Skip to content

Instantly share code, notes, and snippets.

@horsley

horsley/Crypt.class.php Secret

Created January 12, 2014 04:12
Show Gist options
  • Star 4 You must be signed in to star a gist
  • Fork 2 You must be signed in to fork a gist
  • Save horsley/d016c1c323967fa39ef6 to your computer and use it in GitHub Desktop.
Save horsley/d016c1c323967fa39ef6 to your computer and use it in GitHub Desktop.
Download ZIP
Vagex game robot
Raw
Crypt.class.php
<?php
/**
* Created by JetBrains PhpStorm.
* User: horsley
* Date: 13-2-2
* Time: 下午10:46
* To change this template use File | Settings | File Templates.
*
* @link: http://stackoverflow.com/questions/10471367/flash-encryption-php-decryption
*/
class Crypt
{
var $key = NULL;
var $iv = NULL;
var $iv_size = NULL;
function Crypt()
{
$this->init();
}
function init($key = "")
{
$this->key = ($key != "") ? $key : "";
$this->algorithm = MCRYPT_DES;
$this->mode = MCRYPT_MODE_ECB;
$this->iv_size = mcrypt_get_iv_size($this->algorithm, $this->mode);
$this->iv = mcrypt_create_iv($this->iv_size, MCRYPT_RAND);
}
function encrypt($data)
{
$size = mcrypt_get_block_size($this->algorithm, $this->mode);
$data = $this->pkcs5_pad($data, $size);
return base64_encode(mcrypt_encrypt($this->algorithm, $this->key, $data, $this->mode, $this->iv));
}
function decrypt($data)
{
return $this->pkcs5_unpad(rtrim(mcrypt_decrypt($this->algorithm, $this->key, base64_decode($data), $this->mode, $this->iv)));
}
function pkcs5_pad($text, $blocksize)
{
$pad = $blocksize - (strlen($text) % $blocksize);
return $text . str_repeat(chr($pad), $pad);
}
function pkcs5_unpad($text)
{
$pad = ord($text{strlen($text)-1});
if ($pad > strlen($text)) return false;
if (strspn($text, chr($pad), strlen($text) - $pad) != $pad) return false;
return substr($text, 0, -1 * $pad);
}
}
Raw
HttpReq.class.php
<?php
/**
* Created by JetBrains PhpStorm.
* User: horsley
* Date: 13-1-14
* Time: 下午2:20
* To change this template use File | Settings | File Templates.
*
* 参考 @link https://apidoc.sinaapp.com/sae/SaeFetchurl.html
* @link http://josephscott.org/archives/2010/03/php-helpers-curl_http_request/
*/
class HttpReq
{
public $response = array();
private $cookies = array();
private $headers = array();
private $curl_opt = array();
function __construct() {
$this->curl_opt = array(
CURLOPT_AUTOREFERER => true,
CURLOPT_RETURNTRANSFER => true,
CURLOPT_HEADER => true,
CURLOPT_SSL_VERIFYPEER => false,
CURLOPT_SSL_VERIFYHOST => 0,
);
$this->setConnectionTimeout(5); //默认连接超时 5s
$this->setTotalTimeout(15); //执行超时15s
$this->setUserAgent('Mozilla/5.0 (Windows NT 6.1; rv:14.0) Gecko/20100101 Firefox/14.0.1'); //默认ua
//$this->setProxy('192.168.11.36:8880'); //fiddler debug
}
/**
* 设置代理,如127.0.0.1:8888
* @param $proxy
* @param bool $is_socks5
*/
public function setProxy($proxy, $is_socks5 = false) {
$this->curl_opt[CURLOPT_PROXY] = $proxy;
if ($is_socks5) {
$this->curl_opt[CURLOPT_PROXYTYPE] = CURLPROXY_SOCKS5;
}
}
/**
* 设置请求方法,如get post
* @param string $method
*/
public function setMethod($method = 'GET') {
$this->curl_opt[CURLOPT_CUSTOMREQUEST] = $method;
if ($method == 'POST') {
$this->curl_opt[CURLOPT_POST] = true;
} else if ( $method == 'HEAD' ) {
$curl_opt[CURLOPT_NOBODY] = true;
}
}
/**
* 设置连接超时
* @param $second
*/
public function setConnectionTimeout($second) {
$this->curl_opt[CURLOPT_CONNECTTIMEOUT] = $second;
}
/**
* 设置执行超时
* @param $second
*/
public function setTotalTimeout($second) {
$this->curl_opt[CURLOPT_TIMEOUT] = $second;
}
/**
* 设置ua
* @param $ua
*/
public function setUserAgent($ua) {
$this->curl_opt[CURLOPT_USERAGENT] = $ua;
}
/**
* 批量设置cookie
* @param $cookie_arr
*/
public function setCookies($cookie_arr) {
if ($cookie_arr) {
foreach($cookie_arr as $k => $v) {
$this->setCookie($k, $v);
}
}
}
/**
* 设置一条cookie
* @param $cookie_name
* @param $cookie_value
*/
public function setCookie($cookie_name, $cookie_value) {
$this->cookies[$cookie_name] = $cookie_value;
}
/**
* 设置一条header
* @param $header_name
* @param $header_value
*/
public function setHeader($header_name, $header_value) {
$this->headers[$header_name] = $header_value;
}
/**
* 设置post提交值,会覆盖前面的设置
* @param $post_arr
* @param $multipart 是否为二进制数据
*/
public function setPostData($post_arr, $multipart = false) {
if (empty($post_arr) && isset($this->curl_opt[CURLOPT_POSTFIELDS])) {
unset($this->curl_opt[CURLOPT_POSTFIELDS]);
return;
}
if (!$multipart) {
foreach ($post_arr as $k => &$p) {
$p = urlencode($p);
$p = "$k=$p";
}
$this->curl_opt[CURLOPT_POSTFIELDS] = implode('&', $post_arr);
} else {
$this->curl_opt[CURLOPT_POSTFIELDS] = $post_arr;
}
}
/**
* 取已设置的post参数
* @return array|string
*/
public function getPostData() {
$post_arr = $this->curl_opt[CURLOPT_POSTFIELDS];
if (is_array($post_arr)) {
foreach($post_arr as &$p) {
$p = urldecode($p);
}
return $post_arr;
} else if (is_string($post_arr)) {
$post_arr = explode('&', $post_arr);
$count = count($post_arr);
for ($i = 0; $i < $count; $i++) {
list($k, $v) = explode('=', $post_arr[$i], 2);
unset($post_arr[$i]);
$post_arr[$k] = $v;
}
return $post_arr;
}
}
private function _prepare_custom_fields() {
if (count($this->cookies) > 0) { //cookies init
$formatted = array();
foreach($this->cookies as $k => $v) {
$formatted[] = "$k=$v";
}
$this->curl_opt[CURLOPT_COOKIE] = implode( ';', $formatted );
}
if (count($this->headers) > 0) { //headers init
$formatted = array();
foreach($this->headers as $k => $v) {
$formatted[] = "$k: $v";
}
$this->curl_opt[CURLOPT_HTTPHEADER] = $formatted;
}
}
/**
* 抓取
* @param $url
* @return bool
*/
public function fetch( $url ) {
$this->_prepare_custom_fields();
$curl = curl_init( $url );
curl_setopt_array( $curl, $this->curl_opt );
$this->response['body'] = curl_exec( $curl );
$this->response['err_no'] = curl_errno( $curl );
$this->response['err_msg'] = curl_error( $curl );
$this->response['info'] = curl_getinfo( $curl );
curl_close( $curl );
//cut body and header
$this->response['headers'] = trim( substr( $this->response['body'], 0, $this->response['info']['header_size'] ) );
$this->response['body'] = substr( $this->response['body'], $this->response['info']['header_size'] );
// //手动的跟踪302跳转
// //参考http://php.net/manual/en/function.curl-setopt.php#102121
// if ($info['http_code'] == 301 || $info['http_code'] == 302) {
// $new_url = $headers['location'];
// return $this->fetch($new_url);
// }
if ($this->response['err_no'] == 0) {
return $this->response['body'];
} else {
return false;
}
}
/**
* 取得返回的http头
* @param $parse
* @return mixed|string
*/
public function getHeaders($parse = true) {
$headers = array_pop( explode( "\r\n", $this->response['headers'], 2 ) );
if (!$parse) {
return $headers;
}
$headers = explode("\r\n", $headers);
$headers_new = array();
foreach ( $headers as $line ) {
@list( $k, $v ) = explode( ':', $line, 2 );
if ( empty( $v ) ) {
continue;
}
if ( strtolower( $k ) == 'set-cookie' ) {
if (array_key_exists($k, $headers_new)) {
array_push($headers_new[$k], trim( $v ));
} else {
$headers_new[$k] = array(trim( $v ));
}
} else {
$headers_new[$k] = trim( $v );
}
}
return $headers_new;
}
public function getCookies($all = true)
{
$header = $this->response['headers'];
$matchs = array();
$cookies = array();
$kvs = array();
if (preg_match_all('/Set-Cookie:\s([^\r\n]+)/i', $header, $matchs)) {
foreach ($matchs[1] as $match) {
$cookie = array();
$items = explode(";", $match);
foreach ($items as $_) {
$item = explode("=", trim($_));
if (count($item) == 2) {
$cookie[$item[0]]= $item[1];
}
}
array_push($cookies, $cookie);
$kvs = array_merge($kvs, $cookie);
}
}
if ($all) {
return $cookies;
} else {
unset($kvs['path']);
unset($kvs['max-age']);
return $kvs;
}
}
}
Raw
vagex_games.php
<?php
/**
* Created by JetBrains PhpStorm.
