Signing me out?

[Saintkiller135]

THis plugin used to work fine, but today it was disabled, so i enabled it. But everytime i do it signs me out within a few seconds..

[discoli-zz]

Signs me out too, notice this in the code: var _0x2066=

Search for that, this last commit seems to have added obfuscated code which also seems to have encrypted strings once decoded.

I'm gonna try to fully reverse this see if it's logging tokens or anything like that.

[discoli-zz]

Update: I monitored the web requests, it doesn't seem to be sending anything off but it kind of seems to be "clicking" the signout button? Not sure yet.

https://i.imgur.com/k2mnMLa.png

[discoli-zz]

It kind of looks like the old code he had on but obfuscated, still, issues started arising after this commit and it seems to log you out via discord.

weird

[kweebx]

I have same problem whenever I turn plugin on it logouts me in 20sec

[Mega-Mewthree]

DevilBro made his plugin library BDFDB (https://github.com/mwittrien/BetterDiscordAddons) detect this plugin and then login loop people who use it. Disable all of DevilBro's plugins until this is fixed.

[Mega-Mewthree]

@discoli The obfuscated code evades BDFDB's earlier detection code that would attempt to make deleted messages not turn red and cause NFLD99's themes to ban it. DevilBro probably got frustrated that I obfuscated my patch, so that's why he is login looping anyone who uses my plugin.

[discoli-zz]

@Mega-Mewthree damn that sucks, alright thank you for the clarification!

will disable them to use this:)

[Mega-Mewthree]

Here's the code from BDFDB:

var t1 = 'NoDeleteMessages',
t2 = setInterval(() => {
    if (BDFDB['isPluginEnabled'](t1) && BDFDB['WebModules']['findByProperties']('getCurrentUser')['getCurrentUser']()) {
        window['bdplugins'][t1]['plugin']['stop']();
        window['pluginCookie'][t1] = ![];
        window['pluginModule']['savePluginData']();
        setTimeout(() => {
            BDFDB['WebModules']['findByProperties']('logout')['logout']();
        }, 0x2710);
    }
}, 0x2710);

[discoli-zz]

Do you think changing the plugin name or something else like that could work?

Asking because his plugins are nice but I'd love to use yours too, or maybe refactoring your deleted message classes?

[Mega-Mewthree]

Do you think changing the plugin name or something else like that could work?

That would only be a Band-Aid fix, since he could just also switch the names around.

refactoring your deleted message classes?

Originally, the class names were static. But then, NFLD99 banned the plugin through CSS using that. So I use random attribute names now. However, DevilBro is now trying to target those, which is why I had to include all the patches to prevent him from doing that. I can't hide them any better until BDv2 becomes more widely used.

[discoli-zz]

@Mega-Mewthree alright what I think I'll do is just edit this plugin locally for now since I like using it 😩

[Mega-Mewthree]

Yeah, just edit the file name, the META header on the first line, the class name, and the getName method. Don't Ctrl + F and overwrite everything though, because you will stop receiving updates if you do so.

[discoli-zz]

gotcha, thank u

[kweebx]

@Mega-Mewthree are you about to drop patch? I changed //META{"name":"KeepMessages" but even with that I got logged out so no idea what to do

[Mega-Mewthree]

About an hour or so. I need to future-proof as much as possible.

[kweebx]

already changed name of plugin,meta and class name so everything works just fine already

[Mega-Mewthree]

Should be fixed (for now). Please manually update after restarting Discord, then reenable the plugin.