Created
March 23, 2018 16:43
-
-
Save Xetera/2b3cd6ce508f4362beb4d2e76c28c7bb to your computer and use it in GitHub Desktop.
Small script to give people who leak their discord tokens a heads-up
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| import {Client, RichEmbed} from 'discord.js' | |
| const client = new Client(); | |
| client.login(process.env['BOT_TOKEN']); | |
| function sendEmbed(ownerURL: string, appId: string){ | |
| return new RichEmbed() | |
| .setAuthor(`⛔ Yikes, you leaked your token! ⛔`) | |
| .setThumbnail(ownerURL) | |
| .setColor('#ff0000') | |
| .setDescription( | |
| 'Looks like you shared your token somewhere, either on discord or uploaded it on github. ' + | |
| 'People who have your bot token can log into your bot (like I just did) and do absolutely anything.\n' + | |
| 'If your bot is an admin on any server (which it should never be) then they can essentially wipe the entire server clean in a second.') | |
| .addField(`Solution`, 'Reset your token **right now**!\n' + | |
| `https://discordapp.com/developers/applications/me/${appId} to reset it or just google it if you don't feel safe clicking that link.`) | |
| .addField(`Tips`, | |
| "Never ever share your token with others, it's your bot's password. There are actual crawlers on github that search configuration files for regex matches on discord tokens," + | |
| " the next one might nuke your servers instead of giving you a heads up.") | |
| .setTimestamp() | |
| } | |
| client.on('ready', () => { | |
| client.fetchApplication().then(app => app.owner.send(sendEmbed(app.owner.avatarURL, app.id))); | |
| }); |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment