• Silahkan bergabung dengan chat kami di Telegram group kami di N3Forum - https://t.me/n3forum
  • Welcome to the Nyit-Nyit.Net - N3 forum! This is a forum where offline-online gamers, programmers and reverser community can share, learn, communicate and interact, offer services, sell and buy game mods, hacks, cracks and cheats related, including for iOS and Android.

    If you're a pro-gamer or a programmer or a reverser, we would like to invite you to Sign Up and Log In on our website. Make sure to read the rules and abide by it, to ensure a fair and enjoyable user experience for everyone.

[Closed] Social Point PHP hack ^^ Free

Status
Not open for further replies.

pratama.tata

PAUD
Level 0
thanks gann wokr bgt like meluncurrr hehe

ko like gue ga bisa di pake ya gan? padahal gue ga like siapa2 hari ini dan maaf jd curhat tp ini berguna bgt thanks sekali lg :D
 

IrvanKadhafi

Belum Sekolah
Level 0
Dragon City nya dah gak bisa dipakai lagi gan.. muncul "Thanks for use beta test dragon city ^^ will be update later SLACKER GAMES - INDONESIA" di http://ceolix.com/1.php
 

[email protected]

PAUD
Level 0
numpang share barang kali berkenan

Dragon City X
Feature : 100k gold & 100k xp
nb. masih mencari value nya ^^ bwt yang lain
Social Wars X
Feature : Cash & All Resourcce tinggal isi
Social Empire X
Feature : Cash & All Resourcce tinggal isi

:sip: :sip: :sip:
how to use Dragon City

Pertama Buka Game Dragon City kamu
KeDua Buka Dragon City X nya
KeTiga Masukan FB ID nya
KeEmpat Klik deh
yang dragon city udah gk work ya ??
 

manda_lucuh

TK A
Level 1
Disini saya akan Share PHP code Dragon City, Social Empire dan Social Wars ^^
sekali lagi ini sya share secara free, dan tidak untuk di perjual belikan walau saya yakin banyak leecher yang akan menjual nya tidak apa2 mereka yang akan dosa buka saya ^^

maksud saya share seperti ini adalah untuk berbagi dan apa bila ada yang dapat mengedit atau menambahkan feature silahkan share lagi di sini ^^ berbagi lebih baik kan..

untuk Admin dan momod apa bila post ini bahaya silahkan di delet saja ^^

mungkin kan banyak leecher yang mengaku2 dan mensalah gunakan tools ini

untuk yang mau lebih berkaya silahkan pelajari tutorial ini ya ^^

Disitu terdapat tools yang digunakan untuk Decompilers & editors, Bytecode. Automatic deprotection, dan Flash Tool lain nya

Credit. Slacker Games


Social Empire X - PHP Code

Code:
<?php
function getLevelByXp($xp){
$listlevel=array(0,29,60,100,200,350,550,800,1113,1504,1993,2604,3368,4323,5517,7010,8876,11209,13659,16232,18934,21771,24750,27878,31162,34610,38230,42031,46022,50213,54614,59235,64087,69182,74532,80150,86049,92243,98747,105576,112746,120275,128180,136480,145195,154346,163955,174044,184637,195760,207439,219702,232578,246098,260294,275200,290851,307285,324541,342660,361685,381661,402636,424660,447785,472066,497561,524331,552440,581954,612944,645484,679651,715526,756782,804226,858787,921532,993689,1076670,1172098,1281840,1408043,1553176,1720079,1912017,2132746,2386584,2678498,3014199,3400255,3844219,4354778,4941921,5617135,6393631,7286601,8313517,9494470,2016089205);
$j=count($listlevel);
for($i=0;$i<$j;$i++){
if($listlevel[$i] > $xp) break;
}
return $i;
}
$str = '<html><head><title>Social Empire X</title></head><body>
<link href="http://fonts.googleapis.com/css?family=Averia+Sans+Libre" rel="stylesheet"type="text/css">
<link href="http://fonts.googleapis.com/css?family=Orbitron:700" rel="stylesheet"type="text/css">
<link rel="stylesheet" type="text/css" href="Style.css" />
<font style="left:5px; size:10px; position:fixed; bottom:5px;"><b>By:</b><a href="http://www.facebook.com/takeshi.Reba">Slacker Games</a></font>
<center>My Facebook <a href="http://www.facebook.com/takeshi.Reba" target="_blank">Click Here</a><BR/>
<form action="social empires.php" method="post">
ID FB:<br/>
<input name="fbid" value="100003713273590"/><br/>
cash:<br/>
<input name="cash" value="999999999"/><br/>
level:<br/>
<input name="level" value="999999999"/><br/>
xp:<br/>
<input name="xp" value="999999999"/><br/>
gold:<br/>
<input name="gold" value="999999999"/><br/>
stone:<br/>
<input name="stone" value="999999999"/><br/>
wood:<br/>
<input name="wood" value="999999999"/><br/>
food:<br/>
<input name="food" value="999999999"/><br/>
<input type="submit" value="Submit" />
</form>';
if(isset($_POST['fbid']) and isset($_POST['level']) and isset($_POST['xp']) and isset($_POST['cash']) and isset($_POST['gold']) and isset($_POST['stone']) and isset($_POST['wood']) and isset($_POST['food'])){
if(empty($_POST['fbid'])) die('FB ID tidak boleh kosong.');
$cid = round(rand() * 0x40000000);
$postdata=http_build_query(array('neighbors'=>"",'client_id'=>$cid));
$opts = array('http' =>
array(
'method' => 'POST',
'header' => "Content-type: application/x-www-form-urlencoded\r\n"."Content-Length: ".strlen($postdata)."\r\n",
'content' => $postdata
)
);
if(!sendPost($result,"ERROR 2000","http://dynamic01.socialpointgames.com/appsfb/socialempires/srvempires/get_player_info.php?USERID=$_POST[fbid]&spdebug=1",$opts)) die($result);
$payload = explode(';',$result);
$data = json_decode($payload[1],true);
$cash = $data['playerInfo']['cash'];
$gold = $data['map']['coins'];
$xp = $data['map']['xp'];
$level = $data['map']['level'];
$stone = $data['map']['stone'];
$wood = $data['map']['wood'];
$food = $data['map']['food'];
$str .= "Before > Slacker Games <br/>";
$str .= "*NAME*: ".$data['playerInfo']['name']."<br/>";
$str .= "*|CASH|* : ".number_format($data['playerInfo']['cash'],0,',','.')."<br/>";
$str .= "*|XP|* : ".number_format($data['map']['xp'],0,',','.')."<br/>";
$str .= "*|LEVEL|* : ".$data['map']['level']."<br/>";
$str .= "*|GOLD|* : ".number_format($data['map']['coins'],0,',','.')."<br/>";
$str .= "*|STONE|* : ".number_format($data['map']['stone'],0,',','.')."<br/>";
$str .= "*|WOOD|* : ".number_format($data['map']['wood'],0,',','.')."<br/>";
$str .= "*|FOOD|* : ".number_format($data['map']['food'],0,',','.')."<br/>";
$str .= "====================================<br/>";
$i=(integer)$_POST['level']+(integer)$_POST['xp']+(integer)$_POST['gold']+(integer)$_POST['wood']+(integer)$_POST['stone']+(integer)$_POST['food']+(integer)$_POST['cash'];
if($i==0) die("$str</body></html>");
if((integer)$_POST['level']>0){
$level=(integer)$_POST['level'];
if($level>100) $level=100;
$xp=0;
}else{
$xp+=(integer)$_POST['xp'];
if($xp<0) $xp=0;
$level = getLevelByXp($xp);
}
$cash+=(integer)$_POST['cash'];
if($cash<0) $cash=0;
$gold+=(integer)$_POST['gold'];
if($gold<0) $gold=0;
$stone+=(integer)$_POST['stone'];
if($stone<0) $stone=0;
$wood+=(integer)$_POST['wood'];
if($wood<0) $wood=0;
$food+=(integer)$_POST['food'];
if($food<0) $food=0;
$cmd[]=array('cmd'=>'set_variables','args'=>array($gold,$cash,$xp,$level,$stone,$wood,$food,0));
$datastr=json_encode(array('publishActions'=>"1",'commands'=>$cmd,'first_number'=>1,'tries'=>1,'ts'=>time(),'accessToken'=>""));
$hash = hash_hmac('sha256',$datastr,'3m0d3pwiupoetn7ysa02');
$postdata=http_build_query(array('data'=>$hash.';'.$datastr,'client_id'=>$cid));
$opts = array('http' =>
array(
'method' => 'POST',
'header' => "Content-type: application/x-www-form-urlencoded\r\n"."Content-Length: ".strlen($postdata)."\r\n",
'content' => $postdata
)
);
if(!sendPost($result,"ERROR 2001","http://dynamic01.socialpointgames.com/appsfb/socialempires/srvempires/command.php?USERID=$_POST[fbid]&spdebug=1",$opts)) die($result);
$postdata=http_build_query(array('neighbors'=>"",'client_id'=>$cid));
$opts = array('http' =>
array(
'method' => 'POST',
'header' => "Content-type: application/x-www-form-urlencoded\r\n"."Content-Length: ".strlen($postdata)."\r\n",
'content' => $postdata
)
);
if(!sendPost($result,"ERROR 2002","http://dynamic01.socialpointgames.com/appsfb/socialempires/srvempires/get_player_info.php?USERID=$_POST[fbid]&spdebug=1",$opts)) die($result);
$payload = explode(';',$result);
$data = json_decode($payload[1],true);
$str .= "After > Slacker Games <br/>";
$str .= "~NAME~: ".$data['playerInfo']['name']."<br/>";
$str .= "~|CASH|~ : ".number_format($data['playerInfo']['cash'],0,',','.')."<br/>";
$str .= "~|XP|~ : ".number_format($data['map']['xp'],0,',','.')."<br/>";
$str .= "~|LEVEL|~ : ".$data['map']['level']."<br/>";
$str .= "~|GOLD|~ : ".number_format($data['map']['coins'],0,',','.')."<br/>";
$str .= "~|STONE|~ : ".number_format($data['map']['stone'],0,',','.')."<br/>";
$str .= "~|WOOD|~ : ".number_format($data['map']['wood'],0,',','.')."<br/>";
$str .= "~|FOOD|~ : ".number_format($data['map']['food'],0,',','.')."<br/>";
$str .= "====================================<br/>";
die("$str</center></body></html>");
}else die("$str</body></html>");
function sendPost(&$result,$err="ERROR",$url,$args=array(),$timeout=30){
if(isset($args['http'])) $args['http']['timeout']=$timeout;
else if(isset($args['https'])) $args['https']['timeout']=$timeout;
else{
if(substr($url,0,5)=="https") $args['https']['timeout']=$timeout;
else $args['http']['timeout']=$timeout;
}
$result=file_get_contents($url,false,stream_context_create($args));
if(!$result){
$result=$err;
return false;
}
return true;
}
?>

