TikTok Poll Creator Exploit

Tiktok pull creator exploit made by iron web10

이 스크립트를 설치하려면 Tampermonkey, Greasemonkey 또는 Violentmonkey와 같은 확장 프로그램이 필요합니다.

이 스크립트를 설치하려면 Tampermonkey와 같은 확장 프로그램을 설치해야 합니다.

이 스크립트를 설치하려면 Tampermonkey 또는 Violentmonkey와 같은 확장 프로그램이 필요합니다.

이 스크립트를 설치하려면 Tampermonkey 또는 Userscripts와 같은 확장 프로그램이 필요합니다.

이 스크립트를 설치하려면 Tampermonkey와 같은 확장 프로그램이 필요합니다.

이 스크립트를 설치하려면 유저 스크립트 관리자 확장 프로그램이 필요합니다.

(이미 유저 스크립트 관리자가 설치되어 있습니다. 설치를 진행합니다!)

Advertisement:

이 스타일을 설치하려면 Stylus와 같은 확장 프로그램이 필요합니다.

이 스타일을 설치하려면 Stylus와 같은 확장 프로그램이 필요합니다.

이 스타일을 설치하려면 Stylus와 같은 확장 프로그램이 필요합니다.

이 스타일을 설치하려면 유저 스타일 관리자 확장 프로그램이 필요합니다.

이 스타일을 설치하려면 유저 스타일 관리자 확장 프로그램이 필요합니다.

이 스타일을 설치하려면 유저 스타일 관리자 확장 프로그램이 필요합니다.

(이미 유저 스타일 관리자가 설치되어 있습니다. 설치를 진행합니다!)

Advertisement:

// ==UserScript==
// @name         TikTok Poll Creator Exploit
// @namespace    http://tampermonkey.net/
// @version      0.1
// @description  Tiktok pull creator exploit made by iron web10
// @author       iron web10
// @match        https://www.tiktok.com/*
// @grant        GM_xmlhttpRequest
// @grant        GM_cookie
// @connect      api16-normal-no1a.tiktokv.eu
// @license      iron web10 2026
// ==/UserScript==

(function() {
    'use strict';

    function showNotification(message, type = 'success') {
        const existing = document.getElementById('tm-poll-toast-container');
        const container = existing || (() => {
            const c = document.createElement('div');
            c.id = 'tm-poll-toast-container';
            c.style = `
                position: fixed; top: 20px; right: 20px; z-index: 999999;
                display: flex; flex-direction: column; gap: 10px;
                font-family: TikTokFont, sans-serif;
            `;
            document.body.appendChild(c);
            return c;
        })();

        const colors = {
            success: { bg: '#0fae5c', icon: '✓' },
            error: { bg: '#fe2c55', icon: '✕' }
        };
        const style = colors[type] || colors.success;

        const toast = document.createElement('div');
        toast.style = `
            background: ${style.bg}; color: #fff; padding: 12px 16px;
            border-radius: 8px; box-shadow: 0 4px 16px rgba(0,0,0,0.25);
            display: flex; align-items: center; gap: 10px;
            font-size: 14px; font-weight: 600; max-width: 320px;
            opacity: 0; transform: translateX(20px);
            transition: opacity 0.25s ease, transform 0.25s ease;
        `;
        toast.innerHTML = `
            <span style="font-size:16px; line-height:1;">${style.icon}</span>
            <span style="flex:1; font-weight:500;">${message}</span>
        `;

        container.appendChild(toast);

        requestAnimationFrame(() => {
            toast.style.opacity = '1';
            toast.style.transform = 'translateX(0)';
        });

        const duration = type === 'error' ? 6000 : 4000;
        setTimeout(() => {
            toast.style.opacity = '0';
            toast.style.transform = 'translateX(20px)';
            setTimeout(() => toast.remove(), 250);
        }, duration);
    }

    function getVideoId() {
        const match = window.location.href.match(/\/video\/(\d+)/);
        return match ? match[1] : null;
    }

    function getSessionCookie(callback) {
        if (typeof GM_cookie === 'undefined' || !GM_cookie.list) {
            console.error("[Tiktok Tool] GM_cookie is not available. Enable cookie access permission for this site in Tampermonkey settings, and make sure you're using Chrome/Edge.");
            callback(null);
            return;
        }

        function findInList(cookies) {
            if (!cookies || cookies.length === 0) return null;
            const sessionCookie = cookies.find(c => c.name === 'sessionid_ss' || c.name === 'sessionid');
            return sessionCookie ? sessionCookie.value : null;
        }

        GM_cookie.list({ domain: '.tiktok.com' }, function(cookies, error) {
            if (error) {
                console.error("[Tiktok Tool] Error listing cookies (.tiktok.com domain):", error);
            }

            const value = findInList(cookies);
            if (value) {
                console.log("[Tiktok Tool] Cookie found successfully (.tiktok.com domain)");
                callback(value);
                return;
            }

            GM_cookie.list({}, function(cookies2, error2) {
                if (error2) {
                    console.error("[Tiktok Tool] Error listing cookies (general fallback):", error2);
                    callback(null);
                    return;
                }

                const value2 = findInList(cookies2);
                if (value2) {
                    console.log("[Tiktok Tool] Cookie found successfully (general fallback)");
                    callback(value2);
                    return;
                }

                console.error("[Tiktok Tool] 'sessionid' not found in .tiktok.com domain or general fallback.");
                callback(null);
            });
        });
    }

    function sendPollRequest(data, sessionId) {
        if (!sessionId) {
            showNotification("Session ID not detected. Check Tampermonkey cookie permissions and that you're logged in.", 'error');
            return;
        }

        const url = "https://api16-normal-no1a.tiktokv.eu/aweme/v1/comment/poll/create/?aid=1233";

        const details = new URLSearchParams();
        details.append('item_id', data.videoId);
        details.append('title', data.title);

        const optionsJSON = [
            { "index": 0, "text": data.option1 },
            { "index": 1, "text": data.option2 }
        ];
        details.append('poll_option_list', JSON.stringify(optionsJSON));
        details.append('expire_time', data.expireTime);

        console.log(`[Tiktok Tool] Sending payload using Token: ${sessionId.substring(0, 6)}...`);

        GM_xmlhttpRequest({
            method: "POST",
            url: url,
            headers: {
                "Content-Type": "application/x-www-form-urlencoded; charset=UTF-8",
                "Cookie": `sessionid=${sessionId}`,
                "Accept-Encoding": "gzip"
            },
            data: details.toString(),
            onload: function(response) {
                console.log("TikTok API response:", response.responseText);

                let parsed;
                try {
                    parsed = JSON.parse(response.responseText);
                } catch (e) {
                    showNotification("Unexpected server response. Check the console.", 'error');
                    return;
                }

                if (parsed.status_code === 0) {
                    showNotification(`Poll created successfully (ID: ${parsed.poll_id})`, 'success');
                } else {
                    const knownMessages = {
                        2054: "You don't have permission on this video (it's not yours).",
                    };
                    const message = knownMessages[parsed.status_code]
                        || parsed.status_msg
                        || `Unknown error (code ${parsed.status_code})`;
                    showNotification(message, 'error');
                }
            },
            onerror: function(error) {
                console.error("Critical request error:", error);
                showNotification("Network error while sending the request. Check the console.", 'error');
            }
        });
    }

    function showConfigDialog(videoId) {
        if (document.getElementById('tm-poll-modal')) return;

        const modal = document.createElement('div');
        modal.id = 'tm-poll-modal';
        modal.style = `
            position: fixed; top: 50%; left: 50%; transform: translate(-50%, -50%);
            background: #ffffff; padding: 24px; border-radius: 12px; z-index: 100000;
            box-shadow: 0 8px 30px rgba(0,0,0,0.3); font-family: TikTokFont, sans-serif;
            width: 320px; color: #161823;
        `;

        modal.innerHTML = `
            <h3 style="margin-top:0; margin-bottom:15px; font-size:18px;">Configure Poll</h3>
            <p style="font-size:12px; color:#73747b; margin-bottom:12px;">Video ID: <b>${videoId}</b></p>

            <label style="font-size:13px; font-weight:600;">Poll Title:</label>
            <input type="text" id="poll-title" value="Join dsc.gg/iron-web10" style="width:100%; margin: 6px 0 12px 0; padding:8px; border:1px solid #d1d1d6; border-radius:4px; box-sizing:border-box;">

            <label style="font-size:13px; font-weight:600;">Option 1:</label>
            <input type="text" id="poll-op1" value="Join dsc.gg/iron-web10" style="width:100%; margin: 6px 0 12px 0; padding:8px; border:1px solid #d1d1d6; border-radius:4px; box-sizing:border-box;">

            <label style="font-size:13px; font-weight:600;">Option 2:</label>
            <input type="text" id="poll-op2" value="Join dsc.gg/iron-web10" style="width:100%; margin: 6px 0 12px 0; padding:8px; border:1px solid #d1d1d6; border-radius:4px; box-sizing:border-box;">

            <label style="font-size:13px; font-weight:600;">Expiration time (seconds):</label>
            <input type="number" id="poll-expire" value="604800" style="width:100%; margin: 6px 0 16px 0; padding:8px; border:1px solid #d1d1d6; border-radius:4px; box-sizing:border-box;">

            <div style="display:flex; justify-content: flex-end; gap: 8px;">
                <button id="poll-cancel" style="background:#f1f1f2; color:#161823; border:none; padding:8px 14px; border-radius:4px; cursor:pointer; font-weight:600;">Cancel</button>
                <button id="poll-submit" style="background:#fe2c55; color:#fff; border:none; padding:8px 14px; border-radius:4px; cursor:pointer; font-weight:600;">Create</button>
            </div>
        `;

        const overlay = document.createElement('div');
        overlay.id = 'tm-poll-overlay';
        overlay.style = 'position:fixed; top:0; left:0; width:100%; height:100%; background:rgba(0,0,0,0.5); z-index:99999;';

        document.body.appendChild(overlay);
        document.body.appendChild(modal);

        document.getElementById('poll-cancel').addEventListener('click', () => {
            modal.remove();
            overlay.remove();
        });

        document.getElementById('poll-submit').addEventListener('click', () => {
            const data = {
                videoId: videoId,
                title: document.getElementById('poll-title').value,
                option1: document.getElementById('poll-op1').value,
                option2: document.getElementById('poll-op2').value,
                expireTime: document.getElementById('poll-expire').value
            };

            modal.remove();
            overlay.remove();

            getSessionCookie(function(token) {
                sendPollRequest(data, token);
            });
        });
    }

    function injectPollButton() {
        const emojiBtn = document.querySelector('[data-e2e="comment-emoji-icon"]');
        if (!emojiBtn) return;

        const emojiContainer = emojiBtn.closest('.TUXTooltip-reference');
        if (!emojiContainer) return;

        if (document.getElementById('tm-poll-button-container')) return;

        const pollBtnWrapper = document.createElement('div');
        pollBtnWrapper.className = 'TUXTooltip-reference';
        pollBtnWrapper.id = 'tm-poll-button-container';

        const pollBtn = document.createElement('button');
        pollBtn.className = 'TUXButton TUXButton--default TUXButton--medium TUXButton--secondary css-kkqp2-7937d88b--StyledEmojiButton e1apxw0s0';
        pollBtn.type = 'button';
        pollBtn.setAttribute('aria-label', 'Click to configure and add a poll');
        pollBtn.setAttribute('title', 'Click to add a poll');
        pollBtn.tabIndex = 0;

        pollBtn.innerHTML = `
            <div class="TUXButton-content">
                <div class="TUXButton-iconContainer">
                    <svg fill="currentColor" color="inherit" font-size="inherit" viewBox="0 0 48 48" xmlns="http://www.w3.org/2000/svg" width="1em" height="1em">
                        <path d="M38 42H10a2 2 0 0 1-2-2V8a2 2 0 0 1 2-2h28a2 2 0 0 1 2 2v32a2 2 0 0 1-2 2ZM14 36h4V22h-4v14Zm8 0h4V14h-4v22Zm8 0h4V28h-4v8Z"/>
                    </svg>
                </div>
            </div>
        `;

        pollBtn.addEventListener('click', (e) => {
            e.preventDefault();
            const currentId = getVideoId();
            if (currentId) {
                showConfigDialog(currentId);
            } else {
                showNotification("Please open a valid video.", 'error');
            }
        });

        pollBtnWrapper.appendChild(pollBtn);
        emojiContainer.after(pollBtnWrapper);
    }

    const observer = new MutationObserver(() => {
        injectPollButton();
    });

    observer.observe(document.body, {
        childList: true,
        subtree: true
    });

})();