<?php
if(session_id()=="") session_start();
function userkey($fbid) {
$ch = curl_init ();
curl_setopt ( $ch, CURLOPT_URL, "http://dynamicdc.socialpointgames.com/dragoncity/web/srv/get_user_session.php?secret=zoltan3287&id=" . $fbid);
curl_setopt ( $ch, CURLOPT_USERAGENT, "Mozilla/5.0 (Windows NT 6.2; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/27.0.1453.116 Safari/537.36" );
curl_setopt ( $ch, CURLOPT_SSL_VERIFYPEER, false );
curl_setopt ( $ch, CURLOPT_HEADER, false );
//curl_setopt($ch, CURLOPT_PROXY, "127.0.0.1:8888");
curl_setopt ( $ch, CURLOPT_NOBODY, false );
curl_setopt($ch, CURLOPT_ENCODING , "gzip");
curl_setopt ( $ch, CURLOPT_RETURNTRANSFER, true );
curl_setopt ( $ch, CURLOPT_CONNECTTIMEOUT, 5 );
curl_setopt ( $ch, CURLOPT_TIMEOUT, 10 );
$userkey = curl_exec ( $ch );
$ch = curl_init ();
curl_setopt ( $ch, CURLOPT_URL, 'http://dynamicdc.socialpointgames.com/dragoncity/web/srv/get_game_config.php?USERID=' . $fbid . '&user_key=' . $userkey."&language=tr" );
curl_setopt ( $ch, CURLOPT_USERAGENT, "Mozilla/5.0 (Windows NT 6.2; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/27.0.1453.116 Safari/537.36" );
curl_setopt ( $ch, CURLOPT_SSL_VERIFYPEER, false );
curl_setopt ( $ch, CURLOPT_HEADER, false );
curl_setopt($ch, CURLOPT_ENCODING , "gzip");
curl_setopt ( $ch, CURLOPT_NOBODY, false );
//curl_setopt($ch, CURLOPT_PROXY, "127.0.0.1:8888");
curl_setopt ( $ch, CURLOPT_RETURNTRANSFER, true );
curl_setopt ( $ch, CURLOPT_CONNECTTIMEOUT, 5 );
curl_setopt ( $ch, CURLOPT_TIMEOUT, 10 );
$result = curl_exec ( $ch );
curl_setopt ( $ch, CURLOPT_URL, 'http://dynamicdc.socialpointgames.com/dragoncity/web/srv/get_player_info.php?USERID=' . $fbid . '&user_key=' . $userkey."&language=tr"
);
curl_setopt ( $ch, CURLOPT_USERAGENT, "Mozilla/5.0 (Windows NT 6.2; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/27.0.1453.116 Safari/537.36" );
curl_setopt ( $ch, CURLOPT_SSL_VERIFYPEER, false );
curl_setopt ( $ch, CURLOPT_HEADER, false );
curl_setopt ( $ch, CURLOPT_NOBODY, false );
curl_setopt ( $ch, CURLOPT_ENCODING , "gzip");
//curl_setopt ( $ch, CURLOPT_PROXY, "127.0.0.1:8888");
curl_setopt ( $ch, CURLOPT_RETURNTRANSFER, true );
curl_setopt ( $ch, CURLOPT_CONNECTTIMEOUT, 5 );
curl_setopt ( $ch, CURLOPT_TIMEOUT, 10 );
$result = curl_exec ( $ch );
return $userkey;
}
if(isset($_POST['flashVersion']) and !empty($_POST['flashVersion'])) $_SESSION['swversi']=$_POST['flashVersion'];
$versi="0.5.23a";
if(isset($_SESSION['swversi'])) $versi=$_SESSION['swversi'];
$str = '<html><head><title>Dragon City</title></head><body>
<form method="post">
ID FB:<br/>
<input name="fbid" value="100002848815775"/><br/>
Flash Version:<br/>
<input name="flashVersion" value="'.$versi.'"/><br/>
<select name="mode">
<option value="1">100k xp + 100k gold</option>
<option value="2">100k xp + 100k food</option>
<option value="3">Ready</option>
<option value="4">ADD</option>
</select><br/>
Trang:<br>
<input type="number" name= "page"></input><br>
<input type="submit" value="Submit" />
</form>';
if(isset($_POST['fbid']) and isset($_POST['mode'])){
if(empty($_POST['fbid'])) die('Please enter your FB ID');
$fbid=$_POST['fbid'];
$user=userkey($fbid);
$result=komut("http://dynamicdc.socialpointgames.com/dragoncity/web/srv/get_player_info.php?USERID=$fbid&user_key=$user&language=en");
$payload = explode(';',$result);
$data = json_decode($payload[1],true);
$str .= "------------------------------<br/>";
$str .= "name: ".$data['playerInfo']['name']."<br/>";
$str .= "cash: ".number_format($data['playerInfo']['cash'],0,',','.')."<br/>";
$str .= "gold: ".number_format($data['playerInfo']['gold'],0,',','.')."<br/>";
$str .= "food: ".number_format($data['playerInfo']['food'],0,',','.')."<br/>";
$str .= "xp: ".number_format($data['playerInfo']['xp'],0,',','.')."<br/>";
$str .= "------------------------------<br/>";
$hcx='';
for($i=1;$i<100;$i++)
{
//$hcx.='{"args":[89,25],"number":'.$i.',"cmd":"collect","time":1372771201},';
$hcx.='{"args":[18],"number":'.$i.',"cmd":"collect","time":1372771201},';
//$hcx.='{"args":[134],"number":'.$i.',"cmd":"collect","time":1372771201},';
}
$hcx=substr($hcx,0,-1);
$hc='{"commands":['.$hcx.']}';
$hc=json_decode($hc,1);
$num=1;
for($i=0;$i<count($hc['commands']);$i++)
{
$hc['commands'][$i]['time']=time();
}
$hc=substr(substr(str_replace(" ","",json_encode($hc)),0,-1),1);
function arasi($a,$b,$data)
{
$x = explode($a,$data);
$z = explode($b,$x[1]);
$oh = $z[0];
if($x && $z) { return $oh; } else { return false; }
}
function komut2($komut,$num)
{
$data=komutyolla($komut,$num);
if(stristr($data,'bad command number: expected'))
{
$yeninum=arasi('bad command number: expected ',',',$data);
$data=komutyolla($komut,$yeninum);
return substr($data,65);
}
else
{
return substr($data,65);
}
}
function komutyolla($komut,$num)
{
global $fbid,$user;
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL,"http://dynamicdc.socialpointgames.com/dragoncity/web/srv/packet.php?USERID=$fbid&user_key=$user&language=tr");
curl_setopt($ch, CURLOPT_POST, 1);
curl_setopt($ch, CURLOPT_POSTFIELDS,http_build_query(array("id"=>"$fbid","data"=>hashla($komut,$num))));
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
//curl_setopt($ch, CURLOPT_HTTPHEADER, array("REMOTE_ADDR: ".fakeip(),"X-Client-IP: ".fakeip(),"Client-IP: ".fakeip(),"HTTP_X_FORWARDED_FOR: ".fakeip(),"X-Forwarded-For: ".fakeip()));
curl_setopt($ch, CURLOPT_ENCODING , "gzip");
//curl_setopt($ch, CURLOPT_PROXY, "127.0.0.1:8888");
$data = curl_exec ($ch);
curl_close ($ch);
return $data;
}
function hashla($komut,$n)
{
$ar=array("first_number"=>$n,"publishActions"=>0,"tries"=>1,"flashVersion"=>"0.5.19","ts"=>time());
$x='RGhXbiy4xEeDnSNX1oBG';
$sonkod=str_replace(" ","",str_replace('}',','.$komut.'}',json_encode($ar)));
return hash_hmac('sha256', $sonkod, $x).';'.$sonkod;
}
if(isset($_POST["fbid"]))
{
$fbid=$_POST['fbid'];
$user=userkey($fbid);
if($_POST["mode"]==1)
{
unset($hc,$hcx);$hcx='';
for($i=1;$i<10001;$i++)
{
/* 3gems (work 1 times)
$hcx.='{"args":[147,"[0,1]"],"number":'.$i.',"cmd":"set_goals","time":1372771201},';
$hcx.='{"args":[147],"number":'.$i.',"cmd":"complete_goal","time":1372771201},';
$hcx.='{"args":[134],"number":'.$i.',"cmd":"complete_goal","time":1372771201},';
$hcx.='{"args":[148,"[0,1]"],"number":'.$i.',"cmd":"set_goals","time":1372771201},';
$hcx.='{"args":[148],"number":'.$i.',"cmd":"complete_goal","time":1372771201},';
$hcx.='{"args":[134,"[0,1]"],"number":'.$i.',"cmd":"set_goals","time":1372771201},';
