search

Hagmar / Helix

Script for demonstrating how easy it is to cheat in the "Helix Game" at Liseberg, Gothenburg
7 stars 2 forks source link

Bruteforcing not working #4

Open AntonUden opened 5 years ago

AntonUden commented 5 years ago

PS C:\Users\Desktop\Helix-master> py .\helix.py -c Bruteforcing game code... The current code is: 5200 PS C:\Users\Desktop\Helix-master> py .\helix.py -c Bruteforcing game code... The current code is: 5300 PS C:\Users\Desktop\Helix-master> py .\helix.py -c Bruteforcing game code... The current code is: 3400 PS C:\Users\Desktop\Helix-master> py .\helix.py -c Bruteforcing game code... The current code is: 4400 PS C:\Users\Desktop\Helix-master> py .\helix.py -c Bruteforcing game code... The current code is: 1000

AntonUden commented 5 years ago

output from https://helixgame.liseberg.se/checkgamecode looks like this { "status": 200, "data": { "status": "invalid" } }

if i change if js['data'] != "invalid": to if js['data']['status'] != "invalid":

but now it says

py .\helix.py -c Bruteforcing game code... The current code is: 0

AntonUden commented 5 years ago

they added udid to checkCode

` checkCode: function(func, code) { console.log("DATAMANAGER: " + this.SERVICE_VALIDATE_GAME_CODE);

//  Build data to send
var data = "";
data += "code=" + code;
data += "&udid=" + this.fingerprint;

// udid, score, session
var request = new PIXI.AjaxRequest();
request.open("POST", this.SERVICE_VALIDATE_GAME_CODE, true);
request.setRequestHeader("Content-type", "application/x-www-form-urlencoded");

var scope = this;
request.onload = function() {
  // do something to response
  var result;
  try {
    result = JSON.parse(this.responseText);
  } catch (error) {}

  if (result && result.status && result.status == 200) {
    var response = result.data;

    var isValid = response.status == "invalid" ? false : true;

    if (isValid) {
      // Save for later use
      scope.latestCode = code;
      scope.sessionToken = response.token;

      scope.codeTimestamp = new Date().getTime();

      // Unlock bonus game and schedule notification
      // and set badge number.
      // First, get current unlock time for the bonus game, if any
      var unlockTimestamp = Helix.Storage.getValue("bonusGameUnlockTimestamp");

      console.log("UNLOCK TIME STAMP: " + unlockTimestamp);

      // We don't want to set it again if already set, so find out if it is
      if (unlockTimestamp == undefined) {
        // The bonus game unlock time stamp isn't set, so we'll do that
        // now.
        var timestamp = new Date().getTime() / 1000;

        // Add 24 hours because we want it unlocked tomorrow
        timestamp += 60 * 60 * 24;

        // Save unlock time stamp to storage, to be able to retrieve it later
        Helix.Storage.setValue("bonusGameUnlockTimestamp", timestamp, true);

        // Schedule notification and badge number
        var notifications = new Helix.NotificationManager();
        notifications.scheduleNotification("Bonusspel", "Grattis! Bonusspelet är upplåst.", timestamp, undefined);
        notifications.scheduleBadgeNumber(1, timestamp);
      }
    }

    func(isValid);
  } else {
    func(false);
  }
};

//
request.send(data);

},`

Hagmar commented 5 years ago

Hi, thanks for the flag! There are actually other changes in addition to this, because right now every tested code will get the same response even with a udid. Although I suppose it's also possible that the udid I'm currently using is invalid...