Skip to content

Instantly share code, notes, and snippets.

Last active March 3, 2022 11:33
Show Gist options
  • Save Clarence-pan/e809ecd83dc4f3c8aeb2b71f3fffbf48 to your computer and use it in GitHub Desktop.
Save Clarence-pan/e809ecd83dc4f3c8aeb2b71f3fffbf48 to your computer and use it in GitHub Desktop.
微信跳一跳, 你懂得
* Recommend run with node v8.9.x or higher version
* npm install lodash crypto-js request-promise request
* node hack.js
const version = 5 // the version of t1t
const score = 370 // the score you wanna get
const playTimeSeconds = score * 0.01 // simulate the playing time (seconds)
// replace with your session_id here
const session_id = "your session_id"
// import libraries
const CryptoJS = require('crypto-js')
const requestPromise = require('request-promise')
const sleep = (time) => {
console.log(`sleeping ${time/1000} second(s)....`)
return new Promise(resolve => setTimeout(resolve, time))
const rand = (min, max) => Math.random() * (max - min) + min
const randInt = (min, max) => ~~rand(min, max)
const sleepRand = (min, max) => sleep(rand(min, max))
const headers = {
'User-Agent': 'Mozilla/5.0 (iPhone; CPU iPhone OS 10_3_2 like Mac OS X) AppleWebKit/603.2.4 (KHTML, like Gecko) Mobile/14F89 MicroMessenger/6.6.1 NetType/WIFI Language/zh_CN',
'Referer': '' + version + '/page-frame.html',
'Content-Type': 'application/json',
'Accept-Language': 'zh-cn',
'Accept': '*/*'
const base_req = {
'base_req': {
'session_id': session_id,
'fast': 1
const base_site = ''
// the main proccess
async function main(){
let settlementRes, res
res = await request("POST", 'wxagame_getuserinfo')
await sleepRand(100,300)
res = await request("POST", 'wxagame_getfriendsscore')
// return
let times = res.my_user_info.times + 1
await sleepRand(100,300)
res = await request('POST', 'wxagame_init', {version: 9})
await sleepRand(playTimeSeconds * 0.9 * 1000, playTimeSeconds * 1.1 * 1000)
await (async function(){
let action = [],
musicList = [],
touchList = []
for (let i = 0; i < score; i++) {
action.push([rand(0.752, 0.852), rand(1.31, 1.36), false])
touchList.push([randInt(180, 190), randInt(441, 456)])
let data = {
score: score,
times: times,
game_data: JSON.stringify({
action: action,
musicList: musicList,
touchList: touchList,
version: 1
let action_data = encrypt(data, session_id)
settlementRes = await request('POST', 'wxagame_settlement', {action_data})
res = await request("POST", 'wxagame_getfriendsscore')
console.log("settlement result: ", settlementRes)
console.log("Well done! Happy new year! 🎉")
async function request(method, path, body={}){
console.log(`Sending request: %s %s -- %o`, method, path, body)
try {
const res = await requestPromise({
method: method,
url: base_site + path,
headers: headers,
json: true,
body: {...base_req, ...body},
console.log("Response: %o", res)
return res
} catch (e) {
console.error('Failed to get response: ', e)
throw e
function encrypt (text, originKey) {
const originKey2 = originKey.slice(0, 16)
const key = CryptoJS.enc.Utf8.parse(originKey2)
const iv = CryptoJS.enc.Utf8.parse(originKey2)
const msg = JSON.stringify(text)
const ciphertext = CryptoJS.AES.encrypt(msg, key, {
iv: iv,
mode: CryptoJS.mode.CBC,
padding: CryptoJS.pad.Pkcs7
return ciphertext.toString()
function decrypt (text, originKey) {
const originKey2 = originKey.slice(0, 16)
const key = CryptoJS.enc.Utf8.parse(originKey2)
const iv = CryptoJS.enc.Utf8.parse(originKey2)
const bytes = CryptoJS.AES.decrypt(text, key, {iv})
const plaintext = CryptoJS.enc.Utf8.stringify(bytes)
return plaintext
// execute!
main().catch(e => {
console.error("Opps~ ERROR EXIT: ", e)
Copy link

imwcl commented Jan 4, 2018

2018/1/4 16:50
分数 2018
时间系数 0.31

Copy link


Copy link

touzi commented Jan 4, 2018

@zake111000 是有这个情况, 2118 分能够看见.

Copy link

@JacobW92 @jimmyczm 你们的是什么手机?session_id确定没有抓错吗?如果session_id没有错,建议试试把第26行的User-Agent的值改成你们的手机对应的User-Agent再试试

Copy link

qmppz commented Jan 5, 2018

这个还没凉? 其他的都凉了

Copy link


Copy link


Copy link

jim4node commented Jan 6, 2018

现在还能下载小程序 pkg 吗?怎样得到它的 appid ?

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment