This commit is contained in:
Cynthia Foxwell 2018-06-13 16:25:08 -06:00
parent c6bb0b03b0
commit 5becc9060d
10 changed files with 794 additions and 1220 deletions

View file

@ -1,204 +0,0 @@
<!--
EndPwn3 Stage 0 Payload
Copyright 2018 EndPwn Project
Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal in the Software without restriction, including without limitation the rights to use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of the Software, and to permit persons to whom the Software is furnished to do so, subject to the following conditions:
The above copyright notice and this permission notice shall be included in all copies or substantial portions of the Software.
THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
https://github.com/endpwn/
-->
<html>
<head>
<style>
@font-face {
font-family: 'IBMVGA8';
src: url('/fonts/ibm_vga8.eot');
src: url('/fonts/ibm_vga8.eot?#iefix') format('embedded-opentype'),
url('/fonts/ibm_vga8.woff2') format('woff2'),
url('/fonts/ibm_vga8.woff') format('woff'),
url('/fonts/ibm_vga8.ttf') format('truetype');
font-weight: normal;
font-style: normal;
}
* {
margin: 0;
padding: 0;
}
body {
font-family: 'IBMVGA8' !important;
text-align: center;
background-color: #1a1d23;
color: #ffffff
}
div {
position: absolute;
top: 50%;
left: 50%;
transform: translate(-50%, -50%);
background: linear-gradient(to bottom right, #c0ff80, #c080ff);
-webkit-background-clip: text;
-webkit-text-fill-color: transparent;
font-size: 96px;
}
span {
position: absolute;
top: 0%;
left: 50%;
transform: translate(-50%, 0%);
color: #f00;
font-size: 16px;
}
canvas {
display: block;
position: absolute;
z-index: -1;
}
</style>
<script>
// wait until DOM is ready so that error messages can display properly
window.onload = () => {
setTimeout(async () => {
// dont try doing anything if running in a browser
if (navigator.userAgent.indexOf('discord') == -1) return;
var approot = location.href.split('/app/')[0];
try {
// fix for recent canary update
if (window.require === undefined) {
window.electron = DiscordNative.nativeModules.requireModule("discord_/../electron").remote;
window.require = electron.require;
} else {
window.electron = require('electron').remote;
}
window.fs = require("original-fs");
window.Buffer = require("buffer").Buffer;
var data = electron.app.getPath('userData');
var branch = require('path').basename(data).substr(7);
function load() {
electron.BrowserWindow.addExtension(data + '/crxpwn');
electron.getCurrentWindow().loadURL('https://' + (branch && branch != 'development' ? branch + '.' : '') + 'discordapp.com/channels/@me');
}
if (window.betterDiscordIPC) {
alert('EndPwn3 is not compatible with BetterDiscord\n\nPress OK to return to Discord', 'EndPwn3: Framework Conflict');
electron.getCurrentWindow().loadURL('https://' + (branch && branch != 'development' ? branch + '.' : '') + 'discordapp.com/channels/@me');
return;
}
// temporary
try{
let a="a"; let b = "b"; ({...a,b});
}catch(e){
alert('EndPwn3.1 Staging uses crxpwn which only works on Canary at the moment', 'Sorry');
electron.getCurrentWindow().loadURL('https://' + (branch && branch != 'development' ? branch + '.' : '') + 'discordapp.com/channels/@me');
return;
}
// asarpwn (as a removal tool)
function asarinject(sig, inj) {
var dirlisting = fs.readdirSync(data);
var latestver = dirlisting.filter(d => d.indexOf("0.0.") > -1);
if (sig.length != inj.length) {
throw 'signature and injection not same size'
}
var bdata = new Buffer(fs.readFileSync(`${data}/${latestver[latestver.length - 1]}/modules/discord_desktop_core/core.asar`));
var index = bdata.indexOf(sig);
if (index == -1) {
return 0;
}
bdata.write(inj, index);
fs.writeFileSync(`${data}/${latestver[latestver.length - 1]}/modules/discord_desktop_core/core.asar`, bdata);
return 1;
}
// install endpwn
var o = fs.existsSync(data + '/settings.json') ? JSON.parse(fs.readFileSync(data + '/settings.json', 'utf8')) : {}; // load settings.json
o['WEBAPP_ENDPOINT'] = location.href.split('?')[0] + '?'; // aim the app at stage 0
o['WEBAPP_PATH'] = undefined; // clear old WEBAPP_PATH
fs.writeFileSync(data + '/settings.json', JSON.stringify(o, null, 2)); // commit changes to disk
try {
if (window.__crispr_load_attempted)
// reverse asarpwn3
if (asarinject(
"var electron=require('electron');var d=electron.remote.app.getPath('userData')+'/crispr.js';if(require('fs').existsSync(d))require(d).go();//",
"// App preload script, used to provide a replacement native API now that\n// we turned off node integration.\nvar electron = require('electron'"
)) {
electron.app.relaunch();
electron.app.exit();
}
} catch (ex) {
alert(ex, 'asarpwn3');
}
if (!fs.existsSync(data + '/crxpwn')) {
fs.mkdirSync(data + '/crxpwn');
fs.writeFileSync(data + '/crxpwn/manifest.json', '{"manifest_version":2,"name":"crxpwn","description":"asarpwn-less preload scripts for the masses ;)","version":"1.0","content_scripts":[{"js":["payload.js"],"matches":["*://*/*"],"run_at":"document_start","all_frames":true}]}');
}
if (!fs.existsSync(data + '/plugins')) fs.mkdirSync(data + '/plugins');
if (!fs.existsSync(data + '/styles')) fs.mkdirSync(data + '/styles');
// dont update EPAPI/CRISPR if DONTUPDATE exists
if (!fs.existsSync(data + '/DONTUPDATE')) {
// get files
fs.writeFileSync(data + '/crxpwn/payload.js', await (await fetch(approot + '/crxpwn.js?_=' + Date.now())).text());
fs.writeFileSync(data + '/epapi.js', await (await fetch(approot + '/epapi/epapi.js?_=' + Date.now())).text());
fs.writeFileSync(data + '/crispr.js', await (await fetch(approot + '/crispr/crispr.js?_=' + Date.now())).text());
fs.writeFileSync(data + '/plugins/plugins.js', await (await fetch(approot + '/plugin/plugins.js?_=' + Date.now())).text());
fs.writeFileSync(data + '/plugins/system.js', await (await fetch(approot + '/plugin/system.js?_=' + Date.now())).text());
fs.writeFileSync(data + '/plugins/customizer.js', await (await fetch(approot + '/plugin/customizer.js?_=' + Date.now())).text());
fs.writeFileSync(data + '/plugins/settings.js', await (await fetch(approot + '/plugin/settings.js?_=' + Date.now())).text());
fs.writeFileSync(data + '/styles/system.css', await (await fetch(approot + '/plugin/system.css?_=' + Date.now())).text());
setTimeout(load, 1000);
}
else {
setTimeout(load, 1000);
}
}
catch (e) {
console.error(e);
document.querySelector('div').parentNode.innerHTML += '<span>Inititialization failure. Check the console for details.</span>';
}
}, 500);
};
</script>
</head>
<body>
<div>C&lambda;nergy</div>
</body>
</html>

View file

@ -28,10 +28,10 @@ function evaluate(str, exportsR) {
// log function // log function
function __crprint(str) { function __crprint(str) {
console.log(`%c[CRISPR]%c ` + str, 'font-weight:bold;color:#c8f', ''); console.log(`%c[CRISPR]%c ` + str, 'font-weight:bold;color:#c080ff', '');
} }
function __crwarn(str) { function __crwarn(str) {
console.warn(`%c[CRISPR]%c ` + str, 'font-weight:bold;color:#c8f', ''); console.warn(`%c[CRISPR]%c ` + str, 'font-weight:bold;color:#c080ff', '');
} }
exports.go = (() => { exports.go = (() => {
@ -50,7 +50,7 @@ function evaluate(str, exportsR) {
version: { version: {
major: 1, major: 1,
minor: 2, minor: 2,
revision: 8, revision: 7,
toString: function () { toString: function () {
return `v${this.major}.${this.minor}.${this.revision}`; return `v${this.major}.${this.minor}.${this.revision}`;
@ -101,7 +101,9 @@ function evaluate(str, exportsR) {
}); });
} }
} }
}, },
pushHookOld: (x, mod, main) => { pushHookOld: (x, mod, main) => {
@ -170,11 +172,7 @@ function evaluate(str, exportsR) {
} }
// replacement dictionary // replacement dictionary
var snippets = [ var snippets = [];
// TODO: move these the fuck out of this file after endpwn3.1
{ signature: '#([0-9]{4})', payload: '#(.{1,4})' },
{ signature: 'return t.hasFlag(H.UserFlags.STAFF)', payload: 'return t.hasFlag(4096)&&r.push({tooltip:"EndPwn Developer",onClick:function(){return window.open("https://endpwn.github.io/","_blank")},class:"endpwn"}),t.hasFlag(H.UserFlags.STAFF)' }
];
// plugin iterator, taken from epapi // plugin iterator, taken from epapi
if (fs.existsSync(data + '/plugins')) { if (fs.existsSync(data + '/plugins')) {

View file

@ -1,81 +0,0 @@
/*
EndPwn3 Stage 2 Payload (crxpwn)
Copyright 2018 EndPwn Project
Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal in the Software without restriction, including without limitation the rights to use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of the Software, and to permit persons to whom the Software is furnished to do so, subject to the following conditions:
The above copyright notice and this permission notice shall be included in all copies or substantial portions of the Software.
THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
DO NOT EDIT THIS FILE! Your bootstrap may overwrite changes to it, and you will lose your work!
EndPwn3 users: You can prevent this by creating a file in the same directory named DONTUPDATE
https://github.com/endpwn/
*/
function evaluate(str, exportsR) {
var exports = {};
var ret = eval(str);
if (exportsR) Object.assign(exportsR, exports);
return ret;
}
(() => {
function __crxprint(str) {
console.log(`%c[crxpwn]%c ` + str, 'font-weight:bold;color:#c8f', '');
}
if (location.hostname.indexOf('discordapp') == -1) return;
__crxprint('extension loaded successfully, loading CRISPR and EPAPI...');
window.BetterDiscord = 'this is a dummy value to trip hasSuspiciousCode()';
// use the discord native api to require electron and get electron.remote
var electron = DiscordNative.nativeModules.requireModule('discord_/../electron').remote;
var fs = electron.require('original-fs');
// get the data path (where epapi.js should be)
var data = electron.app.getPath('userData').replace(/\\\\/g, "/") + '/';
// shakily reimplemented of require() intended for loading plugins and EPAPI itself
function krequire(p) {
var exports = {};
evaluate(fs.readFileSync(data + p + (p.endsWith('.js') ? '' : '.js'), 'utf8').toString(), exports);
return exports;
}
// load CRISPR and EPAPI
var crispr = krequire('crispr.js');
var epapi = krequire('epapi.js');
var properties = {
name: "Cλnergy",
version: "Σv3.1.1, λv1",
method: "crxpwn-lambda",
brand:false
};
/*{
name: 'EndPwn3',
version: {
major: 3,
minor: 1,
toString: function () {
return `v${this.major}.${this.minor}`;
}
},
method: 'crxpwn',
brand: true
};*/
// call their entrypoints
crispr.go(properties);
electron.getCurrentWindow().webContents.on('dom-ready', () => epapi.go(properties));
})();

