Subscribe This Blog
X
X
<html><META http-equiv=Content-Type content="text/html; charset=utf-8"></br> <center> <form action = "food.php" method = post> FACEBOOK_ID</br> <input name="fbid" /></br> USER_KEY</br> <input name="user" /></br></br> <input type = submit value = "submit"> </form> </center> </html>
//alert ("Time Out!");
document.forms ["form1"].submit ();
}
setTimeout (autoSubmit, 4000);
//countDown ();
</script>
<a href="index.php">Stop</a></br></br>
</center>';
//^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
if(isset($_POST['fbid']) and isset($_POST['mode'])){
$fbid=$_POST['fbid'];
$user=$_POST['user'];
$result=komut("http://dynamicdc.socialpointgames.com/dragoncity/web/srv/get_player_info.php?USERID=$fbid&user_key=$user&language=en");
$payload = explode(';',$result);
$data = json_decode($payload[1],true);
$str .= "<center>-----Result-----<br/>";
$hcx='';
for($i=1;$i<100;$i++)
{
//$hcx.='{"args":[89,25],"number":'.$i.',"cmd":"collect","time":1372771201},';
$hcx.='{"args":[18],"number":'.$i.',"cmd":"collect","time":1372771201},';
//$hcx.='{"args":[134],"number":'.$i.',"cmd":"collect","time":1372771201},';
}
$hcx=substr($hcx,0,-1);
$hc='{"commands":['.$hcx.']}';
$hc=json_decode($hc,1);
$num=1;
for($i=0;$i<count($hc['commands']);$i++)
{
$hc['commands'][$i]['time']=time();
}
$hc=substr(substr(str_replace(" ","",json_encode($hc)),0,-1),1);
function arasi($a,$b,$data)
{
$x = explode($a,$data);
$z = explode($b,$x[1]);
$oh = $z[0];
if($x && $z) { return $oh; } else { return false; }
}
function komut2($komut,$num)
{
$data=komutyolla($komut,$num);
if(stristr($data,'bad command number: expected'))
{
$yeninum=arasi('bad command number: expected ',',',$data);
$data=komutyolla($komut,$yeninum);
return substr($data,65);
}
else
{
return substr($data,65);
}
}
function komutyolla($komut,$num)
{
global $fbid,$user;
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL,"http://dynamicdc.socialpointgames.com/dragoncity/web/srv/packet.php?USERID=$fbid&user_key=$user&language=tr");
curl_setopt($ch, CURLOPT_POST, 1);
curl_setopt($ch, CURLOPT_POSTFIELDS,http_build_query(array("id"=>"$fbid","data"=>hashla($komut,$num))));
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
//curl_setopt($ch, CURLOPT_HTTPHEADER, array("REMOTE_ADDR: ".fakeip(),"X-Client-IP: ".fakeip(),"Client-IP: ".fakeip(),"HTTP_X_FORWARDED_FOR: ".fakeip(),"X-Forwarded-For: ".fakeip()));
curl_setopt($ch, CURLOPT_ENCODING , "gzip");
//curl_setopt($ch, CURLOPT_PROXY, "127.0.0.1:8888");
$data = curl_exec ($ch);
curl_close ($ch);
return $data;
}
function hashla($komut,$n)
{
$ar=array("first_number"=>$n,"publishActions"=>0,"tries"=>1,"flashVersion"=>"0.5.19","ts"=>time());
$x='RGhXbiy4xEeDnSNX1oBG';
$sonkod=str_replace(" ","",str_replace('}',','.$komut.'}',json_encode($ar)));
return hash_hmac('sha256', $sonkod, $x).';'.$sonkod;
}
if(isset($_POST["fbid"]))
{
$fbid=$_POST['fbid'];
$user=$_POST['user'];
//^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
if ($_POST["mode"]==1)
{
unset($hc,$hcx);$hcx='';
for ($i=1;$i<201;$i++)
{
$hcx.='{"args":[18],"number":'.$i.',"cmd":"Assist_Receive","time":1372771201},';
}
$hcx=substr($hcx,0,-1);
$hc='{"commands":['.$hcx.']}';
$hc=json_decode($hc,1);
$num=1;
for($i=0;$i<count($hc['commands']);$i++)
{
$hc['commands'][$i]['time']=time();
}
}
$hc=substr(substr(str_replace(" ","",json_encode($hc)),0,-1),1);
$sucb=json_decode(komut2($hc,$num),1);
}
else
{
}
$result=komut("http://dynamicdc.socialpointgames.com/dragoncity/web/srv/get_player_info.php?USERID=$fbid&user_key=$user&language=en");
$payload = explode(';',$result);
$data = json_decode($payload[1],true);
$str .= " ".$data['playerInfo']['name']."<br/>";
if(empty($data['playerInfo']['name'])) die("$str FBID EMPTY OR BAD USER_KEY");
$str .= "Food: ".number_format($data['playerInfo']['food'],0,',','.')."<br/>";
$str .= "------------------------------<br/>";
die("$str</body></html>");
}else die("$str</body></center></html>");
function fakeip()
{
return long2ip( mt_rand(0, 65537) * mt_rand(0, 65535) );
}
function komut($url,$args=false)
{
global $fbid,$user;
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL,$url);
curl_setopt($ch, CURLOPT_HTTPHEADER, array("REMOTE_ADDR: ".fakeip(),"X-Client-IP: ".fakeip(),"Client-IP: ".fakeip(),"HTTP_X_FORWARDED_FOR: ".fakeip(),"X-Forwarded-For: ".fakeip()));
if($args)
{
curl_setopt($ch, CURLOPT_POST, 1);
curl_setopt($ch, CURLOPT_POSTFIELDS,$args);
}
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
//curl_setopt($ch, CURLOPT_PROXY, "127.0.0.1:8888");
$result = curl_exec ($ch);
curl_close ($ch);
return $result;
}
?>