discord-delete icon indicating copy to clipboard operation
discord-delete copied to clipboard

Published 20 hours ago verified publisher icon cedws

Unable to retrieve token from LevelDB

Open cedws opened this issue 2 years ago • 1 comments

Discord have not only moved the session tokens in LevelDB to _https://discord.com\x00\x01tokens, they are now apparently stored using Electron's safeStorage API which encrypts at rest. Not sure yet how to decrypt them but for now auto token retrieval will be broken.

cedws avatar Jul 31 '22 23:07 cedws

Seems pretty straightforward, somebody already cracked it. Not sure why Discord even wasted their time with this.

https://github.com/LocalsGitHub/Decrypt-Discord-Token/blob/main/decrypt.py

cedws avatar Jul 31 '22 23:07 cedws

The safeStorage code for Darwin is here: https://chromium.googlesource.com/chromium/src/+/refs/heads/main/components/os_crypt/os_crypt_mac.mm

I've been trying to reimplement this to decrypt the token but no success so far. I think it goes as follows:

  1. 16-byte password is retrieved from Keychain
  2. Password is passed into PBKDF2 with saltysalt as salt
key := pbkdf2.Key(password, []byte("saltysalt"), 1003, 128/8, sha1.New)
  1. 16-byte IV is generated
iv := bytes.Repeat([]byte{' '}, 16)
  1. Second part of dQw4w9WgXcQ: prefixed token in LevelDB is decrypted using AES-CBC/128
token := strings.TrimPrefix(token, "dQw4w9WgXcQ:")
dec, err := base64.StdEncoding.DecodeString(token)
if err != nil {
	log.Fatal(err)
}

iv := bytes.Repeat([]byte{' '}, 16)
ciphertext := dec[3:]

cbc := cipher.NewCBCDecrypter(block, iv)
cbc.CryptBlocks(ciphertext, ciphertext)

Unfortunately this doesn't seem to be working. I believe the output should be base64 already but it's just garbage bytes currently.

cedws avatar Oct 05 '22 00:10 cedws

This is now working and there is code to automatically retrieve and decryption tokens for darwin on master. Supporting Linux and Windows will require more work because they have separate encryption schemes in Chromium. On Windows DPAPI is used to protect the master key at rest.

cedws avatar Oct 05 '22 01:10 cedws

Decryption for macOS has been released in 1.8.0. Windows and Linux is still TODO.

cedws avatar Oct 13 '22 19:10 cedws

Decryption for Windows is done. I don't have a Linux machine these days and I'm not really interested in implementing decryption for it at this current time.

Closing as fixed.

cedws avatar Oct 16 '22 17:10 cedws