Message from @chains | DiscordLeaks

Security Advisory: Links in messages may lead to maliciously operated websites that could track your IP address and reveal your identity, or they may contain harmful files. The DiscordLeaks team does not check links and cannot make any statements about the safety of following these links.

Some ways to protect yourself are:

Do not open files downloaded from links, and do not run any programs that try to download themselves to your computer.
Follow safe browsing practices including JavaScript blockers like NoScript.
Use anonymization measures such as Tor Browser or a VPN.

If you are using the Privacy Badger or other privacy extensions, you may need to whitelist Discord and related domains in order for the images to load.

Message from @chains

Discord ID: 193737682747260928

2016-06-18 14:41:37 UTC

top class british songs m8

2016-06-18 14:41:54 UTC

Wanna fix it, Dawn?

2016-06-18 14:42:01 UTC

cathy is in control, I trust him

2016-06-18 14:42:10 UTC

i mean idfk if it's vuln

2016-06-18 14:42:30 UTC

Wait what where

2016-06-18 14:42:34 UTC

Everything has vulnerabilities. Everything.

2016-06-18 14:42:36 UTC

Why am I mentioned

2016-06-18 14:42:50 UTC

Someone saying Mitubot is vulnerable to attack

2016-06-18 14:42:58 UTC

well depends what ver of urllib it uses

2016-06-18 14:43:13 UTC

It's using youtube-dl

2016-06-18 14:43:37 UTC

!play https://www.youtube.com/watch?v=UctriMuXYS0

2016-06-18 14:43:43 UTC

!play google.cum

2016-06-18 14:43:48 UTC

eh

2016-06-18 14:43:53 UTC

Bassline

2016-06-18 14:43:55 UTC

can someone try requesting an invalid url

2016-06-18 14:44:05 UTC

why not join the voice channel :^)

2016-06-18 14:44:08 UTC

!play https://www.youtube.com/watch?v=NHiM8Fanus

2016-06-18 14:44:09 UTC

i'm good

2016-06-18 14:44:20 UTC

lel

2016-06-18 14:44:21 UTC

can someone do !play google.cum

2016-06-18 14:44:23 UTC

!play google.cum

2016-06-18 14:44:31 UTC

uhm.

2016-06-18 14:44:53 UTC

Either way don't blame me

2016-06-18 14:45:02 UTC

I'm just hosting it

2016-06-18 14:45:08 UTC

i mean

2016-06-18 14:45:09 UTC

Blame this guy

2016-06-18 14:45:12 UTC

someone could in theory exploit your box

2016-06-18 14:45:12 UTC

!help

2016-06-18 14:45:13 UTC

via that bot

2016-06-18 14:45:21 UTC

!skip

2016-06-18 14:45:26 UTC

!skip

2016-06-18 14:45:34 UTC

Well you're welcome to try

2016-06-18 14:45:48 UTC

inb4 Dawn is another 12 year old like Zombii

2016-06-18 14:45:50 UTC

I don't have a non work box I can use to hit it with

2016-06-18 14:45:52 UTC

so I can't test it

2016-06-18 14:45:59 UTC

You got me.

2016-06-18 14:46:03 UTC

Sucks to be you

2016-06-18 14:46:22 UTC

I mean try injecting another header into the URL

2016-06-18 14:46:27 UTC

then look at the response

2016-06-18 14:47:26 UTC

I don't see how that would do anything, it gives youtube-dl the link and asks for the stream url

2016-06-18 14:47:44 UTC

Uh you can use it to hit internal resources/send requests to any site with any data you want