* User: horsley
* Date: 13-2-2
* Time: 下午11:28
* To change this template use File | Settings | File Templates.
*/
set_time_limit(0);
include(dirname(__FILE__) . '/HttpReq.class.php');
include(dirname(__FILE__) . '/Crypt.class.php');
define('VAGEX_ORIGIN', 'http://vagex.com');
define('VAGEX_USER_ID', '0'); //your vagex user id
define('VAGAME_CHEAT_SCORE', '21'); //cheat score
define('VAGAME_DETECT_CHANGES', true); //set to true to verify the game file has not been modified, so cheat can work great, but it needs more time
define('VAGAME_POST_DIM', '*delimiter*');
$VAGEX_GAMES_INFO = array(
'vagicopter' => array(
'flash_url' => 'http://vagex.com/members/Helicopter.swf',
'flash_sha1' => 'adf619d3da15f994976218c4bcbd4ffe98bcc852',
'crypt_key' => 'X60DT48N',
'post_url' => 'http://vagex.com/update_database_e.php',
'rank_url' => 'http://vagex.com/members/vagicoptertop.php',
),
'vagriver' => array(
'flash_url' => 'http://vagex.com/members/Vagriver.swf',
'flash_sha1' => '92db0a41e5a170940a2465183713068484193d28',
'crypt_key' => 'X60DT48N',
'post_url' => 'http://vagex.com/update_database_e2.php',
'rank_url' => 'http://vagex.com/members/vagrivertop.php',
),
'vagman' => array(
'flash_url' => 'http://vagex.com/members/vagman_game.swf',
'flash_sha1' => '393129469f3e5ba547db10e5e27746ec3a0636fc',
'crypt_key' => 'N0CY721O',
'post_url' => 'http://vagex.com/update_database_e3.php',
'rank_url' => 'http://vagex.com/members/vagmantop.php',
),
'vagfighter' => array(
'flash_url' => 'http://vagex.com/members/vagfighter.swf',
'flash_sha1' => 'dd3d45196c594e45c8a555fc4b20a8decce713fc',
'crypt_key' => 'KNU2UERG',
'post_url' => 'http://vagex.com/update_database_vagfighter.php',
'rank_url' => 'http://vagex.com/members/vagfightertop.php',
)
);
function check_flash($game_info) {
$swf_data = file_get_contents($game_info['flash_url']);
return sha1($swf_data) == $game_info['flash_sha1'];
}
function crypt_post_data($game_info, $userid, $score, $total_time = 0) {
$crypt = new Crypt;
$crypt->init($game_info['crypt_key']);
$origin_data = $userid . VAGAME_POST_DIM .$score;
if (!empty($total_time)) { //vagfighter special
$origin_data .= VAGAME_POST_DIM . $total_time;
}
return $crypt->encrypt($origin_data);
}
function post_cheat($game_info, $post_data) {
$http = new HttpReq();
$http->setMethod('POST');
//$http->setProxy('127.0.0.1:8888'); //fiddler
$http->setPostData(array('data' => $post_data));
$http->setHeader('Referer', $game_info['flash_url']);
$http->setHeader('Origin', VAGEX_ORIGIN);
$http->fetch($game_info['post_url']);
return $http->response['info']['http_code'] == 200;
}
if (isset($_GET['game']) && isset($VAGEX_GAMES_INFO[$_GET['game']])) {
$game_info = $VAGEX_GAMES_INFO[$_GET['game']];
if (isset($_GET['check_swf']) && $_GET['check_swf'] == 'on' && !check_flash($game_info)) {
echo 'Official game file has been modified, cheat failed';
exit;
}
if ($_GET['game'] == 'vagfighter') {
$post_data = crypt_post_data($game_info, $_GET['uid'], $_GET['score'], $_GET['time']);
} else {
$post_data = crypt_post_data($game_info, $_GET['uid'], $_GET['score']);
}
if (post_cheat($game_info, $post_data)) {
echo 'POST OK, Please check <a target="_blank" href="' . $game_info['rank_url'] .'">Here</a>. <a href="javascript:history.go(-1)">Back</a>';
} else {
echo 'POST Error!';
}
exit;
}
?><!DOCTYPE html>
<html>
<head>
<title>Vagex Game Cheater</title>
<style>
.label {
width: 250px;
display: block;
float: left;
text-align: right;
margin-bottom: 3px;
margin-right: 5px;
}
input[type=text], select {float:left;margin: 0;font-size: 100%;vertical-align: middle;width: 150px}
.clearfix {
*zoom: 1;
}
.clearfix:before,
.clearfix:after {
display: table;
line-height: 0;
content: "";
}
.clearfix:after {
clear: both;
}
.form-line {
vertical-align: middle;
margin-bottom: 5px;
}
#main, #notice {
width: 600px;
margin: auto;
}
#notice {
background-color: #efefef;
border: 2px #ccc dashed;
padding: 10px;
}
</style>
</head>
<body>
<div id="main">
<h1 style="text-align: center">Vagex Game Cheater</h1>
<form method="get">
<div class="form-line clearfix">
<label class="label" for="uid">Vagex ID:</label>
<input type="text" id="uid" name="uid" value="<?=isset($_GET['uid']) ? $_GET['uid'] : VAGEX_USER_ID?>">
</div>
<div class="form-line clearfix">
<label class="label" for="game">Choose game:</label>
<select id="game" name="game">
<option value="vagicopter">Vagicopter</option>
<option value="vagriver">Vagriver</option>
<option value="vagman">VagMan</option>
<option value="vagfighter">Vagfighter</option>
</select>
</div>
<div class="form-line clearfix">
<label class="label" for="score">Cheat score:</label>
<input type="text" id="score" name="score" value="<?=isset($_GET['score']) ? $_GET['score'] : VAGAME_CHEAT_SCORE?>">
</div>
<div class="form-line clearfix" id="extra_field" style="display: none;">
<label class="label" for="time">Alive time:</label>
<input type="text" id="time" name="time" value="<?=isset($_GET['time']) ? $_GET['time'] : 90?>">
</div>
<div class="form-line" style="text-align: center">
<label>Verify Game File</label>
<input type="checkbox" name="check_swf" <?=VAGAME_DETECT_CHANGES?'checked="checked"':''?>>
</div>
<div class="form-line" style="text-align: center">
<input type="submit" value="Cheat!">
</div>
</form>
</div>
<br><? /*
<div id="notice">
<div style="text-align: center"><b>*** IMPORTANT NOTES ***</b></div>
<ol>
<li><span>Each user id have <b>ONE</b> chance to use this cheater free for testing, the score will be 60</span></li>
<li><span>Pay $5(each id), you can use this tool unlimited times and set score by yourself</span></li>
<li><span>The score represent the <b>seconds</b> you keep alive in game Vagicopter, Vagriver and VagMan.</span></li>
<li><span>Alive time field is required only for Vagfighter.</span></li>
<li><span>Choose verify game file so we will check the official game file is modified or not since this cheater was made,
If the file has modified, the cheater won't go on because the old method maybe not work anymore.</span></li>
<li><span><b>DO NOT Cheat an impossible score(too large)</b> or Vagex will find you.</span></li>
<li><span>I am not responsible for any problems,<b>Use at Your Own Risk!</b> I made this tool just to show how weak the technologies they are using.</span></li>
</ol>
<form action="https://www.paypal.com/cgi-bin/webscr" method="post">
<input type="hidden" name="cmd" value="_s-xclick">
<input type="hidden" name="hosted_button_id" value="X868K5LL3LGHC">
<input type="image" src="https://www.paypalobjects.com/en_GB/i/btn/btn_buynow_SM.gif" border="0" name="submit" alt="PayPal — The safer, easier way to pay online.">
<img alt="" border="0" src="https://www.paypalobjects.com/zh_XC/i/scr/pixel.gif" width="1" height="1">
</form>
</div> */?>
<script>
document.getElementById('game').addEventListener('change', function(e) {
if (document.getElementById('game').value != 'vagfighter') {
document.getElementById('extra_field').style.display = 'none'
} else {
document.getElementById('extra_field').style.display = 'block'
}
}, false);
</script>
</body></html>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment