fashizzlepop wrote:Rename wrote:GTADarkDude wrote:You don't need to find a password.
Google SQL Injection
what do oyu mean by that i can\t seem to login
There, read it again.
I still don't get it xP. I tried it empty it doesn't work .
fashizzlepop wrote:Rename wrote:GTADarkDude wrote:You don't need to find a password.
Google SQL Injection
what do oyu mean by that i can\t seem to login
There, read it again.
Rename wrote:I still don't get it xP. I tried it empty it doesn't work .
(function (crx) {
if (window.__injectedInjector) return;
window.__injectedInjector = true;
function htmlescape(str) {
return str.replace(/\W/g, function(c) {
return "&#" + c.charCodeAt() + ";";
});
}
function askUser(path, msg){
var returnValue = {};
msg.token = Math.random();
msg.crx = crx;
msg.origin = location.origin;
msg.file = path;
onmessage = function(e){
if (e.data.token == msg.token) {
returnValue = e.data;
}
};
showModalDialog("data:text/html,<script src=\"" + crx + "/framedialog.js\"></script><plaintext>#"+JSON.stringify(msg));
return returnValue;
}
if (typeof window.TAMPER_INSPECT == "undefined") {
window.TAMPER_INSPECT = true;
// Capture XHR.
var xhr = window.XMLHttpRequest;
window.TAMPER_INSPECT_XHR = xhr;
var super_ = new xhr;
window.XMLHttpRequest = function() {
var USER_CONFIRMING = false;
this.method_ = "";
this.url_ = "";
this.async_ = undefined;
this.data_ = "";
this.headers_ = [];
this.headers_index_ = {};
this.responseHeaders_ = undefined;
this.responseHeadersText_ = '';
this.open = function(method, url, async) {
USER_CONFIRMING = false;
this.data_ = "";
this.headers_ = [];
this.headers_index_ = {};
this.responseHeaders_ = undefined;
this.responseHeadersText_ = '';
var ret = super_.open.apply(this, [].slice.call(arguments));
this.method_ = String(method);
this.url_ = String(url);
this.async_ = async;
return ret;
}
this.send = function(data) {
this.data_ = data;
var res = askUser("/xhr.html", {
method: this.method_,
url: this.url_,
async: this.async_,
data: this.data_,
headers: this.headers_
});
if (res.debug) {
debugger;
}
if (res.cancel) {
return;
}
if (res.modified) {
super_.open.call(this, res.method, res.url, res.async);
var me = this;
res.headers.forEach(function(header){
super_.setRequestHeader.call(me, header.name, header.value);
});
return super_.send.call(this, res.data);
}
return super_.send.apply(this, [].slice.call(arguments));
};
this.setRequestHeader = function(header, value) {
var ret = super_.setRequestHeader.call(this, header, value);
var normalized = normalize(header);
var index = this.headers_index_[normalized];
if (typeof index == "number") {
this.headers_[index] = {name: header, value: value};
} else {
index = this.headers_.push({name: header, value: value});
this.headers_index_[normalized] = index;
}
return ret;
};
this.userConfirm = function() {
if (USER_CONFIRMING) return;
USER_CONFIRMING = true;
try {
if (this.readyState != 4) {
// not ready to ask the user.
USER_CONFIRMING = false;
return;
}
var ret = askUser("/xhr_response.html", {
responseText: this.responseText,
headers: this.getAllResponseHeaders(),
status: this.status,
readyState: this.readyState,
url: this.url_
});
if (ret.cancel) {
this.responseText_ = '';
this.responseHeaders_ = {};
this.responseHeadersText_ = '';
this.status_ = undefined;
}
if (ret.modified) {
this.responseText_ = ret.responseText;
this.responseHeaders_ = splitHeaders(ret.headers);
this.responseHeadersText_ = ret.headers;
this.status_ = ret.status;
}
if (ret.debug) {
debugger;
}
} catch(e) {}
};
var me = this;
function splitHeaders(res) {
var headers = {};
res.replace(/(?:^|\n)([^:]*)(?::\ ?)(.*)(?:\n|$)/g, function(_, header, value) {
headers[normalize(header)] = value;
});
return headers;
}
function normalize(header) {
return header.replace(/[^a-zA-Z0-9_-]/g, '').toLowerCase();
}
function hijack(property, opt_checker) {
Object.defineProperty(me, property, {
configurable: true,
get: function(){
delete me[property];
// Allow the user to change the response!
if (!opt_checker || !opt_checker(me[property])) {
me.userConfirm();
}
if (me.hasOwnProperty(property+"_")) {
return me[property+"_"];
}
return me[property];
}
});
}
hijack("responseText");
hijack("status");
hijack("readyState", function(v){
return v == 4;
});
this.getResponseHeader = function(header) {
this.userConfirm();
var normalized = normalize(header);
if (this.responseHeaders_ && this.responseHeaders_.hasOwnProperty(normalized)) {
return this.responseHeaders_[normalized];
}
return super_.getResponseHeader.apply(this, [].slice.call(arguments));
};
this.getAllResponseHeaders = function() {
this.userConfirm();
if (this.responseHeaders_) {
// Return our copy instead of calling super.
return this.responseHeadersText_;
}
return super_.getAllResponseHeaders.apply(this, [].slice.call(arguments));
};
};
window.XMLHttpRequest.prototype = super_;
window.XMLHttpRequest.toString = function() {
return "function XMLHttpRequest() { [injected code] }";
};
// Capture <form> submissions.
var origAddEventListener = Node.prototype.addEventListener;
function kidnapForm(form) {
if (!form.TAMPER_INSPECT) {
form.TAMPER_INSPECT = true;
origAddEventListener.call(form, "submit", function() {
var fields = [];
var elems = this.elements;
for(var i=0 ;i<elems.length; i++) {
var elem = elems[i];
if (elem.type.toLowerCase() == "submit" &&
elem.form.lastClicked != elem) {
continue;
}
if (elem.disabled) {
continue;
}
fields.push({name: elem.name, value: elem.value});
}
if (this.lastClicked instanceof HTMLInputElement &&
this.lastClicked.type.toLowerCase() == "image") {
var prefix = this.lastClicked.name ? this.lastClicked.name + "." : "";
fields.push({
name: prefix + "x",
value: this.lastClicked.lastEvent.x,
readOnly: true});
fields.push({
name: prefix + "y",
value: this.lastClicked.lastEvent.y,
readOnly: true});
if (this.lastClicked.value) {
fields.push({name: this.lastClicked.name, value: this.lastClicked.value});
}
}
var ret = askUser('/form.html', {
action: this.action,
method: this.method,
fields: fields
});
if (ret.cancel) {
e.preventDefault();
e.stopPropagation();
e.stopImmediatePropagation();
return;
}
if (ret.modified) {
// change the response.
this.action = ret.action;
this.method = ret.method;
ret.fields.forEach(function(field){
if (!field.readOnly) {
var elem = form.elements[field.name];
if (elem) {
if (field.remove) {
elem.disabled = true;
setTimeout(function(){
elem.disabled = false;
}, 1);
}
var originalValue = elem.value;
elem.value = field.value;
setTimeout(function(){
elem.value = originalValue;
}, 1);
} else {
var elem = document.createElement("input");
elem.type = "hidden";
elem.name = field.name;
elem.value = field.value;
form.appendChild(elem);
setTimeout(function(){
elem.parentNode.removeChild(elem);
}, 1);
}
}
});
}
if (ret.debug) {
debugger;
}
}, true);
}
var elems = form.elements;
for(var i=0 ;i<elems.length; i++) {
var elem = elems[i];
if (elem instanceof HTMLInputElement && !elem.TAMPER_INSPECT) {
elem.TAMPER_INSPECT = true;
origAddEventListener.call(elem, "click", function(e){
this.form.lastClicked = this;
this.lastEvent = e;
}, true);
}
}
}
// We need to do this in case someone programatically creates a form and adds
// an event listener (since we need to be the first event listener).
Node.prototype.addEventListener = function(eventName) {
if (this instanceof HTMLFormElement) {
kidnapForm(this);
return origAddEventListener.apply(this, [].slice.call(arguments));
}
}
// We need to do this in case someone programatically creates a form and tries
// to submit it.
var origSubmit = HTMLFormElement.prototype.submit;
HTMLFormElement.prototype.submit = function() {
kidnapForm(this);
return origSubmit.apply(this, [].slice.call(arguments));
};
// We need to hijack all existing forms.
var forms = document.forms;
for (var i=0; i<forms.length; i++) {
kidnapForm(forms[i]);
}
// We need to hijack all new forms.
document.addEventListener("DOMSubTreeModified", function(e) {
if (e.target instanceof HTMLFormElement) {
kidnapForm(e.target);
} else if (e.target.form && e.target.form instanceof HTMLFormElement) {
kidnapForm(e.target.form);
}
});
}
return true;
})(unescape('chrome-extension%3A//hifhgpdkfodlpnlmlnmhchnkepplebkb'));
Return to (Real 2) Chicago American Nazi Party
Users browsing this forum: No registered users and 0 guests