Skip to content
This repository has been archived by the owner on Jun 17, 2024. It is now read-only.

Discord token structure #2

Open
SamuelScheit opened this issue Jun 6, 2021 · 32 comments
Open

Discord token structure #2

SamuelScheit opened this issue Jun 6, 2021 · 32 comments

Comments

@SamuelScheit
Copy link

The second part is just the timestamp when the token was generated encoded as base64

image
hxr404 added a commit that referenced this issue Jun 7, 2021
@hxr404
Added New Token findings
6c5f20d 
thanks to #2
@hxr404
Copy link
Contributor

hxr404 commented Jun 7, 2021

was really busy yesterday, so I added it tday

@hxr404 hxr404 closed this as completed Jun 7, 2021
@hxr404 hxr404 added the helpful label Jun 7, 2021
@hxr404 hxr404 mentioned this issue Apr 4, 2022
Closed
@nicholaslz
Copy link

I tried decoding the second part and I didn't exactly get the value intended. Can anyone help?

@SamuelScheit
Copy link
Author

@nicholaslz do not try to decode the value as a base64 utf8 string, but as a base64 buffer.
Can you send the code?

@aiko-chan-ai
Copy link

I tried decoding the second part and I didn't exactly get the value intended. Can anyone help?

base64 => hex => number => + discord timestamp

@mrafieefard
Copy link

Are you

I tried decoding the second part and I didn't exactly get the value intended. Can anyone help?

base64 => hex => number => + discord timestamp

Are you sure about that cuz i do it . this is my second part of my token GX-tjF but i can't get timestamp

@Walkoud
Copy link

Walkoud commented Aug 22, 2022

@nicholaslz do not try to decode the value as a base64 utf8 string, but as a base64 buffer. Can you send the code?

What is Base64 buffer ? Can you explain ? I couldn't find it on google

@PixelatedLagg
Copy link

Using @aiko-chan-ai's decryption idea, I get this from @IamZiroToxic's token:

GX-tjF - Base64url ('-' is an invalid character in normal base64)

197fad8c - Convert to hex

427797900 - Convert to decimal

1721637900 - Add discord epoch (1293840000)

The date represented by this unix timestamp is Jul 22 2024, so something is slightly wrong here. No idea what @Flam3rboy means when they say to "not try to decode the value as a base64 utf8 string, but as a base64 buffer".

@hxr404
Copy link
Contributor

hxr404 commented Sep 5, 2022
edited
Loading

No idea what @Flam3rboy means when they say to "not try to decode the value as a base64 utf8 string, but as a base64 buffer".

I think he means that you shouldn't try decoding it as a string, but directly as decimal (don't use a character encoding like utf-8/ascii in the raw binary data stored in the decoded buffer, but convert said binary data to decimals right-away.)

It's rather interesting though that the timestamp you obtained is only off by a bit. Usually I'd expect wrong results caused by encoding issues to have a much bigger skew; with wrongfully applied utf-8 (like with ascii) numbers should be off by 48 per digit.

Unfortunately I bricked my PC so I can't check if it works with proper decoding. So until it's assured that the encoding (still) works as described I'll mark this issue as open.

@hxr404 hxr404 reopened this Sep 5, 2022
@Walkoud
Copy link

Walkoud commented Sep 24, 2022

So how can i convert directly as decimal ?

@idanyas
Copy link

idanyas commented Nov 6, 2022

+1 tried base64url -> hex -> decimal -> unix timestamp (decimal + 1293840000)

but the final date is 2025, even though I created it about 10 minutes ago. what am I doing wrong?

@casualdegenerate
Copy link

Tried GmlTB0(input) -> Base64(Base64url) -> Integer(Decimal, 32-bit, Big-endian) = 443110151(output)
443,110,151 + 1,293,840,000 = 1,736,950,151 -> UnixConverter = Wed Jan 15 2025 14:09:11 GMT+0000(output)
Some reason I'm getting a date further than I could possibly create the token? Or is what's written incorrect?
This could be when the token is expired.

@txt2u
Copy link

txt2u commented Jan 8, 2023

For some reason if I try re-encode the decoded base64 215968764 it doesn't go back like it was, Tried to directly encode it from decimal to base64 & base64url didn't work. I'm trying to reverse the way I got to the last thing, When I tried to encode it, It's a different value.

Let's take an example;
The second part of a dummy account's token G0N03I, When I get when the account was created from here and I follow this way which I found it working for every account no single idea why "Add 15 days and subtract 36 from when the account was created" it gives me the correct timestamp then I subtract it from 1293840000 divided by 1000 to remove the last 3 zeros. I get the decoded value of the second part which is 1495196146 and I go to this website and use it to convert it to readable date I get the same as here. Now every thing is same. When I try to encode the value to base64, This is what I get MTQ5NTE5NjE0Ng instead of G0N03I.

Probably discord changed it or something is missing, Sorry if I have a lot of grammar issues, It's 2:04am in my country and I've been awake for 17 hours.