$hcx.='{"args":[147,"[0,1]"],"number":1,"cmd":"set_goals","time":1372771201},';
$hcx.='{"args":[145,"[1,1]"],"number":1,"cmd":"set_goals","time":1372771201},';
$hcx.='{"args":[145],"number":1,"cmd":"set_goals","time":1372771201},';
*/
$hcx.='{"args":[1],"number":'.$i.',"cmd":"assist_receive","time":1372771201},';
}
$hcx=substr($hcx,0,-1);
$hc='{"commands":['.$hcx.']}';
$hc=json_decode($hc,1);
$num=1;
for($i=0;$i<count($hc['commands']);$i++)
{
$hc['commands'][$i]['time']=time();
}
}
else if ($_POST["mode"]==2)
{
unset($hc,$hcx);$hcx='';
for($i=1;$i<10001;$i++)
{
$hcx.='{"args":[18],"number":'.$i.',"cmd":"assist_receive","time":1372771201},';
}
$hcx=substr($hcx,0,-1);
$hc='{"commands":['.$hcx.']}';
$hc=json_decode($hc,1);
$num=1;
for($i=0;$i<count($hc['commands']);$i++)
{
$hc['commands'][$i]['time']=time();
}
}
else if ($_POST["mode"]==3)
{
unset($hc,$hcx);$hcx='';
$hcx.='{"args":[],"number":'.$i.',"cmd":"reset_complete_collection","time":1372771201},';
$hcx=substr($hcx,0,-1);
$hc='{"commands":['.$hcx.']}';
$hc=json_decode($hc,1);
$num=1;
for($i=0;$i<count($hc['commands']);$i++)
{
$hc['commands'][$i]['time']=time();
}
}
else if ($_POST["mode"]==4)
{
unset($hc,$hcx);$hcx='';
for($i=1;$i<2;$i++)
{
$hcx.='{"args":[1],"number":'.$i.',"cmd":"complete_collection","time":1372771201},';
}
for($i=1;$i<2;$i++)
{
$hcx.='{"args":[10],"number":'.$i.',"cmd":"complete_collection","time":1372771201},';
}
for($h=1;$h<2;$h++)
{
$hcx.='{"args":[14],"number":'.$i.',"cmd":"complete_collection","time":1372771201},';
}
$hcx.='{"args":[],"number":'.$i.',"cmd":"reset_complete_collection","time":1372771201},';
$hcx=substr($hcx,0,-1);
$hc='{"commands":['.$hcx.']}';
$hc=json_decode($hc,1);
$num=1;
for($i=0;$i<count($hc['commands']);$i++)
{
$hc['commands'][$i]['time']=time();
}
}
$hc=substr(substr(str_replace(" ","",json_encode($hc)),0,-1),1);
$sucb=json_decode(komut2($hc,$num),1);
}
else
{
}
$result=komut("http://dynamicdc.socialpointgames.com/dragoncity/web/srv/get_player_info.php?USERID=$fbid&user_key=$user&language=en");
$payload = explode(';',$result);
$data = json_decode($payload[1],true);
$str .= "name: ".$data['playerInfo']['name']."<br/>";
$str .= "cash: ".number_format($data['playerInfo']['cash'],0,',','.')."<br/>";
$str .= "gold: ".number_format($data['playerInfo']['gold'],0,',','.')."<br/>";
$str .= "food: ".number_format($data['playerInfo']['food'],0,',','.')."<br/>";
$str .= "xp: ".number_format($data['playerInfo']['xp'],0,',','.')."<br/>";
$str .= "------------------------------<br/>";
die("$str</body></html>");
}else die("$str</body></html>");
function fakeip()
{
return long2ip( mt_rand(0, 65537) * mt_rand(0, 65535) );
}
function komut($url,$args=false)
{
global $fbid,$user;
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL,$url);
curl_setopt($ch, CURLOPT_HTTPHEADER, array("REMOTE_ADDR: ".fakeip(),"X-Client-IP: ".fakeip(),"Client-IP: ".fakeip(),"HTTP_X_FORWARDED_FOR: ".fakeip(),"X-Forwarded-For: ".fakeip()));
if($args)
{
curl_setopt($ch, CURLOPT_POST, 1);
curl_setopt($ch, CURLOPT_POSTFIELDS,$args);
}
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
//curl_setopt($ch, CURLOPT_PROXY, "127.0.0.1:8888");
$result = curl_exec ($ch);
curl_close ($ch);
return $result;
}
?>