May or may not be related, careful what cookie editor you use. immediately saw login attempts china/vietnam to my MS acct after setting this bot up about discordbot-edgegpt HOT 6 CLOSED

OK if you've gone through it, then I'll just close this.
We can chalk it up to very strange timing. I appreciate the respectable discourse. I should not have jumped to conclusions, however I was spooked enough to not use this or any other bot requiring cookies, but that's my own problem.

from discordbot-edgegpt.

I tested with a tester microsoft account I made to access bing. As soon as I set it up, I start getting unsuccessful login attempts from Vietnam and China as it would be trivial for them to grab the cookies you provide it. Do not use.

That's just not true. The entire code is up in github. Show me one single line pointing to that functionality.
If you're getting those emails, it's probably already leaked from somewhere else. I've been using it for a week now, and never got a single notification/log about anybody accessing my account except me.

Look up your email at haveibeenpwned and see if it's been leaked by somewhere else or not.

from discordbot-edgegpt.

The timing is very suspect. No foreign login attempts until a couple hours of the bot being up. "show me one single line..." You got me, I can get the bot working, but unfortunately I don't know enough to be able to tell if it's exfiltrating cookies, but that's why I used a test account. I figured, if it is, I'll see login attempts, then I did.
rikuddo, go check your microsoft accounts recent activity. I didn't get any emails or notifications as no one ever got through because of 2factor and I'm not using IMAP. I only know of these attempts because I looked.
My email is not on haveibeenpwned recently. It's a tester that I keep 2fa'd and with a new hilariously complex password all the time.
I'm not trying to be a jerk or slanderous, it's just too closely correlated. I hope you check your account and see no one's tried to get into it but I suspect otherwise.

from discordbot-edgegpt.

The timing is very suspect. No foreign login attempts until a couple hours of the bot being up. "show me one single line..." You got me, I can get the bot working, but unfortunately I don't know enough to be able to tell if it's exfiltrating cookies, but that's why I used a test account. I figured, if it is, I'll see login attempts, then I did. rikuddo, go check your microsoft accounts recent activity. I didn't get any emails or notifications as no one ever got through because of 2factor and I'm not using IMAP. I only know of these attempts because I looked. My email is not on haveibeenpwned recently. It's a tester that I keep 2fa'd and with a new hilariously complex password all the time. I'm not trying to be a jerk or slanderous, it's just too closely correlated. I hope you check your account and see no one's tried to get into it but I suspect otherwise.

Oh no, I didn't mean to sound offensive either.
I just meant, I've gone through the entire code and can't see any line which would be forwarding anything to a third party. Everything seems to be working locally (on your machine). My account was leaked in past as it's a very old account, so there are almost a sign-in attempt almost every day from random locations. I have 2FA on, so not much worry there.

I also used ChatGPT Playground, to dissect the entire code, file-by-file (in case I might've missed something) and it also turned out negative.

So, I honestly don't know how it could've been leaked. But I'm almost certain that it wasn't from this one.
Sorry if I came out aggressive in my last message.

from discordbot-edgegpt.

I apologize, I thought of one other way this could have leaked. Cookie editor extension that is part of the instructions. I'm sorry, owner, delete this whole thread if you want. I shouldn't have opened it.

from discordbot-edgegpt.

there's a cookie extension that have been flag by chrome recently, maybe that's the problem i guess

from discordbot-edgegpt.