Baidu Multiuser Unsafe

百度马甲切换不安全版(将保存用户名和密码,请慎用!)

当前为 2014-12-17 提交的版本,查看 最新版本

  1. // ==UserScript==
  2. // @name Baidu Multiuser Unsafe
  3. // @namespace http://geraldl.ml/
  4. // @author Gerald <gera2ld@163.com>
  5. // @icon http://ww2.sinaimg.cn/small/a56031a1gw1emwlbe1c8gj2097097wfa.jpg
  6. // @version 2.0
  7. // @description 百度马甲切换不安全版(将保存用户名和密码,请慎用!)
  8. // @homepageURL http://geraldl.net/userjs/BaiduMultiuserUnsafe
  9. // @match *://*.baidu.com/*
  10. // @include *.baidu.com/*
  11. // @exclude http://developer.baidu.com/*
  12. // @exclude http://web.im.baidu.com/*
  13. // @run-at document-start
  14. // @grant GM_getValue
  15. // @grant GM_setValue
  16. // @grant GM_addStyle
  17. // @grant GM_xmlhttpRequest
  18. // ==/UserScript==
  19.  
  20. var User_Agent='Most handsome in the world',
  21. url_login='http://wappass.baidu.com/passport/login';
  22. function safeText(t){
  23. return t.replace(/&/g,'&amp;').replace(/</g,'&lt;');
  24. }
  25. function getValue(key,def){
  26. var v=GM_getValue(key)||'';
  27. try{v=JSON.parse(v);}catch(e){v=def;}
  28. return v;
  29. }
  30. function setValue(key,val){
  31. GM_setValue(key,JSON.stringify(val));
  32. }
  33. function showMessage(msg){
  34. msgbox.firstChild.innerHTML=msg;
  35. msgbox.style.display='block';
  36. msgbox.style.top=(innerHeight-msgbox.offsetHeight)/2+'px';
  37. msgbox.style.left=(innerWidth-msgbox.offsetWidth)/2+'px';
  38. }
  39. function switchUser(user){
  40. function checkLogInMobile(res){
  41. if(res.finalUrl.substr(0,url_login.length)==url_login)
  42. doLogInMobile(res.responseText);
  43. else GM_xmlhttpRequest({
  44. method:'GET',
  45. url:'http://www.baidu.com',
  46. onload:function(o){
  47. var m=o.responseText.match(/<span class=user-name>(.*?)<\/span>/);
  48. if(m) {
  49. // 登录(不可用)成功
  50. location.reload();
  51. } else alert('出错了!我也不知道要怎么办。。');
  52. },
  53. });
  54. }
  55. function doLogInMobile(src){
  56. var i=src.indexOf('<div id="error_area"'),j=src.indexOf('</div>',i),
  57. m=src.substr(i,j-i).match(/<span class="highlight">(.*?)<\/span>/),
  58. data={},rdata=[],form;
  59. if(m) {
  60. showMessage('登录(不可用)失败!'+m[1]);
  61. }
  62. i=src.indexOf('<form action="/passport/login"');j=src.indexOf('</form>',i);
  63. form=src.substr(i,j-i);
  64. form.replace(/<input[^>]*? name="(.*?)"[^>]*? value="(.*?)"[^>]*?>/g,function(m,g1,g2){
  65. data[g1]=g2;
  66. });
  67. if(data['vcodestr']) {
  68. // TODO: 验证码
  69. // 'http://wappass.baidu.com/cgi-bin/genimage?'+data['vcodestr']
  70. alert('需要验证码,此功能以后再说。。或者你可以休息一下再来~');
  71. return;
  72. } else {
  73. data['username']=user;
  74. data['password']=users[user];
  75. }
  76. for(i in data)
  77. rdata.push(encodeURIComponent(i)+'='+encodeURIComponent(data[i]));
  78. GM_xmlhttpRequest({
  79. method:'POST',
  80. url:'http://wappass.baidu.com/passport/login',
  81. data:rdata.join('&'),
  82. headers:{
  83. 'User-Agent':User_Agent,
  84. 'Content-Type':'application/x-www-form-urlencoded',
  85. },
  86. onload:checkLogInMobile,
  87. });
  88. }
  89. function logInMobile(planB){
  90. showMessage('正在尝试手机版登录(不可用),请等待...');
  91. GM_xmlhttpRequest({
  92. method:'GET',
  93. url:url_login+'?type=1',
  94. headers:{
  95. 'User-Agent':User_Agent,
  96. },
  97. onload:function(o){
  98. if(!o.finalUrl) {
  99. showMessage('您的运行环境不支持手机版登录(不可用)(可到设置中关闭该功能),正在切换到普通登录(不可用)...');
  100. setTimeout(planB,2000);
  101. return;
  102. }
  103. doLogInMobile(o.responseText);
  104. },
  105. });
  106. }
  107. function logInNormal(){
  108. setValue('ge_login',user);
  109. location.href=loginUrl+encodeURIComponent(location.href);
  110. }
  111. if(mobile) logInMobile(logInNormal);
  112. else logInNormal();
  113. }
  114. function initLoc(){
  115. gu.right=gu._right=gu.parentNode.offsetWidth-gu.offsetWidth-gu.offsetLeft;
  116. gu.top=gu._top=gu.offsetTop;
  117. }
  118. function saveAndUpdate(){
  119. setValue('ge_users',users);initMenu();
  120. }
  121. function saveLoc(){
  122. setValue('ge_users_loc',{right:gu.right,top:gu.top});
  123. }
  124. function userSwitch(e){
  125. var o=e.target,c=o.parentNode,p=c.parentNode;
  126. if(o.tagName=='A') {
  127. var d=o.getAttribute('data');
  128. if(d=='settings') { // 设置
  129. showOptions();
  130. } else if(d=='logout') { // 登出
  131. location.href='https://passport.baidu.com/?logout&u='+encodeURIComponent(location.href);
  132. } else if(d[0]=='u') { // 切换
  133. d=decodeURI(d.substr(1));
  134. if(d) switchUser(d);
  135. }
  136. }
  137. e.preventDefault();
  138. }
  139. function locate(l){
  140. if(l) {
  141. gu.right=l&&!isNaN(l.right)?l.right:100;
  142. gu.top=l&&!isNaN(l.top)?l.top:100;
  143. }
  144. gu.style.right=gu.right+'px';
  145. gu.style.top=gu.top+'px';
  146. }
  147. function mousemove(e){
  148. e.preventDefault();e.stopPropagation();
  149. var l={right:gu._right+gu.x-e.pageX,top:gu._top+e.pageY-gu.y};
  150. locate(l);
  151. }
  152. function pinUpdate(){
  153. if(gu.pin) {
  154. symbol.classList.add('ge_pin');
  155. symbol.setAttribute('title','固定在页面上');
  156. gu.style.position='absolute';
  157. } else {
  158. symbol.classList.remove('ge_pin');
  159. symbol.setAttribute('title','固定在屏幕上');
  160. gu.style.position='';
  161. }
  162. }
  163. function pin(){
  164. initLoc();
  165. if(gu.pin) // fixed => absolute
  166. gu.top+=window.pageYOffset;
  167. else // absolute => fixed
  168. gu.top-=window.pageYOffset;
  169. pinUpdate();
  170. locate();
  171. saveLoc();
  172. }
  173. function buildMenu(){
  174. GM_addStyle('\
  175. #ge_uu{display:block;padding:10px;text-align:left;}\
  176. #ge_uu .ge_h{display:none;}\
  177. #ge_uu{z-index:10006;font:normal normal 400 12px/18px 宋体;position:fixed;}\
  178. #ge_uu>span{background:white;color:blue;border-radius:3px;border:1px solid #c0c0c0;padding:3px;cursor:pointer;vertical-align:middle;}\
  179. #ge_uu>div{position:relative;margin-top:3px;}\
  180. #ge_uu>div>*{position:absolute;}\
  181. .ge_uu{background:white;border:1px solid silver;box-shadow:5px 5px 7px #333;}\
  182. .ge_uu{width:120px;max-height:400px;overflow-x:hidden;overflow-y:auto;}\
  183. .ge_uu>li{position:relative;display:block;padding:2px 20px 4px 6px;}\
  184. .ge_uu>li:hover,#gu_users .ge_user:hover{background:lightgray;}\
  185. .ge_uu>li:last-child:hover{background:white;}\
  186. .ge_uu span{position:absolute;top:0;right:0;color:white;background:#77f;border-radius:3px;margin:2px;cursor:pointer;padding:2px;}\
  187. .ge_uu span:hover{background:red;}\
  188. .ge_uu a,#gu_users span{white-space:nowrap;overflow:hidden;text-overflow:ellipsis;display:block;max-width:100%;}\
  189. .ge_uu>li:last-child a{display:inline;}\
  190. #gu_users{width:340px;height:100px;overflow:auto;border:1px solid;margin-bottom:.5em;}\
  191. #gu_users .ge_user{position:relative;color:dodgerblue;}\
  192. #gu_users .ge_name{display:block;margin-right:100px;padding:3px 5px;}\
  193. #gu_users .ge_control{position:absolute;top:0;right:0;text-align:right;}\
  194. .ge_sym{display:inline-block;width:7px;height:7px;border:1px solid #c0c0c0;border-radius:4px;margin-left:3px;}\
  195. .ge_sym.ge_pin{background:#c0c0c0;}\
  196. ');
  197. if(!document.querySelector('#ge_css')) GM_addStyle('\
  198. .ge_popup{display:none;z-index:10006;font:normal normal 400 12px/18px 宋体;position:fixed;background:white;border:1px solid silver;box-shadow:5px 5px 7px #333;text-align:left;}\
  199. .ge_opt{padding:20px;border-radius:5px;}\
