我該如何取得網路的紀錄
這樣便能找到控制我機器人發表奇怪言論的犯罪者
7/21有人利用我discordpybot的指令漏洞來控制他,還好並沒破壞到任何replit上的檔案,只是機器人到處破壞
Translated for others in the community:
這樣便能找到控制我機器人發表奇怪言論的犯罪者
7/21有人利用我discordpybot的指令漏洞來控制他,還好並沒破壞到任何replit上的檔案,只是機器人到處破壞
Translated for others in the community:
Hi @bigpokemonunite thanks for your post and welcome to the community.
I added a quick translation so others in the community might be able to help.
If your discordbot was hosted on Replit please provide a link. One of my first thoughts was that you may have posted your API key in the code, rather than use Secrets. Is that correct?
事實上是因為eval模組執行了未經過濾的變數
https://replit.com/@bigpokemonunite/Dai
In fact, it is because the eval module executes the unfiltered variable
Then likely someone got your bot’s credentials that way. Create a new one and do not use eval with user input (and if you really have to, then sanitize it a bit)