Petition to rename from `discord.why` -> `discord.whywouldyouwritethis`

rpie / discord.why

A Discord wrapper to bot and do large operations on the Discord app; Instead of having to compose hundreds of lines only to register an account, purchase nitro, and boost a server, I'd want to have just five lines to accomplish everything.

GNU General Public License v3.0

7 stars 2 forks source link

Petition to rename from `discord.why` -> `discord.whywouldyouwritethis` #1

Closed 215B5D closed 2 years ago

215B5D commented 2 years ago

I'm unsure as to what gave you the motivation for this, however, there are major issues. This project is clearly used for interacting with user accounts, not bot accounts.

Here are a few issues with the code:

It's messy in general, way better ways to do things
You're using different API versions for different functions
- v9
  - send_message(), delete_message(), create_reaction()
- v7
  - check_nitro_status(), check_verified()
- v6
  - check_token(), buy_nitro()
Invalid headers
- You're not sending the correct headers for different endpoints, Discord sometimes expects a fingerprint & other data to be provided, this could lead to your account being terminated for API abuse

If you're going to publish something like this, at least do your research on the Discord API instead of blatantly taking endpoints from other projects & throwing them into some tiny wrapper

Soliux commented 2 years ago

I could not have said it any better myself. This project was written by a overdeveloped monkey.

rpie commented 2 years ago

Project Usage

I did not state it in the README.md, but yes this project is for interacting with user accounts, and not bot accounts

Version Issues

As stated in the Discord update logs as of As of October 27th, 2020 the events under the GUILD_PRESENCES and GUILD_MEMBERS intents will be turned off by default on all gateway versions.

Due to the things I am writing doesn't support bot accounts and would not be able to grab account information without being phone locked in v7/9; v6 is deprecated but still supports these actions

Source talking about v6 restrictions

Fingerprinting and Header Data

I haven't read all of the documentation for Discord, but I am pretty sure that fingerprint data is only required for gateway events and updates. I will look more into this and thank you for pointing it out, reading into the Discord gateway payload docs I can see that fingerprinting is needed to out-site abuse for their gateway events.

Gateway Payload Structure

Updates and talk

Thank you for pointing out my mistakes; if you'd like to correct them you can make a pull-request here or wait for further updates on the project, after all this is just for me and my fun :)

-> HellSec

215B5D commented 2 years ago

Just remember, the Discord documentation won't provide insight for their private API, especially not the things they've put in place to remove spam / raid bots from the platform.

Experiment yourself, get an active web socket connection to their gateway (this is semi-documented) & check out the headers they send.

Furthermore, the fingerprint is implemented through X-Fingerprint and can be fetched from /experiments iirc

rpie commented 2 years ago

I'll check this out more and experiment thank you for telling me :)

Soliux commented 2 years ago

@rpie Here take a look at some leet code for interacting with discord api that does not get the tokens banned: https://github.com/Sympthey/DiscSpam