Completely wiping off your Discord clients (including your browser if you've logged in there).Personally, I haven't ran an advanced token-grabber, but if this has happened to you, try: Fetch for "rare" accounts, for example, accounts that have the "Discord Partner" badge, or something along the lines may have a higher chance of being targeted.Automate messages and send it to all your friends.Fetch your credit card information (increases the chance of you getting Doxxed).Depenending on the complexity of the code it can: That means that if you have alt accounts that are logged in, those accounts will get token-grabbed too. Yes, tokens because many go to all the 5 Clients, that is, the Desktop (stable client, most probably the app you're using right now), Discord PTB, Discord Canary, Disord Development, and Discord Web. After the user gets token-grabbed, the hacker would have attached something called a "webhook" (something that is used to create beautiful embeds and automated messages) and it would have your token(s). What is a token you may ask? A token is a unique ID which is used to login to Discord instantly, instead of asking the e-mail and password of a user. When you run it, what happens is that it goes to where your Discord client is located (most probably in Appdata) and goes to the place where your token is stored. Let's say that you've "accidentally" clicked on a "bro I made a new game check it out" and you download it. $ python3 seeker.What happens when you get token-grabbed on Discord? # Options # Ouput KML File for Google Earth # Step 2 : In second terminal start a tunnel service such as ngrok # Usage Examples # Step 1 : In first terminal Note : endpoint should be unauthenticated and accept POST method WEBHOOK Provide the webhook url to forward the events to TELEGRAM Provide telegram token and chat to use to send info to a telegram bot ONLINE_NUM Provide the number of the group online members (Telegram so far) MEM_NUM Provide the number of group membres (Telegram so far) Note : Remote image will be downloaded locally during the startupĭESC Provide the description of the item (group or webpage depending on the template)ĭISPLAY_URL Provide the URL to display on the page IMAGE Provide the image to use, can either be remote (http or https) or local REDIRECT Provide the URL to redirect the user to, after the job is done TITLE Provide the group title or the page title Other parameters can be provided via environment variables to avoid interactive mode. Some of the options above can also be enabled via environment variables, to ease deployment. Note : endpoint must be unauthenticated and accept POST request webhook Send events to a webhook endpoint to be processed telegram Send info to a telegram bot, provide telegram token and chat to useįormat = token:chatId separated by a colon (only works for the templates having index_temp.html file) d, -debugHTTP Disable auto http - > https redirection for testing purposes t TEMPLATE, -template TEMPLATE Auto choose the template with the given index h, -help show this help message and exit This tool is a Proof of Concept and is for Educational Purposes Only, Seeker shows what data a malicious website can gather about you and your devices and why you should not click on random links and allow critical permissions such as Location etc.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |