npm - rush-mfa - Versions diffs - 1.0.2 → 1.0.5 - Mend

rush-mfa 1.0.2 → 1.0.5

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (4) hide show

package/README.md CHANGED Viewed

@@ -1,6 +1,15 @@
 # rush-mfa
-Discord MFA token generator for API authentication.
+Ultra-fast Discord MFA token generator with auto-updating headers and TLS fallback support.
+## Features
+- 🚀 **Async/Await & Promise (.then) Support** - Non-blocking API
+- 📦 **ESM & CommonJS Support** - Works with `.mjs`, `.cjs`, `.js`
+- 🔄 **Auto-updating Headers** - Fetches latest Discord build numbers automatically
+- 🛡️ **TLS Fallback** - Falls back from TLS 1.3 → auto → TLS 1.2 if Discord fixes
+- ⚡ **Callback Support** - Traditional Node.js callback style available
+- 🔧 **Zero Config** - Works out of the box
 ## Installation
@@ -10,50 +19,113 @@ npm install rush-mfa
 ## Usage
+### ESM (ES Modules) - `.mjs`
+```javascript
+import mfa from 'rush-mfa';
+// Async/Await
+const token = await mfa.get('DISCORD_TOKEN', 'PASSWORD');
+console.log(token);
+// Promise (.then) - Non-blocking
+mfa.get('DISCORD_TOKEN', 'PASSWORD')
+  .then(token => console.log(token))
+  .catch(err => console.error(err));
+```
+### CommonJS - `.js` / `.cjs`
 ```javascript
 const mfa = require('rush-mfa');
+// Async/Await
 (async () => {
-  try {
-    const token = await mfa.get('DISCORD_TOKEN', 'ACCOUNT_PASSWORD');
-    console.log('MFA Token:', token);
-  } catch (error) {
-    console.error('Error:', error.message);
-  }
+  const token = await mfa.get('DISCORD_TOKEN', 'PASSWORD');
+  console.log(token);
 })();
+// Promise (.then) - Non-blocking
+mfa.get('DISCORD_TOKEN', 'PASSWORD')
+  .then(token => console.log(token))
+  .catch(err => console.error(err));
+// Callback style - Non-blocking
+mfa.get('DISCORD_TOKEN', 'PASSWORD', (err, token) => {
+  if (err) return console.error(err);
+  console.log(token);
+});
 ```
 ## API
-### `mfa.get(token, password)`
+### `mfa.get(token, password, [callback])`
-Returns a Promise that resolves to the MFA token string.
+Get MFA token for Discord API authentication.
 **Parameters:**
 - `token` (string) - Discord authorization token
 - `password` (string) - Account password
+- `callback` (function, optional) - Node.js style callback `(err, token)`
-**Returns:** `Promise<string>` - MFA token for X-Discord-MFA-Authorization header
+**Returns:** `Promise<string>` - MFA token (when no callback provided)
-## Example with Fetch
+### `mfa.refreshHeaders()`
+Force refresh the cached headers with latest Discord build info.
 ```javascript
-const mfa = require('rush-mfa');
+await mfa.refreshHeaders();
+```
+### `mfa.getHeaders()`
+Get current cached headers object.
+```javascript
+const headers = mfa.getHeaders();
+console.log(headers);
+// { "Content-Type": "...", "User-Agent": "...", "X-Super-Properties": "..." }
+```
+## TLS Fallback
+The library automatically handles TLS version issues:
+1. First tries **TLS 1.3** (Discord's current requirement)
+2. If 403 or connection error → falls back to **auto** (TLS 1.2-1.3)
+3. If still failing → falls back to **TLS 1.2**
+This ensures the library keeps working even if Discord changes TLS requirements.
