1.107

[diogofacin]

GAME_VERSION = "1.107"; SECRET = "02GyO3wXLrPtxYPrd5BngIbarQvR1PoFyHw74hl4CCx4sCJgWKqQv2cDhMRG/llJ+n99MuMuply/yT10HYATbg=="; BUILD_NUMBER = "e53f92ae29"; BUILD_TIME = "09.08.2017 9:22";

-They finally merge all the SWFs into the Main.swf -Removed CityResourcesModel workaround -Created static data for units

I still don't know why they don't create static data jsons for everything, also most of their jsons responses have useless parameters (just for easy client-side VO replacing?)

[bombcheck]

Just followed the manual and decrypted main.swf, but got a different secret? But it seems yours is working fine...

[m3talstorm]

@bombcheck Hmm that is interesting, ill do it tonight and then we can have 3 data points and see who is wrong ;)

@alucardeck You can always submit a PR to change these values in README.md :)

[bombcheck]

Yeah, tried the one I got from the SWF: Did not work...

[diogofacin]

@m3talstorm ah, good to know :), but I miss a forum feature in github project

@bombcheck well, my bot is working, else my hash value would be probably wrong. Inside the Main.swf you will find Version.as file, check if its public static const VERSION:String = "1.107"; Yours could be from a different version

[bombcheck]

@alucardeck Yes, your hash is working fine for me. The one I extracted by myself does not. Used the links from the README to get the files... Then decrypted them. Where can I find Version.as?

[bombcheck]

Ah got it. It is under de/innogames/strategycity/Version. BUILD_NUMBER:String = "5d663dc16e"; BUILD_TIME:String = "26.07.2017 10:53"; VERSION_SECRET:String = "t7vCISxcfFgoUFZkLevyhNokShuc7rBIEkcUuvlEhWC79h1eTVL5GD6jS/oweSgTghqdBLdY5lEPDZlHXWyrGQ=="; VERSION:String = "1.106";

Seems that https://foeen.innogamescdn.com/swf/Main.swf is pointing to an old version. But the browser requests the file from the some URL. But with an timestamp added to it: https://foede.innogamescdn.com/swf/Main.swf?1502267902

@m3talstorm Maybe update the README? 'scripts/de/innogames/strategycity/Version' contains all the info needed (instead of 'scripts/de/innogames/shared/networking/providers/JSONConnectionProvider').

[LordMike]

Quick note. I get the following for 1.107, same as OP:

02GyO3wXLrPtxYPrd5BngIbarQvR1PoFyHw74hl4CCx4sCJgWKqQv2cDhMRG/llJ+n99MuMuply/yT10HYATbg==

[nanakiksc]

It works for me with the version/secret provided by OP. Also, I didn't change the timestamp (I thought it changed between versions) and it works.

[LordMike]

The timestamp is not needed. If you read the readme for this repo, you'll see that the algorithm is:

md5(user_key + secret + encodedJson)

The version & timestamp are purely there for convenience sake - to help you identify what's "latest" without doing the operation yourself. :)

[nanakiksc]

You are right, thanks Mike!

[m3talstorm]

Although LordMike is correct in that the version and timestamp are not needed to generate the signature, it is still passed in the HTTP headers by the game.

See: https://github.com/m3talstorm/foe-bot/blob/master/foe/request.py#L50

The version passed in the HTTP headers determines which secret is used server side, their API supports older clients. E.g If you have a 1.106 secret and you put 1.106 as your version in the HTTP headers you can still do stuff, even if the latest version of the game is 1.107.

The timestamp is passed in the HTTP headers to try and make it look like a browser is doing the request as much as possible ;)

[bombcheck]

We use these timestamps in our projects to the trick browser caching when deploying new stuff such as JS- or CSS-files.

[LordMike]

Oh right - forgot about those headers... Oh well :P