Gå til innhold

"Hack" dere gjennom denne siden ^^


Masticore-

Anbefalte innlegg

trenger hjelp til denne, er på en annen side.

 

Klikk for å se/fjerne innholdet nedenfor
function login() {

document.forms["loginform1"].username.value = document.forms["loginform"].username.value;

if (document.forms["loginform"].rememberme != null && document.forms["loginform"].rememberme.checked)

document.forms["loginform1"].rememberme.value = document.forms["loginform"].rememberme.value;

var hash1 = MD5(document.forms["loginform"].password.value.toLowerCase());

var concat1 = hash1 + document.forms["loginform1"].cs.value;

document.forms["loginform1"].password.value = MD5( concat1);

document.forms["loginform1"].fp.value = unescape(document.forms["loginform1"].fp.value);

document.forms["loginform1"].submit();

return false;

}

 

function authenticate(secureAction, secureForm, insecureForm) {

var usernameField = insecureForm.username;

var currentUsernameField = insecureForm.currentUsername;

var passwordField = insecureForm.password;

var currentpField = insecureForm.currentp;

if (usernameField != null || currentUsernameField != null) {

var username = insecureForm.username.value;

// I am holding onto the name of the form so that we don't introduce memory leaks

// when referring to the element in the closure below...

var cs = secureForm.cs.value;

var fp = secureForm.fp.value;

 

var formName = insecureForm.name;

if (currentUsernameField != null) {

username = currentUsernameField.value;

//alert("using currentUsername for username");//?

}

var password = "";

if (passwordField != null)

password = passwordField.value.toLowerCase()

else if (currentpField != null)

password =currentpField.value.toLowerCase();

//alert("username=" + username);//?

//alert("password=" + password);//?

var hash1 = MD5(password);

var concat1 = encodeURI(hash1+decodeURI(cs));

var securepass = MD5(concat1);

var req = getHttpRequestObj();

//var url = secureAction+"?username="+escape(username)+"&password="+securepass+"&cs="+cs+"&fp="+fp;

//url+="&rand="+Math.random();

var url = secureAction+"?";

//req.open("GET", url, true);

req.open("POST", url, true);

req.setRequestHeader("Content-type", "application/x-www-form-urlencoded");

var params = "username="+username+"&password="+securepass+"&cs="+cs+"&fp="+fp+"&rand="+Math.random();

req.send(params);

req.onreadystatechange = function() {

if(req.readyState == 4) {

if (req.responseXML.getElementsByTagName('authenticated')[0].firstChild.data == "true") {

if (passwordField != null)

passwordField.value = "";

document[formName].submit();

} else {

alert(messageUtils.getMessageValue("incorrect_password_alert"));

if ((insecureForm != null)

&& (insecureForm.username != null) && (insecureForm.unEncodedUserName != null)) {

insecureForm.username.value = insecureForm.unEncodedUserName.value;

}

if ((insecureForm != null) && (insecureForm.currentUsername != null)

&& (insecureForm.unEncodedCurrentUserName != null)) {

insecureForm.currentUsername.value = insecureForm.unEncodedCurrentUserName.value;

}

return false;

}

}

}

//req.send(null);

} else {

//alert("? insecureForm.newp.value=" + insecureForm.newp.value);

insecureForm.submit();

}

 

}

 

function loginJump(loginForm, jumpParam) {

document.forms["loginform1"].username.value = loginForm.username.value;

document.forms["loginform1"].password.value =

MD5(MD5(loginForm.password.value.toLowerCase()) + document.forms["loginform1"].cs.value);

document.forms["loginform1"].jump.value = jumpParam;

 

document.forms["loginform1"].submit();

return false;

}

 

function getHttpRequestObj() {

var http_request = false;

 

if (window.XMLHttpRequest) { // Mozilla, Safari,...

http_request = new XMLHttpRequest();

if (http_request.overrideMimeType) {

http_request.overrideMimeType('text/xml');

}

} else if (window.ActiveXObject) { // IE

try {

http_request = new ActiveXObject("Msxml2.XMLHTTP");

} catch (e) {

try {

http_request = new ActiveXObject("Microsoft.XMLHTTP");

} catch (e) {}

}

}

 

if (!http_request) {

return false;

}

 

return http_request;

}

 

function refresh(url, delay) {

try {

var req = getHttpRequestObj();

if ( !req ) {

return;

}

 

req.onreadystatechange = function() {

update(req);

};

 

req.open("GET", url, true);

req.send(null);

} catch ( e ) {

}

 

// At the end of refresh, we need to set another timer

initialize(url, delay);

}

 

function update(req) {

if (req.readyState == 4) {

if (req.status == 200) {

var data = req.responseText;

csFp = data.split(',');

document.forms["loginform1"].cs.value = csFp[0];

document.forms["loginform1"].fp.value = csFp[1];

}

}

}

 

function initialize(url, delay) {

self.setTimeout("refresh('" + url + "', "+ delay + ")", delay);

}

Lenke til kommentar
Videoannonse
Annonse
  • 1 måned senere...

Opprett en konto eller logg inn for å kommentere

Du må være et medlem for å kunne skrive en kommentar

Opprett konto

Det er enkelt å melde seg inn for å starte en ny konto!

Start en konto

Logg inn

Har du allerede en konto? Logg inn her.

Logg inn nå
  • Hvem er aktive   0 medlemmer

    • Ingen innloggede medlemmer aktive
×
×
  • Opprett ny...