<!DOCTYPE html><html xmlns="http://www.w3.org/1999/xhtml"><head> <!-- Does not work <meta http-equiv="Supports-Loading-Mode" content="fenced-frame"> --> <title>Fast Hack'em v.0.0.3</title></head><body> <div id="eScreen" style="float:left;width:49%;margin:0px;padding:0px;font-size:14px;font-family: Monospace, Arial, sans-serif, Helvetica;"></div><iframe name="ifn" id="ifd" style="float:right;width:49%;height:800px;margin:0px;padding:0px;"></iframe><script>async function createFenced(){ const URLs = [{url:'fence.php'}]; await window.sharedStorage.worklet.addModule("worklet.js"); const resolveToConfig = window.FencedFrameConfig !== void 0; let opaqueURL = await window.sharedStorage.selectURL("ts", URLs, {resolveToConfig, keepAlive:true}); if (resolveToConfig && opaqueURL instanceof FencedFrameConfig) document.body.appendChild(Object.assign(document.createElement('fencedframe'), {mode: 'opaque-ads', config: opaqueURL, width:1000, height:800, id:'fenced'}));} if (window === top){ ifn.location.replace("https://www.caballero.com.ar/");}else{ eScreen.style.width = "95%"; ifd.style.width = "3%";} function createError(){ try { nothing() //null[0](); } catch(error) { log(error.stack.toString()); }}//setTimeout(createError, 1000);function logMe(){ let logData = ` isActive: ${navigator.userActivation.isActive} hasBeenActive: ${navigator.userActivation.hasBeenActive} location: ${location.href} `; log(logData.replace(/\n/g,'<br />'));}let timer; const cmd = { get start() { timer = setInterval(logMe, 1000); return 1; }, set start(arg) { }, get stop() { clearInterval(timer); return 1; }, }; (function (){/* var eScreen = document.createElement("div");eScreen.style.width = "46%";eScreen.style.margin = "0px";eScreen.style.padding = "0px";eScreen.style.fontSize = "14px";eScreen.style.fontFamily = "Monospace, Arial, sans-serif, Helvetica";eScreen.style.float = "left";*///let iFrame = document.createElement("iframe"); ///////////////////////// Code TextAreavar eCode = document.createElement("textarea");/*eCode.onchange = function(e){ window.x = e; alert(e.isTrusted);}*/eCode.name = "taCode";eCode.style.width = "100%";eCode.rows = "20";eCode.style.backgroundColor = "#000000";eCode.style.color = "#30ee30";eCode.style.fontSize = "16px";eCode.style.padding = "5px";eCode.autofocus = true;eCode.autocorrect = "off";eCode.autocapitalize = "off";eCode.spellcheck = false;eCode.ondblclick = function(e){ var ret = eval(this.value); log(ret);}eCode.onkeydown = function(e){ if (typeof e == "undefined") e = event; if ((e.keyCode == 13 || e.keyCode == 10) && (e.ctrlKey || e.shiftKey) || (e.key == "@" || e.key == "#") ) { if (e.preventDefault) e.preventDefault(); try { var ret = eval(this.value); } catch(e) { log("Error: " + e); return; } if (e.ctrlKey || e.key == "@" || e.key == "#") // Log either eval or enum { if (e.shiftKey && !(e.key == "@" || e.key == "#")) log(prettyEnumObject(ret)); else if (e.altKey || e.key == "#") log(remoteSave(prettyEnumObject(ret, true))); else log(ret); } }} ///////////////////////// Code Log-Statusvar eLog = document.createElement("div");eLog.style.width = "100%";eLog.style.height = "300pt";eLog.style.margin = "0px";eLog.style.padding = "0px";eLog.style.wordWrap = "break-word";eLog.style.overflow = "scroll";eLog.style.padding = "5px";eLog.style.backgroundColor = "#000000";eLog.style.color = "#ffffff";eLog.style.border = "1px solid #eeeeee";eLog.innerHTML = "Fast Hack'em"; eScreen.appendChild(eCode);eScreen.appendChild(eLog);//document.body.appendChild(eScreen); window.log = function log(msg){ return eLog.innerHTML = msg;}function rot(s, i){ return void 0 === i && (i = 13), s.replace(/[A-Za-z]/g, function(c) { return String.fromCharCode(c.charCodeAt(0) + (c.toUpperCase() <= "M" ? i : -i)); });} function enumMembers(obj) // Returns an array of Strings of the members of the object{ //Object.getOwnPropertyDescriptors(window) var instanceValues = Object.getOwnPropertyNames(obj); if (Object.getPrototypeOf(obj) != null) { instanceValues = instanceValues.concat(enumMembers(Object.getPrototypeOf(obj))); } return instanceValues;}function prettyEnumObject(obj, bPlainText){ var arrMembersList = enumMembers(obj); if (bPlainText) { var prettyList = obj.toString() + "\n"; for (var i in arrMembersList) { var strMemberName = arrMembersList[i]; var refMember = obj[strMemberName]; prettyList += strMemberName + " = " + refMember + "\n"; } } else { var prettyList = "<strong>" + obj.toString() + "</strong><br />"; for (var i in arrMembersList) { var strMemberName = arrMembersList[i]; var refMember = obj[strMemberName]; var memberType = typeof refMember; var prettyMemberValue = ""; var prettyMemberName = '<span style="color:#aaaaaa">' + strMemberName + '</span>'; if (memberType == "object") prettyMemberName = '<span style="color:#aaaaaa;cursor:pointer" onclick="alert(this.innerText)">' + strMemberName + '</span>'; var memberValueColor = { "string" : "#dddddd", "number" : "#ff8080", "object" : "#80ff80", "boolean" : "#8080ff", "function": "#a0a0cc" } //if (memberType == "object") prettyMemberValue = '<span onclick="alert(\''+refMember+'\')" style="cursor:pointer;color:' + memberValueColor[memberType] + '">' + refMember + '</span>'; prettyMemberValue = '<span style="color:' + memberValueColor[memberType] + '">' + refMember + '</span>'; prettyList += prettyMemberName + " = " + prettyMemberValue + "<br />"; } } return prettyList;} // Detects if Chrome Extension Resource exists and is accessible// Vivaldi Sample: ext("chrome-extension://jffbochibkahlbbmanpmndnhmeliecah/config.json")function ext(ext){ var request = new XMLHttpRequest(); request.open("GET", ext, false); try { request.send(null); } catch(_) { return false; } if (request.status === 200) { return true; }}//ext("chrome-extension://jffbochibkahlbbmanpmndnhmeliecah/config.json") function fav(url){ var link = document.querySelector("link[rel~='icon']"); if (!link) { var link = document.createElement('link'); link.rel = 'icon'; document.getElementsByTagName('head')[0].appendChild(link); } link.href = url;}//fav("https://www.google.com/favicon.ico"); var isolatedIFrame = window; function workerCodeWrappedAsFunction(){ function probeExtensionInsideWorker(extensionURL) { var isExtensionInstalled = false; var syncXHR = new XMLHttpRequest(); syncXHR.open("GET", extensionURL, false); try { syncXHR.send(null); if (syncXHR.status === 200) {isExtensionInstalled = true;} } catch(e){} return isExtensionInstalled; } self.onmessage = function(messageEvent) { // messageEvent.data is the extensionURL to probe var isInstalled = probeExtensionInsideWorker(messageEvent.data); if (isInstalled) self.postMessage(messageEvent.data); } } // Converts the contexts (text) of workerCodeWrappedAsFunction to a real Blob// so we can easily use it as the code inside the Worker.var strFn = workerCodeWrappedAsFunction.toString();var strWorkerCode = strFn.slice(strFn.indexOf("{") + 1, strFn.lastIndexOf("}"));var workerBlob = new Blob([strWorkerCode], {type: 'application/javascript'});var workerUrl = isolatedIFrame.URL.createObjectURL(workerBlob); var workerToProbeExtensions = false, arrayWithCallbacks = null, timeoutToKillWorker = 0;function initWorker(){ if (!workerToProbeExtensions) { arrayWithCallbacks = []; workerToProbeExtensions = new isolatedIFrame.Worker(workerUrl); workerToProbeExtensions.addEventListener("message", function (messageEvent) { arrayWithCallbacks[messageEvent.data](); }); } clearTimeout(timeoutToKillWorker); timeoutToKillWorker = setTimeout(function() { // Destroy Worker and clean callbacks Array workerToProbeExtensions.terminate(); workerToProbeExtensions = false; arrayWithCallbacks = null; }, 3000); }function probeExtensionNoisy(url, callback){ initWorker(); arrayWithCallbacks[url] = callback; workerToProbeExtensions.postMessage(url); } //probeExtensionNoisy("chrome-extension://jffbochibkahlbbmanpmndnhmeliecah/config.json", function(){alert("yes")}); function remoteSave(str){ var xhttp = new XMLHttpRequest(); xhttp.open("POST", "remote_save.php", true); xhttp.setRequestHeader("Content-type", "application/x-www-form-urlencoded"); xhttp.send("data=" + escape(str)); return str;}function autoLog(){ log(remoteSave(prettyEnumObject(ret, true)));}if (location.hash.substring(1,4) == "log"){ var strObject = location.hash.substring(5); var obj = eval(strObject); log(remoteSave(prettyEnumObject(obj, true)));}else if (location.hash.substring(1,4) == "cmd"){ let command = location.hash.substring(5); cmd[command];}/*function loge(__tempObject){ var strEnum = forIn(__tempObject); var __tempObject_Enum = strEnum.replace(/</g, "<").replace(/>/g, ">"); __tempObject_Enum = __tempObject_Enum.replace(/\n/gi, "<br />").replace(/NO_ACCESS/g, "<font color=\"red\">NO_ACCESS</font>").replace(/(\[[^\]]*\])/g, "<font color=\"yellow\">$1</font>"); __tempObject_Enum = __tempObject_Enum.replace(/CUSTOM_ERROR/g, "<font color=\"red\">CUSTOM_ERROR</font>"); __tempObject_Enum = __tempObject_Enum.replace(/(null)|(undefined)/gi, "<font color=\"#999999\">$1$2</font>"); log(__tempObject_Enum); document.getElementById("notepad").value = strEnum;}function logep(__tempObject){ loge(__tempObject); post();} /*window.addEventListener('error', function (e){ console.log(e); log(e.message);// + "<br />" + url + "<br />" + lineNo + "<br />" + columnNo + "<br />" + error);})*/ })(); /*var str = "";function showPaintTimings() { let performance = window.performance; let performanceEntries = performance.getEntriesByType('paint'); performanceEntries.forEach( (performanceEntry, i, entries) => { str += ("The time to " + performanceEntry.name + " was " + performanceEntry.startTime + " milliseconds.\n"); console.log(str); }); } setTimeout("showPaintTimings()",1000);setTimeout(function(){ z = new Image(); z.src = "https://www.cracking.com.ar/fh/remote_save.php?data=" + escape(str);}, 3000)*//* Inline worker codefunction getWorkerCode(){ function workerCode() { self.onmessage = function(event) {console.log(navigator) self.postMessage(navigator.toString()); } } var strFn = workerCode.toString(); return strFn.slice(strFn.indexOf("{") + 1, strFn.lastIndexOf("}"));} var workerCode = getWorkerCode();//"self.onmessage=function(e){postMessage('Worker: '+e.data);}"; var blob;try { blob = new Blob([workerCode], {type: 'application/javascript'});} catch (e) { // Backwards-compatibility window.BlobBuilder = window.BlobBuilder || window.WebKitBlobBuilder || window.MozBlobBuilder; blob = new BlobBuilder(); blob.append(workerCode); blob = blob.getBlob();}var worker = new Worker(URL.createObjectURL(blob)); // Test, used in all examples:worker.onmessage = function(e){ alert('Worker Response:\n' + e.data);};worker.postMessage('Test');*/ function w(htmlCode){ document.getElementById("scratch").innerHTML = htmlCode; return "Code written in scratch";}function eventEnum(obj, callback){ if (!callback) var callback = function(e){alert(e.type)}; obj.onabort=obj.onanimationend=obj.onanimationiteration=obj.onanimationstart=obj.onauxclick=obj.onbeforecopy=obj.onbeforecut=obj.onbeforepaste=obj.onbeforexrselect=obj.onblur=obj.oncancel=obj.oncanplay=obj.oncanplaythrough=obj.onchange=obj.onclick=obj.onclose=obj.oncontextmenu=obj.oncopy=obj.oncuechange=obj.oncut=obj.ondblclick=obj.ondrag=obj.ondragend=obj.ondragenter=obj.ondragleave=obj.ondragover=obj.ondragstart=obj.ondrop=obj.ondurationchange=obj.onemptied=obj.onended=obj.onerror=obj.onfocus=obj.onformdata=obj.onfullscreenchange=obj.onfullscreenerror=obj.ongotpointercapture=obj.oninput=obj.oninvalid=obj.onkeydown=obj.onkeypress=obj.onkeyup=obj.onload=obj.onloadeddata=obj.onloadedmetadata=obj.onloadstart=obj.onlostpointercapture=obj.onmousedown=obj.onmouseenter=obj.onmouseleave=obj.onmousemove=obj.onmouseout=obj.onmouseover=obj.onmouseup=obj.onmousewheel=obj.onpaste=obj.onpause=obj.onplay=obj.onplaying=obj.onpointercancel=obj.onpointerdown=obj.onpointerenter=obj.onpointerleave=obj.onpointermove=obj.onpointerout=obj.onpointerover=obj.onpointerrawupdate=obj.onpointerup=obj.onprogress=obj.onratechange=obj.onreadystatechange=obj.onreset=obj.onresize=obj.onscroll=obj.onsearch=obj.onseeked=obj.onseeking=obj.onselect=obj.onselectionchange=obj.onselectstart=obj.onstalled=obj.onsubmit=obj.onsuspend=obj.ontimeupdate=obj.ontoggle=obj.ontransitioncancel=obj.ontransitionend=obj.ontransitionrun=obj.ontransitionstart=obj.onvolumechange=obj.onwaiting=obj.onwebkitanimationend=obj.onwebkitanimationiteration=obj.onwebkitanimationstart=obj.onwebkitfullscreenchange=obj.onwebkitfullscreenerror=obj.onwebkittransitionend=obj.onwheel=callback;} function fnOnMessage(e){ alert( "document.URL: " + document.URL + "\n" + "e.data: " + e.data + "\n" + "typeof e.data: " + typeof e.data + "\n" + "callee.caller has: " + arguments.callee.caller + "\n" );}window.addEventListener("message", fnOnMessage, false); //////////////////////////////////////////////////////////////////////////////////////////// var scratchDiv = document.createElement("div"); scratchDiv.setAttribute("style","position:absolute:top:-100px;width:1px;height:1px;visibility:hidden"); document.body.appendChild(scratchDiv); const ERROR = -1, NOT_INITIALIZED = 0, INITIALIZING = 1, READY = 2; var state = NOT_INITIALIZED; var queueExtensions = new Array(); function initProbeExtension() { if (state === NOT_INITIALIZED) { state = INITIALIZING; //console.log("INITIALIZING"); var obj = document.createElement("object"); obj.setAttribute("style","width:1px;height:1px;visibility:hidden"); obj.type = "text/plain"; var toInvalidLoad = setTimeout(function() { state = READY; // probeExtension works well. We can safely assume that it will work as expected. probeExtension(); // Start testing extensions }, 400); obj.onload = function() { state = ERROR; // probeExtension throws FPs. Can't be used during this session. clearTimeout(toInvalidLoad); alert("FP on extension load") } obj.data = "chrome-extension://agnangantblacabcerducharleorepsu/dshawo.json"; scratchDiv.appendChild(obj); } } function probeExtension(url, callback) { if (arguments.length > 0) {queueExtensions.push([url, callback]);} if (state === READY) // Create the object { while (queueExtensions.length > 0) { var obj = document.createElement("object"); obj.setAttribute("style","width:1px;height:1px;visibility:hidden"); obj.type = "text/plain"; var extFromQueue = queueExtensions.shift(); obj.onload = extFromQueue[1]; // callback obj.data = extFromQueue[0]; // extension url scratchDiv.appendChild(obj); } // Destroy objects state = INITIALIZING; setTimeout(function(){ scratchDiv.innerHTML = ""; state = READY; if (queueExtensions.length > 0) {probeExtension();} }, 1500); } else if (state === NOT_INITIALIZED) { initProbeExtension(); } } //////////////////////////////////////////////////////////////////////////////////////////// ////////////////////////////////////////////////////////////////////////////////////////////probeExtension("chrome-extension://dehdhmbfpjfihgpekceokjdeeheinkfo/intercept.js", function(){alert("Epic")});function classExists(className) { var styleSheets = document.styleSheets; for (var i = 0; i < styleSheets.length; i++) { var rules = styleSheets[i].cssRules || styleSheets[i].rules; for (var j = 0; j < rules.length; j++) { if (rules[j].selectorText === '.' + className) { return true; } } } return false; } /* function resourceLoader(url){ var obj = document.createElement("object"); obj.setAttribute("style","width:1px;height:1px;visibility:hidden"); obj.type = "text/plain"; obj.onload = function(){alert("Loaded")} obj.data = url; document.body.appendChild(obj);}resourceLoader("chrome-extension://does_not_exist"); */ </script><!--<script src="https://s.tw.marcus.com/static/4.80.9/pagespeed.js?psv=4.80.9&ci=845155&mo=2&pd=acc&rnd=123" integrity="sha256-emv3ViVQ1ERc0E5rI9Z3ugIBaSGvrITRAEo1dELo+Pc=" crossorigin="anonymous"></script> <iframe name="ifr" id="_ifr" width="800" height="600"></iframe>//console.log("Epic: " + ifr.document.documentElement.dataset.cbscriptallow);//https://www.cracking.com.ar/fh/do.php?do=headers --> <div id="scratch">id:scratch Write here using w("<b>Hello</b>")</div> </script></body></html> 
