Created
July 20, 2015 13:27
-
-
Save jogonba2/82eb5956a6907ff8ccda to your computer and use it in GitHub Desktop.
Rafflecopter "clickjacking"
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
/* | |
* rafflecopter.c | |
* Overxfl0w13 | |
* 2015 | |
*/ | |
#include <windows.h> | |
#include <time.h> | |
#include <stdlib.h> | |
#include <stdio.h> | |
int random_key(){ | |
if(rand()%2==0) return rand() % (0x39-0x30+1) + 0x30; // Devolver número // | |
else return rand() % (0x5A-0x41+1) + 0x41; // Devolver letra // | |
} | |
void gen_mail(){ | |
int v[] = {0x52,0x55,0x4E,0x45,0x00,0x48,0x41,0x43,0x4B,0x58,0xFF,0x48,0x4F,0x54,0x4D,0x41,0x49,0x4C,0xBE,0x43,0x4F,0x4D}; | |
int i = 0; | |
int key; | |
for(;i<22;i++){ | |
key = v[i]; | |
if(key!=0xFF && key!=0x00){ | |
keybd_event(key, 0x9c,0, 0); | |
keybd_event(key, 0x9c, KEYEVENTF_KEYUP, 0); | |
} | |
else{ | |
if(key==0x00){ // _ // | |
keybd_event(VK_SHIFT, 0x9c,0, 0); | |
keybd_event(0xBD, 0x9c,0, 0); | |
keybd_event(0xBD, 0x9c, KEYEVENTF_KEYUP, 0); | |
keybd_event(VK_SHIFT, 0x9c, KEYEVENTF_KEYUP, 0); | |
} | |
if(key==0xFF){// @ // | |
keybd_event(VK_MENU, 0x9c,0, 0); | |
keybd_event(VK_CONTROL, 0x9c,0, 0); | |
keybd_event(0x32, 0x9c,0, 0); | |
keybd_event(0x32, 0x9c, KEYEVENTF_KEYUP, 0); | |
keybd_event(VK_CONTROL, 0x9c, KEYEVENTF_KEYUP, 0); | |
keybd_event(VK_MENU, 0x9c, KEYEVENTF_KEYUP, 0); | |
} | |
} | |
} | |
} | |
void init(){ | |
// Posicionar sobre: "Use su correo electrónico" // | |
int x = 700; | |
int y = 620; | |
SetCursorPos(x,y); | |
mouse_event(MOUSEEVENTF_LEFTDOWN,0,0,0,0); | |
mouse_event(MOUSEEVENTF_LEFTUP,0,0,0,0); | |
} | |
void spoof_mail(){ | |
// Cambiar mail en el campo ¿Cuál es tu dirección de correo?, parte de un mail semilla// | |
int x = 630; | |
int y = 605; | |
SetCursorPos(x,y); | |
mouse_event(MOUSEEVENTF_LEFTDOWN,0,0,0,0); | |
mouse_event(MOUSEEVENTF_LEFTUP,0,0,0,0); | |
Sleep(500); | |
// Insertar letra // | |
int key = random_key(); | |
keybd_event(key, 0x9c,0, 0); | |
keybd_event(key, 0x9c, KEYEVENTF_KEYUP, 0); | |
// Loguear // | |
keybd_event(VK_RETURN, 0x9c,0, 0); | |
keybd_event(VK_RETURN, 0x9c, KEYEVENTF_KEYUP, 0); | |
Sleep(500); | |
} | |
void set_contact(){ | |
// Spoofear campo "Contacto por si resultas ganador" // | |
int x = 630; | |
int y = 500; | |
SetCursorPos(x,y); | |
mouse_event(MOUSEEVENTF_LEFTDOWN,0,0,0,0); | |
mouse_event(MOUSEEVENTF_LEFTUP,0,0,0,0); | |
y += 150; | |
Sleep(500); | |
SetCursorPos(x,y); | |
mouse_event(MOUSEEVENTF_LEFTDOWN,0,0,0,0); | |
mouse_event(MOUSEEVENTF_LEFTUP,0,0,0,0); | |
Sleep(500); | |
gen_mail(); | |
Sleep(500); | |
keybd_event(VK_RETURN, 0x9c,0, 0); | |
keybd_event(VK_RETURN, 0x9c, KEYEVENTF_KEYUP, 0); | |
Sleep(500); | |
} | |
void close_session(){ | |
// Cerrar sesion // | |
int x = 830; | |
int y = 220; | |
SetCursorPos(x,y); | |
mouse_event(MOUSEEVENTF_LEFTDOWN,0,0,0,0); | |
mouse_event(MOUSEEVENTF_LEFTUP,0,0,0,0); | |
y += 115; | |
x -= 15; | |
SetCursorPos(x,y); | |
mouse_event(MOUSEEVENTF_LEFTDOWN,0,0,0,0); | |
mouse_event(MOUSEEVENTF_LEFTUP,0,0,0,0); | |
Sleep(1000); | |
} | |
int main(int argc, char **argv) | |
{ | |
srand(time(NULL)); | |
int i=0; | |
for(;i<100;i++){ // 100 its fixed // | |
init(); | |
spoof_mail(); | |
set_contact(); | |
close_session(); | |
} | |
return 0; | |
} |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment