nikolaischunk / discord-phishing-links Goto Github PK

Hello,

I'm currently integrating this package into my Discord bot and have encountered an error.

This issue occurs on any message I send. Let it be a scam link, normal link or even just a simple message.
This is my code:
client.on('messageCreate', async message => { const guildID = await APSchema.findOne({ guildid: message.guild.id }) if (guildID) { if (message.guild.id === guildID.guildid) { async function checkMessage (message) { //check string on confirmed Phishing Domains let isGrabber = await stopPhishing.checkMessage(message) //Now you can do something with the Boolean Value console.log(isGrabber) return isGrabber } async function checkMessageFull (message) { //check string on confirmed & not yet confirmed but suspicious Phishing Domains let isGrabber = await stopPhishing.checkMessage(message) //Now you can do something with the Boolean Value console.log(isGrabber) return isGrabber } checkMessage(message) checkMessageFull(message) } } else return; })
I'm seeing that the line "let isGrabber = await stopPhishing.checkMessage(message)" is where this issue is occurring. Is there a way to solve this issue?

I'm running Discord.JS v13.6.

We're do I get the actual information please

https://discrode-gifte.com/boost
this link is discord phising link

https://dgift-premiums.xyz/

Hello there 👋, I am helping out with a few people to take down those phishing domains and we have created an API which currently gets around 10-20 new domains per day and is always up to date.
I'll merge all new domains I can find here into our API.

If you are interested in collaborating, I could get some contributors and the repo owner into the server which is used to add the domains to our API and to talk about phishing.
Currently Discord bots like Dyno, Fish (open source) and a few others are using our API.

dilscrod-game.com (/welcome)

domain-list.json has some bit.ly links that aren't Discord phishing sites. For example, http://bit.ly/31kj5qa is a movie pirating website that has nothing to do with Discord. http://bit.ly/3cuiog5 is a random picture of a video camera taken on November 19th, 2021 an hour and a minute before midnight. The other bit.ly links are down, returning a 404 error if you try to visit them.

discordes-gift.com

discordtrue.pro

djscordsteam dot com

This specific URL https://steam-airdrops.com/air and it opens the "nitro" page; the original domain, https://steam-airdrops.com however returns a 404 error as "the file does not exist" :/ Though I think both are worthy to be put on the list.

The game pretends to be "the new best adventure game", but it was advertised through a token-grabbed discord account. The website is a collection of stolen assets from the upcoming game "Silt" and it downloads a file called "SpiralCircus.rar"; I didn't dare downloading it. I had a fun time forcing the hacker to speak french to me.

spiralcircus.org
bit.ly/spiralcircus

https://discordspin.com/

not sure if this link applies but here
link(dash)hub(dot)net

Hi, I run a Discord bot that I have routed through a Pihole installation. That is, the bot runs a DNS query whenever a link shows up in a Discord message, and if it fails to resolve (aka Pihole blocks it), then the bot deletes the message.

Problem is, Pihole and perhaps a few other platforms use plain text lists. Just one domain name per line, no formatting, no markup.

This list would be super useful to me and surely a lot of other Pihole users, but in its current state we cannot use it without cloning the list and making our own local scripts to edit it into plain text, and then re-host it somewhere where Pihole can find it. Has any consideration gone to maintaining both the original JSON and also a plaintext variant within the repo, presumably using some kind of script to keep both lists in sync at the same time?

Edit: Should clarify, I am aware plain text sources are available in the readme but running on the assumption that they may change over time, I think having your list as a collection of those sources, still available in plain text, would be a nice touch. That said if your objective is purely to JSON-ify it, that's understandable and I'll stick to sources only.

Resort domains to the correct lists because the lists are overlapping.

https://cutt.us/discordsubscribe
https://dicord-nittro.com/jkaol5kfailc

Nandu Presents
Lots of Questions ( Your Life's Misery Short Version)!

Chapter 1: Why Life Exists?

1. How do you find the phishing links?
2. How do you verify that a domain is used for phishing (other than actually seeing people use the links to hack into people's account. Well you can't get this much large list of domains if you only found it that way)
3. What if a domain was originally used for phishing but later change it into a non dangerous website for doing good deeds. Will you then remove the domain from the list if the owner of the domain contacted you personally?
4. Does domains from the suspicious-list.json serve any purpose? I am pretty sure no one verifies the domain ever again after it is added to the suspicious-list.json to check wheather it surely is used for phishing. So doesn't it just serve as a safeguard for the domains in the suspicious-list.json if it is not ever moved into the main list.

Chapter 2: Why this world?

I also hate this!

Chapter 3: Who was he?

There is no restriction mentioned for submitting domains which are not used for phishing.

Chapter 4: Why me?

I don't understand what you meant by "Cause for some false positive flags ". By my 2 years of English education i think it meant that that domain was a friendly website but was accused of being a phishing website. Well if what I thought was correct, why does it still redirect me to a malware website?. If what I thought was wrong ignore the question.

Chapter 5: Why soul exist?

For people who don't know what this is this is .gitignore file. This file contains all the files and folders which will be ignored by GitHub so basically all the names of the folders and files won't be shown to you. This is used to hide .env file or config file to hide your bot token/secret, database username and password.
You will see here
package.json package-lock.json node_modules utils/
I want to know why is node_module is pushed into the respository (no one does that or Am I too stupid to know that?).

Chapter 6: Why Life Exists

And we should stop the @actions-user bot from steal the top contributer place from @nikolaischunk .

Forgive me for my grammar or spelling mistake!
BTW Admire my affords on styling this!
I also should get a award on best issue presented!

As Discord uses the discord.gg domain for certain things like server/game invites, this one causes some false positives

See title. dicsordnitras.xyz/login was what was sent.

http(s)://nitrodlcsord(.xyz)/login/nitro
the bracket is to protect accidental link clicking

There are new scam links. Update them from https://github.com/DevSpen/scam-links/blob/master/src/links.txt

hype-support.com

Hello, in the list of all suspicious links, I saw a link named "any.run", but I know this URL: this website is to analysis files in onlines virtuals machines. I use it often.

The link "discord.gift" is the default link for gifts in discord, like discord.com/gift

dliscordapp.com

https://dev.fosscord.com/

steamcommunity.com appears in the domain list but is this not the Official URL for the Steam Community Page?

If you go to your Steam Application and Go the Community Tab, Right-Clicking anywhere on the page and clicking Copy Page URL gives the https://steamcommunity.com/home URL

discorcl-club.com
discnrd.gift

I should've probably added this into the previous issue right away, sorry about that.
The previous bit.ly leads to discorcd-apps.com which is also just a phishing url.

Again, thanks a lot!

discordrpp.com
disocrds.gift
e-giftpremium.com
discorld.ru

This time it's "discordapp.co" (Line 1277) that matches part of the url. You might want to use some regex to extract the URLs and match the entirety of the URL

The website is just a copy of the nitro page from discord, with a different font and a button inviting people to get the ever ephemereal free discord nitro.

Anyway, here's the domain:

giftsfrom.online

It seems to contain a doubly-rarred virus, I don't recommend touching the download button.

When using this link: https://cdn.discordapp.com/emojis/829306161424498688.gif?size=48&quality=lossless&size=40
It'll be marked as malicious. Even though this is clearly an official Discord URL.

intent-developers.com

https://www.trade-steam.games

discorde-nitro.com

https://bit.ly/30ZM1Uc

Thanks a lot for collecting all these links! ♥

@SkyDiscovery I've noticed the other day that with the PR #150 you introduced three domains with unicode characters.
I did convert those characters but I would like to ask you to review them and see if they are still correct.