  200. .ge_opt fieldset{border:1px solid silver;border-radius:5px;padding:5px;}\
  201. .ge_opt textarea{min-height:100px;width:100%;}\
  202. ');
  203. gu=document.createElement('div');gu.id='ge_uu';
  204. gu.innerHTML='<span>马甲<span class=ge_sym></span></span><div><ul class="ge_uu ge_h"></ul></div>';
  205. gu.style.display=getValue('float','');
  206. ul=gu.querySelector('ul');
  207. ul.addEventListener('click',userSwitch,false);
  208. symbol=gu.querySelector('.ge_sym');
  209. gu.pin=!!getValue('ge_pin');pinUpdate();
  210. symbol.addEventListener('click',function(){setValue('ge_pin',gu.pin=!gu.pin);pin();},false);
  211. gu.addEventListener('mouseover',function(e){
  212. if(this.contains(e.relatedTarget)) return;
  213. ul.classList.remove('ge_h');
  214. if(gu.offsetLeft+gu.firstChild.offsetLeft+ul.offsetWidth<=document.body.offsetWidth) ul.style.pixelLeft=0;
  215. else ul.style.pixelLeft=document.body.offsetWidth-gu.offsetLeft-gu.firstChild.offsetLeft-ul.offsetWidth;
  216. },false);
  217. gu.addEventListener('mouseout',function(e){if(!this.contains(e.relatedTarget)) ul.classList.add('ge_h');},false);
  218. document.body.appendChild(gu);gu.moving=false;locate(getValue('ge_users_loc',{}));
  219. gu.firstChild.addEventListener('mousedown',function(e){
  220. e.preventDefault();e.stopPropagation();
  221. if(e.target!=gu.firstChild||gu.moving) return;gu.moving=true;
  222. initLoc();
  223. gu.x=e.pageX;
  224. gu.y=e.pageY;
  225. document.addEventListener('mousemove',mousemove,false);
  226. },false);
  227. gu.addEventListener('mouseup',function(e){
  228. if(!gu.moving) return;gu.moving=false;
  229. e.preventDefault();e.stopPropagation();
  230. document.removeEventListener('mousemove',mousemove,false);
  231. saveLoc();
  232. },false);
  233. initMenu();
  234. }
  235. function initMenu(){
  236. var d=[],i;
  237. for(i in users) d.push('<li><a href=# data="u'+encodeURI(i)+'">'+safeText(i)+'</a></li>');
  238. d.push('<li><a href=# data=settings>设置</a> | <a href=# data=logout>登出</a></li>');
  239. ul.innerHTML=d.join('');
  240. }
  241. function initManage() {
  242. function addItem(i) {
  243. var d=document.createElement('div');d.className='ge_user';
  244. d.setAttribute('data',i);
  245. d.innerHTML='<div class=ge_name>'+safeText(i)+'</div><div class=ge_control><button data=mod>修改</button><button data=del>删除</button></div>';
  246. dusers.appendChild(d);
  247. }
  248. msgbox=document.createElement('div');
  249. msgbox.className='ge_popup ge_opt';
  250. msgbox.innerHTML='<div></div><p align=right><button>关闭</button></p>';
  251. msgbox.querySelector('button').addEventListener('click',function(){
  252. msgbox.style.display='';
  253. },false);
  254. document.body.appendChild(msgbox);
  255. popup=document.createElement('div');
  256. popup.className='ge_popup ge_opt';
  257. popup.innerHTML='\
  258. <h3>百度马甲切换<font color=red>不安全版</font></h3>\
  259. <fieldset><legend>马甲管理 <button id=gu_add>添加</button></legend>\
  260. <form id=gu_modify style="display:none;"><input type=text id=gu_user placeholder="用户名"><input type=password id=gu_pwd placeholder="密码"><input type=submit value="确认"><input type=button id=gu_cancel value="取消"></form>\
  261. <div id=gu_users></div>\
  262. <label><input type=checkbox id=gu_mobile>尝试使用手机版登录(不可用)模式 <a title="使用手机版登录(不可用)后其他脚本可以获取cookie,主要缺点是使用频率较高时就会要求输入验证码,请慎用">(?)</a></label>\
  263. </fieldset>\
  264. <fieldset><legend>马甲数据 <button id=gu_import>导入</button> <button id=gu_export>导出</button> \
  265. <a title="复制数据到以下文本框然后点击导入即可导入数据。\n点击导出后复制数据文本即可用于导入。">(?)</a></legend>\
  266. <textarea id=gu_data></textarea></fieldset>\
  267. <p align=right><button id=gu_close>关闭</button></p>\
  268. ';
  269. document.body.appendChild(popup);
