I Hacked a Discord Bot, the Owner said this...

preview_player
Показать описание

Wow I'm a tease. But yessir, it's another video where I talk about the abhorrent security of Discord bots and how easily they can be hacked. And in this case there's a lot of things I get to complain about, from the security of a "security Discord bot" to how the owner responded to me after I disclosed the vulnerability.

And again, massive thank you to xyzeva for finding this vulnerability. They are 2-0 right now.

Also just so we are clear, I hacked into my own test server. I would never cause intentional damage to a Discord server.

LINKS
-----------------------------------------------------------------------------
xyzeva's socials

SOCIALS
-----------------------------------------------------------------------------
Discord Server

Twitter

TIMESTAMPS
-----------------------------------------------------------------------------
00:00 - The Hack
06:12 - The Damage
08:27 - The Response
  1. No Text To Speech
  2. discord
  3. discord server
  4. discord memes
  5. discord bot
  6. discord bots
Рекомендации по теме
I Hacked a 0:09:09

I Hacked a Discord Bot, the Owner said this...

Ruining Discord Servers 0:09:32

Ruining Discord Servers with a Bot Exploit!

A Large Discord 0:10:26

A Large Discord Bot got Hacked!

Hacking a Discord 0:06:10

Hacking a Discord Server With a Link!

Watch How Hackers 0:09:17

Watch How Hackers hack your Discord account..

I Have Your 0:10:04

I Have Your Token!

Try Leaving this 0:08:02

Try Leaving this Glitched Discord Server!

NEW FREE Server 0:00:34

NEW FREE Server Boosting Bot is Insane 2024 | How To Use It

[🎃Halloween] Rivals Script 0:08:02

[🎃Halloween] Rivals Script Hack Esp, Aimbot And Trigger Bot - Roblox 2024

This Discord Server 0:08:07

This Discord Server Controls my PC (with Malware)!

DON'T VERIFY YOUR 0:05:16

DON'T VERIFY YOUR ROBLOX ACCOUNT WITH DISCORD BOTS! (PLAYERS HACKED)

These Bot Commands 0:08:09

These Bot Commands can Raid your Discord Server!

Remote Control Any 0:11:32

Remote Control Any PC With Discord

Roblox Hacked by 0:08:39

Roblox Hacked by joining this Discord Server?

Literally every Discord 0:00:35

Literally every Discord server owner when they get their first server boost

FREE BOT Joins 0:03:50

FREE BOT Joins Users To ANY SERVER! How to use it!

Discord's Minecraft Verification 0:06:11

Discord's Minecraft Verification Scam!

I beat rigged 0:03:43

I beat rigged giveaways with a bot

How To Get 0:00:38

How To Get The Personal Roles Hack?!?!?!!?!

I Generated 4 0:00:33

I Generated 4 Billions Steam Keys

When a Discord 0:03:06

When a Discord Mod gets hacked...

Infiltrating a Discord 0:15:17

Infiltrating a Discord Bot that Spies on People!

These 6 Discord 0:18:22

These 6 Discord Scams are EVERYWHERE!

most dangerous Virus 0:00:29

most dangerous Virus in Windows 10

Комментарии
Автор

1. Do not harass the bot developer. Yes, he didn't say thank you, but he did fix the issue quickly. Harassing someone because of poor manners aint the move.
2. The vulnerability is patched, please stop asking me how to hack into captcha.bot. I will never make a video on a live vulnerability because some of you are rascals.

and finally, I was told that people are asking other bot devs if their bot is safe and linking this video. That is perfect, that's the goal of these videos. Whether it's a one man team or a big company, people will exploit discord bots and use it to ruin people's communities or scam a bunch of people. And everyone getting a little scared of eva, and double checking the security of their bots, is going to make the community a better place. (Even if it means I have to burn my bridges with bot devs that disagree).

NoTextToSpeech
Автор

How are these bots so hilariously insecure? The fact everything could not only be done so easily but also all within the browser's DEVELOPER TOOLS is a huge problem.

T_nology
Автор

Having this little protection is shameful. There is a complete lack of basic security measures...

AquaQuokka
Автор

All those recent exploits discovered in bots is why I keep stressing to people to properly setup their servers and not blindly give bots permissions they don't need.

Thank you for bringing light to these exploits, hopefully this pushes people to stop blindly trusting bots and for devs to be more careful with security

kuuravr
Автор

this guy needs a lesson on how to properly protect his API endpoints... hilarious

QSABDO
Автор

As a Cybersecurity Student, that was the shitiest security that I have ever seen in my whole life 💀

lokas
Автор

As someone who has dabbled with a bit of bot development here and there on Discord, I have seen so many examples of other developers who think they're too good and too big to acknowledge other people around them - especially when it's criticism or feedback. Not surprised at all that Dark ignored your DM and I can guarantee that had you sent it from your NTTS account he 100% only then would've bothered replying.

sluuuudge
Автор

As a full-stack developer I can confirm that this is so amateur and unprofessional, no-one should trust a single product from this developer EVER. Remove captcha bot from your servers rn.

lebleathan
Автор

I'm not surprised that Dark was unresponsive after you basically saved his bot from destruction and chaos. Every interaction I've had with him (through the Arcane server), he has been cold and narcissistic. I don't know if that's how he actually is IRL, or if he gets a lot of messages per day and can't keep up with them, but he does not seem like a very good person in my opinion. I am glad that he fixed this huge vulnerability, and I can pretty much guarantee that any mention of this in any of the servers he owns will be met with a timeout or something of that sort. I mentioned the word "bot" in the Arcane server and got muted for 5 minutes for "advertising" as he told me.

Gandalf_Potter
Автор

Absolutely disgusting move by the bot owner.

heMech
Автор

xyzeva causally finding vulnerability in security bots 💀

rryangosling
Автор

"am be so so wuh a bo" such wise words from the owner...

RealTheonFrFr
Автор

Some servers really are set up horribly, one time, I saw a server where for some reason the owner role, with all perms, was under the member role, which everyone has, and also has perms to manage roles, so if literally anyone looked at the roles, which the member role also has perms for, they could've easily just given themselves owner and destroyed the entire server before the real owner got on.

thedonutone
Автор

We would be doomed if NTTS started his villain arc.

PandaMasik
Автор

these recent vulnerability videos have really given me insight on how even the biggest bots can be taken advantage of

thehansboi
Автор

I don't think I could've resisted the intrusive thoughts tbh. Good on you, dude lol.

ectothermic
Автор

Once again, thank you for keeping us safe on Discord, NTTS!
Shame Discord don't have an employee to do this.

ashmaniacal
Автор

That is the most pathetic thing I ever seen, like imagine ghosting the guy that help you find a security problem in your code, like imagine this happened again. I'm sure NTTS knows this abt stuff or he knows someone knows this stuff, imagine being so egoistical and risking ur career

RavDeBest
Автор

You can always go the middle route: Sell the vulnerabilty but also tell the owner about it

lollolcheese
Автор

This is the reason I like to troll the help pages on Dark's Discord server. It makes him waste his time on stupid things that takes his precious time off. I feel no remorse for Dark whatsoever

Gotham-guardian-plst