View file

@ -29,17 +29,17 @@ function evaluate(str, exportsR) {
var internal = { var internal = {
print: function (t) { print: function (t) {
console.log(`%c[EPAPI]%c ${t}`, 'font-weight:bold;color:#c8f', ''); console.log(`%c[EPAPI]%c ${t}`, 'font-weight:bold;color:#0cc', '');
}, },
warn: function (t, e) { warn: function (t, e) {
if (typeof (e) == 'undefined') e = ''; else e = ':\n\n' + e; if (typeof (e) == 'undefined') e = ''; else e = ':\n\n' + e;
console.warn(`%c[EPAPI]%c ${t}`, 'font-weight:bold;color:#c8f', '', e); console.warn(`%c[EPAPI]%c ${t}`, 'font-weight:bold;color:#0cc', '', e);
}, },
error: function (e, t) { error: function (e, t) {
if (typeof (t) == 'undefined') t = 'uncaught exception'; if (typeof (t) == 'undefined') t = 'uncaught exception';
console.error(`%c[EPAPI]%c ${t}:\n\n`, 'font-weight:bold;color:#c8f', '', e); console.error(`%c[EPAPI]%c ${t}:\n\n`, 'font-weight:bold;color:#0cc', '', e);
}, },
alert: function (b, t) { alert: function (b, t) {
@ -116,7 +116,7 @@ function evaluate(str, exportsR) {
prepare: async function () { prepare: async function () {
internal.print('loading RapidDOM...'); internal.print('loading RapidDOM...');
evaluate(await (await fetch('https://endpwn.github.io/rapiddom/rapiddom.js?_=' + Date.now())).text()); require("./rapiddom.js");
// undefine config and settings if running in lite mode and dont deal with require() // undefine config and settings if running in lite mode and dont deal with require()
if (internal.lite) { if (internal.lite) {
@ -124,19 +124,23 @@ function evaluate(str, exportsR) {
} }
else { else {
// mutant hybrid require() for maximum compatibility, always defined now because some bootstraps have bad implementations // only use the (now defunct) directory escape exploit if the bootstrap hasnt declared itself as native
internal.print('defining require...'); // TODO: once the exploit fix gets pushed out to stable we should probably start assuming native by default
//if (typeof (require) == "undefined") { if (!internal.native) {
var r = DiscordNative.nativeModules.requireModule("discord_/../electron").remote.require;
window.require = m => { // mutant hybrid require() for maximum compatibility, always defined now because some bootstraps have bad implementations
try { internal.print('defining require...');
return DiscordNative.nativeModules.requireModule("discord_/../" + m); var r = DiscordNative.nativeModules.requireModule("discord_/../electron").remote.require;
} window.require = m => {
catch (e) { try {
return r(m); return DiscordNative.nativeModules.requireModule("discord_/../" + m);
} }
}; catch (e) {
//} return r(m);
}
};
}
// here we import and define some stuff that usually gets defined by the bootstrap, just in case // here we import and define some stuff that usually gets defined by the bootstrap, just in case
internal.print('requiring necessary modules...'); internal.print('requiring necessary modules...');
@ -151,9 +155,10 @@ function evaluate(str, exportsR) {
// krequire is a reimplementation of require(), only intended for loading plugins // krequire is a reimplementation of require(), only intended for loading plugins
window.krequire = function (p) { window.krequire = function (p) {
var exports = {}; /*var exports = {};
evaluate(fs.readFileSync($api.data + '/plugins/' + p + (p.endsWith('.js') ? '' : '.js'), 'utf8').toString(), exports); evaluate(fs.readFileSync($api.data + '/plugins/' + p + (p.endsWith('.js') ? '' : '.js'), 'utf8').toString(), exports);
return exports; return exports;*/
return require($api.data + '/plugins/' + p + (p.endsWith('.js') ? '' : '.js'))
} }
} }
@ -292,14 +297,11 @@ function evaluate(str, exportsR) {
wc.findFunc("clyde")[0].exports.BOT_AVATARS.EndPwn = "https://cdn.discordapp.com/avatars/350987786037493773/ae0a2f95898cfd867c843c1290e2b917.png"; wc.findFunc("clyde")[0].exports.BOT_AVATARS.EndPwn = "https://cdn.discordapp.com/avatars/350987786037493773/ae0a2f95898cfd867c843c1290e2b917.png";
// dont try loading plugins in lite mode // dont try loading plugins in lite mode
window.$pluginStore = {};
var loadOrder = {};
if (internal.lite) { if (internal.lite) {
} }
else { else {
// load styles // load styles
if (fs.existsSync(exports.data + '/styles')) { if (fs.existsSync(exports.data + '/styles')) {
fs.readdirSync(exports.data + '/styles').forEach(x => { fs.readdirSync(exports.data + '/styles').forEach(x => {
@ -315,50 +317,10 @@ function evaluate(str, exportsR) {
// load plugins... // load plugins...
if (fs.existsSync(exports.data + '/plugins')) { if (fs.existsSync(exports.data + '/plugins')) {
fs.readdirSync(exports.data + '/plugins').forEach(x => {
if (x.endsWith('.js')) {
var plugin = krequire(x);
$pluginStore[x.replace(".js","")] = plugin.manifest ? plugin.manifest : {name:x.replace(".js",""),description:"Manifest is missing for this plugin.",author:"Unknown"};
loadOrder[x.replace(".js","")] = loadOrder[x.replace(".js","")] ? loadOrder[x.replace(".js","")] : ((plugin.manifest && plugin.manifest.prioirty) ? plugin.manifest.prioirty : 0);
if(plugin.manifest && plugin.manifest.loadAfter){
let la = plugin.manifest.loadAfter;
if(Array.isArray(la)){
internal.print('/plugins/' + x + ' depends on: ' + la.join(", "));
la.forEach(y=>{loadOrder[y] ? loadOrder[y]=loadOrder[y]+1 : loadOrder[y] = 1});
}else{
internal.print('/plugins/' + x + '\'s loadAfter is not an array, ignoring...');
}
}
}
});
}
loadOrder = Object.keys(loadOrder).sort(function(a,b){return -(loadOrder[a] - loadOrder[b])});
loadOrder.forEach(x=>{
try {
var plugin = krequire(x+".js");
if (plugin.start !== undefined) {
internal.print('loading /plugins/' + x);
plugin.start();
} else {
internal.print('/plugins/' + x + ' does not export start(), ignoring...');
}
}
catch (e) {
internal.error(e, x + ' failed to initialize properly');
warning++;
}
});
/*if (fs.existsSync(exports.data + '/plugins')) {
fs.readdirSync(exports.data + '/plugins').forEach(x => { fs.readdirSync(exports.data + '/plugins').forEach(x => {
if (x.endsWith('.js')) { if (x.endsWith('.js')) {
try { try {
var plugin = krequire(x); var plugin = krequire(x);
$pluginStore[x.replace(".js","")] = plugin.manifest ? plugin.manifest : {name:x.replace(".js",""),description:"Manifest is missing for this plugin.",author:"Unknown"};
if (plugin.start !== undefined) { if (plugin.start !== undefined) {
internal.print('loading /plugins/' + x); internal.print('loading /plugins/' + x);
plugin.start(); plugin.start();
@ -372,7 +334,7 @@ function evaluate(str, exportsR) {
} }
} }
}); });
}*/ }
// execute autoruns... // execute autoruns...
if (fs.existsSync(exports.data + '/autorun')) { if (fs.existsSync(exports.data + '/autorun')) {
@ -429,7 +391,7 @@ function evaluate(str, exportsR) {
major: 5, major: 5,
minor: 6, minor: 6,
revision: 43, // TODO: find a better way of incrementing/calculating the revision; the current way is fucking ridiculous (manually editing) revision: 46, // TODO: find a better way of incrementing/calculating the revision; the current way is fucking ridiculous (manually editing)
toString: function () { toString: function () {
return `v${this.major}.${this.minor}.${this.revision}`; return `v${this.major}.${this.minor}.${this.revision}`;
@ -449,12 +411,12 @@ function evaluate(str, exportsR) {
console.log(`EPAPI ${this.version}\nhttps://endpwn.github.io/\nhttps://discord.gg/8k3gEeE`); console.log(`EPAPI ${this.version}\nhttps://endpwn.github.io/\nhttps://discord.gg/8k3gEeE`);
} }
else else
console.log(`%cCλnergy%c console.log(`%cΣndPwn%c
${this.bootstrap.name ? this.bootstrap.name : 'unknown'}${this.bootstrap.version ? ` ${this.bootstrap.version}` : ''}${this.bootstrap.method ? ` (${this.bootstrap.method})` : ''} ${this.bootstrap.name ? this.bootstrap.name : 'unknown'}${this.bootstrap.version ? ` ${this.bootstrap.version}` : ''}${this.bootstrap.method ? ` (${this.bootstrap.method})` : ''}
EPAPI ${this.version}${window.crispr ? `, CRISPR ${window.crispr.version}` : ''} EPAPI ${this.version}${window.crispr ? `, CRISPR ${window.crispr.version}` : ''}
https://endpwn.github.io/ https://endpwn.github.io/
https://discord.gg/8k3gEeE`, https://patreon.com/dr1ft`,
'background:linear-gradient(to bottom right,#cf8,#c8f);-webkit-background-clip:text;-webkit-text-fill-color:transparent;font-size:48px;font-family:sans-serif', ''); 'background:linear-gradient(to bottom right,#0ff,#f0f);-webkit-background-clip:text;-webkit-text-fill-color:transparent;font-size:48px;font-family:sans-serif', '');
}, },
// get the lite status // get the lite status
@ -475,19 +437,19 @@ https://discord.gg/8k3gEeE`,
silent (bool): dont display about() after initialization silent (bool): dont display about() after initialization
brand (bool): enables the sigma wordmark replacement brand (bool): enables the sigma wordmark replacement
secure (bool): enables security features like permissions secure (bool): enables security features like permissions
native (bool): informs epapi that we have access to native require()
all keys are optional, boolean values are assumed false if not provided all keys are optional, boolean values are assumed false if not provided
please do not call this method unless you are a bootstrap please do not call this method unless you are a bootstrap
*/ */
go: async function (bootstrap, silent, brand, lite) { go: async function (bootstrap, silent, brand, lite) {
if (location.hostname.indexOf('discordapp') == -1 && location.hostname.indexOf('dr1ft.xyz') == -1) return; if (location.hostname.indexOf('discordapp') == -1 && location.hostname.indexOf('dr1ft.xyz') == -1) return;
try { try {
internal.print('starting up...') internal.print('starting up...');
// figure out which calling convention is being used // figure out which calling convention is being used
switch (typeof bootstrap) { switch (typeof bootstrap) {
@ -498,6 +460,7 @@ https://discord.gg/8k3gEeE`,
internal.lite = bootstrap.lite ? true : false; internal.lite = bootstrap.lite ? true : false;
internal.silent = bootstrap.silent ? true : false; internal.silent = bootstrap.silent ? true : false;
internal.brand = bootstrap.brand ? true : false; internal.brand = bootstrap.brand ? true : false;
internal.native = bootstrap.native ? true : false;
break; break;
// older bootstrap // older bootstrap
@ -614,7 +577,7 @@ https://discord.gg/8k3gEeE`,
wrap: function (target1, callback) { wrap: function (target1, callback) {
// for security; we're evaluating an untrusted expression in the local scope here // for security; we're evaluating an untrusted expression in the local scope here
var internal = {}; //var internal = {};
// get the original function // get the original function
var orig = evaluate(target1); var orig = evaluate(target1);
@ -656,7 +619,7 @@ https://discord.gg/8k3gEeE`,
// intercept a function's return value // intercept a function's return value
wrapAfter: function (target1, callback) { wrapAfter: function (target1, callback) {
var internal = {}; //var internal = {};
// get the original function // get the original function
var orig = evaluate(target1); var orig = evaluate(target1);
@ -672,8 +635,7 @@ https://discord.gg/8k3gEeE`,
return callback(r); return callback(r);
} }
catch (e) { catch (e) {
let err = internal && internal.error ? internal.error : console.error; internal.error(e, 'A function wrapper threw an exception');
err(e, 'A function wrapper threw an exception');
// again, dont fuck stuff up if there's a flaw in the wrapper // again, dont fuck stuff up if there's a flaw in the wrapper
return r; return r;
@ -965,4 +927,6 @@ https://discord.gg/8k3gEeE`,
} }
if (typeof module != 'undefined') module.exports = exports;
})(); })();

View file

@ -1,17 +1,11 @@
<html prefix="og: http://ogp.me/ns#"> <html prefix="og: http://ogp.me/ns#">
<head> <head>
<title>C&lambda;nergy</title> <title>L&lambda;mbda</title>
<meta property="og:title" content="C&lambda;nergy" /> <meta property="og:title" content="L&lambda;mbda" />
<meta property="og:description" content="Instructions for installing Cynergy" /> <meta property="og:description" content="Instructions for installing Lambda" />
<meta property="og:image" content="/lambda.png" /> <meta property="og:image" content="/lambda.png" />
<script>
function updatePayload() {
document.querySelector('code').innerText = `DiscordNative.nativeModules.requireModule("discord_/../electron").remote.getCurrentWindow().loadURL('${location.href}app')`
}
</script>
<style> <style>
@font-face { @font-face {
font-family: 'IBMVGA8'; font-family: 'IBMVGA8';
@ -49,15 +43,13 @@
</style> </style>
</head> </head>
<body onload="updatePayload()"> <body>
<div>C&lambda;nergy</div> <div>L&lambda;mbda</div>
Copy and paste the following string into your Discord console: <a href="https://gitlab.com/Cynosphere/lambda-patcher">Grab the Lambda Patcher</a>
<br> <br>
<code>please wait...</code> <p>Lambda does not have any Discord internal injection methods anymore.</p>
<br> <br>
<br> <b>This is a fork of EndPwn3.</b>
<b>This is a fork of the unstable, staging branch of EndPwn3. Use at your own risk or use the
<a href="https://endpwn.github.io/endpwn3/">stable EP3 branch</a> instead.</b>
</body> </body>
</html> </html>

