My attempt to reverse the Discord nitro token generation function.

Overview

discord-theory-I

PART: I

My attempt to reverse the Discord nitro token generation function.

The Nitro generation tools thing is common in Discord now, but none of the tools actually works, so I decided to take it to the next level, and reverse the actual tokens in hopes of finding a better way of generation.

- NOTE: This is just for research, I will and I hope no one uses it for bad purposes.

Introduction:

If you are not familiar with Discord, nitro is a kind of membership, you pay to get access and do some cool things on Discord, like get a GIF profile picture or upload large size photos and videos, and in order to get it you must either buy it directly or having someone offer it to you, in the second case it would be something like this: https://discord.gift/hNN5SBsnHTPFFh3Z

The Discord Gift URL followed by a 16-length code will redirect you to the claim page.

First look:

At first sight it looks like Base64 encoded, using Burp Suite Decoder we will be able to get this result:

00000000 84 d3 79 48 1b 27 1d 33 c5 16 1d d9 -- -- -- -- �ÓyH�'�3Å��Ù

After searching for what each byte in a 12-byte string is, I was able to sort each character and see what the code actually consisted of, 4 extended characters and 8 printable/non-printable characters, you can check https://www.rapidtables.com/code/text/ascii-table.html to know more about those type of characters.

  • Extended:

    0x84 0xd3 0xc5 0xd9
  • Printable/Non-Printable:

    0x79 0x48 0x1b 0x27 0x1d 0x33 0x16 0x1d

Doing this over and over again will take a lot of time, so I coded this function that automates the work, feel free to use it:

import re, base64

def sorting(code):
    list = [ord(chr(eval(j))) for j in ['0x'+ i for i in re.findall('..', base64.b64decode(code).hex())]]
    ex = []
    no = []
    for i in list:
        if i >= 0 and i <= 127:
            no.append(i)
        elif i >= 128 and i <= 255:
            ex.append(i)
    print(f"Extended: {' '.join(map(hex, ex))}")
    print(f"Normal: {' '.join(map(hex, no))}")
    print(f"Extended: {len(ex)}, Normal: {len(no)}")

Finding a Pattern:

In order to find a pattern, I used the function above to sort different valid codes, and the result I got is:

Extended: 0x8e 0xf0 0x8f 0xcb 0xe0 0xba 0xe3
Normal: 0x5f 0x2d 0x59 0x5e 0x4a
Extended: 7, Normal: 5

Extended: 0xc2 0xeb 0xe1 0xe1
Normal: 0x62 0x75 0x70 0x1c 0x40 0x37 0x77 0x14    
Extended: 4, Normal: 8

Extended: 0xac 0xb0 0x9b
Normal: 0x28 0x72 0x5c 0x30 0x4 0x75 0x72 0x1c 0x6c
Extended: 3, Normal: 9

Extended: 0xbb 0xa1 0xf9 0x96 0xf5
Normal: 0x71 0x72 0x1d 0x49 0x20 0x1 0x14
Extended: 5, Normal: 7

Extended: 0xbf 0x96 0xf2 0xb3 0xb0 0x9d 0x8a       
Normal: 0x3b 0x4 0x5b 0x4c 0x5c
Extended: 7, Normal: 5

Extended: 0xd0 0xf1 0x91 0xa9
Normal: 0x65 0x5b 0x17 0x6a 0x1d 0x50 0x70 0x3d    
Extended: 4, Normal: 8

From this I was able to know a few rules that must be followed in creating the code:

  • Extended characters can be lower or higher than normal (printable / non-printable) characters.
  • There are no duplicate characters.
  • There is a pattern with 3,4,5,7,8,9.

Looking at the numbers we can see a pattern, if we choose 3 extended characters from the other side, we'll have a 9 normal characters, it's something like Caesar Cipher, and to simplify it:

image

Putting everything together, we can create a function that generates valid instructions for our code:

import random

_map = [3, 4, 5, 7, 8, 9]

def generate_map():
    e = random.choice(_map)
    if e >= 3 and e <= 5:
        n = _map[::-1][0:3][_map[0:3].index(e)]
    else:
        n = _map[0:3][_map[::-1][0:3].index(e)]
    return {"Extended": e, "Normal": n}

An example:

PS C:\Users\ayman\Desktop\discord-theory> python .\generate_map.py
{'Extended': 5, 'Normal': 7}
PS C:\Users\ayman\Desktop\discord-theory> 

Note that I've seen some 24-length nitro codes, but I'm assuming you can just find the right map to generate this type of codes.

Generation:

In order to create a generation function, by putting everything together according to the rules above, by creating a function that takes the coordinates from generate_map() function, a random extended and printable/non-printable characters and shuffle them together and convert them to hex, we will end up with this:

import random

_map = [3, 4, 5, 7, 8, 9]

def generate_map():
    e = random.choice(_map)
    if e >= 3 and e <= 5:
        n = _map[::-1][0:3][_map[0:3].index(e)]
    else:
        n = _map[0:3][_map[::-1][0:3].index(e)]
    return {"Extended": e, "Normal": n}

def generate():
    c = generate_map()
    ex, no = c["Extended"], c["Normal"]
    _chars = random.sample(range(128,255), ex)
    _chars.extend(random.sample(range(1,126), no))
    random.shuffle(_chars)
    return " ".join(list(map(hex ,_chars)))

print(generate())

An example (Hex):

0xd3 0x38 0xe3 0x68 0xd0 0xf6 0xa9 0xfe 0xa7 0xad 0x13 0xb9

Base64:

0zjjaND2qf6nrRO5
Extended: 0xd3 0xe3 0xd0 0xf6 0xa9 0xfe 0xa7 0xad 0xb9
Normal: 0x38 0x68 0x13
Extended: 9, Normal: 3

Problems:

  • Nitro code should contain no padding.
  • An ethical way to validate the generated codes.

Thanks for reading <3.

Owner
Jakom
sigma rule #00: automate everything, email: [email protected]
Jakom
Oussama has taken his first dose of vaccine D days ago

Oussama has taken his first dose of vaccine D days ago. He may take the second dose no less than L days and no more than R days since his first dose. Determine if Oussama is too early, too late, or i

INDIA - ENSAM Rabat 2 Feb 01, 2022
Guilherme Matheus 11 Sep 11, 2022
🔮 Uncover some followers of a private instagram account

Private Instagram Chaining 🔮 Uncover part of followers of an instagram private account I have this private instagram account julianakhao. I need to g

аэт 69 Dec 17, 2022
just a program i made cuz a friend got tokenlogged and spammed me with these scam/phishing links so i made a programm to spam these websides with fake logins

scam-webside-spammer just a program i made cuz a friend got tokenlogged and spammed me with these scam/phishing links so i made a programm to spam the

TerrificTable 3 Sep 23, 2022
The purpose of this bot is to take soundcloud track requests, that are posted in the stream-requests channel, and add them to a playlist, to make the process of scrolling through the requests easier for Root

Discord Song Collector Dont know if anyone is actually going to read this, but the purpose of this bot is to check every message in the stream-request

2 Mar 01, 2022
A lightweight, dependency-free Python library (and command-line utility) for downloading YouTube Videos.

24 July 2020 Actively soliciting contributers! Ping @ronncc if you would like to help out! pytube pytube is a very serious, lightweight, dependency-fr

pytube 7.9k Jan 02, 2023
Official Python client for the MonkeyLearn API. Build and consume machine learning models for language processing from your Python apps.

MonkeyLearn API for Python Official Python client for the MonkeyLearn API. Build and run machine learning models for language processing from your Pyt

MonkeyLearn 157 Nov 22, 2022
Cogs version of iso6.9 with the help of thatOneArchUser

iso6.9-cogs (debloated) This is a cogs version of iso6.9 by αrchιshα#5518. iso6.9 is a Discord bot written in Python and is used to make your Discord

Kamilla Youver 2 Jun 10, 2022
Script to post multiple status(posts) on twitter

Script to post multiple status on twitter (i.e. TWITTER STORM) This program can post upto maximum limit of twitter(around 300 tweets) within seconds.

Sandeep Kumar 4 Sep 09, 2021
A Discord API Wrapper for Userbots/Selfbots written in Python.

DisCum A simple, easy to use, non-restrictive, synchronous Discord API Wrapper for Selfbots/Userbots written in Python. -using requests and websockets

Liam 450 Dec 27, 2022
File-sharing-Bot: Telegram Bot to store Posts and Documents and it can Access by Special Links.

Bromélia HSS bromelia-hss is the second official implementation of a Diameter-based protocol application by using the Python micro framework Bromélia.

1 Dec 17, 2021
Tiktok 2 Instagram With Python

Tiktok2Instagram 📸 About The Project What it does: Download the source video from a user inputted Tiktok URL. 📙 Add audio to the Tiktok video from a

Carter Belisle 4 Feb 06, 2022
Music cog for discord bots. Supports YouTube, YoutubeMusic, SoundCloud and Spotify.

dismusic Music cog for discord bots. Supports YouTube, YoutubeMusic, SoundCloud and Spotify. Installation python3 -m pip install dismusic Usage from d

Md Shahriyar Alam 59 Jan 08, 2023
Qbittorrent / Aria2 Mirror & Leech Telegram Bot

This is a Telegram Bot written in Python for mirroring files on the Internet to your Google Drive or Telegram. Based on python-aria-mirror-bot Feature

Hüzünlü Artemis [HuzunluArtemis] 81 Jul 15, 2022
⚡ ʑɠ ცơɬ Is One Of The Fastest & Smoothest Bot On Telegram Based on Telethon ⚡

『ʑɠ ცơɬ』 ⚡ ʑɠ ცơɬ Is One Of The Fastest & Smoothest Bot On Telegram Based on Telethon ⚡ Status Of Bot Telegram 🏪 Dєρℓογ το нєяοκυ Variables APP_ID =

ʑɑʑɓɦɑɪ 0 Feb 12, 2022
A Telegram Bot That Can Find Lyrics Of Song

Lyrics-Search-Bot A Telegram Bot That Can Find Lyrics Of Song A Simple Telegram Bot That Can Extract Lyrics Of Any Songs Deploy Commands start - To St

Muhammed Fazin 11 Oct 21, 2022
Emo-Fun is a bot which emojifies the text you send it

About Emo-Fun is a bot which emojifies the text you send it. It is easier to understand by an example Input : Hey this is to show my working!! Output

Suvodeep Sinha 3 Sep 30, 2022
A full-fledged discord bot with moderation and a lot more.

HOT-BOT-POL-POT ⭐ Star me on GitHub m'lady.... hot-bot-pol-pot is a moderation discord bot written using enhanced-dpy library with many functionalitie

Pure Cheekbones 4 Oct 08, 2022
A VCVideoPlayer Bot for Telegram made with 💞 By @ProErrorXD

VC Video Player How To Host ✨ Heroku Deploy ✨ The easiest way to deploy this Bot is via Heroku. Credit 🔥 |🇮🇳 Louis |🇮🇳 Sammy |🇮🇳 Blaze Marsha

丂ムᄊᄊƳ 95 May 17, 2022
SpamBot.py allows you, to spam other Chat Partners etc.

SpamBot -SpamBot.py allows you, to spam other Chat Partners etc. Install If you downloaded it yet, you have to install "requirements.txt" write the di

Marco 1 Jan 16, 2022