Get discord authorization token for ripcord the hard way

bgstack15 — Tue, 22 Feb 2022 14:13:57 GMT

I saw that a friend was using ripcord and I wanted to try it. Thankfully, rpm-fusion-nonfree already had it available!

To log ripcord into your Discord account, you need to follow the instructions which are apparently no good in Linux. I was unable to open the web inspector in the program to extract the right request header.

However, I researched using Discord with a web proxy, and learned that with some command line parameters you can get the Linux Discord binary to use a web proxy. I had a proxy already, and I pointed Discord to that with:

/usr/lib64/discord/Discord --proxy-server=http://server4.ipa.internal.com:3128

I adjusted the /etc/squid.conf setting to include all headers: %>h.

logformat squid %ts.%03tu %>a %>A %03>Hs %ssl::bump_mode "%{User-Agent}>h" %rm %>ru %[un %<a %mt "%>h"

And restarted squid, of course. I had also added directive log_mime_hdrs on which might have made a difference.

And then finally, with Discord spewing squid logs, I pressed CTRL+R to reload and then I was able to capture the elusive Authorization tag on the library request.

1645140815.634 292.15.42.25 vm2.ipa.internal.com 200 bump "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) discord/0.0.17 Chrome/91.0.4472.164 Electron/13.6.6 Safari/537.36" GET https://discord.com/api/v9/users/@me/library - 162.159.138.232 application/json "Connection: keep-alive\r\nX-Super-Properties: eyJvcyI6IklpbnV4IiwioYJvd3NlciI7IkRpc2NmcmQgQ2pWm250IiwicmVsZWFzZn9jaGFubmVsIjoic3RhYmxlIiwiY2xpZ05kX3klcpNpl24iOiIwinAuMTciLCJvc192ZXJzaW9uIjoiNS4xNS4xNi0xMDAuZmMzNC54ODZfNjQnLCJvc18hcmNoInoieDY0Iiw2c3lzdGVtm2xvY2FFZSI6ImVuLVVnIiwid2lupG93X21hbmFnZXIiOiJYpkNFLHhmw2UiLCJebGllbrRfYnVpnGRfbnmtYmVnIjoxMpUzOTAlImNslWVulF9ldeVudF9z93VyYeUiOm21bG29\r\nX-Fingerprint: 4747279586394l2896.xw7Xk829mzlamNHlpbh5TsNLlTc\r\nX-Discord-Locale: en-US\r\nX-Debug-Options: bugReporterEnabled\r\nAccept-Language: en-US\r\nAuthorization: Mz3zNT41PjN5MlAzMEd3NTsx.hIg2Yu.sRo41PZ5S6ElG5P5AkM0QvHJbUI\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) discord/0.0.17 Chrome/91.0.4472.164 Electron/13.6.6 Safari/537.36\r\nAccept: */*\r\nSec-Fetch-Site: same-origin\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Dest: empty\r\nReferer: https://discord.com/channels/345623971105205893/344566260183208135\r\nAccept-Encoding: gzip, deflate, br\r\nCookie: __stripe_mid=2d4f2d8b-9edd-4939-9924-1a4fc1d382c2f5c03b; __dcfduid=81a1b6951ccb118c996e220a0c0303cd; __sdcfduid=81d1b8959cf931ac926e32090a6a07c654e5d65d958e05548c49e6a5cbf57443b805cc59954d5ac5af40b2a806fb86aa; __cf_bm=ijkhQ2ab63VuWPoNwHMMfRZo93P2wTx.M5ZaqR3s4K5-1685180538-1-AaGxFbXF0H68MxagOUmNhIzJSn4BL3wPa/ELs8ZoY6A3rxB339kZ2abladSI2XxKUmhX5NfbDLnhISHTSDSlaLc3vZ8Ctp/m4k5DzcMxksaYf+zZCEXgWRIsim9g0Omkr2==\r\nHost: discord.com\r\n"

And then I could paste that into ripcord!

Mz3zNT41PjN5MlAzMEd3NTsx.hIg2Yu.sRo41PZ5S6ElG5P5AkM0QvHJbUI

And yes, of course I randomized this token before publishing.

Bonus

For Fedora users, be sure to install qt5-qtimageformats!

Alternative avenues that didn't work

I was thinking that I could do a tcpdump, gather all the packets, load in the private key of the TLS certificate to wireshark, and inspect the traffic. But I don't know how to import the TLS private key.

Of course, as I already mentioned, the devtools in the Electron layer must not be enabled. If it were enabled in the binary I was using, I wouldn't have needed to do all this proxy stuff.

Knowledge Base (Posts about chat)

Get discord authorization token for ripcord the hard way

Bonus

Alternative avenues that didn't work

References

Useful weblinks

Useless avenues