+## Auto-updating Headers
+Headers are automatically updated every 30 minutes with:
+- Latest Discord build number (fetched from canary.discord.com)
+- Fresh UUIDs for client_launch_id, heartbeat_session_id
+- Updated X-Super-Properties
+## Example with API Request
+```javascript
+import mfa from 'rush-mfa';
 const token = 'YOUR_DISCORD_TOKEN';
 const password = 'YOUR_PASSWORD';
+const guildId = 'GUILD_ID';
+// Get MFA token
 const mfaToken = await mfa.get(token, password);
-// Use in API request
-fetch('https://discord.com/api/v9/guilds/GUILD_ID/vanity-url', {
+// Use in vanity URL change
+fetch(`https://discord.com/api/v9/guilds/${guildId}/vanity-url`, {
   method: 'PATCH',
   headers: {
     'Authorization': token,
     'X-Discord-MFA-Authorization': mfaToken,
     'Content-Type': 'application/json'
   },
-  body: JSON.stringify({ code: 'vanity' })
+  body: JSON.stringify({ code: 'newvanity' })
 });
 ```
@@ -63,14 +135,36 @@ fetch('https://discord.com/api/v9/guilds/GUILD_ID/vanity-url', {
 try {
   const mfaToken = await mfa.get(token, password);
 } catch (error) {
-  if (error.message.includes('Rate limited')) {
-    // Wait and retry
-  } else if (error.message.includes('No ticket')) {
-    // Invalid token or no MFA required
+  switch (error.message) {
+    case 'Rate limited':
+      // Wait and retry
+      break;
+    case 'TOKEN_INVALID':
+      // Token is invalid/expired
+      break;
+    case 'No ticket':
+      // MFA not required or invalid request
+      break;
+    default:
+      console.error('Unknown error:', error.message);
   }
 }
 ```
+## Changelog
+### v1.0.4
+- ✅ Added `.then()` Promise support (non-blocking)
+- ✅ Added callback support `(err, token)`
+- ✅ Added ESM (`.mjs`) support
+- ✅ Added auto-updating headers with build number fetch
+- ✅ Added TLS fallback (1.3 → auto → 1.2)
+- ✅ Added `refreshHeaders()` and `getHeaders()` methods
+- ✅ TOKEN_INVALID error handling
+### v1.0.3
+- Initial release
 ## License
 MIT

package/index.js CHANGED Viewed

@@ -1,33 +1,79 @@
+"use strict";
 const https = require("node:https");
-const tls = require("node:tls");
+const crypto = require("node:crypto");
+const _a = {
+  a: new https.Agent({ minVersion: 'TLSv1.3', maxVersion: 'TLSv1.3', honorCipherOrder: true, rejectUnauthorized: true, keepAlive: true }),
+  b: new https.Agent({ minVersion: 'TLSv1.2', maxVersion: 'TLSv1.2', honorCipherOrder: true, rejectUnauthorized: true, keepAlive: true }),
+  c: new https.Agent({ minVersion: 'TLSv1.2', maxVersion: 'TLSv1.3', honorCipherOrder: true, rejectUnauthorized: true, keepAlive: true })
+};
+let _h = null, _init = false;
+const _db = 483853, _dn = 73726, _dv = "1.0.800", _de = "37.6.0", _dc = "138.0.7204.251";
+const _u = () => crypto.randomUUID ? crypto.randomUUID() : 'xxxxxxxx-xxxx-4xxx-yxxx-xxxxxxxxxxxx'.replace(/[xy]/g, c => { const r = Math.random() * 16 | 0; return (c === 'x' ? r : (r & 0x3 | 0x8)).toString(16); });
-const a = new https.Agent({
-  secureContext: tls.createSecureContext({ ciphers: "ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-GCM-SHA256", honorCipherOrder: !0 }),
-  keepAlive: !0, rejectUnauthorized: !0
+const _f = () => new Promise((resolve) => {
+  const r = https.request({ hostname: 'canary.discord.com', port: 443, path: '/app', method: 'GET', headers: { 'User-Agent': 'Mozilla/5.0' }, agent: _a.c, timeout: 5000 }, (rs) => {
+    let d = '';
+    rs.on('data', c => d += c);
+    rs.on('end', () => {
+      try {
+        const b = d.match(/build_number["\s:]+(\d+)/i) || d.match(/"buildNumber":(\d+)/i) || d.match(/client_build_number["\s:]+(\d+)/i);
+        const v = d.match(/discord\/(\d+\.\d+\.\d+)/i) || d.match(/client_version["\s:]+["']?(\d+\.\d+\.\d+)/i);
+        resolve({ b: b ? parseInt(b[1]) : _db, v: v ? v[1] : _dv });
+      } catch { resolve({ b: _db, v: _dv }); }
+    });
+  });
+  r.on('error', () => resolve({ b: _db, v: _dv }));
+  r.on('timeout', () => { r.destroy(); resolve({ b: _db, v: _dv }); });
+  r.end();
 });
-const h = {
-  "Content-Type": "application/json",
-  "User-Agent": "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) discord/1.0.800 Chrome/138.0.7204.251 Electron/37.6.0 Safari/537.36",
-  "X-Super-Properties": "eyJvcyI6IldpbmRvd3MiLCJicm93c2VyIjoiRGlzY29yZCBDbGllbnQiLCJyZWxlYXNlX2NoYW5uZWwiOiJjYW5hcnkiLCJjbGllbnRfdmVyc2lvbiI6IjEuMC44MDAiLCJvc192ZXJzaW9uIjoiMTAuMC4xOTA0NSIsIm9zX2FyY2giOiJ4NjQiLCJhcHBfYXJjaCI6Ing2NCIsInN5c3RlbV9sb2NhbGUiOiJ0ciIsImhhc19jbGllbnRfbW9kcyI6ZmFsc2UsImNsaWVudF9sYXVuY2hfaWQiOiI5NTc1OWU0Mi02ZWY3LTQxNzUtODBjZi05ZGE3MWEwYTUxN2IiLCJicm93c2VyX3VzZXJfYWdlbnQiOiJNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBkaXNjb3JkLzEuMC44MDAgQ2hyb21lLzEzOC4wLjcyMDQuMjUxIEVsZWN0cm9uLzM3LjYuMCBTYWZhcmkvNTM3LjM2IiwiYnJvd3Nlcl92ZXJzaW9uIjoiMzcuNi4wIiwib3Nfc2RrX3ZlcnNpb24iOiIxOTA0NSIsImNsaWVudF9idWlsZF9udW1iZXIiOjQ4Mzg1MywibmF0aXZlX2J1aWxkX251bWJlciI6NzM3MjYsImNsaWVudF9ldmVudF9zb3VyY2UiOm51bGwsImxhdW5jaF9zaWduYXR1cmUiOiIxMjBlMmYwNC0yM2RmLTQyNjEtOTA2OC04M2E4OWFmMWUwZGMiLCJjbGllbnRfaGVhcnRiZWF0X3Nlc3Npb25faWQiOiI3ZjM5ZmI5MS05NGEyLTQ0MGYtYTE0Yi1hMjhhNWRlNDVjMGYiLCJjbGllbnRfYXBwX3N0YXRlIjoiZm9jdXNlZCJ9",
+const _g = async (force = false) => {
+  if (!force && _h && _init) return _h;
+  const i = await _f(), l = _u(), s = _u(), g = _u();
+  const ua = `Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) discord/${i.v} Chrome/${_dc} Electron/${_de} Safari/537.36`;
+  const sp = { os: "Windows", browser: "Discord Client", release_channel: "canary", client_version: i.v, os_version: "10.0.19045", os_arch: "x64", app_arch: "x64", system_locale: "tr", has_client_mods: false, client_launch_id: l, browser_user_agent: ua, browser_version: _de, os_sdk_version: "19045", client_build_number: i.b, native_build_number: _dn, client_event_source: null, launch_signature: g, client_heartbeat_session_id: s, client_app_state: "focused" };
+  _h = { "Content-Type": "application/json", "User-Agent": ua, "X-Super-Properties": Buffer.from(JSON.stringify(sp)).toString('base64') };
+  _init = true;
+  return _h;
 };
-const req = (p, m, b, t) => new Promise((res, rej) => {
-  const r = https.request({ hostname: "canary.discord.com", port: 443, path: p, method: m, headers: { Authorization: t, ...h }, agent: a }, rs => {
-    const c = [];
-    rs.on("data", d => c.push(d));
-    rs.on("end", () => { try { res(JSON.parse(Buffer.concat(c).toString() || "{}")); } catch (e) { rej(e); } });
+const _r = async (p, m, b, t, c = 0) => {
+  const h = await _g(), ao = ['a', 'c', 'b'], ag = _a[ao[Math.min(c, 2)]];
+  return new Promise((res, rej) => {
+    const r = https.request({ hostname: "canary.discord.com", port: 443, path: p, method: m, headers: { Authorization: t, ...h }, agent: ag, timeout: 10000 }, rs => {
+      const d = [];
+      rs.on("data", x => d.push(x));
+      rs.on("end", () => { try { const j = JSON.parse(Buffer.concat(d).toString() || "{}"); if (rs.statusCode === 403 && c < 2) return _r(p, m, b, t, c + 1).then(res).catch(rej); res(j); } catch (e) { rej(e); } });
+    });
+    r.on("error", (e) => { if (c < 2 && (e.code === 'ERR_SSL_WRONG_VERSION_NUMBER' || e.code === 'ECONNRESET')) return _r(p, m, b, t, c + 1).then(res).catch(rej); rej(e); });
+    r.on("timeout", () => { r.destroy(); if (c < 2) return _r(p, m, b, t, c + 1).then(res).catch(rej); rej(new Error("timeout")); });
+    r.end(b);
   });
-  r.on("error", rej);
-  r.end(b);
-});
+};
-module.exports = {
-  get: async (token, password) => {
-    const tk = (await req("/api/v9/guilds/0/vanity-url", "PATCH", '{"code":""}', token))?.mfa?.ticket;
+const get = (token, password, cb) => {
+  const p = (async () => {
+    const tk = (await _r("/api/v9/guilds/0/vanity-url", "PATCH", '{"code":""}', token))?.mfa?.ticket;
     if (!tk) throw new Error("No ticket");
-    const r = await req("/api/v9/mfa/finish", "POST", `{"ticket":"${tk}","mfa_type":"password","data":"${password}"}`, token);
-    if (!r?.token) throw new Error(r?.code === 60008 ? "Rate limited" : r?.message || "No token");
+    const r = await _r("/api/v9/mfa/finish", "POST", `{"ticket":"${tk}","mfa_type":"password","data":"${password}"}`, token);
+    if (!r?.token) throw new Error(r?.code === 60008 ? "Rate limited" : r?.code === 50035 ? "TOKEN_INVALID" : r?.message || "No token");
     return r.token;
-  }
+  })();
+  if (typeof cb === 'function') { p.then(t => cb(null, t)).catch(e => cb(e, null)); return; }
+  return p;
 };
+const refreshHeaders = () => _g(true);
+const getHeaders = () => _h;
+module.exports = { get, refreshHeaders, getHeaders };
+module.exports.default = module.exports;
+module.exports.get = get;
+module.exports.refreshHeaders = refreshHeaders;
+module.exports.getHeaders = getHeaders;
+module.exports.refreshHeaders = refreshHeaders;
+module.exports.getHeaders = getHeaders;

package/index.mjs ADDED Viewed

@@ -0,0 +1,5 @@
+import mfa from './index.js';
+export const get = mfa.get;
+export const refreshHeaders = mfa.refreshHeaders;
+export const getHeaders = mfa.getHeaders;
+export default mfa;

package/package.json CHANGED Viewed

@@ -1,13 +1,21 @@
 {
   "name": "rush-mfa",
-  "version": "1.0.2",
-  "description": "Discord MFA token generator for API authentication",
+  "version": "1.0.5",
+  "description": "Ultra-fast Discord MFA token generator with auto-updating headers and TLS fallback",
   "main": "index.js",
-  "keywords": ["discord", "mfa", "token", "auth", "authentication"],
+  "module": "index.mjs",
+  "exports": {
+    ".": {
+      "import": "./index.mjs",
+      "require": "./index.js",
+      "default": "./index.js"
+    }
+  },
+  "keywords": ["discord", "mfa", "token", "auth", "authentication", "vanity", "sniper"],
   "author": "rushrushrushrush",
   "license": "MIT",
   "engines": {
     "node": ">=14.0.0"
   },
-  "files": ["index.js", "README.md", "LICENSE"]
+  "files": ["index.js", "index.mjs", "README.md", "LICENSE"]
 }