Closed russel5 closed 2 months ago
ive been having general errors all day, i dont think its the bot i think its hamster kombat servers
I got the same issue, it was working fine few hours ago
[Master HamsterKombat Bot][ERROR] 2024-08-29 22:06:00 [Account 1] Status code is not 200 [Master HamsterKombat Bot][ERROR] 2024-08-29 22:06:00 [Account 1] Response: {"error_code":"DAILY_KEYS_MINI_GAME_WRONG","error_message":"DailyKeysMiniGame is wrong NjkxMTAyMzE1OHw2ODgzMTA0MjYwfFRpbGVzfDM0NTAxMDEwMjh8RnlWM09qOFFpbENlSHc3S3RPaE1IRTJhaU1WWlo3blhxMmVjY3o4SjNuZz0="} [Master HamsterKombat Bot][ERROR] 2024-08-29 22:06:00 [Account 1] Unable to claim mini game Tiles.
Most likely the cipher generation on the server has been changed, to disable attempts to send an incorrect cipher to the server, I recommend making such a change. https://github.com/masterking32/MasterHamsterKombatBot/blob/124e5c8f098c21ca20c7ff93553eb72f6256dbb8/main.py#L746 replace this
for game in minigames:
if game["id"] not in ["Candles", "Tiles"]:
with this
for game in minigames:
if game["id"] == "Tiles":
continue
if game["id"] not in ["Candles", "Tiles"]:
ah, the cipher is wrong for both mini games, then just disable mini games in the config “auto_finish_mini_game”: False,
any fix or this is not fixed?
Maybe the server auto generate this every day? @Fy0urM
Maybe the server auto generate this every day? @Fy0urM
maybe, idk who found and decrypt this cipher.
Maybe the server auto generate this every day? @Fy0urM
maybe, idk who found and decrypt this cipher.
After i find out, it's still same :
Maybe the server auto generate this every day? @Fy0urM
maybe, idk who found and decrypt this cipher.
After i find out, it's still same :
well, the something chenged in other blocks, in first or in 4th. can u tell me how u decode last block?
Maybe the server auto generate this every day? @Fy0urM
maybe, idk who found and decrypt this cipher.
After i find out, it's still same :
well, the something chenged in other blocks, in first or in 4th. can u tell me how u decode last block?
just try to reverse this :
f"415t1ng{score_cipher}0ra1cum5h0t".encode()
by all of this :
data_string = "|".join( [ res, AccountID, responseGameData["id"], str(score_cipher), base64.b64encode( hashlib.sha256( f"415t1ng{score_cipher}0ra1cum5h0t".encode() ).digest() ).decode(), ] ).encode()
as we know, the first it seems response (idk what it mean) 2nd = acc id 3rd = minigameID 4th = score_cipher
let me know if it's wrong @masterking32
hashlib.sha256( f"R1cHard_AnA1{score_cipher}G1ve_Me_y0u7_Pa55w0rD".encode() ).digest()
R1cHard_AnA1{score_cipher}G1ve_Me_y0u7_Pa55w0rD
yep, found this too. its work
Hard_AnA1 )))
R1cHard_AnA1{score_cipher}G1ve_Me_y0u7_Pa55w0rD
yep, found this too. its work
good! how you found that?
in the neighboring repository
can you share the link please?
can you share the link please?
References: https://github.com/shamhi/HamsterKombatBot/issues/2268 https://github.com/shamhi/HamsterKombatBot/discussions/2272 Closes: https://github.com/masterking32/MasterHamsterKombatBot/issues/236
I suggest disabling auto_finish_mini_game
at this moment.
https://github.com/masterking32/MasterHamsterKombatBot/blob/124e5c8f098c21ca20c7ff93553eb72f6256dbb8/config.py.example#L30
does it really work for you? O_o
f'R1cHard_AnA1{score}G1ve_Me_y0u7_Pa55w0rD'
is shit and should not work.
That works for me several time but then again break I think there's a whole set of encoded crap that changes every time.
It seems I figured it out. The problem is in the cipher (the first part of the data string).
It started working fine with the value 2602032939
for me
but only for the Tiles game
It seems I figured it out. The problem is in the cipher (the first part of the data string). It started working fine with the value
2602032939
for me
'R1cHard_AnA1{score}G1ve_Me_y0u7_Pa55w0rD'
Только если сравнить это с подписями от реальной игры - они не сходятся. Похоже на дорогу к бану. Я бы не спешил
It seems I figured it out. The problem is in the cipher (the first part of the data string). It started working fine with the value
2602032939
for me
You mean this is the one worked for you?
f"2602032939{score_cipher}G1ve_Me_y0u7_Pa55w0rD"
I cant get it write...
I get this:
2024-08-30 01:03:46 | ERROR | 37 - Unknown error while Claim Mini Game: 400, message='Bad Request', url=URL('https://api.hamsterkombatgame.io/clicker/claim-daily-keys-minigame') | Response text: {"error_code":"DAILY_KEYS_MINI_GAME_WRONG","error_message":"DailyKeysMiniGame is wrong MDEyMTM2NTAwM3w1ODY5NTY2MzMyfFRpbGVzfDM0NDk5MTE4NTR8bitGT0VMY2RsOFZocmYxV2RySG95a3hDWDJlOTlIbStkVk9MZXJvK2k1dz0="}... 2024-08-30 01:03:51 | ERROR | 539 - NZ | Unknown error: 'remainSecondsToNextAttempt'
You mean this is the one worked for you?
f"2602032939{score_cipher}G1ve_Me_y0u7_Pa55w0rD"
No. I meant the value before the user id. But I agree with @lolyinseo and would recommend you to not use that "Richard..." shit since it's indeed not real.
You mean this is the one worked for you?
f"2602032939{score_cipher}G1ve_Me_y0u7_Pa55w0rD"
No. I meant the value before the user id. But I agree with @lolyinseo and would recommend you to not use that "Richard..." shit since it's indeed not real.
Thanks for the advice...
I'm using https://github.com/shamhi/HamsterKombatBot
Where should I put this 2602032939
?
like this:
body = f"{cipher}|2602032939{user_id}|{daily_mini_game_name}|{score_cipher}|{sig}"
no where, just disable auto play minigame function and wait for solution
no where, just disable auto play minigame function and wait for solution
OK Thanks I was just trying to foul around using an account that is idle and has nothing to loose if banned...
OK Thanks I was just trying to foul around using an account that is idle and has nothing to loose if banned...
Got it. Ok I meant the cipher which is before the user id. Like this "2602032939|user_id|..." But... the fact it works for me doesn't guarantee it will work for you. It may be calculated based on user id or something, so it might not pass the validation for your account.
OK Thanks I was just trying to foul around using an account that is idle and has nothing to loose if banned...
Got it. Ok I meant the cipher which is before the user id. Like this "2602032939|user_id|..." But... the fact it works for me doesn't guarantee it will work for you. It may be calculated based on user id or something, so it might not pass the validation for your account.
You are right. While I was waiting for your reply I tested it and got the same error as before! As you have mentioned, tt got to be user specific. I do not want to bother you but could you please tell me how you got that number?
OK Thanks I was just trying to foul around using an account that is idle and has nothing to loose if banned...
Got it. Ok I meant the cipher which is before the user id. Like this "2602032939|user_id|..." But... the fact it works for me doesn't guarantee it will work for you. It may be calculated based on user id or something, so it might not pass the validation for your account.
I got it:
I decoded message sent by browser and got this: (REDACTED MY USER ID TO XXXXXXXXX FOR SECURITY REASONS)
2602032939|XXXXXXXXXX|Tiles|3449911822|pvJwSYkqnEYou20m4Zbda8dDKhjpVb1cjDUW3OL3TUE=
So as you can see it is the same number but when I change the code to this:
body = f"2602032939|{user_id}|{daily_mini_game_name}|{score_cipher}|{sig}"
it still returns that error:
DAILY_KEYS_MINI_GAME_WRONG
I'm curious to my bones to know how did you people get those phrases:
415t1ng....0ra1cum5h0t
& R1cHard_AnA1.....G1ve_Me_y0u7_Pa55w0rD
As long as I know it is impossible to reverse hash! So is that a leak from inside people or what?
I'm curious to my bones to know how did you people get those phrases:
415t1ng....0ra1cum5h0t
&R1cHard_AnA1.....G1ve_Me_y0u7_Pa55w0rD
As long as I know it is impossible to reverse hash! So is that a leak from inside people or what?
Found something:
For each account each time you play the {cipher}
value changes but interesting part is that it is a list that repeats for all accounts:
1st is: 2602032939
2nd is: 1800064280
3rd is: 4696075080
4th is: 2900005567
...
Probably there is a generator or a list in the game that experts can find but for now we can manually get these codes once on browser, then use them for everyone!
Кто знает как исправить ошибку?
Does anyone know how to fix this error?
You can find this : 0ra1cum5h0t and on your script, then just read at this issues carefully, you will found the solution. Or you can go to here https://github.com/shamhi/HamsterKombatBot/discussions/2272
ok, let's understand a little bit. if we look at what the game sends on completion, we will find this base64 string.
decrypt it in any convenient way and we get this
0260232939|ACCOUNT_ID|Tiles|3450031220|bZ/8KA5FdYfZKc7FqAVvvpP++mcyeF8UC6Dk8vpzXPA=
the last block is a signature consisting of 2 phrases on the left and right and a score in the middle. let's try to repeat it. score = 3450031220 sig = base64.b64encode(hashlib.sha256(f “R1cHard_AnA1{score}G1ve_Me_y0u7_Pa55w0rD”.encode()).digest()).decode()
in this case the signature we created will be ltVCkbkBk6WyKiO13WK1y7o6mcUlmzGWg1EAKpfB7O4=
and the same in the proposed function.
yes, the server will accept this cipher, but how secure is it?
import base64
import hashlib
originalSig = "bZ/8KA5FdYfZKc7FqAVvvpP++mcyeF8UC6Dk8vpzXPA="
cipherScore = 3450031220
secret1 = "R1cHard_AnA1"
secret2 = "G1ve_Me_y0u7_Pa55w0rD"
combined_string = secret1 + str(cipherScore) + secret2
sig1 = base64.b64encode(hashlib.sha256(combined_string.encode()).digest()).decode()
print(f"SIG1: {sig1}")
hashObject = hashlib.sha256(combined_string.encode('utf-8'))
hashBytes = hashObject.digest()
sig2 = base64.b64encode(hashBytes).decode('utf-8')
print(f"SIG2: {sig2}")
print(f"Original SIG: {originalSig}")
you can check original java code on any web playground for example use this https://www.sololearn.com/ru/compiler-playground/java
import java.security.MessageDigest;
import java.nio.charset.StandardCharsets;
import java.util.Base64;
public class Program
{
public static void main(String[] args) {
String form_hash;
String secret1 = "R1cHard_AnA1";
String secret2 = "G1ve_Me_y0u7_Pa55w0rD";
String cipher_score = "3450031220";
String combined_string = secret1 + cipher_score + secret2;
try {
MessageDigest digest = MessageDigest.getInstance("SHA-256");
byte[] hash = digest.digest(combined_string.getBytes(StandardCharsets.UTF_8));
String sig = Base64.getEncoder().encodeToString(hash);
System.out.println("SIG: " + sig);
} catch (Exception e) {
e.printStackTrace();
}
}
}
...and we get this
**0260232939**|ACCOUNT_ID|...
Very interesting... I had this cipher yesterday 2602032939
for Tiles with the start date of 1724955900
They're pretty similar, as you can see: 2602032939 0260232939
2602 and 32939 are in common, the only difference is the position of 0; it's known that 0 is placed at a calculated position. So it seems we only need to find where those 2 common parts come from.
Of course, it might be a coincidence but the theory has a right to exist.
Well... I'd better continue with implementing the unpacker...
...and we get this
**0260232939**|ACCOUNT_ID|...
Very interesting... I had this cipher yesterday
2602032939
for Tiles with the start date of 1724955900They're pretty similar, as you can see: 2602032939 0260232939
2602 and 32939 are in common, the only difference is the position of 0; it's known that 0 is placed at a calculated position. So it seems we only need to find where those 2 common parts come from.
Of course, it might be a coincidence but the theory has a right to exist.
Well... I'd better continue with implementing the unpacker...
Не знаю, что там ты пытаешься понять, код у меня выложен для cipher. Положение 0 (SUCCES_FLAG) должно меняться в зависимости от числа (в данном случае дата). Еще и длина может меняться.
По поводу sig. Если запустить Candles(а подпись одна) с параметрами
method: "StartGame",
level: "- - - - - -.0 0 - - - -.- - - - - -.- - - - - -.- - - - - -",
number: 0,
score_coef: 0,
start_timestamp: 0
те на входе все нули (а score там тоже 0) то получим 8 разных подписей, потом они начинают повторяться. Те в расчёте sig участвует, number (дата), start_timestamp (дата) + 8 солей(хз что это, строка или число), которые выбираются рандомно.
https://github.com/OxFF00FF/Hamster_Mayhem?tab=readme-ov-file
This bot the only one right now, which able to complete both mini game!!
https://github.com/OxFF00FF/Hamster_Mayhem/blob/master/Src/salt.json is not safe, 1 salt for thousands of users, while in a real game it is dynamic
https://github.com/OxFF00FF/Hamster_Mayhem?tab=readme-ov-file This bot the only one right now, which able to complete both mini game!!
https://github.com/OxFF00FF/Hamster_Mayhem/blob/master/Src/salt.json is not safe, 1 salt for thousands of users, while in a real game it is dynamic
How isn't safe? 🥲🥲 Am a gonna ban or what?
No one knows. maybe your account will be banned, flagged as dishonest, maybe not. Use it at your own risk.
Mini game tiles were removed. (edit : added again after sometime.)
Mini game tiles were removed from the hamster. we can close this issue now.
This is wrong info, game still here
[Master HamsterKombat Bot][ERROR] 2024-08-29 23:41:27 [Account 1] Status code is not 200 [Master HamsterKombat Bot][ERROR] 2024-08-29 23:41:27 [Account 1] Response: <!DOCTYPE html> [Master HamsterKombat Bot][ERROR] 2024-08-29 23:41:27 [Account 1] Unable to claim mini game Tiles.
All config by default "mg_max_tiles_points_percent": 20 After today's first start, games is working few times, then always get this error