@Walkoud
Copy link

Walkoud commented Jan 8, 2023

For some reason if I try re-encode the decoded base64 215968764 it doesn't go back like it was, Tried to directly encode it from decimal to base64 & base64url didn't work. I'm trying to reverse the way I got to the last thing, When I tried to encode it, It's a different value.

Let's take an example;
The second part of a dummy account's token G0N03I, When I get when the account was created from here and I follow this way which I found it working for every account no single idea why "Add 15 days and subtract 36 from when the account was created" it gives me the correct timestamp then I subtract it from 1293840000 divided by 1000 to remove the last 3 zeros. I get the decoded value of the second part which is 1495196146 and I go to this website and use it to convert it to readable date I get the same as here. Now every thing is same. When I try to encode the value to base64, This is what I get MTQ5NTE5NjE0Ng instead of G0N03I.

Probably discord changed it or something is missing, Sorry if I have a lot of grammar issues, It's 2:04am in my country and I've been awake for 17 hours.

You have to ask the Discord team to change their documentation, I recently learned that the ids have evolved and can contain one more digit

@txt2u
Copy link

txt2u commented Jan 8, 2023
edited
Loading

For some reason if I try re-encode the decoded base64 215968764 it doesn't go back like it was, Tried to directly encode it from decimal to base64 & base64url didn't work. I'm trying to reverse the way I got to the last thing, When I tried to encode it, It's a different value.
Let's take an example;
The second part of a dummy account's token G0N03I, When I get when the account was created from here and I follow this way which I found it working for every account no single idea why "Add 15 days and subtract 36 from when the account was created" it gives me the correct timestamp then I subtract it from 1293840000 divided by 1000 to remove the last 3 zeros. I get the decoded value of the second part which is 1495196146 and I go to this website and use it to convert it to readable date I get the same as here. Now every thing is same. When I try to encode the value to base64, This is what I get MTQ5NTE5NjE0Ng instead of G0N03I.
Probably discord changed it or something is missing, Sorry if I have a lot of grammar issues, It's 2:04am in my country and I've been awake for 17 hours.

You have to ask the Discord team to change their documentation, I recently learned that the ids have evolved and can contain one more digit

There's 2 possibilities, The first possibility the second part isn't base64 at all, The second possibility that it's encoded in some what way we still don't know.

Like @aiko-chan-ai said

base64 => hex => number => + discord timestamp

If we reverse it, It would be like this:
discord timestamp - => number => hex => base

Maybe I should try converting the number to hex then base64 without using .toString()

@aiko-chan-ai
Copy link

you can generate some tokens to test
image

POST: https://discord.com/api/v9/auth/handoff
Headers: authorization: user token
Body:

{
   "key": "random string bruh",
}

Response

{
   "handoff_token": "fake token",
}

idk what this token does but it can't be used

@gentlemenVap
Copy link

gentlemenVap commented Jan 8, 2023
edited
Loading

I'm noticing that every time i login i get a new token.
same id in base64. 6 characters *.38 characters
*ive noticed every token i generate on multiple accounts 6 characters starting with "G" any one else getting that?

@HappyFrenchFRI
Copy link

How do you convert the Unix timestamp to the token Epotch?

@txt2u
Copy link

txt2u commented Jan 16, 2023

How do you convert the Unix timestamp to the token Epotch?
@HappyFrenchFRI

You can check my repo and see the second section in the README.md, Unfortunately discord generates it once/twice a week, so yea no way to get the second section unless you have the specific time when it was regenerated or you crack it some what way.

@hxr404 hxr404 pinned this issue Feb 18, 2023
@RiyadSteve
Copy link

Hey guys i'm working on a project on discord right now i also came across the same problem with the timestamp DN9r_A , DN9r_A does not appear to be a valid base64-encoded value.
Hey @hxr404 wanna join the project? because i'm alone i'm sure we can be friends tho

@RiyadSteve
Copy link

Also if anyone having trouble with the timestamp don't worry
2023-08-24 (1)

@Sunlitkoreakorea
Copy link

so it is impossible to get the last part?

@RiyadSteve
Copy link

RiyadSteve commented Jan 23, 2024 via email

@txt2u
Copy link

txt2u commented May 28, 2024

The second part can't be base64, Or maybe there's a encoding schema before encoding it to base64

@RiyadSteve
Copy link

RiyadSteve commented May 30, 2024 via email

@mrafieefard
Copy link

Can't believe I commented here like 2 years ago
So what you got?

@RiyadSteve
Copy link

RiyadSteve commented May 30, 2024 via email

@mrafieefard
Copy link

So it's working

@RiyadSteve
Copy link

RiyadSteve commented Jun 10, 2024 via email

@mrafieefard
Copy link

But I think the last part is encrypted with AES or RSA and it is nearly impossible to reverse-engineer it

@RiyadSteve
Copy link

RiyadSteve commented Jun 12, 2024 via email

@mrafieefard
Copy link

But if you have a nasa pc you can bruteforce it 😂

@RiyadSteve
Copy link

RiyadSteve commented Jun 16, 2024 via email

Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests