[英]How to create a vulnerability scanner ping @everyone? Discord.js
I had an idea to create a useful team for server administrators .我想为服务器管理员创建一个有用的团队。 Thanks to this command, the bot shows in which channels you can ping @everyone @here .
多亏了这个命令,机器人会显示您可以在哪些频道中 ping @everyone @here 。
Who has any suggestions on how to create this?谁对如何创建这个有任何建议?
You can iterate through the TextChannel
s in a guild and look for channels where, say, @everyone
has the MENTION_EVERYONE
permission, allowing anyone to ping @everyone or @here.您可以在公会中遍历
TextChannel
并查找@everyone
拥有MENTION_EVERYONE
权限的频道,允许任何人 ping @everyone 或 @here。
For example, the below code finds all the TextChannel
s in a guild, then checks if there is a permission overwrite for @everyone
and then checks if MENTION_EVERYONE
is explicitly allowed.例如,下面的代码查找公会中的所有
TextChannel
,然后检查@everyone
是否有权限覆盖,然后检查MENTION_EVERYONE
是否被明确允许。
const vulnerableChannels = [];
const channels = message.guild.channels.cache.array().filter(channel => channel.type === 'text');
for (const channel of channels) {
if (channel.permissionOverwrites.filter(overwrite => overwrite.id === message.guild.id && overwrite.allow.has('MENTION_EVERYONE')).array().length > 0) vulnerableChannels.push(channel.id);
}
let output = 'The following channel(s) are vulnerable:\n';
vulnerableChannels.forEach(channel => output = output.concat(` • <#${channel}>\n`));
message.channel.send(output);
@user15517071's answer would work but only if @everyone
has no 'MENTION_EVERYONE'
permission by default. @user15517071 的答案有效,但前提是
@everyone
默认没有'MENTION_EVERYONE'
权限。 If you also want to check that, you will need to update your filter.如果您还想检查,您将需要更新您的过滤器。
Check out the code below, I've added plenty of comments:查看下面的代码,我添加了很多注释:
const textChannels = message.guild.channels.cache.filter((ch) => ch.type === 'text');
const canEveryoneMention = message.guild.roles.everyone.permissions.has('MENTION_EVERYONE');
const channelsWhereEveryoneCanBeMentioned = textChannels
.map((channel) => {
// if there are no overwrites, and everyone can mention @everyone by default
if (!channel.permissionOverwrites.size && canEveryoneMention)
return channel;
// a filter to check if the overwrites allow to mention @everyone
const overwriteFilter = (overwrite) => {
// only check if the overwrite belongs to the @everyone role
if (overwrite.id !== message.guild.id)
return false;
// check if MENTION_EVERYONE is allowed
if (overwrite.allow.has('MENTION_EVERYONE'))
return true;
// or it is allowed by default and it's not denied in this overwrite
if (canEveryoneMention && !overwrite.deny.has('MENTION_EVERYONE'))
return true;
// all other cases
return false;
};
const overwrites = channel.permissionOverwrites.filter(overwriteFilter);
// only return the channel if there are "valid" overwrites
return overwrites.size > 0 ? channel : null;
})
// remove null values
.filter(Boolean);
const channelList = channelsWhereEveryoneCanBeMentioned.join('\n');
message.channel.send(`People can mention everyone in the following channels:\n${channelList}`);
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.