网页游戏 数据分析 软件工具 教程
这里以qq农场做举例,以下内容绝大部分转贴:登录农场有两个渠道:
1、通过QQ校友登录;
2、通过QQ空间登录;
介绍一下工具:fiddler(HTTP抓包工具)
这个是在空间渠道登录的截图:
可以看到,从空间登录农场的地址是:http://happyfarm.qzone.qq.com/
从校友登录农场的地址:http://happyfarm.xiaoyou.qq.com/ 紧接着POST了一个包到:http://happyfarm.qzone.qq.com/api.php?mod=user&act=run
可以看见body一栏内,POST的数据主要包括两大部分:
1、各功能swf的版本;
2、farmkey 和 farmtime;(这是一组对应的编码,farmkey是依据farmtime生成的一组32位的MD5码;
顺带介绍一下时间戳。也就是上面的farmtime;详细请参见 时间戳-百度百科
Delphi将当前时间转换成时间戳代码:DatetimeToUnix(Now - 8 / 24);(中国处于GMT +8时区)
记得在uses里加上DateUtils
核心内容: 返回的数据内容,也就是HTML源码。
{"farmlandStatus":[{"a":34,"b":4,"c":0,"d":0,"e":1,"f":0,"g":0,"h":1,"i":100,"j":2,"k":0,"l":0,"m":0,"n":[],"o":0,"p":[],"q":1255605382,"r":1255756582},{"a":34,"b":4,"c":0,"d":0,"e":1,"f":0,"g":0,"h":1,"i":100,"j":1,"k":0,"l":0,"m":0,"n":[],"o":0,"p":[],"q":1255551999,"r":1255703199},{"a":34,"b":4,"c":0,"d":0,"e":1,"f":0,"g":0,"h":1,"i":100,"j":1,"k":0,"l":0,"m":0,"n":[],"o":0,"p":[],"q":1255551999,"r":1255703199},{"a":33,"b":4,"c":0,"d":0,"e":1,"f":0,"g":0,"h":1,"i":100,"j":3,"k":0,"l":0,"m":0,"n":[],"o":0,"p":[],"q":1255604257,"r":1255751857},{"a":34,"b":4,"c":0,"d":0,"e":1,"f":0,"g":0,"h":1,"i":100,"j":1,"k":0,"l":0,"m":0,"n":[],"o":0,"p":[],"q":1255552000,"r":1255703200},{"a":34,"b":4,"c":0,"d":0,"e":1,"f":0,"g":0,"h":1,"i":100,"j":1,"k":0,"l":0,"m":0,"n":[],"o":0,"p":[],"q":1255552000,"r":1255703200},{"a":34,"b":4,"c":0,"d":0,"e":1,"f":0,"g":0,"h":1,"i":100,"j":1,"k":0,"l":0,"m":0,"n":[],"o":0,"p":[],"q":1255552001,"r":1255703201},{"a":34,"b":4,"c":0,"d":0,"e":1,"f":0,"g":0,"h":1,"i":100,"j":1,"k":0,"l":0,"m":0,"n":[],"o":0,"p":[],"q":1255552002,"r":1255703202},{"a":34,"b":4,"c":0,"d":0,"e":1,"f":0,"g":0,"h":1,"i":100,"j":1,"k":0,"l":0,"m":0,"n":[],"o":0,"p":[],"q":1255552002,"r":1255703202},{"a":34,"b":4,"c":0,"d":0,"e":1,"f":0,"g":0,"h":1,"i":100,"j":1,"k":0,"l":0,"m":0,"n":[],"o":0,"p":[],"q":1255552003,"r":1255703203},{"a":34,"b":4,"c":0,"d":0,"e":1,"f":0,"g":0,"h":1,"i":100,"j":2,"k":0,"l":0,"m":0,"n":[],"o":0,"p":[],"q":1255605383,"r":1255756583},{"a":34,"b":4,"c":0,"d":0,"e":1,"f":0,"g":0,"h":1,"i":100,"j":1,"k":0,"l":0,"m":0,"n":[],"o":0,"p":[],"q":1255552003,"r":1255703203},{"a":34,"b":1,"c":0,"d":0,"e":1,"f":0,"g":0,"h":1,"i":100,"j":0,"k":0,"l":0,"m":0,"n":[],"o":0,"p":[],"q":1255585357,"r":1255585357},{"a":34,"b":4,"c":0,"d":0,"e":1,"f":0,"g":0,"h":1,"i":100,"j":1,"k":0,"l":0,"m":0,"n":[],"o":0,"p":[],"q":1255552004,"r":1255703204},{"a":33,"b":4,"c":0,"d":0,"e":1,"f":0,"g":0,"h":1,"i":100,"j":2,"k":0,"l":0,"m":0,"n":[],"o":0,"p":[],"q":1255542157,"r":1255689757}],"items":{"1":{"itemId":213},"2":{"itemId":214},"3":{"itemId":215},"4":{"itemId":216}},"exp":53725,"weather":{"weatherId":1,"weatherDesc":"\u6674\u5929"},"serverTime":{"time":1255789091},"user":{"uId":155893,"userName":null,"money":462700,"headPic":null,"exp":53725,"yellowlevel":0,"yellowstatus":0,"canbad":50,"pf":false},"cacheControl":{"seed":9,"tool":1,"diy":3},"a":true,"b":1255686763,"c":false,"task":{"taskId":0,"taskFlag":0}}
上面的这些是JSON数据格式!可以用firefox 带的json插件来分析。当然也有其他工具。后面会讲到。
分析:
可以看到,登录后会发一个(我们定义为run动作)数据,告诉服务器开始游戏,服务器立即返回当前登录帐户的农场信息,也就是以上的JSON格式的数据。
也就是说,只要能模拟发出首个POST数据包即可获得自己农场的信息。
网上有牛人破解了farmtime和farmkey的关系,我这里把规则写好了。
获取farmkey:
function TCommon.getFarmKey(time: TDateTime): string;
var
md5: TIdHashMessageDigest5;
temp1: Integer;
temp3: string;
begin
temp3 := 'sdoit78sdopig7w34057';
temp1 := DatetimeToUnix(time - 8 / 24);
Delete(temp3, 1, temp1 mod 10);
temp3 := IntToStr(temp1) + temp3;
md5 := TIdHashMessageDigest5.Create;
Result := LowerCase(md5.AsHex(md5.HashValue(temp3)));
end;
不过这个farmkey 还有以上的JSON数据 tx 每过一段是会变动的。发在这只是参考。更深入交流更多的讨论。欢迎加入 易语言快手双修群 95353051 共同进步!那里有更详细的图文教程。数量多。就不要一一贴出!上面只是给个引子
很好啊!!!!!!!!!! 看帖回帖 谢谢! 楼主,不论什么情况你一定要hold住!hold住就是胜利! 楼主 有想法 我支持一下 楼主 有想法 佩服佩服! 为毛老子总也抢不到沙发?!! 路过的帮顶