-
Notifications
You must be signed in to change notification settings - Fork 109
Discord token structure #2
Comments
was really busy yesterday, so I added it tday |
I tried decoding the second part and I didn't exactly get the value intended. Can anyone help? |
@nicholaslz do not try to decode the value as a base64 utf8 string, but as a base64 buffer. |
base64 => hex => number => + discord timestamp |
Are you
Are you sure about that cuz i do it . this is my second part of my token GX-tjF but i can't get timestamp |
What is Base64 buffer ? Can you explain ? I couldn't find it on google |
Using @aiko-chan-ai's decryption idea, I get this from @IamZiroToxic's token: GX-tjF - Base64url ('-' is an invalid character in normal base64) 197fad8c - Convert to hex 427797900 - Convert to decimal 1721637900 - Add discord epoch (1293840000) The date represented by this unix timestamp is Jul 22 2024, so something is slightly wrong here. No idea what @Flam3rboy means when they say to "not try to decode the value as a base64 utf8 string, but as a base64 buffer". |
I think he means that you shouldn't try decoding it as a string, but directly as decimal (don't use a character encoding like utf-8/ascii in the raw binary data stored in the decoded buffer, but convert said binary data to decimals right-away.) It's rather interesting though that the timestamp you obtained is only off by a bit. Usually I'd expect wrong results caused by encoding issues to have a much bigger skew; with wrongfully applied utf-8 (like with ascii) numbers should be off by 48 per digit. Unfortunately I bricked my PC so I can't check if it works with proper decoding. So until it's assured that the encoding (still) works as described I'll mark this issue as open. |
So how can i convert directly as decimal ? |
+1 tried base64url -> hex -> decimal -> unix timestamp (decimal + 1293840000) but the final date is 2025, even though I created it about 10 minutes ago. what am I doing wrong? |
Tried |
For some reason if I try re-encode the decoded base64 Let's take an example; Probably discord changed it or something is missing, Sorry if I have a lot of grammar issues, It's 2:04am in my country and I've been awake for 17 hours. |
You have to ask the Discord team to change their documentation, I recently learned that the ids have evolved and can contain one more digit |
There's 2 possibilities, The first possibility the second part isn't base64 at all, The second possibility that it's encoded in some what way we still don't know. Like
If we reverse it, It would be like this: Maybe I should try converting the number to hex then base64 without using |
I'm noticing that every time i login i get a new token. |
How do you convert the Unix timestamp to the token Epotch? |
You can check my repo and see the second section in the README.md, Unfortunately discord generates it once/twice a week, so yea no way to get the second section unless you have the specific time when it was regenerated or you crack it some what way. |
Hey guys i'm working on a project on discord right now i also came across the same problem with the timestamp DN9r_A , DN9r_A does not appear to be a valid base64-encoded value. |
so it is impossible to get the last part? |
Yep, Near-Impossible
Le lun. 22 janv. 2024 à 16:00, Sunlitkoreakorea ***@***.***>
a écrit :
… so it is impossible to get the last part?
—
Reply to this email directly, view it on GitHub
<#2 (comment)>,
or unsubscribe
<https://github.com/notifications/unsubscribe-auth/A25KGQKO4JNOSK43TFQYMALYPZ5HBAVCNFSM46GENYD2U5DIOJSWCZC7NNSXTN2JONZXKZKDN5WW2ZLOOQ5TCOJQGQYTQNJSHE2A>
.
You are receiving this because you commented.Message ID:
***@***.***>
|
The second part can't be base64, Or maybe there's a encoding schema before encoding it to base64 |
I kinda made the second part
…On Tue, May 28, 2024 at 11:02 AM reyu ***@***.***> wrote:
The second part can't be base64, Or maybe there's a encoding schema before
encoding it to base64
—
Reply to this email directly, view it on GitHub
<#2 (comment)>,
or unsubscribe
<https://github.com/notifications/unsubscribe-auth/A25KGQNUZRNLQVBXRCTS3CDZERI2BAVCNFSM46GENYD2U5DIOJSWCZC7NNSXTN2JONZXKZKDN5WW2ZLOOQ5TEMJTGQ4DENBZGIYQ>
.
You are receiving this because you commented.Message ID:
***@***.***>
|
Can't believe I commented here like 2 years ago |
not gonna lie, I made the code script like a year ago in summer, But its
basically just turning userid to timestamp and turning it into second part
token
…On Thu, May 30, 2024 at 10:59 PM Mohammad Rafieefard < ***@***.***> wrote:
Can't believe I commented here like 2 years ago
So what you got?
—
Reply to this email directly, view it on GitHub
<#2 (comment)>,
or unsubscribe
<https://github.com/notifications/unsubscribe-auth/A25KGQJ7KAMZCWDTV2AW5L3ZE6OM5AVCNFSM46GENYD2U5DIOJSWCZC7NNSXTN2JONZXKZKDN5WW2ZLOOQ5TEMJUGA4TENJWGM4Q>
.
You are receiving this because you commented.Message ID:
***@***.***>
|
So it's working |
Yeah, the problem is that he gave an incorrect discord token so i've
decided to test using my own.
…On Fri, May 31, 2024 at 5:56 AM Mohammad Rafieefard < ***@***.***> wrote:
So it's working
—
Reply to this email directly, view it on GitHub
<#2 (comment)>,
or unsubscribe
<https://github.com/notifications/unsubscribe-auth/A25KGQIZWTWV2D6BUB2KE4DZE77GVAVCNFSM46GENYD2U5DIOJSWCZC7NNSXTN2JONZXKZKDN5WW2ZLOOQ5TEMJUGEZDGMJWHEZQ>
.
You are receiving this because you commented.Message ID:
***@***.***>
|
But I think the last part is encrypted with AES or RSA and it is nearly impossible to reverse-engineer it |
I agree with you with that, The last part of the token is 98%
code-generated so yeah, Its nearly impossible to reverse engineer the last
part.
…On Tue, Jun 11, 2024 at 12:07 AM Mohammad Rafieefard < ***@***.***> wrote:
But I think the last part is encrypted with AES or RSA and it is nearly
impossible to reverse-engineer it
—
Reply to this email directly, view it on GitHub
<#2 (comment)>,
or unsubscribe
<https://github.com/notifications/unsubscribe-auth/A25KGQPUW3WYXVF656POXH3ZGYWSRAVCNFSM46GENYD2U5DIOJSWCZC7NNSXTN2JONZXKZKDN5WW2ZLOOQ5TEMJVHE2DKNJTGM2A>
.
You are receiving this because you commented.Message ID:
***@***.***>
|
But if you have a nasa pc you can bruteforce it 😂 |
Lol, Btw i kinda forgot about this whole discord token cracker thing, Why?
cuz its boring, Plus its already too late for that, Discord already
released 2FA update
…On Thu, Jun 13, 2024 at 7:10 PM Mohammad Rafieefard < ***@***.***> wrote:
But if you have a nasa pc you can bruteforce it 😂
—
Reply to this email directly, view it on GitHub
<#2 (comment)>,
or unsubscribe
<https://github.com/notifications/unsubscribe-auth/A25KGQIQMFS3DD6VDBFFN3LZHHOB5AVCNFSM46GENYD2U5DIOJSWCZC7NNSXTN2JONZXKZKDN5WW2ZLOOQ5TEMJWGY2DONRUG44A>
.
You are receiving this because you commented.Message ID:
***@***.***>
|
The second part is just the timestamp when the token was generated encoded as base64
The text was updated successfully, but these errors were encountered: