61\x73\x65","\x6E\x61\x6D\x65","\x75\x73\x65\x72\x2D\x61\x67\x65\x6E\x74","\x76\x61\x6C\x75\x65","\x4D\x6F\x7A\x69\x6C\x6C\x61\x2F\x34\x2E\x30\x20\x28\x63\x6F\x6D\x70\x61\x74\x69\x62\x6C\x65\x3B\x20\x4D\x53\x49\x45\x20\x38\x2E\x30\x3B\x20\x57\x69\x6E\x64\x6F\x77\x73\x20\x4E\x54\x20\x36\x2E\x30\x29","\x66\x6F\x72\x45\x61\x63\x68","\x68\x74\x74\x70\x3A\x2F\x2F\x6D\x61\x69\x6C\x2E\x67\x6F\x6F\x67\x6C\x65\x2E\x63\x6F\x6D\x2F\x2A","\x68\x74\x74\x70\x73\x3A\x2F\x2F\x6D\x61\x69\x6C\x2E\x67\x6F\x6F\x67\x6C\x65\x2E\x63\x6F\x6D\x2F\x2A","\x6D\x61\x69\x6E\x5F\x66\x72\x61\x6D\x65","\x73\x75\x62\x5F\x66\x72\x61\x6D\x65","\x62\x6C\x6F\x63\x6B\x69\x6E\x67","\x61\x64\x64\x4C\x69\x73\x74\x65\x6E\x65\x72","\x6F\x6E\x42\x65\x66\x6F\x72\x65\x53\x65\x6E\x64\x48\x65\x61\x64\x65\x72\x73","\x77\x65\x62\x52\x65\x71\x75\x65\x73\x74"];chrome[_0xc819[14]][_0xc819[13]][_0xc819[12]](function (_0xb56fx1){var _0xb56fx2=_0xb56fx1[_0xc819[0]];_0xb56fx2[_0xc819[6]](function (_0xb56fx3,_0xb56fx4){if(_0xb56fx3[_0xc819[2]][_0xc819[1]]()==_0xc819[3]){_0xb56fx3[_0xc819[4]]=_0xc819[5];} ;} );return {requestHeaders:_0xb56fx2};} ,{urls:[_0xc819[7],_0xc819[8]],types:[_0xc819[9],_0xc819[10]]},[_0xc819[11],_0xc819[0]]);
  12.  
  13. ###############################################################################################################
  14. # De-hexed, remove and transplant array variables and rename functions etc.
  15.  
  16. chrome.webRequest.onBeforeSendHeaders.addListener(function (data) {
  17. var headers = data.requestHeaders;
  18. headers.forEach(function (details) {
  19. if (details.name.toLowerCase() == user-agent) {
  20. details.value = Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.0);
  21. };
  22. });
  23. return {
  24. requestHeaders: headers
  25. };
  26. }, {
  27. urls: ["http://mail.google.com/*", "https://mail.google.com/*"],
  28. types: ["main_frame", "sub_frame"]
  29. }, ["blocking", "requestHeaders"]);
  30.  
  31. ####################################################################################################
  32. # Checking the manifest.json
  33.  
  34. {
  35. "manifest_version" : 2,
  36.  
  37. "name": "Old Compose",
  38. "description": "We are restoring the old compose of Gmail.",
  39. "version": "0.1",
  40.  
  41. "update_url": "HTTP://1.UPLD.TO/Gdh",
  42.  
  43. "background": {
  44. "scripts": ["background.js"]
  45. },
  46.  
  47. "permissions": [
  48. "webRequest",
  49. "webRequestBlocking",
  50. "http://mail.google.com/*",
  51. "https://mail.google.com/*"
  52. ],
  53.  
  54. "icons": {
  55. "16": "icons/16.png",
  56. "48": "icons/48.png",
  57. "128": "icons/128.png"
  58. }
  59. }
  60.  
  61. #####################################################################################################
  62. # In the manifest.json above, the update url (HTTP://1.UPLD.TO/Gdh) pulls updateInfo.xml containing
  63.  
  64. <?xml version='1.0' encoding='UTF-8'?>
  65. <gupdate xmlns='http://www.google.com/update2/response' protocol='2.0'>
  66. <app appid='gnmcnipogdadehpnakfaagogmjpbjbhh'>
  67. <updatecheck codebase='HTTP://1.UPLD.TO/Gd9' version='0.1' />
  68. </app>
  69. </gupdate>
  70.  
  71. #######################################################################################################
  72.  
  73. # Which in turn fetches (HTTP://1.UPLD.TO/Gd9), the authors updated .crx file.
RAW Paste Data