Last active
February 12, 2024 19:54
-
-
Save vilkoz/608b142ba4117b1504f700f2677c88c5 to your computer and use it in GitHub Desktop.
Gamee Karate Kido 2 score hack
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| // VALUES TO CHANGE | |
| const playTime = 16; | |
| const SCORE = 1337; | |
| const blockCnt = 32660 | |
| // END VALUES TO CHANGE | |
| async function getAuthToken() { | |
| let gameUrl = window.location.pathname; | |
| let auth_data = { | |
| "jsonrpc": "2.0", | |
| "id": "user.authentication.botLogin", | |
| "method": "user.authentication.botLogin", | |
| "params": { | |
| "botName": "telegram", | |
| "botGameUrl": gameUrl, | |
| "botUserIdentifier": null | |
| } | |
| } | |
| const getUUID = () => document.cookie.match(/uuid=.+?;/)[0].split('=')[1].replaceAll(';', '') | |
| const response = await fetch('https://api.service.gameeapp.com/', { | |
| method: 'POST', | |
| headers: { | |
| 'Content-Type': 'text/plain;charset=UTF-8', | |
| 'X-Install-Uuid': getUUID(), | |
| }, | |
| body: JSON.stringify(auth_data) | |
| }); | |
| const json = await response.json(); | |
| return json.result.tokens.authenticate; | |
| } | |
| const getGameplayId = () => { | |
| try { | |
| const gameplayId = window.localStorage.getItem('gameplayId'); | |
| return JSON.parse(localStorage.getItem('gameplayId')); | |
| } catch (error) { | |
| console.error('Gameplay id error:', error); | |
| return 0; | |
| } | |
| }; | |
| //md5 library | |
| var md5 = function(d){var r = M(V(Y(X(d),8*d.length)));return r.toLowerCase()};function M(d){for(var _,m="0123456789ABCDEF",f="",r=0;r<d.length;r++)_=d.charCodeAt(r),f+=m.charAt(_>>>4&15)+m.charAt(15&_);return f}function X(d){for(var _=Array(d.length>>2),m=0;m<_.length;m++)_[m]=0;for(m=0;m<8*d.length;m+=8)_[m>>5]|=(255&d.charCodeAt(m/8))<<m%32;return _}function V(d){for(var _="",m=0;m<32*d.length;m+=8)_+=String.fromCharCode(d[m>>5]>>>m%32&255);return _}function Y(d,_){d[_>>5]|=128<<_%32,d[14+(_+64>>>9<<4)]=_;for(var m=1732584193,f=-271733879,r=-1732584194,i=271733878,n=0;n<d.length;n+=16){var h=m,t=f,g=r,e=i;f=md5_ii(f=md5_ii(f=md5_ii(f=md5_ii(f=md5_hh(f=md5_hh(f=md5_hh(f=md5_hh(f=md5_gg(f=md5_gg(f=md5_gg(f=md5_gg(f=md5_ff(f=md5_ff(f=md5_ff(f=md5_ff(f,r=md5_ff(r,i=md5_ff(i,m=md5_ff(m,f,r,i,d[n+0],7,-680876936),f,r,d[n+1],12,-389564586),m,f,d[n+2],17,606105819),i,m,d[n+3],22,-1044525330),r=md5_ff(r,i=md5_ff(i,m=md5_ff(m,f,r,i,d[n+4],7,-176418897),f,r,d[n+5],12,1200080426),m,f,d[n+6],17,-1473231341),i,m,d[n+7],22,-45705983),r=md5_ff(r,i=md5_ff(i,m=md5_ff(m,f,r,i,d[n+8],7,1770035416),f,r,d[n+9],12,-1958414417),m,f,d[n+10],17,-42063),i,m,d[n+11],22,-1990404162),r=md5_ff(r,i=md5_ff(i,m=md5_ff(m,f,r,i,d[n+12],7,1804603682),f,r,d[n+13],12,-40341101),m,f,d[n+14],17,-1502002290),i,m,d[n+15],22,1236535329),r=md5_gg(r,i=md5_gg(i,m=md5_gg(m,f,r,i,d[n+1],5,-165796510),f,r,d[n+6],9,-1069501632),m,f,d[n+11],14,643717713),i,m,d[n+0],20,-373897302),r=md5_gg(r,i=md5_gg(i,m=md5_gg(m,f,r,i,d[n+5],5,-701558691),f,r,d[n+10],9,38016083),m,f,d[n+15],14,-660478335),i,m,d[n+4],20,-405537848),r=md5_gg(r,i=md5_gg(i,m=md5_gg(m,f,r,i,d[n+9],5,568446438),f,r,d[n+14],9,-1019803690),m,f,d[n+3],14,-187363961),i,m,d[n+8],20,1163531501),r=md5_gg(r,i=md5_gg(i,m=md5_gg(m,f,r,i,d[n+13],5,-1444681467),f,r,d[n+2],9,-51403784),m,f,d[n+7],14,1735328473),i,m,d[n+12],20,-1926607734),r=md5_hh(r,i=md5_hh(i,m=md5_hh(m,f,r,i,d[n+5],4,-378558),f,r,d[n+8],11,-2022574463),m,f,d[n+11],16,1839030562),i,m,d[n+14],23,-35309556),r=md5_hh(r,i=md5_hh(i,m=md5_hh(m,f,r,i,d[n+1],4,-1530992060),f,r,d[n+4],11,1272893353),m,f,d[n+7],16,-155497632),i,m,d[n+10],23,-1094730640),r=md5_hh(r,i=md5_hh(i,m=md5_hh(m,f,r,i,d[n+13],4,681279174),f,r,d[n+0],11,-358537222),m,f,d[n+3],16,-722521979),i,m,d[n+6],23,76029189),r=md5_hh(r,i=md5_hh(i,m=md5_hh(m,f,r,i,d[n+9],4,-640364487),f,r,d[n+12],11,-421815835),m,f,d[n+15],16,530742520),i,m,d[n+2],23,-995338651),r=md5_ii(r,i=md5_ii(i,m=md5_ii(m,f,r,i,d[n+0],6,-198630844),f,r,d[n+7],10,1126891415),m,f,d[n+14],15,-1416354905),i,m,d[n+5],21,-57434055),r=md5_ii(r,i=md5_ii(i,m=md5_ii(m,f,r,i,d[n+12],6,1700485571),f,r,d[n+3],10,-1894986606),m,f,d[n+10],15,-1051523),i,m,d[n+1],21,-2054922799),r=md5_ii(r,i=md5_ii(i,m=md5_ii(m,f,r,i,d[n+8],6,1873313359),f,r,d[n+15],10,-30611744),m,f,d[n+6],15,-1560198380),i,m,d[n+13],21,1309151649),r=md5_ii(r,i=md5_ii(i,m=md5_ii(m,f,r,i,d[n+4],6,-145523070),f,r,d[n+11],10,-1120210379),m,f,d[n+2],15,718787259),i,m,d[n+9],21,-343485551),m=safe_add(m,h),f=safe_add(f,t),r=safe_add(r,g),i=safe_add(i,e)}return Array(m,f,r,i)}function md5_cmn(d,_,m,f,r,i){return safe_add(bit_rol(safe_add(safe_add(_,d),safe_add(f,i)),r),m)}function md5_ff(d,_,m,f,r,i,n){return md5_cmn(_&m|~_&f,d,_,r,i,n)}function md5_gg(d,_,m,f,r,i,n){return md5_cmn(_&f|m&~f,d,_,r,i,n)}function md5_hh(d,_,m,f,r,i,n){return md5_cmn(_^m^f,d,_,r,i,n)}function md5_ii(d,_,m,f,r,i,n){return md5_cmn(m^(_|~f),d,_,r,i,n)}function safe_add(d,_){var m=(65535&d)+(65535&_);return(d>>16)+(_>>16)+(m>>16)<<16|65535&m}function bit_rol(d,_){return d<<_|d>>>32-_} | |
| async function setScore(SCORE, playTime, blockCnt) { | |
| const authToken = await getAuthToken(); | |
| const gameplayId = getGameplayId() + 1; | |
| const getChecksum = (score, playTime, url, gameStateData) => | |
| md5(`${score}:${playTime}:${url}:${gameStateData}:crmjbjm3lczhlgnek9uaxz2l9svlfjw14npauhen`); | |
| const gameUrl = window.location.pathname; | |
| const gameStateData = `{"totalBlockCnt":${blockCnt}`; | |
| let today = new Date() | |
| today.setHours(today.getHours() + 2) | |
| data = { | |
| "jsonrpc": "2.0", | |
| "id": "game.saveWebGameplay", | |
| "method": "game.saveWebGameplay", | |
| "params": { | |
| "gameplayData": { | |
| "gameId": 212, | |
| "score": SCORE, | |
| "playTime": playTime, | |
| "gameUrl": gameUrl, | |
| "metadata": { | |
| "gameplayId": gameplayId, | |
| }, | |
| "releaseNumber": 8, | |
| "gameStateData": gameStateData, | |
| "createdTime": today.toISOString().split('.')[0] + "+02:00", | |
| "checksum": getChecksum(SCORE, playTime, gameUrl, gameStateData), | |
| "replayVariant": null, | |
| "replayData": null, | |
| "replayDataChecksum": null, | |
| "isSaveState": false, | |
| "gameplayOrigin": "game" | |
| } | |
| } | |
| } | |
| fetch('https://api.service.gameeapp.com', { | |
| method: 'POST', | |
| headers: { | |
| 'Content-Type': 'text/plain;charset=UTF-8', | |
| 'authorization': `Bearer ${authToken}`, | |
| }, | |
| body: JSON.stringify(data), | |
| }) | |
| } |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| // paste this to the developer console | |
| SCORE = 13379; | |
| data = { | |
| "score":714, | |
| "url":"/game/karatekid2", | |
| "play_time":52, | |
| "hash":"{\"ct\":\"WFND2Rlq7gvKoMBxMhOOTScSvgsQVxr5CWwoKq9oMaWXu5kHJuYoGqIkFWb8NZ1MT8FebP1RHW7dLZ66YbCYKA39YPLtvkONxszWpN0aeAY=\",\"iv\":\"81fc80601f7c64317c3029fa4edd18d4\",\"s\":\"7501f4ecbe09df31\"}", | |
| "username":null, | |
| "anonymous_id":null, | |
| "game_state_data":"{\"totalBlockCnt\":$$$}" | |
| }; | |
| hash = CryptoJS.AES.encrypt( | |
| JSON.stringify({ | |
| score: SCORE, timestamp: new Date().getTime() | |
| }), | |
| "crmjbjm3lczhlgnek9uaxz2l9svlfjw14npauhen", // $(#dataId).attr('data-id'); | |
| { | |
| format: CryptoJSAesJson | |
| } | |
| ).toString(); | |
| data.score = SCORE; | |
| data.url = window.location.pathname; | |
| data.hash = hash; | |
| data.game_state_data = data.game_state_data.replace("$$$", parseInt(2628).toString());//parseInt(2628/646 * SCORE).toString()); | |
| data.play_time = 16;//parseInt((714 / 52) * SCORE); | |
| gameeUI.sendScoreData(data); | |
| data.hash = CryptoJS.AES.encrypt( | |
| JSON.stringify({ | |
| score: SCORE, timestamp: new Date().getTime() | |
| }), | |
| "crmjbjm3lczhlgnek9uaxz2l9svlfjw14npauhen", // $(#dataId).attr('data-id'); | |
| { | |
| format: CryptoJSAesJson | |
| } | |
| ).toString(); | |
| gameeUI.sendScoreData(data); | |
found that game sends save request with the following header:
authorization: Bearer eyJ0eXAiOiJKV1QiLCJh<...EDITED...>ou2MPJF8E
searched through the source code and found that it is set by the following request:
{
"jsonrpc": "2.0",
"id": "user.authentication.botLogin",
"method": "user.authentication.botLogin",
"params": {
"botName": "telegram",
"botGameUrl": "/game-bot/karatekid2-decfe<..EDITED..>2b5698dc5",
"botUserIdentifier": null
}
}tried to replicate:
let gameUrl = window.location.pathname;
let auth_data = {
"jsonrpc": "2.0",
"id": "user.authentication.botLogin",
"method": "user.authentication.botLogin",
"params": {
"botName": "telegram",
"botGameUrl": gameUrl,
"botUserIdentifier": null
}
}
fetch('https://api.service.gameeapp.com/', {
method: 'POST',
headers: {
'Content-Type': 'text/plain;charset=UTF-8',
},
body: JSON.stringify(auth_data)
})got the following error:
"error": {
"code": -32007,
"message": "X-Install-Uuid header is missing",
"data": {
"reason": "It's required header for login command"
}
},searched for this header and found that it is got from cookies
created the function to get auth token:
async function getAuthToken() {
let gameUrl = window.location.pathname;
let auth_data = {
"jsonrpc": "2.0",
"id": "user.authentication.botLogin",
"method": "user.authentication.botLogin",
"params": {
"botName": "telegram",
"botGameUrl": gameUrl,
"botUserIdentifier": null
}
}
const getUUID = () => document.cookie.match(/uuid=.+?;/)[0].split('=')[1].replaceAll(';', '')
const response = await fetch('https://api.service.gameeapp.com/', {
method: 'POST',
headers: {
'Content-Type': 'text/plain;charset=UTF-8',
'X-Install-Uuid': getUUID(),
},
body: JSON.stringify(auth_data)
});
const json = await response.json();
return json.result.tokens.authenticate;
}
@abuvoki why are you sending me this link?
Hello vilkoz,
I still cant understand nothing tbh, so can you teach me in like a video or do it for me?
That would be appreciated! Thanks
Привіт,можеш допомогти з цим я неможу розбртись що робити.
can you explain how did you get getChecksum function ?
Interesting, tried making something similar to this earlier but couldnt get the checksum. this does seem to work but does get me banned sadly
Can you explain how to use
9999
Can you please explain how to use ?! If I copy that on console i get an error
" Uncaught ReferenceError: CryptoJS is not defined
at :13:1 "
Can you please explain how to use ?! If I copy that on console i get an error " Uncaught ReferenceError: CryptoJS is not defined at :13:1 "
Take a minute to read through every comment and understand what is going on.
Don't try to run the code until you understand - the service is protected from dummies and you will get yourself banned.
So did it work?
***@***.*** *Yet, it works
ср, 14 вер. 2022, 11:33 користувач TweeteX ***@***.***> пише:
… ***@***.**** commented on this gist.
------------------------------
So did it work?
—
Reply to this email directly, view it on GitHub
<https://gist.github.com/608b142ba4117b1504f700f2677c88c5#gistcomment-4300895>,
or unsubscribe
<https://github.com/notifications/unsubscribe-auth/AD7OQFYBYHVN3TY4MZZPC73V6GEURANCNFSM5GBMSDDQ>
.
You are receiving this because you authored the thread.Message ID:
***@***.***>
можеш пояснити як це зробити?)
@rusiktopik very sad :(
@rusiktopik very sad :(
{"jsonrpc":"2.0","error":{"code":-32700,"message":"Parse error","data":{"reason":"Invalid payload data - invalid json"}}
?
@rusiktopik I'm not your personal assistant, try your best and good luck
@rusiktopik I'm not your personal assistant, try your best and good luck
харош :-)
Please :)
Can you add 514158 to this Please<3
look I added1,182,182 to your score
message me telegram @Gamee_hacker to hack any Gamee games
yo bro chat with me ma username is @magi_ani_hacker
make a video and send me the link please
@magiioo 4000 usd
I'm not king lm not goo
how to use these
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
checksum function (Thanks developers for leaving development webpack configuration))):
creating payload for sending score:
after that you will see that request is passed without errors but no changes applied (