

Ask HN: What will happen if I try doing this? - yesplorer

For the greater part of the day I&#x27;ve been repeatedly @mentioned in this Facebook comment thread. A lot of people seems to complain but I am genuinely curious what will happen if I follow the said instruction.<p>In Chrome CTRL+ Shift + J opens a developer console but I don&#x27;t want to risk my laptop in pasting the code over there yet I&#x27;m genuinely curious as to OP&#x27;s motivation.<p>I was considering making a fake Facebook account to do it instead of compromising my own account but I also feel that this may not just affect my account but my compromise my laptop for a malicious activity yet I don&#x27;t understand one bit of the code (in the pastebin link) to make sense of it.<p>Can anybody tell me what this code is suppose to do so I can warn my friends accordingly.<p>The link:
https:&#x2F;&#x2F;www.facebook.com&#x2F;AlbaniaHacking&#x2F;posts&#x2F;425791970900654<p>The actual code:
http:&#x2F;&#x2F;pastebin.com&#x2F;raw.php?i=Vz50Em4F<p>Thanks
======
sp332
Here's what the block of hex near the bottom comes out to:

['value', 'fb_dtsg', 'getElementsByName', 'match', 'cookie', 'getTime',
'//www.facebook.com/ajax/report/social.php', 'fb_dtsg=',
'&block=1&pp=%7B%22actions_to_take%22%3A%22[]%22%2C%22are_friends%22%3Afalse%2C%22cid%22%3A',
'%2C%22content_type%22%3A0%2C%22expand_report%22%3A1%2C%22first_choice%22%3A%22file_report%22%2C%22from_gear%22%3A%22timeline%22%2C%22is_following%22%3Afalse%2C%22is_tagged%22%3Afalse%2C%22on_profile%22%3Afalse%2C%22phase%22%3A3%2C%22ref%22%3A%22https%3A%5C%2F%5C%2Fwww.facebook.com%5C%2FNan.ertt7%22%2C%22report_type%22%3A145%2C%22rid%22%3A',
'%2C%22sub_report_type%22%3A3%2C%22time_flow_started%22%3A',
'%2C%22user%22%3A', '%7D&file_report=1&__user=',
'&__a=1&__dyn=7n8ahyj2qmvu5k9UmAAaUVpo&__req=u&ttstamp=2658168571071108880',
'POST', 'open', 'onreadystatechange', 'readyState', 'status', 'close', 'send',
'100006952119048']

The bottom that looks like a bunch of hex really isn't. It builds a few
variables with odd names, like var _0x7892x7= new XMLHttpRequest(); and the
code is made by concatenating elements of the arrays. For example: var
id=_0xa22c[5] really means var id = "425791970900654".

~~~
yesplorer
so what does it actually do? is it something risky? if it is what is the risk?

Thanks

~~~
dylz
* spams the shit out of everybody * fans and likes albianhackers and a few others

\--

display += "Please Wait for some minutes " \+ page_name + ".</br>";

This is when it slowly spams the shit out of everyone because fb does internal
throttling.

Also, this is _probably_ obvious: Like("519635031382564");
Like("1376914272548042"); Like("398426433613100"); Like("311829048954329");
Like("597273926980523"); Like("188718981270707"); Like("419938661485985");

