My attempt to reverse the Discord nitro token generation function.

Overview

discord-theory-I

PART: I

My attempt to reverse the Discord nitro token generation function.

The Nitro generation tools thing is common in Discord now, but none of the tools actually works, so I decided to take it to the next level, and reverse the actual tokens in hopes of finding a better way of generation.

- NOTE: This is just for research, I will and I hope no one uses it for bad purposes.

Introduction:

If you are not familiar with Discord, nitro is a kind of membership, you pay to get access and do some cool things on Discord, like get a GIF profile picture or upload large size photos and videos, and in order to get it you must either buy it directly or having someone offer it to you, in the second case it would be something like this: https://discord.gift/hNN5SBsnHTPFFh3Z

The Discord Gift URL followed by a 16-length code will redirect you to the claim page.

First look:

At first sight it looks like Base64 encoded, using Burp Suite Decoder we will be able to get this result:

00000000 84 d3 79 48 1b 27 1d 33 c5 16 1d d9 -- -- -- -- �ÓyH�'�3Å��Ù

After searching for what each byte in a 12-byte string is, I was able to sort each character and see what the code actually consisted of, 4 extended characters and 8 printable/non-printable characters, you can check https://www.rapidtables.com/code/text/ascii-table.html to know more about those type of characters.

  • Extended:

    0x84 0xd3 0xc5 0xd9
  • Printable/Non-Printable:

    0x79 0x48 0x1b 0x27 0x1d 0x33 0x16 0x1d

Doing this over and over again will take a lot of time, so I coded this function that automates the work, feel free to use it:

import re, base64

def sorting(code):
    list = [ord(chr(eval(j))) for j in ['0x'+ i for i in re.findall('..', base64.b64decode(code).hex())]]
    ex = []
    no = []
    for i in list:
        if i >= 0 and i <= 127:
            no.append(i)
        elif i >= 128 and i <= 255:
            ex.append(i)
    print(f"Extended: {' '.join(map(hex, ex))}")
    print(f"Normal: {' '.join(map(hex, no))}")
    print(f"Extended: {len(ex)}, Normal: {len(no)}")

Finding a Pattern:

In order to find a pattern, I used the function above to sort different valid codes, and the result I got is:

Extended: 0x8e 0xf0 0x8f 0xcb 0xe0 0xba 0xe3
Normal: 0x5f 0x2d 0x59 0x5e 0x4a
Extended: 7, Normal: 5

Extended: 0xc2 0xeb 0xe1 0xe1
Normal: 0x62 0x75 0x70 0x1c 0x40 0x37 0x77 0x14    
Extended: 4, Normal: 8

Extended: 0xac 0xb0 0x9b
Normal: 0x28 0x72 0x5c 0x30 0x4 0x75 0x72 0x1c 0x6c
Extended: 3, Normal: 9

Extended: 0xbb 0xa1 0xf9 0x96 0xf5
Normal: 0x71 0x72 0x1d 0x49 0x20 0x1 0x14
Extended: 5, Normal: 7

Extended: 0xbf 0x96 0xf2 0xb3 0xb0 0x9d 0x8a       
Normal: 0x3b 0x4 0x5b 0x4c 0x5c
Extended: 7, Normal: 5

Extended: 0xd0 0xf1 0x91 0xa9
Normal: 0x65 0x5b 0x17 0x6a 0x1d 0x50 0x70 0x3d    
Extended: 4, Normal: 8

From this I was able to know a few rules that must be followed in creating the code:

  • Extended characters can be lower or higher than normal (printable / non-printable) characters.
  • There are no duplicate characters.
  • There is a pattern with 3,4,5,7,8,9.

Looking at the numbers we can see a pattern, if we choose 3 extended characters from the other side, we'll have a 9 normal characters, it's something like Caesar Cipher, and to simplify it:

image

Putting everything together, we can create a function that generates valid instructions for our code:

import random

_map = [3, 4, 5, 7, 8, 9]

def generate_map():
    e = random.choice(_map)
    if e >= 3 and e <= 5:
        n = _map[::-1][0:3][_map[0:3].index(e)]
    else:
        n = _map[0:3][_map[::-1][0:3].index(e)]
    return {"Extended": e, "Normal": n}

An example:

PS C:\Users\ayman\Desktop\discord-theory> python .\generate_map.py
{'Extended': 5, 'Normal': 7}
PS C:\Users\ayman\Desktop\discord-theory> 

Note that I've seen some 24-length nitro codes, but I'm assuming you can just find the right map to generate this type of codes.

Generation:

In order to create a generation function, by putting everything together according to the rules above, by creating a function that takes the coordinates from generate_map() function, a random extended and printable/non-printable characters and shuffle them together and convert them to hex, we will end up with this:

import random

_map = [3, 4, 5, 7, 8, 9]

def generate_map():
    e = random.choice(_map)
    if e >= 3 and e <= 5:
        n = _map[::-1][0:3][_map[0:3].index(e)]
    else:
        n = _map[0:3][_map[::-1][0:3].index(e)]
    return {"Extended": e, "Normal": n}

def generate():
    c = generate_map()
    ex, no = c["Extended"], c["Normal"]
    _chars = random.sample(range(128,255), ex)
    _chars.extend(random.sample(range(1,126), no))
    random.shuffle(_chars)
    return " ".join(list(map(hex ,_chars)))

print(generate())

An example (Hex):

0xd3 0x38 0xe3 0x68 0xd0 0xf6 0xa9 0xfe 0xa7 0xad 0x13 0xb9

Base64:

0zjjaND2qf6nrRO5
Extended: 0xd3 0xe3 0xd0 0xf6 0xa9 0xfe 0xa7 0xad 0xb9
Normal: 0x38 0x68 0x13
Extended: 9, Normal: 3

Problems:

  • Nitro code should contain no padding.
  • An ethical way to validate the generated codes.

Thanks for reading <3.

Owner
Jakom
sigma rule #00: automate everything, email: [email protected]
Jakom
Discord Rpc With Python And 2 Buttons

Discord-RPC-With-Python- Discord Rpc With Python And 2 Buttons Packages pypresence time Required Programs Python Latest Version Random IDE Discord :P

Kaz 4 Dec 12, 2021
Nautobot-custom-jobs - Custom jobs for Nautobot

nautobot-custom-jobs This repo contains custom jobs for Nautobot. Installation P

Dan Peachey 9 Oct 27, 2022
This is a unofficial library for making bots in rubika.

rubika this is a unofficial library for making bots in rubika using this library you can make your own0 rubika bot and control that those bots that ma

Bahman 50 Jan 02, 2023
A discord token nuker With loads of options that will screw an account up real bad

A discord token nuker With loads of options that will screw an account up real bad, also has inbuilt massreport, GroupChat Spammer and Token/Password/Creditcard grabber and so much more!

XPTGR 0 Aug 07, 2022
Cord Python API Client

Cord Python API Client The data programming platform for AI 💻 Features Minimal low-level Python client that allows you to interact with Cord's API Su

Cord 52 Nov 25, 2022
Use an air-gapped Raspberry Pi Zero to sign for Bitcoin transactions! (and do other cool stuff)

Hello World! Build your own offline, airgapped Bitcoin transaction signing device for less than $35! Also generate seed word 24 or generate a seed phr

371 Dec 31, 2022
Using twitter lists as your feed

Twitlists A while ago, Twitter changed their timeline to be algorithmically-fed rather than a simple reverse-chronological feed. In particular, they p

Peyton Walters 5 Nov 21, 2022
A Advanced Powerful, Smart And Intelligent Group Management Bot With New And Powerful Features

Vegeta Robot A Advanced Powerful, Smart And Intelligent Group Management Bot With New And Powerful Features ... Written with Pyrogram and Telethon...

⚡ CT_PRO ⚡ 9 Nov 16, 2022
Opensea-upload-with-recaptcha-solution - Updated opensea uploading solution with recaptcha pass

opensea-upload-with-recaptcha-solution updated opensea uploading solution with r

byeonggeon sim 25 Nov 15, 2022
Telegram bot to provide Telegram user/group/channel information

Whois-TeLeTiPs Telegram bot to provide Telegram user/group/channel information Deployment Methods Heroku Config Vars API_ID : Telegram API_ID, get it

11 Oct 21, 2022
Discord bot that manages expiration of roles with subscriptions!

Discord bot that manages expiration of roles with subscriptions!

Chakeaw__ 3 Apr 28, 2022
A discord.py code generator program. Compatible with both linux and windows.

Astro-Cord A discord.py code generator program. Compatible with both linux and windows. About This is a program made to make discord.py bot developmen

Astro Inc. 2 Dec 23, 2021
A Discord webhook spammer made in Python

A Python made Discord webhook spammer usually used for token loggers to spam them/delete them original by cattyn changes listed below.

2 Jan 12, 2022
A userbot made for telegram

𝚃𝙷𝙴 𝙼𝙰𝙵𝙸𝙰𝙱𝙾𝚃 This is a userbot made for telegram. I made this userbot with help of all other userbots available in telegram. All credits go

MafiaBotOP 8 Apr 08, 2022
A telegram string extractor bot

Made with Python3 (C) @FayasNoushad Copyright permission under MIT License License - https://github.com/FayasNoushad/String-Extract-Bot/blob/main/LIC

Fayas Noushad 12 Jul 19, 2022
Facebook Clooning Tool BD...

Facebook Clooning Tool BD...

Ariyan Ahmed Mamun 2 Feb 16, 2022
Python bindings for BigML.io

BigML Python Bindings BigML makes machine learning easy by taking care of the details required to add data-driven decisions and predictive power to yo

BigML Inc, Machine Learning made easy 271 Dec 27, 2022
Python 3 SDK/Wrapper for Huobi Crypto Exchange Api

This packages intents to be an idiomatic PythonApi wrapper for https://www.huobi.com/ Huobi Api Doc: https://huobiapi.github.io/docs Showcase TODO Con

3 Jul 28, 2022
52pojie 吾爱破解论坛 签到 支持云函数/服务器等Py3环境运行

52pojie-Checkin 52pojie 吾爱破解论坛 签到 Py3单程序 支持云函数/服务器等Py3环境运行 只需要Cookie即可运行 新版说明 依赖包请用项目 https://github.com/BlueSkyXN/requirements-serverless 需要填写的参数有 co

BlueSkyXN 22 Sep 15, 2022
“ HOLA HUMANS 👋 I'M DAISYX 2.0 ❤️ „ LATEST VERSION OF DAISYX.. Source Code of @Daisyxbot

❤️ DaisyX 2.0 ❤️ A Powerful, Smart And Simple Group Manager ... Written with AioGram , Pyrogram and Telethon... ⭐️ Thanks to everyone who starred Dais

TeamDaisyX 153 Dec 06, 2022