feat: add JE3 spoofing to api requests #1114
Conversation
|
i wish it could be implemented directly instead of using golang binary |
|
I could try converting the golang code into js code after some sleep |
|
nodejs is very limited in changing ciphers (openssl) ;-; |
|
;-; |
|
https://github.com/aiko-chan-ai/discord.js-selfbot-v13/blob/main/src/util/Constants.js#L20 tls spoofing is very rudimentary |
Unfortunately, Node.js is really annoying when it comes to this. See: #1003 (comment) I think this might be the only option that is viable. |
|
Also, User-Agent is very important. If you are mimicking a Chrome JA3, the User-Agent must match otherwise the hash will be different. Ensure you are using the same ciphers that the actual User-Agent uses. If we are going to use the desktop client's User-Agent and WebSocket properties, we should fetch the latest client build number like so: async getLatestClientNumber() {
const BUILD_NUMBER_STRING = 'build_number:"';
const BUILD_NUMBER_LENGTH = 6;
this.logger.info('Getting latest client build number to avoid account suspensions...');
const doc = await fetch('https://discord.com/app').then(r => r.text());
const scripts = doc.match(/\/assets\/[0-9]{1,5}.*?.js/gmi);
if (!scripts?.length) {
this.logger.error('Failed to get latest build number.');
return process.exit(-1);
}
// Reverse the script collection as the script containing the build number is usually at the end.
for (const script of scripts.reverse()) {
try {
const js = await fetch('https://discord.com' + script, {
headers: {
Origin: 'https://discord.com/',
Referer: 'https://discord.com/app',
'User-Agent': config.userAgent
}
}).then(r => r.text());
const idx = js.indexOf(BUILD_NUMBER_STRING);
if (idx === -1) continue;
const build = js.slice(idx + BUILD_NUMBER_STRING.length, (idx + BUILD_NUMBER_STRING.length) + BUILD_NUMBER_LENGTH);
const buildNumber = Number(build);
if (Number.isNaN(buildNumber)) {
throw new Error(`Expected build number to be a number. Got NaN. String: ${build}`);
}
config.userProperties["client_build_number"] = Number(build);
this.logger.success('Fetched latest client build number.');
break;
} catch (error) {
this.logger.error('Failed to make request while getting latest build number:', error);
}
}
} |
|
A useful resource I found for checking your JA3: https://check.ja3.zone/ |
|
yeah, I found that just messing around and switching up the cypher order changed the ja3 const patched = async function () {
const shuffled = [];
while (ciphers.length > 0) {
let i = Math.round(Math.random() * ciphers.length);
if (ciphers[i] !== undefined) {
shuffled.push(ciphers[i]);
ciphers.splice(i, 1);
}
}
https.get(url, { ciphers: shuffled.join(":"), agent: false }, (res) => {
var d = "";
res.on("data", (chunk) => {
d += chunk;
});
res.on("end", () => {
const data = JSON.parse(d);
console.log(
`${JSON.stringify(data, null, 2)}`
);
});
});
};but this would require me to re-write some of the api because of using https instead of fetch which I can do |
|
I'm going to close this and do some more research on everything |
|
Gl |
Hopefully this works, to be honest I coded it in 2 1/2 hours and didn't test it at all