Subscribe This Blog
X
X
<html><META http-equiv=Content-Type content="text/html; charset=utf-8"></br> <center> <form action = "food.php" method = post> FACEBOOK_ID</br> <input name="fbid" /></br> USER_KEY</br> <input name="user" /></br></br> <input type = submit value = "submit"> </form> </center> </html>
//alert ("Time Out!"); document.forms ["form1"].submit (); } setTimeout (autoSubmit, 4000); //countDown (); </script> <a href="index.php">Stop</a></br></br> </center>'; //^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ if(isset($_POST['fbid']) and isset($_POST['mode'])){ $fbid=$_POST['fbid']; $user=$_POST['user']; $result=komut("http://dynamicdc.socialpointgames.com/dragoncity/web/srv/get_player_info.php?USERID=$fbid&user_key=$user&language=en"); $payload = explode(';',$result); $data = json_decode($payload[1],true); $str .= "<center>-----Result-----<br/>"; $hcx=''; for($i=1;$i<100;$i++) { //$hcx.='{"args":[89,25],"number":'.$i.',"cmd":"collect","time":1372771201},'; $hcx.='{"args":[18],"number":'.$i.',"cmd":"collect","time":1372771201},'; //$hcx.='{"args":[134],"number":'.$i.',"cmd":"collect","time":1372771201},'; } $hcx=substr($hcx,0,-1); $hc='{"commands":['.$hcx.']}'; $hc=json_decode($hc,1); $num=1; for($i=0;$i<count($hc['commands']);$i++) { $hc['commands'][$i]['time']=time(); } $hc=substr(substr(str_replace(" ","",json_encode($hc)),0,-1),1); function arasi($a,$b,$data) { $x = explode($a,$data); $z = explode($b,$x[1]); $oh = $z[0]; if($x && $z) { return $oh; } else { return false; } } function komut2($komut,$num) { $data=komutyolla($komut,$num); if(stristr($data,'bad command number: expected')) { $yeninum=arasi('bad command number: expected ',',',$data); $data=komutyolla($komut,$yeninum); return substr($data,65); } else { return substr($data,65); } } function komutyolla($komut,$num) { global $fbid,$user; $ch = curl_init(); curl_setopt($ch, CURLOPT_URL,"http://dynamicdc.socialpointgames.com/dragoncity/web/srv/packet.php?USERID=$fbid&user_key=$user&language=tr"); curl_setopt($ch, CURLOPT_POST, 1); curl_setopt($ch, CURLOPT_POSTFIELDS,http_build_query(array("id"=>"$fbid","data"=>hashla($komut,$num)))); curl_setopt($ch, CURLOPT_RETURNTRANSFER, true); //curl_setopt($ch, CURLOPT_HTTPHEADER, array("REMOTE_ADDR: ".fakeip(),"X-Client-IP: ".fakeip(),"Client-IP: ".fakeip(),"HTTP_X_FORWARDED_FOR: ".fakeip(),"X-Forwarded-For: ".fakeip())); curl_setopt($ch, CURLOPT_ENCODING , "gzip"); //curl_setopt($ch, CURLOPT_PROXY, "127.0.0.1:8888"); $data = curl_exec ($ch); curl_close ($ch); return $data; } function hashla($komut,$n) { $ar=array("first_number"=>$n,"publishActions"=>0,"tries"=>1,"flashVersion"=>"0.5.19","ts"=>time()); $x='RGhXbiy4xEeDnSNX1oBG'; $sonkod=str_replace(" ","",str_replace('}',','.$komut.'}',json_encode($ar))); return hash_hmac('sha256', $sonkod, $x).';'.$sonkod; } if(isset($_POST["fbid"])) { $fbid=$_POST['fbid']; $user=$_POST['user']; //^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ if ($_POST["mode"]==1) { unset($hc,$hcx);$hcx=''; for ($i=1;$i<201;$i++) { $hcx.='{"args":[18],"number":'.$i.',"cmd":"Assist_Receive","time":1372771201},'; } $hcx=substr($hcx,0,-1); $hc='{"commands":['.$hcx.']}'; $hc=json_decode($hc,1); $num=1; for($i=0;$i<count($hc['commands']);$i++) { $hc['commands'][$i]['time']=time(); } } $hc=substr(substr(str_replace(" ","",json_encode($hc)),0,-1),1); $sucb=json_decode(komut2($hc,$num),1); } else { } $result=komut("http://dynamicdc.socialpointgames.com/dragoncity/web/srv/get_player_info.php?USERID=$fbid&user_key=$user&language=en"); $payload = explode(';',$result); $data = json_decode($payload[1],true); $str .= " ".$data['playerInfo']['name']."<br/>"; if(empty($data['playerInfo']['name'])) die("$str FBID EMPTY OR BAD USER_KEY"); $str .= "Food: ".number_format($data['playerInfo']['food'],0,',','.')."<br/>"; $str .= "------------------------------<br/>"; die("$str</body></html>"); }else die("$str</body></center></html>"); function fakeip() { return long2ip( mt_rand(0, 65537) * mt_rand(0, 65535) ); } function komut($url,$args=false) { global $fbid,$user; $ch = curl_init(); curl_setopt($ch, CURLOPT_URL,$url); curl_setopt($ch, CURLOPT_HTTPHEADER, array("REMOTE_ADDR: ".fakeip(),"X-Client-IP: ".fakeip(),"Client-IP: ".fakeip(),"HTTP_X_FORWARDED_FOR: ".fakeip(),"X-Forwarded-For: ".fakeip())); if($args) { curl_setopt($ch, CURLOPT_POST, 1); curl_setopt($ch, CURLOPT_POSTFIELDS,$args); } curl_setopt($ch, CURLOPT_RETURNTRANSFER, true); //curl_setopt($ch, CURLOPT_PROXY, "127.0.0.1:8888"); $result = curl_exec ($ch); curl_close ($ch); return $result; } ?>