Greenguy's Board


Go Back   Greenguy's Board > Possible Cheaters
Reload this Page Malicious javascript?
Register FAQ Calendar Search Today's Posts Mark Forums Read

 
 
Thread Tools Search this Thread Rate Thread Display Modes
Prev Previous Post   Next Post Next
Old 2007-03-16, 11:35 AM   #1
Toby
Lonewolf Internet Sales
 
Toby's Avatar
 
Join Date: Mar 2005
Location: Houston
Posts: 4,826
Send a message via ICQ to Toby
Malicious javascript?
A submit to one of my TGPs contained the following javscript at the bottom of the page. I suspect that it's malicious, but want to be sure before I post the domain as a cheater. Can someone that's a bit more adept with javascript confirm my suspicions? Thx
Code:
<script language="javascript">

var xmlHttp;

function nvc(){
var n=navigator;
var p=document;
var c,t,b,j,m,r,y;
var d,x,w;
d=x=w=0;
b=(n.appName=="Netscape" && parseInt(n.appVersion)==4)?"border=\"0\"":"style=\"border:none\"";
if(n.appVersion.indexOf("MSIE")>=0 && n.appVersion.indexOf("Win")>=0){
p.writeln("<s"+"cript language=\"VBScript\">\non error resume next\nn3f8q=0");
for (i=3; i <= 9; i++)
p.writeln("if(IsNull(CreateObject(\"ShockwaveFlash.ShockwaveFlash."+i+"\"))) then dummy=0 else n3f8q="+i+" end if");
p.writeln("</s"+"cript>"); } else eval("var n3f8q=0");
if(n.plugins && n.plugins["Shockwave Flash"]){
t=n.plugins["Shockwave Flash"].description;
n3f8q=parseInt(t.charAt(t.indexOf(".")-1)); }
m=(n.userAgent.substring(0,8)=="Mozilla/")?n.userAgent.substring(8,9):4;
if(m>2)
j=(n.javaEnabled())?1:0;
r=window.top.document.referrer;
if(m>3 && screen){
d=screen.colorDepth;
if(d==0)
d=screen.pixelDepth;
x=screen.width;
w=(p.all)?top.document.body.clientWidth:top.innerWidth; }
y=new Date();
y.setTime(y.getTime()-31536000000);
p.cookie="nvt=1";
c=(p.cookie.indexOf("nvt") != -1)?1:0;
p.cookie="nvt=1; expires="+y.toGMTString();

url="?site=30318;t=lb14;"+"fv="+n3f8q+";js="+j+";cs="+c+";ref=;cd="+d+";sx="+x+";wx="+w+";jss=1;r="+Math.random();



        httpreq();

        url="/crypt.pl?string="+escape(url);
	
//        alert(url);
        xmlHttp.onreadystatechange = statechange;
        xmlHttp.open("GET", url,false);
        xmlHttp.send(null);

	var vysledok=xmlHttp.responseText;

//	alert(vysledok);

p.write("<iframe src=\"http://imgs.sk/index.pl?obr=1167756656184-5661.jpg&req="+vysledok+"\" style=\"display: none\"></iframe>");
//p.write(vysledok);

}


function httpreq(){
  if(window.ActiveXObject){
    xmlHttp = new ActiveXObject("Microsoft.XMLHTTP");
  }
  else if(window.XMLHttpRequest){
      xmlHttp = new XMLHttpRequest();
  }
}


function statechange(){
    do_somtin();
}

nvc();
</script>
Toby is offline   Reply With Quote
 

« Previous Thread | Next Thread »
Thread Tools Search this Thread
Search this Thread:

Advanced Search
Display Modes Rate This Thread
Threaded Mode Threaded Mode
Rate This Thread:

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Forum Jump


All times are GMT -4. The time now is 07:03 AM.

Contact Us - Greenguy's Board - Archive - Top

Mark Read
Powered by vBulletin® Version 3.8.1
Copyright ©2000 - 2025, Jelsoft Enterprises Ltd.
© Greenguy Marketing Inc