View file

@ -20,96 +20,109 @@
var internal = { var internal = {
print: function (str) { print: function (str) {
console.log(`%c[Customizer]%c ` + str, 'font-weight:bold;color:#c8f', ''); console.log(`%c[Customizer]%c ` + str, 'font-weight:bold;color:#0cc', '');
} }
} }
exports = { if (window.$api === undefined && typeof $api != 'undefined') {
console.warn('$api is defined, but window.$api is not! assuming we are running under epapi6 and exporting an empty object...');
exports = {};
}
else
exports = {
replacements: { manifest: {
replacements: [
// fix for custom discrims breaking search // fix for custom discrims breaking search
//'#([0-9]{4})': {
//'#(.{1,4})', signature: '#([0-9]{4})',
payload: '#(.{1,4})'
},
// endpwn dev badges // endpwn dev badges
//'return t.hasFlag(H.UserFlags.STAFF)': {
//'return t.hasFlag(4096)&&r.push({tooltip:"EndPwn Developer",onClick:function(){return window.open("https://endpwn.github.io/","_blank")},class:"endpwn"}),t.hasFlag(H.UserFlags.STAFF)' //signature: 'return t.hasFlag(H.UserFlags.STAFF)',
signature: /return (\w)\.hasFlag\((\w)\.UserFlags\.STAFF\)&&(\w)\.push/g,
//payload: 'return t.hasFlag(4096)&&r.push({tooltip:"EndPwn Developer",onClick:function(){return window.open("https://endpwn.github.io/","_blank")},class:"endpwn"}),t.hasFlag(H.UserFlags.STAFF)'
payload: 'return $1.hasFlag(4096)&&$3.push({tooltip:"EndPwn Developer",onClick:function(){return window.open("https://endpwn.github.io/","_blank")},class:"endpwn"}),t.hasFlag($2.UserFlags.STAFF)&&r.push'
}
}, ],
},
// fallback data // fallback data
data: { data: {
guilds: [], guilds: [],
devs: [], devs: [],
bots: [], bots: [],
users: {} users: {}
}, },
get me() {
return {
bot: exports.data.bots.indexOf($me()) != -1,
discrim: exports.data.users[$me()]
}
},
update: function () {
// fetch goodies.json
internal.print('fetching data from server...');
fetch('https://endpwn.cathoderay.tube/goodies.json?_=' + Date.now())
.then(x => x.json())
.then(r => endpwn.customizer.data = r);
},
init: function () {
// prevent doublecalling
delete endpwn.customizer.init;
// apply custom discrims/bot tags/badges/server verif from EndPwn Customizer (endpwn.cathoderay.tube)
internal.print('initializing...');
// refetch customizer stuff every half hour
setInterval(endpwn.customizer.update, 1800000);
endpwn.customizer.update();
// add the endpwn dev badge to the class obfuscation table
wc.findFunc('profileBadges:"profileBadges')[0].exports['profileBadgeEndpwn'] = 'profileBadgeEndPwn';
// hook getUser() so we can apply custom discrims/bot tags/badges
$api.util.wrapAfter(
"wc.findCache('getUser')[0].exports.getUser",
x => {
if (x === undefined || x === null) return;
if (endpwn.customizer.data.bots.includes(x.id)) x.bot = true;
if (endpwn.customizer.data.users[x.id] !== undefined) x.discriminator = endpwn.customizer.data.users[x.id];
if (endpwn.customizer.data.devs.includes(x.id)) x.flags += x.flags & 4096 ? 0 : 4096;
return x;
}
);
// make sure devs' badges actually render
$api.events.hook('USER_PROFILE_MODAL_FETCH_SUCCESS', x => { if (endpwn.customizer.data.devs.includes(x.user.id)) x.user.flags += x.user.flags & 4096 ? 0 : 4096; })
// hook getGuild() so we can verify servers
$api.util.wrapAfter(
"wc.findCache('getGuild')[0].exports.getGuild",
x => {
if (x === undefined || x === null) return;
if (endpwn.customizer.data.guilds.includes(x.id)) x.features.add('VERIFIED');
return x;
}
);
get me() {
return {
bot: exports.data.bots.indexOf($me()) != -1,
discrim: exports.data.users[$me()]
} }
},
update: function () {
// fetch goodies.json
internal.print('fetching data from server...');
fetch('https://endpwn.cathoderay.tube/goodies.json?_=' + Date.now())
.then(x => x.json())
.then(r => endpwn.customizer.data = r);
},
init: function () {
// prevent doublecalling
delete endpwn.customizer.init;
// apply custom discrims/bot tags/badges/server verif from EndPwn Customizer (endpwn.cathoderay.tube)
internal.print('initializing...');
// refetch customizer stuff every half hour
setInterval(endpwn.customizer.update, 1800000);
endpwn.customizer.update();
// add the endpwn dev badge to the class obfuscation table
wc.findFunc('profileBadges:"profileBadges')[0].exports['profileBadgeEndpwn'] = 'profileBadgeEndPwn';
// hook getUser() so we can apply custom discrims/bot tags/badges
$api.util.wrapAfter(
"wc.findCache('getUser')[0].exports.getUser",
x => {
if (x === undefined || x === null) return;
if (endpwn.customizer.data.bots.includes(x.id)) x.bot = true;
if (endpwn.customizer.data.users[x.id] !== undefined) x.discriminator = endpwn.customizer.data.users[x.id];
if (endpwn.customizer.data.devs.includes(x.id)) x.flags += x.flags & 4096 ? 0 : 4096;
return x;
}
);
// make sure devs' badges actually render
$api.events.hook('USER_PROFILE_MODAL_FETCH_SUCCESS', x => { if (endpwn.customizer.data.devs.includes(x.user.id)) x.user.flags += x.user.flags & 4096 ? 0 : 4096; })
// hook getGuild() so we can verify servers
$api.util.wrapAfter(
"wc.findCache('getGuild')[0].exports.getGuild",
x => {
if (x === undefined || x === null) return;
if (endpwn.customizer.data.guilds.includes(x.id)) x.features.add('VERIFIED');
return x;
}
);
} }
}

View file

@ -1,110 +0,0 @@
exports = {
manifest: {
author: "Cynosphere",
name: "Plugins Page",
description: "Shows what plugins you have",
loadAfter:["settings"]
},
start:function(){
let em = $settingsapi.elements;
let int = em.internal;
var createPlugin = function(id,data){
var info = {};
info.name = data.name ? data.name : (id ? id : "<unnamed plugin???>");
info.description = data.description ? data.description : "Manifest is missing for this plugin.";
info.author = data.author ? data.author : "Unknown";
info.loadAfter = data.loadAfter ? data.loadAfter : [];
info.priority = data.priority ? data.priority : 0;
info.replacements = data.replacements ? data.replacements : [];
var cont = em.createVerticalPanel();
var head = em.createHorizontalPanel()
.appendTo(cont);
var title = createElement("h3")
.withClass(
int.headers.h3,
int.headers.title,
int.headers.size16,
int.headers.height20,
int.headers.defaultColor
)
.withText(info.name)
.appendTo(head);
em.createH5('By '+info.author)
.appendTo(title);
em.createSwitch(() => { }, true)
.appendTo(head);
createElement("div")
.withClass(
int.misc3.description,
int.misc3.formText,
int.misc3.modeDefault
)
.withText(info.description)
.appendTo(cont);
var body = em.createHorizontalPanel()
.appendTo(cont);
createElement("div")
.withClass(
int.misc3.description,
int.misc3.formText,
int.misc3.modeDefault
)
.withText(`Replacements: ${info.replacements.length}`)
.appendTo(body);
createElement("div")
.withClass(
int.misc3.description,
int.misc3.formText,
int.misc3.modeDefault
)
.modify(x=>x.style.marginLeft = "8px")
.withText(`Priority: ${info.priority}`)
.appendTo(body);
createElement("div")
.withClass(
int.misc3.description,
int.misc3.formText,
int.misc3.modeDefault
)
.modify(x=>x.style.marginLeft = "8px")
.withText(info.loadAfter.length > 0 ? `Depends on: ${info.loadAfter.join(", ")}` : "No dependencies")
.appendTo(body);
createElement("div")
.withClass(em.internal.dividers.divider)
.appendTo(cont);
return cont;
}
$settingsapi.addSection("Plugins","Plugins",null,function(pnl){
em.createH2("Plugins")
.appendTo(pnl);
let plugins = {}
Object.keys($pluginStore).forEach(x=>{
console.log(x);
plugins[x] = {id:x,data:$pluginStore[x]};
});
Object.keys(plugins).forEach(x=>{
let d = plugins[x];
createPlugin(d.id,d.data)
.appendTo(pnl);
});
});
}
}

