0

ວິເຄາະການ Hack ຫົວໃຈເກມ Diamond Dash

ສະບາຍດີ
ມື້ນີ້ ຂພຈ ຈະມາເວົ້າການເຮັດວຽກຂອງໂປແກມໂກງຫົວໃຈ Diamond Dash ໃຫ້ເບິ່ງເນາະ
ໂປແກມ -> http://laozaa.com/forum.php?mod=viewthread&tid=8742
ເອົາເປັນວ່າເລີ່ມກັນເລີຍ..!

  • ໃນນີ້ຈະໃຊ້ firefox + Live HTTP Headers(add-ons) ເພື່ອດັກອ່ານ packet ລະຫວ່າງ Client ກັບ Server

ໃນນີ້ Mission ຫລັກຂອງເຮົາແມ່ນການ ຮັບ ຫົວໃຈ ມາໃຊ້ແບບຟຣີໆ ແລະ ບໍ່ຈຳກັດ
ກ່ອນອື່ນກໍ່ຕ້ອງຄິດກ່ອນວ່າເຮົາຈະໄດ້ຮັບຫົວໃຈທາງໃດແດ່ ..
1. ສົ່ງຫົວໃຈອອກໄປ
2. ຮັບຫົວໃຈຈາກໝູ່

ເມື່ອຮູ້ແລ້ວເຮົາກໍ່ມາລອງດັກ packet ທີ່ມັນແລ່ນໄປມາລະຫວ່າງ client ກັບ server ເບິ່ງ
ຂພຈ ດັກເອົາ packet ເວລາສົ່ງຫົວໃຈໄປໃຫ້ໝູ່ແມ່ນໄດ້ແບບນີ້

https://dd.wooga.com/game/send_life

POST /game/send_life HTTP/1.1 Host: dd.wooga.com User-Agent:
Mozilla/5.0 (Windows NT 6.3; WOW64; rv:26.0) Gecko/20100101
Firefox/26.0 Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate
Content-Type: application/json; charset=utf-8 X-Requested-With:
XMLHttpRequest Referer:
https://dd.wooga.com/landingpage/?fb_source=bookmark_apps&ref=bookmarks&count=0&fb_bmpos=2_0
Content-Length: 185 Cookie:
__utma=cencors.1902575911.1390034630.1390034630.1390054986.2; __utmc=210252864; __utmz=210252864.1390054986.2.2.utmcsr=apps.facebook.com|utmccn=(referral)|utmcmd=referral|utmcct=/diamonddash/;
_dd_rails_session=BAh7BkkiD3Nlc3Npb25faWQGOgZFRkkiJTI4NDFhOTY3ZDI5Y2M5N2VlNzYyN2FhNzA5YmE3ODFhBjsAVA%3D%3D--b978dce7598f4626d56c942a73da6ced3f3a31e9;
__utmb=210252864.3.10.1390054986 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache
{"source":"mfs_send","id":1,"actor":"Frank","ids":"100002046692174","actor_id":"100000822901659","lang":"en","friend_id":"100002046692174","gift_id":"1","request_id":"1375945892668958"}

ຈະເຫັນວ່າ packet ສົ່ງໄປທີ່ https://dd.wooga.com/game/send_life
ແລະຄ່າ POST ທີ່ສົ່ງໄປພ້ອມກັນນັ້ນກໍ່ແມ່ນ

{"source":"mfssend","id":1,"actor":"Frank","ids":"100002046692174","actorid":"100000822901659","lang":"en","friendid":"100002046692174","giftid":"1","request_id":"1375945892668958"}

ເຮົາກໍ່ລອງຂຽນໂປແກມໃຫ້ ສົ່ງຄ່າ POST ທາງເທິງນີ້ໄປ url : https://dd.wooga.com/game/send_life
ຫຼືບໍ່ກໍ່ໃຊ້ hackbar(adds-on) Firefox ອີກອັນໜຶ່ງເພື່ອສົ່ງຄ່າ POST ໄປ.
ເມື່ອສົ່ງໄປເຫັນວ່າ server ຕອບກັບວ່າ :

{"message":"Invalid Request"}

ແບບນີ້ບອກໃຫ້ຮູ້ເລີຍວ່າ ທາງນີ້ບໍ່ Work

ມາທົດລອງອີກຊ່ອງທາງໜຶ່ງນັ້ນກໍ່ຄືເປັນຝ່າຍຮັບຫົວໃຈຈາກໝູ່ທີ່ສົ່ງມາໃຫ້
ຂພຈ ດັກ packet ເວລາກົດຮັບ(accept) ເອົາຫົວໃຈກໍ່ຈະໄດ້ packet ດັ່ງນີ້

https://dd.wooga.com/game/accept_sent_life/

POST /game/acceptsentlife/ HTTP/1.1 Host: dd.wooga.com User-Agent:
Mozilla/5.0 (Windows NT 6.3; WOW64; rv:26.0) Gecko/20100101
Firefox/26.0 Accept: / Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate Content-Type:
application/x-www-form-urlencoded; charset=UTF-8 X-Requested-With:
XMLHttpRequest Referer:
https://dd.wooga.com/landingpage/?fb_source=bookmark_apps&ref=bookmarks&count=0&fb_bmpos=2_0
Content-Length: 107 Cookie:
__utma=cen.1902575911.1390034630.1390054986.1390057871.3; __utmc=210252864; __utmz=210252864.1390057871.3.3.utmcsr=apps.facebook.com|utmccn=(referral)|utmcmd=referral|utmcct=/diamonddash/;
ddrailssession=BAh7BkkiD3Nlc3Npb25faWQGOgZFRkkiJTZmNjQwMjczNDRhMzU5NTllMDUyNDZjZWU2MDg3MWE2BjsAVA%3D%3D--7d65f97f0ec8358bf0d8cc6d06919a9b4531921b;
__utmb=210252864.1.10.1390057871 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache
requestid=1382520395341419100000822901659&senderid=100001055215811&recipient_id=100000822901659&cr=9b000

POST ຖືກສົ່ງໄປທີ່ https://dd.wooga.com/game/accept_sent_life/
ໂດຍຄ່າ POST ທີ່ສົ່ງໄປແມ່ນ

requestid=1382520395341419100000822901659&senderid=100001055215811&recipientid=100000822901659&cr=9b000

senderid ແມ່ນ fbid ຂອງໝູ່ຜູ່ທີ່ສົ່ງຫົວໃຈມາໃຫ້ເຮົາ ແລະ recipientid ກໍ່ຈະເກັບ fbid ຜູ່ຮັບ
ເຮົາລອງກວດເບິ່ງ ຫົວໃຈ ໃນ diamond dash ເບິ່ງກ່ອນວ່າມີຈັກຫົວໃຈ
ເຮົາກໍ່ລອງສົ່ງຄ່າ POST ນີ້ໄປທີ່ https://dd.wooga.com/game/accept_sent_life/
ກໍ່ຈະເຫັນວ່າບໍ່ມີ error ໃດໆເກີດຂຶ້ນມີພຽງແຕ່

{}

ບາດນີ້ທ່ານລອງ refresh diamond dash ໃໝ່ອີກຄັ້ງເບິ່ງ ຈະເຫັນຫົວໃຈທ່ານເພີ່ມຂຶ້ນ 1 ຫົວໃຈ.. ແລ້ວ !!
ສະນັ້ນເຮົາຈຶ່ງສາມາດຂຽນໂປແກມຂຶ້ນມາເພື່ອໃຫ້ມັນສົ່ງ request ໄປລົວໆ ເຮົາສາມາດປ່ຽນເປົ້າໝາຍໄດ້ໂດຍປ່ຽນ fbid ບ່ອນ recipient_id
ພຽງເທົ່ານີ້ເຮົາກໍ່ໄດ້ຫົວໃຈມາຫລິ້ນແບບຟຣີໆແລ້ວ ..

MISSION COMPLETED

ref: stephack.com

Frankkung

Frankkung

FULLSTACK DEVELOPER - PENETRATION TESTER