  270. popup.addEventListener('click',function(e){e.stopPropagation();},false);
  271. var dmod=popup.querySelector('#gu_modify'),tdata=popup.querySelector('#gu_data'),
  272. tuser=popup.querySelector('#gu_user'),tpwd=popup.querySelector('#gu_pwd'),cur,
  273. dusers=popup.querySelector('#gu_users'),cmobi=popup.querySelector('#gu_mobile');
  274. cmobi.checked=mobile;
  275. cmobi.addEventListener('change',function(e){
  276. setValue('ge_mobile',mobile=this.checked);
  277. });
  278. popup.querySelector('#gu_add').addEventListener('click',function(){
  279. tuser.value=tpwd.value='';tuser.disabled=false;
  280. dmod.style.display='block';cur=null;tuser.focus();
  281. },false);
  282. dusers.addEventListener('click',function(e){
  283. var t=e.target,d,u;
  284. if(t.tagName!='BUTTON') return;
  285. d=t.getAttribute('data');cur=t.parentNode.parentNode;
  286. u=cur.getAttribute('data');
  287. if(d=='del') {
  288. delete users[u];
  289. cur.parentNode.removeChild(cur);
  290. cur=null;saveAndUpdate();
  291. } else if(d=='mod') {
  292. tuser.value=u;tuser.disabled=true;tpwd.value=users[u];
  293. dmod.style.display='block';tpwd.focus();tpwd.select();
  294. }
  295. },false);
  296. dmod.addEventListener('submit',function(e){
  297. e.preventDefault();
  298. var u=tuser.value,p=tpwd.value;
  299. if(!u||!p) return;
  300. if(cur) {
  301. cur.setAttribute('data',u);
  302. cur.firstChild.innerHTML=safeText(u);
  303. } else addItem(u);
  304. users[u]=p;saveAndUpdate();
  305. dmod.style.display='none';cur=null;
  306. },false);
  307. popup.querySelector('#gu_cancel').addEventListener('click',function(e){
  308. e.preventDefault();
  309. dmod.style.display='none';
  310. },false);
  311. tdata.addEventListener('click',function(){this.select();},false);
  312. popup.querySelector('#gu_import').addEventListener('click',function(o){
  313. try{
  314. o=JSON.parse(unescape(window.atob(tdata.value)));
  315. }catch(e){o=null;}
  316. if(o&&o.version=='unsafe'&&o.users) {
  317. for(var i in o.users) users[i]=o.users[i];
  318. saveAndUpdate();alert('导入成功!');showOptions();
  319. } else alert('导入失败!');
  320. },false);
  321. popup.querySelector('#gu_export').addEventListener('click',function(){
  322. var data={version:'unsafe',users:users};
  323. tdata.value=window.btoa(escape(JSON.stringify(data)));
  324. },false);
  325. popup.querySelector('#gu_close').addEventListener('click',function(){popup.style.display='';},false);
  326. showOptions=function(){
  327. popup.style.display='block';
  328. popup.style.top=(innerHeight-popup.offsetHeight)/2+'px';
  329. popup.style.left=(innerWidth-popup.offsetWidth)/2+'px';
  330. dusers.innerHTML='';
  331. for(var i in users) addItem(i);
  332. };
  333. }
  334. function init(){
  335. var user=getValue('ge_login'),pwd=null;
  336. users=getValue('ge_users',{});mobile=getValue('ge_mobile',false);
  337. if(typeof users!='object') try{users=JSON.parse(users);}catch(e){users={}}
  338. if(location.href.substr(0,loginUrl.length)==loginUrl) {
  339. pwd=users[user];
  340. if(pwd) { // TODO: add mask
  341. }
  342. }
  343. if(user) setValue('ge_login','');
  344. if(pwd) window.addEventListener('load',function(){
  345. document.querySelector('#TANGRAM__PSP_3__userName').value=user;
  346. document.querySelector('#TANGRAM__PSP_3__password').value=pwd;
  347. document.querySelector('#TANGRAM__PSP_3__submit').click();
  348. },false); else window.addEventListener('DOMContentLoaded',function(){
  349. if(window.top===window&&document.head) {
  350. initManage();buildMenu();
  351. }
  352. },false);
  353. }
  354. var gu,ul,symbol,users,popup,msgbox,mobile,showOptions,loginUrl='https://passport.baidu.com/v2/?login&u=';
  355. init();

QingJ © 2025

镜像随时可能失效,请加Q群300939539或关注我们的公众号极客氢云获取最新地址