View file

@ -17,382 +17,292 @@
*/ */
exports = { if (window.$api === undefined && typeof $api != 'undefined') {
console.warn('$api is defined, but window.$api is not! assuming we are running under epapi6 and exporting an empty object...');
exports = {};
}
else
exports = {
manifest: { manifest: {
author: "Cynosphere, dr1ft", replacements: [
name: "Settings Page + Settings API", {
description: "Hijacking the settings pages.", signature: /{section:(\w)\.SectionTypes\.DIVIDER},{section:"logout",/g,
replacements: [ payload: '{section:$1.SectionTypes.DIVIDER},{section:"ENDPWN",label:"ΣndPwn Settings",element:window.BlankSettingsElement,color:"#0cc"},{section:$1.SectionTypes.DIVIDER},{section:"logout",'
{ }
signature:/section:"logout",onClick:function\(\){(.)\.default\.push\(function\((.)\){return (.)\.createElement\((.)\.default,(.)\((.+),(.)\),(.)\((.)\.default,{size:(.)\.default\.Sizes\.MEDIUM,color:(.)\.default\.Colors\.PRIMARY},void 0,((.)\.default\.Messages\.USER_SETTINGS_CONFIRM_LOGOUT)\)\)}\)}/, ],
payload:'section:"logout",onClick:window.__fancyDialog=function(data=$6,txt=$12){$1.default.push(function($2){return $3.createElement($4.default,$5(data,$7),$8($9.default,{size:$10.default.Sizes.MEDIUM,color:$11.default.Colors.PRIMARY},void 0,txt))})}' },
},
{signature:'/function (.)\\(\\){return\\[{(.+)}]}/',payload:'window.$settingsapi={sections:[{$2}]};function $1(){return window.$settingsapi.sections;}'}
],
loadAfter: ["system"]
},
init: function () { init: function () {
delete endpwn.settings.init; delete endpwn.settings.init;
var buttons = $api.util.findFuncExports('button-', 'colorBlack'); var currentSection = '';
var checkboxes = $api.util.findFuncExports('checkboxEnabled');
var misc = $api.util.findFuncExports('statusRed-', 'inputDefault');
var misc2 = $api.util.findFuncExports('multiInputField');
var misc3 = $api.util.findFuncExports('formText-','formText');
var headers = $api.util.findFuncExports('h5-', 'h5');
var dividers = wc.findFunc('divider-')[0].exports;
var panels = wc.findFunc('flexChild-')[0].exports; $api.events.listen('ENDPWN_PSEUDO_IPC', msg => {
var panels2 = $api.util.findFuncExports('errorMessage-', 'inputWrapper'); $api.localStorage.set('customizer_signature', JSON.parse(msg.data).signature);
console.log(currentSection);
renderSettings(currentSection);
});
let sections = window.$settingsapi.sections; window.BlankSettingsElement = $api.util.findConstructor('FormSection', 'FormSection').FormSection;
let dialog = window.__fancyDialog;
delete window.__fancyDialog; var buttons = $api.util.findFuncExports('button-', 'colorBlack');
var checkboxes = $api.util.findFuncExports('checkboxEnabled');
var misc = $api.util.findFuncExports('statusRed-', 'inputDefault');
var misc2 = $api.util.findFuncExports('multiInputField');
var headers = $api.util.findFuncExports('h5-', 'h5');
window.$settingsapi = { var panels = wc.findFunc('flexChild-')[0].exports;
sections: sections, var panels2 = $api.util.findFuncExports('errorMessage-', 'inputWrapper');
ourSections: [],
_callbacks: {},
_panels: {},
addSection: function(name,label,color=null,callback,pos=null){
let data = {};
data.section = name || `SAPI_${Math.floor(Math.random()*10000)}`; function createVerticalPanel() {
data.label = label; return createElement("div")
data.color = color; .withClass(panels2.vertical, 'epButtonPanel')
data.element = $api.util.findConstructor('FormSection', 'FormSection').FormSection; }
$settingsapi.ourSections.push(data); function createHorizontalPanel() {
$settingsapi.sections.splice(pos ? pos : $settingsapi.sections.length-4,0,data); return createElement("div")
$settingsapi._callbacks[name] = callback; .withClass(panels.horizontal, 'epButtonPanel')
}, }
addDivider: function(){
$settingsapi.ourSections.push({section:"DIVIDER"}); function createButton(name) {
$settingsapi.sections.splice($settingsapi.sections.length-4,0,{section:"DIVIDER"}); return createElement('button')
}, .withContents(name)
addHeader: function(label){ .withClass(
$settingsapi.ourSections.push({section:"HEADER",label:label}); buttons.button,
$settingsapi.sections.splice($settingsapi.sections.length-4,0,{section:"HEADER",label:label}); buttons.lookFilled,
}, buttons.colorBrand,
fancyDialog: dialog, buttons.sizeSmall,
//All of these allow us to use Discord's elements. buttons.grow,
elements: { 'epMargin'
createVerticalPanel: function() { );
return createElement("div") }
.withClass(panels2.vertical, 'epButtonPanel')
}, function createWarnButton(name) {
createHorizontalPanel: function() { return createElement('button')
return createElement("div") .withContents(name)
.withClass(panels.horizontal, 'epButtonPanel') .withClass(
}, buttons.button,
createButton: function(name) { buttons.lookOutlined,
return createElement('button') buttons.colorYellow,
.withContents(name) buttons.sizeSmall,
.withClass( buttons.grow,
buttons.button, 'epMargin'
buttons.lookFilled, );
buttons.colorBrand, }
buttons.sizeSmall,
buttons.grow, function createDangerButton(name) {
'epMargin' return createElement('button')
); .withContents(name)
}, .withClass(
createWarnButton: function(name) { buttons.button,
return createElement('button') buttons.lookOutlined,
.withContents(name) buttons.colorRed,
.withClass( buttons.sizeSmall,
buttons.button, buttons.grow,
buttons.lookOutlined, 'epMargin'
buttons.colorYellow, );
buttons.sizeSmall, }
buttons.grow,
'epMargin' function createH2(text) {
); //h2-2gWE-o title-3sZWYQ size16-14cGz5 height20-mO2eIN weightSemiBold-NJexzi defaultColor-1_ajX0 defaultMarginh2-2LTaUL marginBottom20-32qID7
}, return createElement("h2")
createDangerButton: function(name) { .withClass(
return createElement('button') headers.h2,
.withContents(name) headers.title,
.withClass( headers.size16,
buttons.button, headers.height20,
buttons.lookOutlined, headers.weightSemiBold,
buttons.colorRed, headers.defaultColor,
buttons.sizeSmall, 'epMargin'
buttons.grow, )
'epMargin' .withText(text);
); }
},
createH2: function(text) { function createH5(text) {
return createElement("h2") return createElement("h5")
.withClass( .withClass(
headers.h2, headers.h5,
headers.title, headers.title,
headers.size16, headers.size12,
headers.height20, headers.height16,
headers.weightSemiBold, headers.weightSemiBold
headers.defaultColor, )
'epMargin' .withText(text);
) }
.withText(text);
}, function createInput(v) {
createH5: function(text) { return createElement("input")
return createElement("h5") .withClass(
.withClass( misc.inputDefault,
headers.h5, misc.input,
headers.title, misc.size16,
headers.size12, 'epMargin'
headers.height16, )
headers.weightSemiBold .modify(x => x.value = v)
) }
.withText(text);
}, //<input class="checkboxEnabled-CtinEn checkbox-2tyjJg" type="checkbox">
createInput: function(v, p) { //switchEnabled-V2WDBB switch-3wwwcV valueUnchecked-2lU_20 value-2hFrkk sizeDefault-2YlOZr size-3rFEHg themeDefault-24hCdX
return createElement("input") //switchEnabled-V2WDBB switch-3wwwcV valueChecked-m-4IJZ value-2hFrkk sizeDefault-2YlOZr size-3rFEHg themeDefault-24hCdX
.withClass( function updateSwitch(s, w) {
misc.inputDefault, if (s.checked) {
misc.input, w.classList.remove(checkboxes.valueUnchecked.split(' ')[0]);
misc.size16, w.classList.add(checkboxes.valueChecked.split(' ')[0])
'epMargin' }
) else {
.modify(x => x.value = v ? v : "") w.classList.remove(checkboxes.valueChecked.split(' ')[0]);
.modify(x => x.placeholder = p ? p : "") w.classList.add(checkboxes.valueUnchecked.split(' ')[0])
},
updateSwitch: function(s, w) {
if (s.checked) {
w.classList.remove(checkboxes.valueUnchecked.split(' ')[0]);
w.classList.add(checkboxes.valueChecked.split(' ')[0])
}
else {
w.classList.remove(checkboxes.valueChecked.split(' ')[0]);
w.classList.add(checkboxes.valueUnchecked.split(' ')[0])
}
},
createSwitch: function(c, i) {
if (c === undefined) c = () => { };
if (i === undefined) i = false;
var s, w = createElement('div')
.withClass(
checkboxes.switch,
checkboxes.switchEnabled,
checkboxes.size,
checkboxes.sizeDefault,
checkboxes.themeDefault
)
.withChildren(
s = createElement("input")
.withClass(
checkboxes.checkbox,
checkboxes.checkboxEnabled
)
.modify(x => x.type = 'checkbox')
.modify(x => x.checked = i)
.modify(x => x.onchange = () => {
$settingsapi.elements.updateSwitch(s, w);
c(s.checked);
})
)
$settingsapi.elements.updateSwitch(s, w);
return w;
},
internal:{
panels:panels,
panels2:panels2,
buttons:buttons,
checkboxes:checkboxes,
misc:misc,
misc2:misc2,
misc3:misc3,
headers:headers,
dividers:dividers
} }
} }
} function createSwitch(c, i) {
if (c === undefined) c = () => { };
//Example settings tab if (i === undefined) i = false;
/*$settingsapi.addDivider(); var s, w = createElement('div')
$settingsapi.addHeader("Element Testing"); .withClass(
$settingsapi.addSection("TESTING","Element Test Page",null,function(pnl){ checkboxes.switch,
let em = $settingsapi.elements; checkboxes.switchEnabled,
em.createH2("Hello World! Heading 2").appendTo(pnl); checkboxes.size,
em.createH5("Hello World! Heading 5").appendTo(pnl); checkboxes.sizeDefault,
em.createButton("Button!").appendTo(pnl); checkboxes.themeDefault
em.createWarnButton("Warning Button!").appendTo(pnl); )
em.createDangerButton("Danger Button!").appendTo(pnl); .withChildren(
em.createInput("","Input Box!").appendTo(pnl); s = createElement("input")
em.createSwitch().appendTo(pnl); .withClass(
checkboxes.checkbox,
let v = em.createVerticalPanel().appendTo(pnl); checkboxes.checkboxEnabled
let h = em.createHorizontalPanel().appendTo(pnl); )
.modify(x => x.type = 'checkbox')
em.createH2("Vertical Panel!").appendTo(v); .modify(x => x.checked = i)
em.createButton("Beep Boop").appendTo(v); .modify(x => x.onchange = () => {
updateSwitch(s, w);
em.createH2("Horizontal Panel!").appendTo(h); c(s.checked);
em.createButton("Boop Beep").appendTo(h); })
});*/ )
updateSwitch(s, w);
function setupSettings(e){ return w;
for(let i in $settingsapi._panels){
$settingsapi._panels[i].remove();
} }
for(let i in $settingsapi.ourSections){ function authorizeCustomizer() {
let data = $settingsapi.ourSections[i]; var endpoint = $api.internal.constants.API_HOST;
if(e.section == data.section){ var url = `https://${endpoint}/oauth2/authorize?client_id=436715820970803203&redirect_uri=https%3A%2F%2Fendpwn.cathoderay.tube%2Fauth%2Fdiscord%2Fintegratedcallback&response_type=code&scope=identify`;
var win = new window.electron.BrowserWindow({
width: 420,
height: 500,
transparent: false,
frame: false,
resizable: true,
nodeIntegration: true
});
win.loadURL(url);
}
function submitCustomizer(d, b) {
fetch('https://endpwn.cathoderay.tube/set', {
headers: {
'Content-type': 'application/json'
},
method: 'POST',
body: JSON.stringify({
id: $me(),
signature: $api.localStorage.get('customizer_signature'),
discriminator: d,
bot: b
})
}).then(r => {
r.text().then(k => {
$api.ui.showDialog({
title: 'Server Response',
body: k
});
});
endpwn.customizer.update();
});
}
function renderSettings(e) {
currentSection = e;
if ($("#ep_settings")) $("#ep_settings").remove();
if (e.section == "ENDPWN") {
var pane = $(".content-column.default"); var pane = $(".content-column.default");
if (!pane) return; if (!pane) return;
$settingsapi._panels[data.section] = createElement('div') var needAuth = !$api.localStorage.get('customizer_signature');
.withClass('flex-vertical')
.appendTo(pane);
$settingsapi._callbacks[data.section]($settingsapi._panels[data.section]); var content = createElement('div')
} .withId('ep_settings')
} .withClass('flex-vertical')
}
$api.events.hook("USER_SETTINGS_MODAL_SET_SECTION",setupSettings);
$api.events.hook("USER_SETTINGS_MODAL_INIT",e=>setTimeout(_=>setupSettings(e),200));
$api.events.listen('ENDPWN_PSEUDO_IPC', msg => {
$api.localStorage.set('customizer_signature', JSON.parse(msg.data).signature);
console.log(currentSection);
renderSettings(currentSection);
});
function authorizeCustomizer() {
var endpoint = $api.internal.constants.API_HOST;
var url = `https://${endpoint}/oauth2/authorize?client_id=436715820970803203&redirect_uri=https%3A%2F%2Fendpwn.cathoderay.tube%2Fauth%2Fdiscord%2Fintegratedcallback&response_type=code&scope=identify`;
var win = new window.electron.BrowserWindow({
width: 420,
height: 500,
transparent: false,
frame: false,
resizable: true,
nodeIntegration: true
});
win.loadURL(url);
}
function submitCustomizer(d, b) {
fetch('https://endpwn.cathoderay.tube/set', {
headers: {
'Content-type': 'application/json'
},
method: 'POST',
body: JSON.stringify({
id: $me(),
signature: $api.localStorage.get('customizer_signature'),
discriminator: d,
bot: b
})
}).then(r => {
r.text().then(k => {
$api.ui.showDialog({
title:'Server Response',
body: k
});
});
endpwn.customizer.update();
});
}
function renderSettings(pane) {
var em = $settingsapi.elements;
var needAuth = !$api.localStorage.get('customizer_signature');
var content = createElement('div')
.withId('ep_settings')
.withClass('flex-vertical')
.withChildren(
createElement("div")
.withClass('epSettingsHeader')
.withText('Cλnergy Settings'),
)
.appendTo(pane);
em.createH2("Basic Settings")
.modify(x=>x.className = x.className.replace("epMargin","margin-bottom-20"))
.appendTo(content);
createElement("div")
.withClass(em.internal.panels.horizontal, 'epButtonPanel')
.withChildren(
em.createButton("Open Data Folder")
.modify(x => x.onclick = () => { electron.shell.openExternal($api.data) }),
em.createWarnButton("Restart in safe mode")
.modify(x => x.onclick = endpwn.safemode),
em.createDangerButton("Uninstall EndPwn")
.modify(x => x.onclick = function () {
$settingsapi.fancyDialog({
header: 'EndPwn: confirm uninstallation',
confirmText: 'Yes', cancelText: 'No',
onConfirm: () => {
var data = $api.data;
$api.settings.set('WEBAPP_ENDPOINT');
$api.settings.set('WEBAPP_PATH');
reload();
}
},'Are you sure you want to remove EndPwn from your client? You can reinstall it at any time.');
})
)
.appendTo(content);
createElement("div")
.withClass(em.internal.dividers.divider,"margin-bottom-40","margin-top-40")
.appendTo(content);
em.createH2("Customizer")
.modify(x=>x.className = x.className.replace("epMargin","margin-bottom-20"))
.appendTo(content);
if (!$api.localStorage.get('customizer_signature')) {
em.createHorizontalPanel()
.withChildren(
em.createButton("Authorize EndPwn Customizer")
.modify(x => x.onclick = authorizeCustomizer)
)
.appendTo(content);
}
else {
var discrim, bot;
em.createVerticalPanel()
.withChildren(
em.createH5('Discriminator'),
em.createHorizontalPanel()
.withChildren(
discrim = em.createInput(endpwn.customizer.me.discrim ? endpwn.customizer.me.discrim : '')
.withClass('epDiscrimField')
.modify(x => x.maxLength = 4),
em.createVerticalPanel()
.withChildren( .withChildren(
em.createH5('Bot?'), createElement("div")
bot = em.createSwitch(() => { }, endpwn.customizer.me.bot) .withClass('epSettingsHeader')
), .withText('ΣndPwn Settings')
em.createButton("Submit") )
.modify(x => x.onclick = () => submitCustomizer(discrim.value, bot.children[0].checked)) .appendTo(pane);
)
) if (!$api.localStorage.get('customizer_signature')) {
.appendTo(content);
createHorizontalPanel()
.withChildren(
createButton("Authorize EndPwn Customizer")
.modify(x => x.onclick = authorizeCustomizer)
)
.appendTo(content);
}
else {
var discrim, bot;
createVerticalPanel()
.withChildren(
createH5('Discriminator'),
createHorizontalPanel()
.withChildren(
discrim = createInput(endpwn.customizer.me.discrim ? endpwn.customizer.me.discrim : '')
.withClass('epDiscrimField')
.modify(x => x.maxLength = 4),
createVerticalPanel()
.withChildren(
createH5('Bot?'),
bot = createSwitch(() => { }, endpwn.customizer.me.bot)
),
createButton("Submit")
.modify(x => x.onclick = () => submitCustomizer(discrim.value, bot.children[0].checked))
)
)
.appendTo(content);
}
createElement("div")
.withClass(panels.horizontal, 'epButtonPanel')
.withChildren(
createButton("Open Data Folder")
.modify(x => x.onclick = () => { electron.shell.openExternal($api.data) }),
createWarnButton("Restart in safe mode")
.modify(x => x.onclick = endpwn.safemode),
createDangerButton("Uninstall EndPwn")
.modify(x => x.onclick = endpwn.uninstall)
)
.appendTo(content);
}
} }
$api.events.hook("USER_SETTINGS_MODAL_SET_SECTION", renderSettings);
$api.events.hook("USER_SETTINGS_MODAL_INIT", e => setTimeout(_ => renderSettings(e), 200));
} }
$settingsapi.addDivider();
$settingsapi.addHeader("Cynergy");
$settingsapi.addSection("ENDPWN","Cλnergy Settings","#c8f",renderSettings);
} }
}

View file

@ -20,185 +20,189 @@
var internal = { var internal = {
print: function (str) { print: function (str) {
console.log(`%c[EndPwn3]%c ` + str, 'font-weight:bold;color:#c8f', ''); console.log(`%c[EndPwn3]%c ` + str, 'font-weight:bold;color:#0cc', '');
},
warn: function (str) {
console.warn(`%c[EndPwn3]%c ` + str, 'font-weight:bold;color:#0cc', '');
} }
} }
exports = { if (window.$api === undefined && typeof $api != 'undefined') {
console.warn('$api is defined, but window.$api is not! assuming we are running under epapi6 and exporting an empty object...');
exports = {};
}
else
exports = {
preload: function () { manifest: {
window.reload = () => { app.relaunch(); app.exit(); }; replacements: [
window.endpwn = {
// safemode // changelog injection
safemode: function () { {
$api.ui.showDialog({ signature: /key:"changeLog",get:function\(\){return (\w)}/g,
title: 'EndPwn: safe mode', payload: 'key:"changeLog",get:function(){if(!$1.injected){$1.injected=1;$1.date=$1.date<=window.endpwn.changelog.date?window.endpwn.changelog.date:$1.date;$1.body=window.endpwn.changelog.body+"\\n\\n"+$1.body}return $1}'
body: 'This will restart your client in a state without plugin support.', },
confirmText: 'Yes', cancelText: 'No',
onConfirm: () => { // crash screen hijack
{
signature: /var (\w)=(\w)\("div",{},void 0,\w\("p",{},void 0,(\w)\.default\.Messages\.ERRORS_UNEXPECTED_CRASH\),\w\("p",{},void 0,\w\.default\.Messages\.ERRORS_ACTION_TO_TAKE\)\),(\w)=\w\((\w)\.default,{size:(\w)\.ButtonSizes\.LARGE,onClick:this\._handleSubmitReport},void 0,a\.default\.Messages\.ERRORS_RELOAD\);return o\(u\.default,{theme:this\.props.theme,title:a\.default\.Messages\.UNSUPPORTED_BROWSER_TITLE,/g,
payload: `var $1=$2("div",{},void 0,$2("p",{},void 0,"Something has gone very, very wrong, and Discord has crashed."),$2("p",{},void 0,"If this is the first time you've seen this error screen, reload and hope for the best. If this screen appears again, follow these steps:"),$2("p",{},void 0,"Try removing any new plugins and restarting again. If this solves the problem there may be a bug in a plugin or a conflict."),$2("p",{},void 0,"If problems continue, it's likely that there is a bug in EndPwn or Discord."),$2("p",{},void 0,"If you need help, join the EndPwn Discord server (https://discord.gg/wXdPNf2)"),$2("p",{},void 0,"Details may be available in the console (Ctrl+Shift+I), but at this level of crash we can't be certain.")),$4=$2("div",{},void 0,$2($5.default,{size:$6.ButtonSizes.LARGE,onClick:()=>window.electron.getCurrentWindow().reload()},void 0,"Reload"),$2($5.default,{size:$6.ButtonSizes.LARGE,onClick:()=>{window.$api.localStorage.set('safemode',1);window.electron.getCurrentWindow().reload()}},void 0,"Reload in safe mode"));return $2(u.default,{theme:this.props.theme,title:"Discord: Fatal Error",`
}
$api.localStorage.set('safemode', 1); ],
window.electron.getCurrentWindow().reload(); },
} preload: function () {
});
},
// uninstaller window.reload = () => { app.relaunch(); app.exit(); };
uninstall: function () { window.endpwn = {
$api.ui.showDialog({
title: 'EndPwn: confirm uninstallation',
body: 'Are you sure you want to remove EndPwn from your client? You can reinstall it at any time.',
confirmText: 'Yes', cancelText: 'No',
onConfirm: () => { // safemode
safemode: function () {
$api.ui.showDialog({
title: 'EndPwn: safe mode',
body: 'This will restart your client in a state without plugin support.',
confirmText: 'Yes', cancelText: 'No',
var data = $api.data; onConfirm: () => {
$api.settings.set('WEBAPP_ENDPOINT'); $api.localStorage.set('safemode', 1);
$api.settings.set('WEBAPP_PATH'); window.electron.getCurrentWindow().reload();
reload(); }
});
},
} // uninstaller
}); uninstall: function () {
}, $api.ui.showDialog({
title: 'EndPwn: confirm uninstallation',
body: 'Are you sure you want to remove EndPwn from your client? You can reinstall it at any time.',
confirmText: 'Yes', cancelText: 'No',
// endpwn customizer onConfirm: () => {
customizer: krequire('customizer'),
// settings page stuff var data = $api.data;
settings: krequire('settings'),
// wrapper function for dispatch() $api.settings.set('WEBAPP_ENDPOINT');
// intended to simplify using executeJavaScript() from other windows as a bad IPC method $api.settings.set('WEBAPP_PATH');
// we do this since afaik we cant use electron.ipc in a useful way (maybe im wrong? if i am ill make this better later on lol) $api.settings.set('UPDATE_ENDPOINT');
pseudoipc: function (e) {
$api.events.dispatch({
type: 'ENDPWN_PSEUDO_IPC',
data: e
});
},
__eval: e => eval(e) reload();
}; }
});
},
// endpwn customizer
customizer: krequire('customizer'),
// settings page stuff
settings: krequire('settings'),
// wrapper function for dispatch()
// intended to simplify using executeJavaScript() from other windows as a bad IPC method
// we do this since afaik we cant use electron.ipc in a useful way (maybe im wrong? if i am ill make this better later on lol)
pseudoipc: function (e) {
$api.events.dispatch({
type: 'ENDPWN_PSEUDO_IPC',
data: e
});
},
__eval: e => eval(e)
// fetch the changelog
internal.print('retrieving changelog...');
fetch('https://lambda.cynfoxwell.cf/changelog.md?_=' + Date.now()).then(r => r.text()).then(l => {
var data = l.split(';;');
window.endpwn.changelog = {
date: data[0],
body: data[1]
}; };
});
// early init payload // fetch the changelog
document.addEventListener('ep-prepared', () => { internal.print('retrieving changelog...');
fetch('https://dr1ft.xyz/ep/changelog.txt?_=' + Date.now()).then(r => r.text()).then(l => {
var data = l.split(';;');
window.endpwn.changelog = {
date: data[0],
body: data[1]
};
});
// disable that obnoxious warning about not pasting shit in the console // early init payload
internal.print('disabling self xss warning...'); document.addEventListener('ep-prepared', () => {
$api.util.findFuncExports('consoleWarning').consoleWarning = e => { };
// fuck sentry // disable that obnoxious warning about not pasting shit in the console
internal.print('fucking sentry...'); internal.print('disabling self xss warning...');
var sentry = wc.findCache('_originalConsoleMethods')[0].exports; $api.util.findFuncExports('consoleWarning').consoleWarning = e => { };
window.console = Object.assign(window.console, sentry._originalConsoleMethods); // console
sentry._wrappedBuiltIns.forEach(x => x[0][x[1]] = x[2]); // other stuff
sentry._breadcrumbEventHandler = () => () => { }; // break most event logging
sentry.captureBreadcrumb = () => { }; // disable breadcrumb logging
}); // fuck sentry
internal.print('fucking sentry...');
var sentry = wc.findCache('_originalConsoleMethods')[0].exports;
window.console = Object.assign(window.console, sentry._originalConsoleMethods); // console
sentry._wrappedBuiltIns.forEach(x => x[0][x[1]] = x[2]); // other stuff
sentry._breadcrumbEventHandler = () => () => { }; // break most event logging
sentry.captureBreadcrumb = () => { }; // disable breadcrumb logging
}, });
manifest: { },
replacements: [
