Open SamuelScheit opened 3 years ago
was really busy yesterday, so I added it tday
I tried decoding the second part and I didn't exactly get the value intended. Can anyone help?
@nicholaslz do not try to decode the value as a base64 utf8 string, but as a base64 buffer. Can you send the code?
I tried decoding the second part and I didn't exactly get the value intended. Can anyone help?
base64 => hex => number => + discord timestamp
Are you
I tried decoding the second part and I didn't exactly get the value intended. Can anyone help?
base64 => hex => number => + discord timestamp
Are you sure about that cuz i do it . this is my second part of my token GX-tjF but i can't get timestamp
@nicholaslz do not try to decode the value as a base64 utf8 string, but as a base64 buffer. Can you send the code?
What is Base64 buffer ? Can you explain ? I couldn't find it on google
Using @aiko-chan-ai's decryption idea, I get this from @IamZiroToxic's token:
GX-tjF - Base64url ('-' is an invalid character in normal base64)
197fad8c - Convert to hex
427797900 - Convert to decimal
1721637900 - Add discord epoch (1293840000)
The date represented by this unix timestamp is Jul 22 2024, so something is slightly wrong here. No idea what @Flam3rboy means when they say to "not try to decode the value as a base64 utf8 string, but as a base64 buffer".
No idea what @Flam3rboy means when they say to "not try to decode the value as a base64 utf8 string, but as a base64 buffer".
I think he means that you shouldn't try decoding it as a string, but directly as decimal (don't use a character encoding like utf-8/ascii in the raw binary data stored in the decoded buffer, but convert said binary data to decimals right-away.)
It's rather interesting though that the timestamp you obtained is only off by a bit. Usually I'd expect wrong results caused by encoding issues to have a much bigger skew; with wrongfully applied utf-8 (like with ascii) numbers should be off by 48 per digit.
Unfortunately I bricked my PC so I can't check if it works with proper decoding. So until it's assured that the encoding (still) works as described I'll mark this issue as open.
So how can i convert directly as decimal ?
+1 tried base64url -> hex -> decimal -> unix timestamp (decimal + 1293840000)
but the final date is 2025, even though I created it about 10 minutes ago. what am I doing wrong?
Tried GmlTB0
(input) -> Base64
(Base64url
) -> Integer
(Decimal
, 32-bit
, Big-endian
) = 443110151
(output)
443,110,151
+ 1,293,840,000
= 1,736,950,151
-> UnixConverter = Wed Jan 15 2025 14:09:11 GMT+0000
(output)
Some reason I'm getting a date further than I could possibly create the token? Or is what's written incorrect?
This could be when the token is expired.
For some reason if I try re-encode the decoded base64 215968764
it doesn't go back like it was, Tried to directly encode it from decimal to base64 & base64url didn't work. I'm trying to reverse the way I got to the last thing, When I tried to encode it, It's a different value.
Let's take an example;
The second part of a dummy account's token G0N03I
, When I get when the account was created from here and I follow this way which I found it working for every account no single idea why "Add 15 days and subtract 36 from when the account was created"
it gives me the correct timestamp then I subtract it from 1293840000
divided by 1000 to remove the last 3 zeros. I get the decoded value of the second part which is 1495196146
and I go to this website and use it to convert it to readable date I get the same as here. Now every thing is same. When I try to encode the value to base64, This is what I get MTQ5NTE5NjE0Ng
instead of G0N03I
.
Probably discord changed it or something is missing, Sorry if I have a lot of grammar issues, It's 2:04am in my country and I've been awake for 17 hours.
For some reason if I try re-encode the decoded base64
215968764
it doesn't go back like it was, Tried to directly encode it from decimal to base64 & base64url didn't work. I'm trying to reverse the way I got to the last thing, When I tried to encode it, It's a different value.Let's take an example; The second part of a dummy account's token
G0N03I
, When I get when the account was created from here and I follow this way which I found it working for every account no single idea why"Add 15 days and subtract 36 from when the account was created"
it gives me the correct timestamp then I subtract it from1293840000
divided by 1000 to remove the last 3 zeros. I get the decoded value of the second part which is1495196146
and I go to this website and use it to convert it to readable date I get the same as here. Now every thing is same. When I try to encode the value to base64, This is what I getMTQ5NTE5NjE0Ng
instead ofG0N03I
.Probably discord changed it or something is missing, Sorry if I have a lot of grammar issues, It's 2:04am in my country and I've been awake for 17 hours.
You have to ask the Discord team to change their documentation, I recently learned that the ids have evolved and can contain one more digit
For some reason if I try re-encode the decoded base64
215968764
it doesn't go back like it was, Tried to directly encode it from decimal to base64 & base64url didn't work. I'm trying to reverse the way I got to the last thing, When I tried to encode it, It's a different value. Let's take an example; The second part of a dummy account's tokenG0N03I
, When I get when the account was created from here and I follow this way which I found it working for every account no single idea why"Add 15 days and subtract 36 from when the account was created"
it gives me the correct timestamp then I subtract it from1293840000
divided by 1000 to remove the last 3 zeros. I get the decoded value of the second part which is1495196146
and I go to this website and use it to convert it to readable date I get the same as here. Now every thing is same. When I try to encode the value to base64, This is what I getMTQ5NTE5NjE0Ng
instead ofG0N03I
. Probably discord changed it or something is missing, Sorry if I have a lot of grammar issues, It's 2:04am in my country and I've been awake for 17 hours.You have to ask the Discord team to change their documentation, I recently learned that the ids have evolved and can contain one more digit
There's 2 possibilities, The first possibility the second part isn't base64 at all, The second possibility that it's encoded in some what way we still don't know.
Like @aiko-chan-ai
said
base64 => hex => number => + discord timestamp
If we reverse it, It would be like this: discord timestamp - => number => hex => base
Maybe I should try converting the number to hex then base64 without using .toString()
you can generate some tokens to test
POST: https://discord.com/api/v9/auth/handoff
Headers: authorization: user token
Body:
{
"key": "random string bruh",
}
Response
{
"handoff_token": "fake token",
}
idk what this token does but it can't be used
I'm noticing that every time i login i get a new token. same id in base64. 6 characters .38 characters ive noticed every token i generate on multiple accounts 6 characters starting with "G" any one else getting that?
How do you convert the Unix timestamp to the token Epotch?
How do you convert the Unix timestamp to the token Epotch? @HappyFrenchFRI
You can check my repo and see the second section in the README.md, Unfortunately discord generates it once/twice a week, so yea no way to get the second section unless you have the specific time when it was regenerated or you crack it some what way.
Hey guys i'm working on a project on discord right now i also came across the same problem with the timestamp DN9r_A , DN9r_A does not appear to be a valid base64-encoded value. Hey @hxr404 wanna join the project? because i'm alone i'm sure we can be friends tho
Also if anyone having trouble with the timestamp don't worry
so it is impossible to get the last part?
Yep, Near-Impossible
Le lun. 22 janv. 2024 à 16:00, Sunlitkoreakorea @.***> a écrit :
so it is impossible to get the last part?
— Reply to this email directly, view it on GitHub https://github.com/Discord-Oxygen/Discord-Console-hacks/issues/2#issuecomment-1904185294, or unsubscribe https://github.com/notifications/unsubscribe-auth/A25KGQKO4JNOSK43TFQYMALYPZ5HBAVCNFSM46GENYD2U5DIOJSWCZC7NNSXTN2JONZXKZKDN5WW2ZLOOQ5TCOJQGQYTQNJSHE2A . You are receiving this because you commented.Message ID: @.***>
The second part can't be base64, Or maybe there's a encoding schema before encoding it to base64
I kinda made the second part
On Tue, May 28, 2024 at 11:02 AM reyu @.***> wrote:
The second part can't be base64, Or maybe there's a encoding schema before encoding it to base64
— Reply to this email directly, view it on GitHub https://github.com/Discord-Oxygen/Discord-Console-hacks/issues/2#issuecomment-2134824921, or unsubscribe https://github.com/notifications/unsubscribe-auth/A25KGQNUZRNLQVBXRCTS3CDZERI2BAVCNFSM46GENYD2U5DIOJSWCZC7NNSXTN2JONZXKZKDN5WW2ZLOOQ5TEMJTGQ4DENBZGIYQ . You are receiving this because you commented.Message ID: @.***>
Can't believe I commented here like 2 years ago So what you got?
not gonna lie, I made the code script like a year ago in summer, But its basically just turning userid to timestamp and turning it into second part token
On Thu, May 30, 2024 at 10:59 PM Mohammad Rafieefard < @.***> wrote:
Can't believe I commented here like 2 years ago So what you got?
— Reply to this email directly, view it on GitHub https://github.com/Discord-Oxygen/Discord-Console-hacks/issues/2#issuecomment-2140925639, or unsubscribe https://github.com/notifications/unsubscribe-auth/A25KGQJ7KAMZCWDTV2AW5L3ZE6OM5AVCNFSM46GENYD2U5DIOJSWCZC7NNSXTN2JONZXKZKDN5WW2ZLOOQ5TEMJUGA4TENJWGM4Q . You are receiving this because you commented.Message ID: @.***>
So it's working
Yeah, the problem is that he gave an incorrect discord token so i've decided to test using my own.
On Fri, May 31, 2024 at 5:56 AM Mohammad Rafieefard < @.***> wrote:
So it's working
— Reply to this email directly, view it on GitHub https://github.com/Discord-Oxygen/Discord-Console-hacks/issues/2#issuecomment-2141231693, or unsubscribe https://github.com/notifications/unsubscribe-auth/A25KGQIZWTWV2D6BUB2KE4DZE77GVAVCNFSM46GENYD2U5DIOJSWCZC7NNSXTN2JONZXKZKDN5WW2ZLOOQ5TEMJUGEZDGMJWHEZQ . You are receiving this because you commented.Message ID: @.***>
But I think the last part is encrypted with AES or RSA and it is nearly impossible to reverse-engineer it
I agree with you with that, The last part of the token is 98% code-generated so yeah, Its nearly impossible to reverse engineer the last part.
On Tue, Jun 11, 2024 at 12:07 AM Mohammad Rafieefard < @.***> wrote:
But I think the last part is encrypted with AES or RSA and it is nearly impossible to reverse-engineer it
— Reply to this email directly, view it on GitHub https://github.com/Discord-Oxygen/Discord-Console-hacks/issues/2#issuecomment-2159455334, or unsubscribe https://github.com/notifications/unsubscribe-auth/A25KGQPUW3WYXVF656POXH3ZGYWSRAVCNFSM46GENYD2U5DIOJSWCZC7NNSXTN2JONZXKZKDN5WW2ZLOOQ5TEMJVHE2DKNJTGM2A . You are receiving this because you commented.Message ID: @.***>
But if you have a nasa pc you can bruteforce it 😂
Lol, Btw i kinda forgot about this whole discord token cracker thing, Why? cuz its boring, Plus its already too late for that, Discord already released 2FA update
On Thu, Jun 13, 2024 at 7:10 PM Mohammad Rafieefard < @.***> wrote:
But if you have a nasa pc you can bruteforce it 😂
— Reply to this email directly, view it on GitHub https://github.com/Discord-Oxygen/Discord-Console-hacks/issues/2#issuecomment-2166476478, or unsubscribe https://github.com/notifications/unsubscribe-auth/A25KGQIQMFS3DD6VDBFFN3LZHHOB5AVCNFSM46GENYD2U5DIOJSWCZC7NNSXTN2JONZXKZKDN5WW2ZLOOQ5TEMJWGY2DONRUG44A . You are receiving this because you commented.Message ID: @.***>
The second part is just the timestamp when the token was generated encoded as base64