abusing the slack api, bc yes :)
why did i do this?
i wanted to abuse rowans slack bot :3
https://git.hack.pet/sleepy/stacked-selfbot -- this is the repo for the code where you'll find the "selfbot" per se.
getting tokens and cookies:
https://app.slack.com/client, open devtools, go to console, run the code, copy the cookie and the token.
run
(function(){let a=!1;function b(c,d){let e=null;if("string"==typeof c){let f=c.match(/xoxc-[\w-]+/);f&&(e=f[0])}else if(c instanceof FormData)for(let f of c.entries())if("string"==typeof f[1]&&f[1].startsWith("xoxc-")){e=f[1];break}if(!e&&d)for(let f in d)if("string"==typeof d[f]){let g=d[f].match(/xoxc-[\w-]+/);g&&(e=g[0])}if(e&&!a){a=!0;const f=document.cookie;console.log("xoxc: "+e+"\ncookie: "+f);if(navigator.clipboard&&navigator.clipboard.writeText)navigator.clipboard.writeText(f+"\n"+e).then(()=>alert("cookie and xoxc token copied to clipboard!")).catch(()=>{prompt("Copy cookie and xoxc token below:",f+"\n"+e)});else if("function"==typeof copy)copy(f+"\n"+e),alert("cookie and xoxc token copied to clipboard!");else prompt("Copy cookie and xoxc token below:",f+"\n"+e);return!0}return!1}const c=XMLHttpRequest.prototype.open,d=XMLHttpRequest.prototype.send;XMLHttpRequest.prototype.open=function(e,f){return this._slack_url=f,c.apply(this,arguments)},XMLHttpRequest.prototype.send=function(e){return this._slack_url&&this._slack_url.includes("/api/")&&this.addEventListener("readystatechange",function(){4===this.readyState&&b(e,this._headers||{})}),d.apply(this,arguments)};const e=XMLHttpRequest.prototype.setRequestHeader;XMLHttpRequest.prototype.setRequestHeader=function(f,g){return this._headers=this._headers||{},this._headers[f]=g,e.apply(this,arguments)};const f=window.fetch;window.fetch=function(g,h){let i="string"==typeof g?g:g.url;if(i&&i.includes("/api/")){let j=h&&h.body,k=h&&h.headers||{};if(k&&k.get){let l={};for(let m of k.entries())l[m[0]]=m[1];k=l}setTimeout(()=>{b(j,k)},0)}return f.apply(this,arguments)},alert("do any action to get your cookie and token")})();
basically it yoinks xmlhttprequests and fetches, and looks for the token in the body or headers. :thumbsup:
testing to see if it works:
make a GET request to https://workspacehere.slack.com/api/auth.test, put the cookie as the Cookie header, and the token as ?token=xoxc-...
(yes i'll make these docs better, im just lazy)
accessing the gateway:
open a websocket request to wss://wss-primary.slack.com/?token=TOKEN HERE&sync_desync=1&slack_client=desktop&gateway_server=T0266FRGM-2 (replace gateway server with your workspace/team id, in this case, it's the id of hackclub.)
you will need to set the Cookie header to the cookie you got earlier.
simple JS example:
function connectWebSocket() {
ws = new WebSocket(wsUrl, {
headers: {
'Cookie': creds.cookie,
},
});
ws.on('open', function open() {
reconnectAttempts = 0;
console.log('this shit is working.');
});
}
sending commands
you need to send a POST request to https://workspacehere.slack.com/api/chat.command, with the following parameters:
- token: the token you got earlier
- channel: the channel you want to send the command to
- command: the command you want to send
- text: the text you want to send (text being like an argument or subcommand, any following arguments)
you will need to set the Cookie header to the cookie you got earlier.
async function sendSlackCommand(subcommand) {
try {
const params = {
token: "xoxc-...",
channel: "C....",
command: "/command",
text: subcommand,
};
const response = await axios.post(
'https://workspacehere.slack.com/api/chat.command',
qs.stringify(params),
{
headers: {
'Content-Type': 'application/x-www-form-urlencoded',
'Cookie': "d=...",
},
}
);
return response.data;
} catch (error) {
console.error('Error sending command:', error.response?.data || error.message);
}
}
thanks for coming to my ted talk. :3