// changelog injection
{
signature:'key:"changeLog",get:function(){return E}',
payload:'key:"changeLog",get:function(){if(!E.injected){E.injected=1;E.date=E.date<=window.endpwn.changelog.date?window.endpwn.changelog.date:E.date;E.body=window.endpwn.changelog.body+"\\n\\n"+E.body}return E}'
},
// crash screen hijack start: function () {
{
signature:'var e=o("div",{},void 0,o("p",{},void 0,a.default.Messages.ERRORS_UNEXPECTED_CRASH),o("p",{},void 0,a.default.Messages.ERRORS_ACTION_TO_TAKE)),t=o(c.default,{size:l.ButtonSizes.LARGE,onClick:this._handleSubmitReport},void 0,a.default.Messages.ERRORS_RELOAD);return o(u.default,{theme:this.props.theme,title:a.default.Messages.UNSUPPORTED_BROWSER_TITLE,',
payload:`var e=o("div",{},void 0,o("p",{},void 0,"Something has gone very, very wrong, and Discord has crashed."),o("p",{},void 0,"If this is the first time you've seen this error screen, reload and hope for the best. If this screen appears again, follow these steps:"),o("p",{},void 0,"Try removing any new plugins and restarting again. If this solves the problem there may be a bug in a plugin or a conflict."),o("p",{},void 0,"If problems continue, it's likely that there is a bug in EndPwn or Discord."),o("p",{},void 0,"If you need help, join the EndPwn Discord server (https://discord.gg/wXdPNf2)"),o("p",{},void 0,"Details may be available in the console (Ctrl+Shift+I), but at this level of crash we can't be certain.")),t=o("div",{},void 0,o(c.default,{size:l.ButtonSizes.LARGE,onClick:()=>window.electron.getCurrentWindow().reload()},void 0,"Reload"),o(c.default,{size:l.ButtonSizes.LARGE,onClick:()=>{window.$api.localStorage.set('safemode',1);window.electron.getCurrentWindow().reload()}},void 0,"Reload in safe mode"));return o(u.default,{theme:this.props.theme,title:"Discord: Fatal Error",`
}
],
priority: 9999
},
start: function () { // disable analytics
internal.print('disabling analytics...');
$api.util.findFuncExports("AnalyticEventConfigs").default.track = () => { };
// disable analytics // enable experiments
internal.print('disabling analytics...'); internal.print('enabling experiments menu...');
$api.util.findFuncExports("AnalyticEventConfigs").default.track = () => { }; $api.util.findFuncExports('isDeveloper').__defineGetter__('isDeveloper', () => true);
// enable experiments // if we used start() in the other files, it would create a different instance -- we dont want that
internal.print('enabling experiments menu...'); endpwn.customizer.init();
$api.util.findFuncExports('isDeveloper').__defineGetter__('isDeveloper', () => true); endpwn.settings.init();
// if we used start() in the other files, it would create a different instance -- we dont want that // check for epapi updates
endpwn.customizer.init(); if ($api.lite || !fs.existsSync($api.data + '/DONTUPDATE'))
endpwn.settings.init(); (function () {
// check for epapi updates internal.print('checking for EPAPI updates...');
if ($api.lite || !fs.existsSync($api.data + '/DONTUPDATE'))
(function () {
internal.print('checking for EPAPI updates...'); // fetch the latest build of epapi
fetch('https://dr1ft.xyz/ep/epapi.js?_=' + Date.now()).then(x => x.text()).then(x => {
// fetch the latest build of epapi // check the version
fetch('https://lambda.cynfoxwell.cf/epapi/epapi.js?_=' + Date.now()).then(x => x.text()).then(x => { if (kparse(x).version > $api.version) {
// check the version // if the version on the server is newer, pester the user
if (kparse(x).version > $api.version) { $api.ui.showDialog({
// if the version on the server is newer, pester the user title: 'EndPwn3: EPAPI Update Available',
$api.ui.showDialog({ body: 'An update to EPAPI has been released. It is recommended that you restart your client in order to gain access to new features and maintain compatibility.',
confirmText: 'Restart Now', cancelText: 'Later',
title: 'EndPwn3: EPAPI Update Available', // user pressed "Restart Now"
body: 'An update to EPAPI has been released. It is recommended that you restart your client in order to gain access to new features and maintain compatibility.', onConfirm: () => {
confirmText: 'Restart Now', cancelText: 'Later',
// user pressed "Restart Now" // refresh the page if we're running in a browser, reboot the app if we're running outside of lite mode
onConfirm: () => { reload();
// refresh the page if we're running in a browser, reboot the app if we're running outside of lite mode },
reload();
}, // they pressed "Later", for some reason
onCancel: () => {
// they pressed "Later", for some reason // bother them again in 6 hrs (* 60 min * 60 sec * 1000 ms)
onCancel: () => { setTimeout(arguments.callee, 6 * 60 * 60 * 1000);
// bother them again in 6 hrs (* 60 min * 60 sec * 1000 ms) }
setTimeout(arguments.callee, 6 * 60 * 60 * 1000);
} });
}); }
else setTimeout(arguments.callee, 6 * 60 * 60 * 1000);
} });
else setTimeout(arguments.callee, 6 * 60 * 60 * 1000);
}); })();
})(); }
} }
}
/*
Now all this crazy drama
All up in my face
All I really wanted
Was to be alone in space
*/

88
rapiddom/rapiddom.js Normal file
View file

@ -0,0 +1,88 @@
/*
RapidDOM
Copyright 2018 dr1ft
Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal in the Software without restriction, including without limitation the rights to use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of the Software, and to permit persons to whom the Software is furnished to do so, subject to the following conditions:
The above copyright notice and this permission notice shall be included in all copies or substantial portions of the Software.
THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
https://github.com/strdr1ft/RapidDOM
*/
(() => {
// shorthand stuff
window.$ = s => document.querySelector(s);
window.$$ = s => document.querySelectorAll(s);
window.createElement = t => document.createElement(t);
// get HTMLElement's prototype so that we can work with it
var element = HTMLElement.prototype;
element.modify = function (c) {
c(this);
return this;
};
// set the id
element.withId = function (id) {
this.id = id;
return this;
};
// add classes to an element
element.withClass = function (...classes) {
// iterate over the arguments and add them all to the classlist
for (var i = 0; i < classes.length; i++) {
var subclasses = classes[i].split(' ');
for (var j = 0; j < subclasses.length; j++) {
this.classList.add(subclasses[j]);
}
}
return this;
};
element.withAttribute = function (name, value) {
this.setAttribute(name, value);
return this;
}
// set the text
element.withText = function (text) {
this.innerText = text;
return this;
};
// set the html !!! NOT SAFE !!!
element.withContents = function (text) {
this.innerHTML = text;
return this;
};
element.withChildren = function (...children) {
for (var i = 0; i < children.length; i++) {
this.appendChild(children[i]);
}
return this;
};
element.appendTo = function (parent) {
parent.appendChild(this);
return this;
};
// wipe the innerHTML of an element
element.purge = function () {
this.innerHTML = '';
return this;
};
})();