Knowledge Base

Preserving for the future: Shell scripts, AoC, and more

Get discord authorization token for ripcord the hard way

bgstack15

Comments

I saw that a friend was using ripcord and I wanted to try it. Thankfully, rpm-fusion-nonfree already had it available!

To log ripcord into your Discord account, you need to follow the instructions which are apparently no good in Linux. I was unable to open the web inspector in the program to extract the right request header.

However, I researched using Discord with a web proxy, and learned that with some command line parameters you can get the Linux Discord binary to use a web proxy. I had a proxy already, and I pointed Discord to that with:

/usr/lib64/discord/Discord --proxy-server=http://server4.ipa.internal.com:3128

I adjusted the /etc/squid.conf setting to include all headers: %>h.

logformat squid %ts.%03tu %>a %>A %03>Hs %ssl::bump_mode "%{User-Agent}>h" %rm %>ru %[un %<a %mt "%>h"

And restarted squid, of course. I had also added directive log_mime_hdrs on which might have made a difference.

And then finally, with Discord spewing squid logs, I pressed CTRL+R to reload and then I was able to capture the elusive Authorization tag on the library request.

1645140815.634 292.15.42.25 vm2.ipa.internal.com 200 bump "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) discord/0.0.17 Chrome/91.0.4472.164 Electron/13.6.6 Safari/537.36" GET https://discord.com/api/v9/users/@me/library - 162.159.138.232 application/json "Connection: keep-alive\r\nX-Super-Properties: eyJvcyI6IklpbnV4IiwioYJvd3NlciI7IkRpc2NmcmQgQ2pWm250IiwicmVsZWFzZn9jaGFubmVsIjoic3RhYmxlIiwiY2xpZ05kX3klcpNpl24iOiIwinAuMTciLCJvc192ZXJzaW9uIjoiNS4xNS4xNi0xMDAuZmMzNC54ODZfNjQnLCJvc18hcmNoInoieDY0Iiw2c3lzdGVtm2xvY2FFZSI6ImVuLVVnIiwid2lupG93X21hbmFnZXIiOiJYpkNFLHhmw2UiLCJebGllbrRfYnVpnGRfbnmtYmVnIjoxMpUzOTAlImNslWVulF9ldeVudF9z93VyYeUiOm21bG29\r\nX-Fingerprint: 4747279586394l2896.xw7Xk829mzlamNHlpbh5TsNLlTc\r\nX-Discord-Locale: en-US\r\nX-Debug-Options: bugReporterEnabled\r\nAccept-Language: en-US\r\nAuthorization: Mz3zNT41PjN5MlAzMEd3NTsx.hIg2Yu.sRo41PZ5S6ElG5P5AkM0QvHJbUI\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) discord/0.0.17 Chrome/91.0.4472.164 Electron/13.6.6 Safari/537.36\r\nAccept: */*\r\nSec-Fetch-Site: same-origin\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Dest: empty\r\nReferer: https://discord.com/channels/345623971105205893/344566260183208135\r\nAccept-Encoding: gzip, deflate, br\r\nCookie: __stripe_mid=2d4f2d8b-9edd-4939-9924-1a4fc1d382c2f5c03b; __dcfduid=81a1b6951ccb118c996e220a0c0303cd; __sdcfduid=81d1b8959cf931ac926e32090a6a07c654e5d65d958e05548c49e6a5cbf57443b805cc59954d5ac5af40b2a806fb86aa; __cf_bm=ijkhQ2ab63VuWPoNwHMMfRZo93P2wTx.M5ZaqR3s4K5-1685180538-1-AaGxFbXF0H68MxagOUmNhIzJSn4BL3wPa/ELs8ZoY6A3rxB339kZ2abladSI2XxKUmhX5NfbDLnhISHTSDSlaLc3vZ8Ctp/m4k5DzcMxksaYf+zZCEXgWRIsim9g0Omkr2==\r\nHost: discord.com\r\n"

And then I could paste that into ripcord!

Mz3zNT41PjN5MlAzMEd3NTsx.hIg2Yu.sRo41PZ5S6ElG5P5AkM0QvHJbUI

And yes, of course I randomized this token before publishing.

Bonus

For Fedora users, be sure to install qt5-qtimageformats!

Alternative avenues that didn't work

I was thinking that I could do a tcpdump, gather all the packets, load in the private key of the TLS certificate to wireshark, and inspect the traffic. But I don't know how to import the TLS private key.

Of course, as I already mentioned, the devtools in the Electron layer must not be enabled. If it were enabled in the binary I was using, I wouldn't have needed to do all this proxy stuff.

References

Useful weblinks

  1. Method of setting a proxy for Discord : discordapp
  2. HTTP Proxy: Squid: Logging: Where can I find the details of my http request & response body - Stack Overflow/

Useless avenues

  1. How to include Chrome DevTools in Electron? - Stack Overflow
  2. Can squid http proxy dump all client/server headers? - Server Fault
  3. squid : log_mime_hdrs configuration directive

Comments