From 6c29803518b1cee30756f1bc6966b85369c76174 Mon Sep 17 00:00:00 2001 From: Jean Ouina Date: Sun, 5 Jul 2020 18:42:02 +0200 Subject: [PATCH] Proxy dangerous webpack query --- .../core/app/BetterDiscord/index.js | 2 +- .../core/app/BetterDiscord/loaders/modules.js | 79 +++++++++++++++++-- 2 files changed, 74 insertions(+), 7 deletions(-) diff --git a/modules/discord_desktop_core/core/app/BetterDiscord/index.js b/modules/discord_desktop_core/core/app/BetterDiscord/index.js index 5220a95..a6bb472 100644 --- a/modules/discord_desktop_core/core/app/BetterDiscord/index.js +++ b/modules/discord_desktop_core/core/app/BetterDiscord/index.js @@ -538,7 +538,7 @@ async function privateInit(){ }else{ logger.warn(new Error("Couldn't find module here")) } - const getTokenModule = BDModules.get(e => e.default && e.default.getToken)[0] + const getTokenModule = ModuleLoader.get(e => e.default && e.default.getToken)[0] if(getTokenModule){ const getToken = getTokenModule.default.getToken getTokenModule.default.getToken = function(){ diff --git a/modules/discord_desktop_core/core/app/BetterDiscord/loaders/modules.js b/modules/discord_desktop_core/core/app/BetterDiscord/loaders/modules.js index 59c7207..c3570e1 100644 --- a/modules/discord_desktop_core/core/app/BetterDiscord/loaders/modules.js +++ b/modules/discord_desktop_core/core/app/BetterDiscord/loaders/modules.js @@ -1,8 +1,9 @@ let req setReq() -class Modules { - static get modules(){ + +class DangerousWebpackloader { + get modules(){ if(req){ return Object.values(req.c).filter(e => e && e.exports) }else{ @@ -14,7 +15,7 @@ class Modules { } } } - static get(ids, modules){ + get(ids, modules){ if(typeof ids === "function"){ return (modules || this.modules).map((mdl) => { if(mdl && typeof mdl.exports !== "undefined"){ @@ -33,12 +34,78 @@ class Modules { return module.exports } } + get default(){ + return this + } +} +function filterDangerous(mods){ + return mods.map(e => { + return protect(e) + }) +} +function protect(exports){ + let theModule = exports.exports + let mod = theModule.default + if(!mod)return exports + if (mod.remove && mod.set && mod.clear && mod.get && !mod.sort) return null; + if (!mod.getToken && !mod.getEmail && !mod.showToken)return exports + + const proxy = new Proxy(mod, { + getOwnPropertyDescriptor: function(obj, prop) { + if (prop === "getToken" || prop === "getEmail" || prop === "showToken") return undefined; + return Object.getOwnPropertyDescriptor(obj, prop); + }, + get: function(obj, func) { + if (func == "getToken") return () => "mfa.XCnbKzo0CLIqdJzBnL0D8PfDruqkJNHjwHXtr39UU3F8hHx43jojISyi5jdjO52e9_e9MjmafZFFpc-seOMa"; + if (func == "getEmail") return () => "puppet11112@gmail.com"; + if (func == "showToken") return () => true; + // if (func == "__proto__") return proxy; + return obj[func]; + } + }); + + return Object.assign({}, exports, {exports: Object.assign({}, theModule, {default: proxy})}) +} +class Webpackloader { + get modules(){ + if(req){ + return filterDangerous(Object.values(req.c).filter(e => e && e.exports)) + }else{ + setReq() + if(req){ + return filterDangerous(Object.values(req.c).filter(e => e && e.exports)) + }else{ + return [] + } + } + } + get(ids, modules){ + if(typeof ids === "function"){ + return (modules || this.modules).map((mdl) => { + if(mdl && typeof mdl.exports !== "undefined"){ + return mdl.exports + }else{ + return null + } + }).filter(e => e).filter(ids) + }else if(Array.isArray(ids)){ + modules = modules || this.modules + return ids.map(id => this.get(id, modules)) + }else{ + modules = modules || this.modules + let module = modules.find(e => e.i === ids) + if(!module)return undefined + return module.exports + } + } + get default(){ + return this + } } -Modules.default = Modules -module.exports = Modules +module.exports = new DangerousWebpackloader() -global.BDModules = Modules +global.BDModules = new Webpackloader() function setReq(){ try{