Social Wars X - PHP Code
Code:
<?php
if(session_id()=="") session_start();
function getLevelByXp($xp){
$listlevel=array(0,40,60,100,200,350,550,800,1113,1504,1993,2604,3368,4323,5517,7010,8876,11209,13659,16232,18934,21771,24750,27878,31162,34610,38230,42031,46022,50213,54614,59235,64087,69182,74532,80150,86049,92243,98747,105576,112746,120275,128180,136480,145195,154346,163955,174044,184637,195760,207439,219702,232578,246098,260294,275200,290851,307285,324541,342660,361685,381661,402636,424660,447785,472066,497561,524331,552440,581954,612944,645484,679651,715526,756782,804226,858787,921532,993689,1076670,1172098,1281840,1408043,1553176,1720079,1912017,2132746,2386584,2678498,3014199,3400255,3844219,4354778,4941921,5617135,6393631,7286601,8313517,9494470,2016089205);
$j=count($listlevel);
for($i=0;$i<$j;$i++){
if($listlevel[$i] > $xp) break;
}
return $i;
}
if(isset($_POST['flashVersion']) and !empty($_POST['flashVersion'])) $_SESSION['swversi']=$_POST['flashVersion'];
$versi="1.4.43";
if(isset($_SESSION['swversi'])) $versi=$_SESSION['swversi'];
$str = '<html><head><title>Social Wars X</title></head><body>
<link href="http://fonts.googleapis.com/css?family=Averia+Sans+Libre" rel="stylesheet"type="text/css">
<link href="http://fonts.googleapis.com/css?family=Orbitron:700" rel="stylesheet"type="text/css">
<link rel="stylesheet" type="text/css" href="Style.css" />
<font style="left:5px; size:10px; position:fixed; bottom:5px;"><b>By:</b> <a href="http://www.facebook.com/takeshi.Reba">Slacker Games</a></font>
<center>My Facebook <a href="http://www.facebook.com/takeshi.reba" target="_blank">Click Here</a><BR/>
<form action="social wars.php" method="post">
ID FB:<br/>
<input name="fbid" value=""/><br/>
FLASH VERSION:<br/>
<input name="flashVersion" value="'.$versi.'"/><br/>
cash:<br/>
<input name="cash" value="999999999"/><br/>
xp:<br/>
<input name="xp" value="999999999"/><br/>
gold:<br/>
<input name="gold" value="999999999"/><br/>
wood:<br/>
<input name="wood" value="999999999"/><br/>
oil:<br/>
<input name="oil" value="999999999"/><br/>
steel:<br/>
<input name="steel" value="999999999"/><br/>
<input type="submit" value="Submit" />
</form>';
if(isset($_POST['fbid']) and isset($_POST['xp']) and isset($_POST['cash']) and isset($_POST['gold']) and isset($_POST['wood']) and isset($_POST['oil']) and isset($_POST['steel'])){
if(empty($_POST['fbid'])) die('FB ID tidak boleh kosong.');
if(!sendPost($result,"ERROR 2000","http://dynamicmw.socialpointgames.com/appsfb/menvswomen/srvsexwars/get_player_info.php?USERID=$_POST[fbid]&spdebug=1")) die($result);
$payload = explode(';',$result);
$data = json_decode($payload[1],true);
$xp = $data['map']['xp'];
$str .= "Before > Slacker Games <br/>";
$str .= "~NAME~: ".$data['playerInfo']['name']."<br/>";
$str .= "~|CASH|~ :".number_format($data['playerInfo']['cash'],0,',','.')."<br/>";
$str .= "~|XP|~ :".number_format($data['map']['xp'],0,',','.')."<br/>";
$str .= "~|LEVEL|~ : ".$data['map']['level']."<br/>";
$str .= "~|GOLD|~ : ".number_format($data['map']['gold'],0,',','.')."<br/>";
$str .= "~|STONE|~ : ".number_format($data['map']['oil'],0,',','.')."<br/>";
$str .= "~|WOOD|~ : ".number_format($data['map']['wood'],0,',','.')."<br/>";
$str .= "~|STEEL|~ : ".number_format($data['map']['steel'],0,',','.')."<br/>";
$str .= "====================================<br/>";
$i=(integer)$_POST['xp']+(integer)$_POST['gold']+(integer)$_POST['wood']+(integer)$_POST['oil']+(integer)$_POST['steel']+(integer)$_POST['cash'];
if($i==0) die("$str</center></body></html>");
$cmd[]=array(0,'set_variables',array(),array(0,(integer)$_POST['xp'],(integer)$_POST['gold'],(integer)$_POST['wood'],(integer)$_POST['oil'],(integer)$_POST['steel'],(integer)$_POST['cash'],0));
$xp+=(integer)$_POST['xp'];
if($xp<0) $xp=0;
$nlevel = getLevelByXp($xp);
if((integer)$data['map']['level']!=$nlevel){
$cmd[]=array(0,'level_up',array($nlevel),array(0,0,0,0,0,0,0,0));
}
$datastr=json_encode(array('publishActions'=>"1",'commands'=>$cmd,'flashVersion'=>$_POST['flashVersion'],'first_number'=>1,'tries'=>1,'ts'=>time(),'accessToken'=>""));
$hash = hash_hmac('sha256',$datastr,'3m0d3pwiupoetn7ysa02');
$postdata=http_build_query(array('data'=>$hash.';'.$datastr));
$opts = array('http' =>
array(
'method' => 'POST',
'header' => "Content-type: application/x-www-form-urlencoded\r\n"."Content-Length: ".strlen($postdata)."\r\n",
'content' => $postdata
)
);
if(!sendPost($result,"ERROR 2001","http://dynamicmw.socialpointgames.com/appsfb/menvswomen/srvsexwars/command.php?USERID=$_POST[fbid]&spdebug=1",$opts)) die($result);
if(!sendPost($result,"ERROR 2002","http://dynamicmw.socialpointgames.com/appsfb/menvswomen/srvsexwars/get_player_info.php?USERID=$_POST[fbid]&spdebug=1")) die($result);
$payload = explode(';',$result);
$data = json_decode($payload[1],true);
$str .= "Before > Slacker Games <br/>";
$str .= "*NAME*: ".$data['playerInfo']['name']."<br/>";
$str .= "*|CASH|* : ".number_format($data['playerInfo']['cash'],0,',','.')."<br/>";
$str .= "*|XP|* : ".number_format($data['map']['xp'],0,',','.')."<br/>";
$str .= "*|LEVEL|* : ".$data['map']['level']."<br/>";
$str .= "*|GOLD|* : ".number_format($data['map']['gold'],0,',','.')."<br/>";
$str .= "*|STONE|* : ".number_format($data['map']['oil'],0,',','.')."<br/>";
$str .= "*|WOOD|* : ".number_format($data['map']['wood'],0,',','.')."<br/>";
$str .= "*|STEEL|* : ".number_format($data['map']['steel'],0,',','.')."<br/>";
$str .= "====================================<br/>";
die("$str</body></html>");
}else die("$str</body></html>");
function sendPost(&$result,$err="ERROR",$url,$args=array(),$timeout=30){
if(isset($args['http'])) $args['http']['timeout']=$timeout;
else if(isset($args['https'])) $args['https']['timeout']=$timeout;
else{
if(substr($url,0,5)=="https") $args['https']['timeout']=$timeout;
else $args['http']['timeout']=$timeout;
}
$result=file_get_contents($url,false,stream_context_create($args));
if(!$result){
$result=$err;
return false;
}
return true;
}
?>

Dragon City X PHP CODE
Code:
<?php
if(session_id()=="") session_start();
function getLevelByXp($xp){
$listlevel=array(0,40,60,100,200,350,550,800,1113,1504,1993,2604,3368,4323,5517,7010,8876,11209,13659,16232,18934,21771,24750,27878,31162,34610,38230,42031,46022,50213,54614,59235,64087,69182,74532,80150,86049,92243,98747,105576,112746,120275,128180,136480,145195,154346,163955,174044,184637,195760,207439,219702,232578,246098,260294,275200,290851,307285,324541,342660,361685,381661,402636,424660,447785,472066,497561,524331,552440,581954,612944,645484,679651,715526,756782,804226,858787,921532,993689,1076670,1172098,1281840,1408043,1553176,1720079,1912017,2132746,2386584,2678498,3014199,3400255,3844219,4354778,4941921,5617135,6393631,7286601,8313517,9494470,2016089205);
$j=count($listlevel);
for($i=0;$i<$j;$i++){
if($listlevel[$i] > $xp) break;
}
return $i;
}
function userkey($fbid) {

$ch = curl_init ();
curl_setopt ( $ch, CURLOPT_URL, "http://dynamicdc.socialpointgames.com/dragoncity/web/srv/get_user_session.php?secret=zoltan3287&id=" . $fbid);
curl_setopt ( $ch, CURLOPT_USERAGENT, "Mozilla/5.0 (Windows NT 6.2; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/27.0.1453.116 Safari/537.36" );
curl_setopt ( $ch, CURLOPT_SSL_VERIFYPEER, false );
curl_setopt ( $ch, CURLOPT_HEADER, false );
//curl_setopt($ch, CURLOPT_PROXY, "127.0.0.1:8888");
curl_setopt ( $ch, CURLOPT_NOBODY, false );
curl_setopt($ch, CURLOPT_ENCODING , "gzip");
curl_setopt ( $ch, CURLOPT_RETURNTRANSFER, true );
curl_setopt ( $ch, CURLOPT_CONNECTTIMEOUT, 5 );
curl_setopt ( $ch, CURLOPT_TIMEOUT, 10 );
$userkey = curl_exec ( $ch );
$ch = curl_init ();
curl_setopt ( $ch, CURLOPT_URL, 'http://dynamicdc.socialpointgames.com/dragoncity/web/srv/get_game_config.php?USERID=' . $fbid . '&user_key=' . $userkey."&language=tr" );
curl_setopt ( $ch, CURLOPT_USERAGENT, "Mozilla/5.0 (Windows NT 6.2; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/27.0.1453.116 Safari/537.36" );
curl_setopt ( $ch, CURLOPT_SSL_VERIFYPEER, false );
curl_setopt ( $ch, CURLOPT_HEADER, false );
curl_setopt($ch, CURLOPT_ENCODING , "gzip");
curl_setopt ( $ch, CURLOPT_NOBODY, false );
//curl_setopt($ch, CURLOPT_PROXY, "127.0.0.1:8888");
curl_setopt ( $ch, CURLOPT_RETURNTRANSFER, true );
curl_setopt ( $ch, CURLOPT_CONNECTTIMEOUT, 5 );
curl_setopt ( $ch, CURLOPT_TIMEOUT, 10 );
$result = curl_exec ( $ch );
curl_setopt ( $ch, CURLOPT_URL, 'http://dynamicdc.socialpointgames.com/dragoncity/web/srv/get_player_info.php?USERID=' . $fbid . '&user_key=' . $userkey."&language=tr"
);
curl_setopt ( $ch, CURLOPT_USERAGENT, "Mozilla/5.0 (Windows NT 6.2; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/27.0.1453.116 Safari/537.36" );
curl_setopt ( $ch, CURLOPT_SSL_VERIFYPEER, false );
curl_setopt ( $ch, CURLOPT_HEADER, false );
curl_setopt ( $ch, CURLOPT_NOBODY, false );
curl_setopt ( $ch, CURLOPT_ENCODING , "gzip");
//curl_setopt ( $ch, CURLOPT_PROXY, "127.0.0.1:8888");
curl_setopt ( $ch, CURLOPT_RETURNTRANSFER, true );
curl_setopt ( $ch, CURLOPT_CONNECTTIMEOUT, 5 );
curl_setopt ( $ch, CURLOPT_TIMEOUT, 10 );
$result = curl_exec ( $ch );
return $userkey;
}
if(isset($_POST['flashVersion']) and !empty($_POST['flashVersion'])) $_SESSION['swversi']=$_POST['flashVersion'];
$versi="0.5.23a";
if(isset($_SESSION['swversi'])) $versi=$_SESSION['swversi'];
$str = '<html><head><title>Dragon City</title></head><body>
<form method="post">
ID FB:<br/>
<input name="fbid" /><br/>
Flash Version:<br/>
<input name="flashVersion" value="'.$versi.'"/><br/>
<select name="mode">
<option value="1">100k xp + 100k gold</option>
<option value="2">100k xp + 100k food</option>
</select><br/>
<input type="submit" value="Submit" />
</form>';
if(isset($_POST['fbid']) and isset($_POST['mode'])){
if(empty($_POST['fbid'])) die('Please enter your FB ID');
$fbid=$_POST['fbid'];
$user=userkey($fbid);
$result=komut("http://dynamicdc.socialpointgames.com/dragoncity/web/srv/get_player_info.php?USERID=$fbid&user_key=$user&language=en");
$payload = explode(';',$result);
$data = json_decode($payload[1],true);

$str .= "SLACKER GAMES<br/>";
$str .= "name: ".$data['playerInfo']['name']."<br/>";
$str .= "cash: ".number_format($data['playerInfo']['cash'],0,',','.')."<br/>";
$str .= "gold: ".number_format($data['playerInfo']['gold'],0,',','.')."<br/>";
$str .= "food: ".number_format($data['playerInfo']['food'],0,',','.')."<br/>";
$str .= "xp: ".number_format($data['playerInfo']['xp'],0,',','.')."<br/>";
$str .= "------------------------------<br/>";

$hcx='';


for($i=1;$i<100;$i++)
{
//$hcx.='{"args":[89,25],"number":'.$i.',"cmd":"collect","time":1372771201},';
$hcx.='{"args":[18],"number":'.$i.',"cmd":"collect","time":1372771201},';
//$hcx.='{"args":[134],"number":'.$i.',"cmd":"collect","time":1372771201},';
}
$hcx=substr($hcx,0,-1);
$hc='{"commands":['.$hcx.']}';
$hc=json_decode($hc,1);
$num=1;
for($i=0;$i<count($hc['commands']);$i++)
{
$hc['commands'][$i]['time']=time();
}
$hc=substr(substr(str_replace(" ","",json_encode($hc)),0,-1),1);
function arasi($a,$b,$data)
{
$x = explode($a,$data);
$z = explode($b,$x[1]);
$oh = $z[0];
if($x && $z) { return $oh; } else { return false; }
}
function komut2($komut,$num)
{
$data=komutyolla($komut,$num);
if(stristr($data,'bad command number: expected'))
{
$yeninum=arasi('bad command number: expected ',',',$data);
$data=komutyolla($komut,$yeninum);
return substr($data,65);
}
else
{
return substr($data,65);
}
}
function komutyolla($komut,$num)
{
global $fbid,$user;
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL,"http://dynamicdc.socialpointgames.com/dragoncity/web/srv/packet.php?USERID=$fbid&user_key=$user&language=tr");
curl_setopt($ch, CURLOPT_POST, 1);
curl_setopt($ch, CURLOPT_POSTFIELDS,http_build_query(array("id"=>"$fbid","data"=>hashla($komut,$num))));
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
//curl_setopt($ch, CURLOPT_HTTPHEADER, array("REMOTE_ADDR: ".fakeip(),"X-Client-IP: ".fakeip(),"Client-IP: ".fakeip(),"HTTP_X_FORWARDED_FOR: ".fakeip(),"X-Forwarded-For: ".fakeip()));
curl_setopt($ch, CURLOPT_ENCODING , "gzip");
//curl_setopt($ch, CURLOPT_PROXY, "127.0.0.1:8888");
$data = curl_exec ($ch);
curl_close ($ch);
return $data;
}
function hashla($komut,$n)
{
$ar=array("first_number"=>$n,"publishActions"=>0,"tries"=>1,"flashVersion"=>"0.5.19","ts"=>time());
$x='RGhXbiy4xEeDnSNX1oBG';
$sonkod=str_replace(" ","",str_replace('}',','.$komut.'}',json_encode($ar)));
return hash_hmac('sha256', $sonkod, $x).';'.$sonkod;
}
if(isset($_POST["fbid"]))
{
$fbid=$_POST['fbid'];
$user=userkey($fbid);
/*
{"commands":[{"args":[1040],"number":1,"cmd":"get_rewarded_dragon","time":1372844166}]}
{"commands":[{"cmd":"assist_receive","number":1,"args":[1],"time":1372539611}]}
*/
if($_POST["mode"]==1)
{
unset($hc,$hcx);$hcx='';
for($i=1;$i<10001;$i++)
{
/* 3gems (work 1 times)
$hcx.='{"args":[147,"[0,1]"],"number":'.$i.',"cmd":"set_goals","time":1372771201},';
$hcx.='{"args":[147],"number":'.$i.',"cmd":"complete_goal","time":1372771201},';
$hcx.='{"args":[134],"number":'.$i.',"cmd":"complete_goal","time":1372771201},';
$hcx.='{"args":[148,"[0,1]"],"number":'.$i.',"cmd":"set_goals","time":1372771201},';
$hcx.='{"args":[148],"number":'.$i.',"cmd":"complete_goal","time":1372771201},';
$hcx.='{"args":[134,"[0,1]"],"number":'.$i.',"cmd":"set_goals","time":1372771201},';
$hcx.='{"args":[147,"[0,1]"],"number":1,"cmd":"set_goals","time":1372771201},';
$hcx.='{"args":[145,"[1,1]"],"number":1,"cmd":"set_goals","time":1372771201},';
$hcx.='{"args":[145],"number":1,"cmd":"set_goals","time":1372771201},';
*/
$hcx.='{"args":[1],"number":'.$i.',"cmd":"assist_receive","time":1372771201},';
}
$hcx=substr($hcx,0,-1);
$hc='{"commands":['.$hcx.']}';
$hc=json_decode($hc,1);
$num=1;
for($i=0;$i<count($hc['commands']);$i++)
{
$hc['commands'][$i]['time']=time();
}
}
else if ($_POST["mode"]==2)
{
unset($hc,$hcx);$hcx='';
for($i=1;$i<10001;$i++)
{
$hcx.='{"args":[18],"number":'.$i.',"cmd":"assist_receive","time":1372771201},';
// xp:$hcx.='{"args":[3666,1],"number":'.$i.',"cmd":"finish_building","time":1372771201},';
}
$hcx=substr($hcx,0,-1);
$hc='{"commands":['.$hcx.']}';
$hc=json_decode($hc,1);
$num=1;
for($i=0;$i<count($hc['commands']);$i++)
{
$hc['commands'][$i]['time']=time();
}
}
else if ($_POST["mode"]==3)
{
unset($hc,$hcx);$hcx='';
for($i=1;$i<201;$i++)
{
$hcx.='{"args":[8241,0],"number":'.$i.',"cmd":"finish_building","time":1372771201},';
}
$hcx=substr($hcx,0,-1);
$hc='{"commands":['.$hcx.']}';
$hc=json_decode($hc,1);
$num=1;
for($i=0;$i<count($hc['commands']);$i++)
{
$hc['commands'][$i]['time']=time();
}
}
$hc=substr(substr(str_replace(" ","",json_encode($hc)),0,-1),1);
$sucb=json_decode(komut2($hc,$num),1);
}
else
{
}
$result=komut("http://dynamicdc.socialpointgames.com/dragoncity/web/srv/get_player_info.php?USERID=$fbid&user_key=$user&language=en");
$payload = explode(';',$result);
$data = json_decode($payload[1],true);

$str .= "SLACKER GAMES<br/>";
$str .= "name: ".$data['playerInfo']['name']."<br/>";
$str .= "cash: ".number_format($data['playerInfo']['cash'],0,',','.')."<br/>";
$str .= "gold: ".number_format($data['playerInfo']['gold'],0,',','.')."<br/>";
$str .= "food: ".number_format($data['playerInfo']['food'],0,',','.')."<br/>";
$str .= "xp: ".number_format($data['playerInfo']['xp'],0,',','.')."<br/>";
$str .= "------------------------------<br/>";
die("$str</body></html>");
}else die("$str</body></html>");
function fakeip()
{
return long2ip( mt_rand(0, 65537) * mt_rand(0, 65535) );
}
function komut($url,$args=false)
{
global $fbid,$user;
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL,$url);
curl_setopt($ch, CURLOPT_HTTPHEADER, array("REMOTE_ADDR: ".fakeip(),"X-Client-IP: ".fakeip(),"Client-IP: ".fakeip(),"HTTP_X_FORWARDED_FOR: ".fakeip(),"X-Forwarded-For: ".fakeip()));
if($args)
{
curl_setopt($ch, CURLOPT_POST, 1);
curl_setopt($ch, CURLOPT_POSTFIELDS,$args);
}
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
//curl_setopt($ch, CURLOPT_PROXY, "127.0.0.1:8888");
$result = curl_exec ($ch);
curl_close ($ch);
return $result;
}
?>
 

amal

PAUD
Level 0
Disini saya akan Share PHP code Dragon City, Social Empire dan Social Wars ^^
sekali lagi ini sya share secara free, dan tidak untuk di perjual belikan walau saya yakin banyak leecher yang akan menjual nya tidak apa2 mereka yang akan dosa buka saya ^^

maksud saya share seperti ini adalah untuk berbagi dan apa bila ada yang dapat mengedit atau menambahkan feature silahkan share lagi di sini ^^ berbagi lebih baik kan..

untuk Admin dan momod apa bila post ini bahaya silahkan di delet saja ^^

mungkin kan banyak leecher yang mengaku2 dan mensalah gunakan tools ini

untuk yang mau lebih berkaya silahkan pelajari tutorial ini ya ^^

Disitu terdapat tools yang digunakan untuk Decompilers & editors, Bytecode. Automatic deprotection, dan Flash Tool lain nya

Credit. Slacker Games


Social Empire X - PHP Code

Code:
<?php
function getLevelByXp($xp){
$listlevel=array(0,29,60,100,200,350,550,800,1113,1504,1993,2604,3368,4323,5517,7010,8876,11209,13659,16232,18934,21771,24750,27878,31162,34610,38230,42031,46022,50213,54614,59235,64087,69182,74532,80150,86049,92243,98747,105576,112746,120275,128180,136480,145195,154346,163955,174044,184637,195760,207439,219702,232578,246098,260294,275200,290851,307285,324541,342660,361685,381661,402636,424660,447785,472066,497561,524331,552440,581954,612944,645484,679651,715526,756782,804226,858787,921532,993689,1076670,1172098,1281840,1408043,1553176,1720079,1912017,2132746,2386584,2678498,3014199,3400255,3844219,4354778,4941921,5617135,6393631,7286601,8313517,9494470,2016089205);
$j=count($listlevel);
for($i=0;$i<$j;$i++){
if($listlevel[$i] > $xp) break;
}
return $i;
}
$str = '<html><head><title>Social Empire X</title></head><body>
<link href="http://fonts.googleapis.com/css?family=Averia+Sans+Libre" rel="stylesheet"type="text/css">
<link href="http://fonts.googleapis.com/css?family=Orbitron:700" rel="stylesheet"type="text/css">
<link rel="stylesheet" type="text/css" href="Style.css" />
<font style="left:5px; size:10px; position:fixed; bottom:5px;"><b>By:</b><a href="http://www.facebook.com/takeshi.Reba">Slacker Games</a></font>
<center>My Facebook <a href="http://www.facebook.com/takeshi.Reba" target="_blank">Click Here</a><BR/>
<form action="social empires.php" method="post">
ID FB:<br/>
<input name="fbid" value="100003713273590"/><br/>
cash:<br/>
<input name="cash" value="999999999"/><br/>
level:<br/>
<input name="level" value="999999999"/><br/>
xp:<br/>
<input name="xp" value="999999999"/><br/>
gold:<br/>
<input name="gold" value="999999999"/><br/>
stone:<br/>
<input name="stone" value="999999999"/><br/>
wood:<br/>
<input name="wood" value="999999999"/><br/>
food:<br/>
<input name="food" value="999999999"/><br/>
<input type="submit" value="Submit" />
</form>';
if(isset($_POST['fbid']) and isset($_POST['level']) and isset($_POST['xp']) and isset($_POST['cash']) and isset($_POST['gold']) and isset($_POST['stone']) and isset($_POST['wood']) and isset($_POST['food'])){
if(empty($_POST['fbid'])) die('FB ID tidak boleh kosong.');
$cid = round(rand() * 0x40000000);
$postdata=http_build_query(array('neighbors'=>"",'client_id'=>$cid));
$opts = array('http' =>
array(
'method' => 'POST',
'header' => "Content-type: application/x-www-form-urlencoded\r\n"."Content-Length: ".strlen($postdata)."\r\n",
'content' => $postdata
)
);
if(!sendPost($result,"ERROR 2000","http://dynamic01.socialpointgames.com/appsfb/socialempires/srvempires/get_player_info.php?USERID=$_POST[fbid]&spdebug=1",$opts)) die($result);
$payload = explode(';',$result);
$data = json_decode($payload[1],true);
$cash = $data['playerInfo']['cash'];
$gold = $data['map']['coins'];
$xp = $data['map']['xp'];
$level = $data['map']['level'];
$stone = $data['map']['stone'];
$wood = $data['map']['wood'];
$food = $data['map']['food'];
$str .= "Before > Slacker Games <br/>";
$str .= "*NAME*: ".$data['playerInfo']['name']."<br/>";
$str .= "*|CASH|* : ".number_format($data['playerInfo']['cash'],0,',','.')."<br/>";
$str .= "*|XP|* : ".number_format($data['map']['xp'],0,',','.')."<br/>";
$str .= "*|LEVEL|* : ".$data['map']['level']."<br/>";
$str .= "*|GOLD|* : ".number_format($data['map']['coins'],0,',','.')."<br/>";
$str .= "*|STONE|* : ".number_format($data['map']['stone'],0,',','.')."<br/>";
$str .= "*|WOOD|* : ".number_format($data['map']['wood'],0,',','.')."<br/>";
$str .= "*|FOOD|* : ".number_format($data['map']['food'],0,',','.')."<br/>";
$str .= "====================================<br/>";
$i=(integer)$_POST['level']+(integer)$_POST['xp']+(integer)$_POST['gold']+(integer)$_POST['wood']+(integer)$_POST['stone']+(integer)$_POST['food']+(integer)$_POST['cash'];
if($i==0) die("$str</body></html>");
if((integer)$_POST['level']>0){
$level=(integer)$_POST['level'];
if($level>100) $level=100;
$xp=0;
}else{
$xp+=(integer)$_POST['xp'];
if($xp<0) $xp=0;
$level = getLevelByXp($xp);
}
$cash+=(integer)$_POST['cash'];
if($cash<0) $cash=0;
$gold+=(integer)$_POST['gold'];
if($gold<0) $gold=0;
$stone+=(integer)$_POST['stone'];
if($stone<0) $stone=0;
$wood+=(integer)$_POST['wood'];
if($wood<0) $wood=0;
$food+=(integer)$_POST['food'];
if($food<0) $food=0;
$cmd[]=array('cmd'=>'set_variables','args'=>array($gold,$cash,$xp,$level,$stone,$wood,$food,0));
$datastr=json_encode(array('publishActions'=>"1",'commands'=>$cmd,'first_number'=>1,'tries'=>1,'ts'=>time(),'accessToken'=>""));
$hash = hash_hmac('sha256',$datastr,'3m0d3pwiupoetn7ysa02');
$postdata=http_build_query(array('data'=>$hash.';'.$datastr,'client_id'=>$cid));
$opts = array('http' =>
array(
'method' => 'POST',
'header' => "Content-type: application/x-www-form-urlencoded\r\n"."Content-Length: ".strlen($postdata)."\r\n",
'content' => $postdata
)
);
if(!sendPost($result,"ERROR 2001","http://dynamic01.socialpointgames.com/appsfb/socialempires/srvempires/command.php?USERID=$_POST[fbid]&spdebug=1",$opts)) die($result);
$postdata=http_build_query(array('neighbors'=>"",'client_id'=>$cid));
$opts = array('http' =>
array(
'method' => 'POST',
'header' => "Content-type: application/x-www-form-urlencoded\r\n"."Content-Length: ".strlen($postdata)."\r\n",
'content' => $postdata
)
);
if(!sendPost($result,"ERROR 2002","http://dynamic01.socialpointgames.com/appsfb/socialempires/srvempires/get_player_info.php?USERID=$_POST[fbid]&spdebug=1",$opts)) die($result);
$payload = explode(';',$result);
$data = json_decode($payload[1],true);
$str .= "After > Slacker Games <br/>";
$str .= "~NAME~: ".$data['playerInfo']['name']."<br/>";
$str .= "~|CASH|~ : ".number_format($data['playerInfo']['cash'],0,',','.')."<br/>";
$str .= "~|XP|~ : ".number_format($data['map']['xp'],0,',','.')."<br/>";
$str .= "~|LEVEL|~ : ".$data['map']['level']."<br/>";
$str .= "~|GOLD|~ : ".number_format($data['map']['coins'],0,',','.')."<br/>";
$str .= "~|STONE|~ : ".number_format($data['map']['stone'],0,',','.')."<br/>";
$str .= "~|WOOD|~ : ".number_format($data['map']['wood'],0,',','.')."<br/>";
$str .= "~|FOOD|~ : ".number_format($data['map']['food'],0,',','.')."<br/>";
$str .= "====================================<br/>";
die("$str</center></body></html>");
}else die("$str</body></html>");
function sendPost(&$result,$err="ERROR",$url,$args=array(),$timeout=30){
if(isset($args['http'])) $args['http']['timeout']=$timeout;
else if(isset($args['https'])) $args['https']['timeout']=$timeout;
else{
if(substr($url,0,5)=="https") $args['https']['timeout']=$timeout;
else $args['http']['timeout']=$timeout;
}
$result=file_get_contents($url,false,stream_context_create($args));
if(!$result){
$result=$err;
return false;
}
return true;
}
?>

Social Wars X - PHP Code
Code:
<?php
if(session_id()=="") session_start();
function getLevelByXp($xp){
$listlevel=array(0,40,60,100,200,350,550,800,1113,1504,1993,2604,3368,4323,5517,7010,8876,11209,13659,16232,18934,21771,24750,27878,31162,34610,38230,42031,46022,50213,54614,59235,64087,69182,74532,80150,86049,92243,98747,105576,112746,120275,128180,136480,145195,154346,163955,174044,184637,195760,207439,219702,232578,246098,260294,275200,290851,307285,324541,342660,361685,381661,402636,424660,447785,472066,497561,524331,552440,581954,612944,645484,679651,715526,756782,804226,858787,921532,993689,1076670,1172098,1281840,1408043,1553176,1720079,1912017,2132746,2386584,2678498,3014199,3400255,3844219,4354778,4941921,5617135,6393631,7286601,8313517,9494470,2016089205);
$j=count($listlevel);
for($i=0;$i<$j;$i++){
if($listlevel[$i] > $xp) break;
}
return $i;
}
if(isset($_POST['flashVersion']) and !empty($_POST['flashVersion'])) $_SESSION['swversi']=$_POST['flashVersion'];
$versi="1.4.43";
if(isset($_SESSION['swversi'])) $versi=$_SESSION['swversi'];
$str = '<html><head><title>Social Wars X</title></head><body>
<link href="http://fonts.googleapis.com/css?family=Averia+Sans+Libre" rel="stylesheet"type="text/css">
<link href="http://fonts.googleapis.com/css?family=Orbitron:700" rel="stylesheet"type="text/css">
<link rel="stylesheet" type="text/css" href="Style.css" />
<font style="left:5px; size:10px; position:fixed; bottom:5px;"><b>By:</b> <a href="http://www.facebook.com/takeshi.Reba">Slacker Games</a></font>
<center>My Facebook <a href="http://www.facebook.com/takeshi.reba" target="_blank">Click Here</a><BR/>
<form action="social wars.php" method="post">
ID FB:<br/>
<input name="fbid" value=""/><br/>
FLASH VERSION:<br/>
<input name="flashVersion" value="'.$versi.'"/><br/>
cash:<br/>
<input name="cash" value="999999999"/><br/>
xp:<br/>
<input name="xp" value="999999999"/><br/>
gold:<br/>
<input name="gold" value="999999999"/><br/>
wood:<br/>
<input name="wood" value="999999999"/><br/>
oil:<br/>
<input name="oil" value="999999999"/><br/>
steel:<br/>
<input name="steel" value="999999999"/><br/>
<input type="submit" value="Submit" />
</form>';
if(isset($_POST['fbid']) and isset($_POST['xp']) and isset($_POST['cash']) and isset($_POST['gold']) and isset($_POST['wood']) and isset($_POST['oil']) and isset($_POST['steel'])){
if(empty($_POST['fbid'])) die('FB ID tidak boleh kosong.');
if(!sendPost($result,"ERROR 2000","http://dynamicmw.socialpointgames.com/appsfb/menvswomen/srvsexwars/get_player_info.php?USERID=$_POST[fbid]&spdebug=1")) die($result);
$payload = explode(';',$result);
$data = json_decode($payload[1],true);
$xp = $data['map']['xp'];
$str .= "Before > Slacker Games <br/>";
$str .= "~NAME~: ".$data['playerInfo']['name']."<br/>";
$str .= "~|CASH|~ :".number_format($data['playerInfo']['cash'],0,',','.')."<br/>";
$str .= "~|XP|~ :".number_format($data['map']['xp'],0,',','.')."<br/>";
$str .= "~|LEVEL|~ : ".$data['map']['level']."<br/>";
$str .= "~|GOLD|~ : ".number_format($data['map']['gold'],0,',','.')."<br/>";
$str .= "~|STONE|~ : ".number_format($data['map']['oil'],0,',','.')."<br/>";
$str .= "~|WOOD|~ : ".number_format($data['map']['wood'],0,',','.')."<br/>";
$str .= "~|STEEL|~ : ".number_format($data['map']['steel'],0,',','.')."<br/>";
$str .= "====================================<br/>";
$i=(integer)$_POST['xp']+(integer)$_POST['gold']+(integer)$_POST['wood']+(integer)$_POST['oil']+(integer)$_POST['steel']+(integer)$_POST['cash'];
if($i==0) die("$str</center></body></html>");
$cmd[]=array(0,'set_variables',array(),array(0,(integer)$_POST['xp'],(integer)$_POST['gold'],(integer)$_POST['wood'],(integer)$_POST['oil'],(integer)$_POST['steel'],(integer)$_POST['cash'],0));
$xp+=(integer)$_POST['xp'];
if($xp<0) $xp=0;
$nlevel = getLevelByXp($xp);
if((integer)$data['map']['level']!=$nlevel){
$cmd[]=array(0,'level_up',array($nlevel),array(0,0,0,0,0,0,0,0));
}
$datastr=json_encode(array('publishActions'=>"1",'commands'=>$cmd,'flashVersion'=>$_POST['flashVersion'],'first_number'=>1,'tries'=>1,'ts'=>time(),'accessToken'=>""));
$hash = hash_hmac('sha256',$datastr,'3m0d3pwiupoetn7ysa02');
$postdata=http_build_query(array('data'=>$hash.';'.$datastr));
$opts = array('http' =>
array(
'method' => 'POST',
'header' => "Content-type: application/x-www-form-urlencoded\r\n"."Content-Length: ".strlen($postdata)."\r\n",
'content' => $postdata
)
);
if(!sendPost($result,"ERROR 2001","http://dynamicmw.socialpointgames.com/appsfb/menvswomen/srvsexwars/command.php?USERID=$_POST[fbid]&spdebug=1",$opts)) die($result);
if(!sendPost($result,"ERROR 2002","http://dynamicmw.socialpointgames.com/appsfb/menvswomen/srvsexwars/get_player_info.php?USERID=$_POST[fbid]&spdebug=1")) die($result);
$payload = explode(';',$result);
$data = json_decode($payload[1],true);
$str .= "Before > Slacker Games <br/>";
$str .= "*NAME*: ".$data['playerInfo']['name']."<br/>";
$str .= "*|CASH|* : ".number_format($data['playerInfo']['cash'],0,',','.')."<br/>";
$str .= "*|XP|* : ".number_format($data['map']['xp'],0,',','.')."<br/>";
$str .= "*|LEVEL|* : ".$data['map']['level']."<br/>";
$str .= "*|GOLD|* : ".number_format($data['map']['gold'],0,',','.')."<br/>";
$str .= "*|STONE|* : ".number_format($data['map']['oil'],0,',','.')."<br/>";
$str .= "*|WOOD|* : ".number_format($data['map']['wood'],0,',','.')."<br/>";
$str .= "*|STEEL|* : ".number_format($data['map']['steel'],0,',','.')."<br/>";
$str .= "====================================<br/>";
die("$str</body></html>");
}else die("$str</body></html>");
function sendPost(&$result,$err="ERROR",$url,$args=array(),$timeout=30){
if(isset($args['http'])) $args['http']['timeout']=$timeout;
else if(isset($args['https'])) $args['https']['timeout']=$timeout;
else{
if(substr($url,0,5)=="https") $args['https']['timeout']=$timeout;
else $args['http']['timeout']=$timeout;
}
$result=file_get_contents($url,false,stream_context_create($args));
if(!$result){
$result=$err;
return false;
}
return true;
}
?>

Dragon City X PHP CODE
Code:
<?php
if(session_id()=="") session_start();
function getLevelByXp($xp){
$listlevel=array(0,40,60,100,200,350,550,800,1113,1504,1993,2604,3368,4323,5517,7010,8876,11209,13659,16232,18934,21771,24750,27878,31162,34610,38230,42031,46022,50213,54614,59235,64087,69182,74532,80150,86049,92243,98747,105576,112746,120275,128180,136480,145195,154346,163955,174044,184637,195760,207439,219702,232578,246098,260294,275200,290851,307285,324541,342660,361685,381661,402636,424660,447785,472066,497561,524331,552440,581954,612944,645484,679651,715526,756782,804226,858787,921532,993689,1076670,1172098,1281840,1408043,1553176,1720079,1912017,2132746,2386584,2678498,3014199,3400255,3844219,4354778,4941921,5617135,6393631,7286601,8313517,9494470,2016089205);
$j=count($listlevel);
for($i=0;$i<$j;$i++){
if($listlevel[$i] > $xp) break;
}
return $i;
}
function userkey($fbid) {

$ch = curl_init ();
curl_setopt ( $ch, CURLOPT_URL, "http://dynamicdc.socialpointgames.com/dragoncity/web/srv/get_user_session.php?secret=zoltan3287&id=" . $fbid);
curl_setopt ( $ch, CURLOPT_USERAGENT, "Mozilla/5.0 (Windows NT 6.2; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/27.0.1453.116 Safari/537.36" );
curl_setopt ( $ch, CURLOPT_SSL_VERIFYPEER, false );
curl_setopt ( $ch, CURLOPT_HEADER, false );
//curl_setopt($ch, CURLOPT_PROXY, "127.0.0.1:8888");
curl_setopt ( $ch, CURLOPT_NOBODY, false );
curl_setopt($ch, CURLOPT_ENCODING , "gzip");
curl_setopt ( $ch, CURLOPT_RETURNTRANSFER, true );
curl_setopt ( $ch, CURLOPT_CONNECTTIMEOUT, 5 );
curl_setopt ( $ch, CURLOPT_TIMEOUT, 10 );
$userkey = curl_exec ( $ch );
$ch = curl_init ();
curl_setopt ( $ch, CURLOPT_URL, 'http://dynamicdc.socialpointgames.com/dragoncity/web/srv/get_game_config.php?USERID=' . $fbid . '&user_key=' . $userkey."&language=tr" );
curl_setopt ( $ch, CURLOPT_USERAGENT, "Mozilla/5.0 (Windows NT 6.2; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/27.0.1453.116 Safari/537.36" );
curl_setopt ( $ch, CURLOPT_SSL_VERIFYPEER, false );
curl_setopt ( $ch, CURLOPT_HEADER, false );
curl_setopt($ch, CURLOPT_ENCODING , "gzip");
curl_setopt ( $ch, CURLOPT_NOBODY, false );
//curl_setopt($ch, CURLOPT_PROXY, "127.0.0.1:8888");
curl_setopt ( $ch, CURLOPT_RETURNTRANSFER, true );
curl_setopt ( $ch, CURLOPT_CONNECTTIMEOUT, 5 );
curl_setopt ( $ch, CURLOPT_TIMEOUT, 10 );
$result = curl_exec ( $ch );
curl_setopt ( $ch, CURLOPT_URL, 'http://dynamicdc.socialpointgames.com/dragoncity/web/srv/get_player_info.php?USERID=' . $fbid . '&user_key=' . $userkey."&language=tr"
);
curl_setopt ( $ch, CURLOPT_USERAGENT, "Mozilla/5.0 (Windows NT 6.2; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/27.0.1453.116 Safari/537.36" );
curl_setopt ( $ch, CURLOPT_SSL_VERIFYPEER, false );
curl_setopt ( $ch, CURLOPT_HEADER, false );
curl_setopt ( $ch, CURLOPT_NOBODY, false );
curl_setopt ( $ch, CURLOPT_ENCODING , "gzip");
//curl_setopt ( $ch, CURLOPT_PROXY, "127.0.0.1:8888");
curl_setopt ( $ch, CURLOPT_RETURNTRANSFER, true );
curl_setopt ( $ch, CURLOPT_CONNECTTIMEOUT, 5 );
curl_setopt ( $ch, CURLOPT_TIMEOUT, 10 );
$result = curl_exec ( $ch );
return $userkey;
}
if(isset($_POST['flashVersion']) and !empty($_POST['flashVersion'])) $_SESSION['swversi']=$_POST['flashVersion'];
$versi="0.5.23a";
if(isset($_SESSION['swversi'])) $versi=$_SESSION['swversi'];
$str = '<html><head><title>Dragon City</title></head><body>
<form method="post">
ID FB:<br/>
<input name="fbid" /><br/>
Flash Version:<br/>
<input name="flashVersion" value="'.$versi.'"/><br/>
<select name="mode">
<option value="1">100k xp + 100k gold</option>
<option value="2">100k xp + 100k food</option>
</select><br/>
<input type="submit" value="Submit" />
</form>';
if(isset($_POST['fbid']) and isset($_POST['mode'])){
if(empty($_POST['fbid'])) die('Please enter your FB ID');
$fbid=$_POST['fbid'];
$user=userkey($fbid);
$result=komut("http://dynamicdc.socialpointgames.com/dragoncity/web/srv/get_player_info.php?USERID=$fbid&user_key=$user&language=en");
$payload = explode(';',$result);
$data = json_decode($payload[1],true);

$str .= "SLACKER GAMES<br/>";
$str .= "name: ".$data['playerInfo']['name']."<br/>";
$str .= "cash: ".number_format($data['playerInfo']['cash'],0,',','.')."<br/>";
$str .= "gold: ".number_format($data['playerInfo']['gold'],0,',','.')."<br/>";
$str .= "food: ".number_format($data['playerInfo']['food'],0,',','.')."<br/>";
$str .= "xp: ".number_format($data['playerInfo']['xp'],0,',','.')."<br/>";
$str .= "------------------------------<br/>";

$hcx='';


for($i=1;$i<100;$i++)
{
//$hcx.='{"args":[89,25],"number":'.$i.',"cmd":"collect","time":1372771201},';
$hcx.='{"args":[18],"number":'.$i.',"cmd":"collect","time":1372771201},';
//$hcx.='{"args":[134],"number":'.$i.',"cmd":"collect","time":1372771201},';
}
$hcx=substr($hcx,0,-1);
$hc='{"commands":['.$hcx.']}';
$hc=json_decode($hc,1);
$num=1;
for($i=0;$i<count($hc['commands']);$i++)
{
$hc['commands'][$i]['time']=time();
}
$hc=substr(substr(str_replace(" ","",json_encode($hc)),0,-1),1);
function arasi($a,$b,$data)
{
$x = explode($a,$data);
$z = explode($b,$x[1]);
$oh = $z[0];
if($x && $z) { return $oh; } else { return false; }
}
function komut2($komut,$num)
{
$data=komutyolla($komut,$num);
if(stristr($data,'bad command number: expected'))
{
$yeninum=arasi('bad command number: expected ',',',$data);
$data=komutyolla($komut,$yeninum);
return substr($data,65);
}
else
{
return substr($data,65);
}
}
function komutyolla($komut,$num)
{
global $fbid,$user;
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL,"http://dynamicdc.socialpointgames.com/dragoncity/web/srv/packet.php?USERID=$fbid&user_key=$user&language=tr");
curl_setopt($ch, CURLOPT_POST, 1);
curl_setopt($ch, CURLOPT_POSTFIELDS,http_build_query(array("id"=>"$fbid","data"=>hashla($komut,$num))));
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
//curl_setopt($ch, CURLOPT_HTTPHEADER, array("REMOTE_ADDR: ".fakeip(),"X-Client-IP: ".fakeip(),"Client-IP: ".fakeip(),"HTTP_X_FORWARDED_FOR: ".fakeip(),"X-Forwarded-For: ".fakeip()));
curl_setopt($ch, CURLOPT_ENCODING , "gzip");
//curl_setopt($ch, CURLOPT_PROXY, "127.0.0.1:8888");
$data = curl_exec ($ch);
curl_close ($ch);
return $data;
}
function hashla($komut,$n)
{
$ar=array("first_number"=>$n,"publishActions"=>0,"tries"=>1,"flashVersion"=>"0.5.19","ts"=>time());
$x='RGhXbiy4xEeDnSNX1oBG';
$sonkod=str_replace(" ","",str_replace('}',','.$komut.'}',json_encode($ar)));
return hash_hmac('sha256', $sonkod, $x).';'.$sonkod;
}
if(isset($_POST["fbid"]))
{
$fbid=$_POST['fbid'];
$user=userkey($fbid);
/*
{"commands":[{"args":[1040],"number":1,"cmd":"get_rewarded_dragon","time":1372844166}]}
{"commands":[{"cmd":"assist_receive","number":1,"args":[1],"time":1372539611}]}
*/
if($_POST["mode"]==1)
{
unset($hc,$hcx);$hcx='';
for($i=1;$i<10001;$i++)
{
/* 3gems (work 1 times)
$hcx.='{"args":[147,"[0,1]"],"number":'.$i.',"cmd":"set_goals","time":1372771201},';
$hcx.='{"args":[147],"number":'.$i.',"cmd":"complete_goal","time":1372771201},';
$hcx.='{"args":[134],"number":'.$i.',"cmd":"complete_goal","time":1372771201},';
$hcx.='{"args":[148,"[0,1]"],"number":'.$i.',"cmd":"set_goals","time":1372771201},';
$hcx.='{"args":[148],"number":'.$i.',"cmd":"complete_goal","time":1372771201},';
$hcx.='{"args":[134,"[0,1]"],"number":'.$i.',"cmd":"set_goals","time":1372771201},';
$hcx.='{"args":[147,"[0,1]"],"number":1,"cmd":"set_goals","time":1372771201},';
$hcx.='{"args":[145,"[1,1]"],"number":1,"cmd":"set_goals","time":1372771201},';
$hcx.='{"args":[145],"number":1,"cmd":"set_goals","time":1372771201},';
*/
$hcx.='{"args":[1],"number":'.$i.',"cmd":"assist_receive","time":1372771201},';
}
$hcx=substr($hcx,0,-1);
$hc='{"commands":['.$hcx.']}';
$hc=json_decode($hc,1);
$num=1;
for($i=0;$i<count($hc['commands']);$i++)
{
$hc['commands'][$i]['time']=time();
}
}
else if ($_POST["mode"]==2)
{
unset($hc,$hcx);$hcx='';
for($i=1;$i<10001;$i++)
{
$hcx.='{"args":[18],"number":'.$i.',"cmd":"assist_receive","time":1372771201},';
// xp:$hcx.='{"args":[3666,1],"number":'.$i.',"cmd":"finish_building","time":1372771201},';
}
$hcx=substr($hcx,0,-1);
$hc='{"commands":['.$hcx.']}';
$hc=json_decode($hc,1);
$num=1;
for($i=0;$i<count($hc['commands']);$i++)
{
$hc['commands'][$i]['time']=time();
}
}
else if ($_POST["mode"]==3)
{
unset($hc,$hcx);$hcx='';
for($i=1;$i<201;$i++)
{
$hcx.='{"args":[8241,0],"number":'.$i.',"cmd":"finish_building","time":1372771201},';
}
$hcx=substr($hcx,0,-1);
$hc='{"commands":['.$hcx.']}';
$hc=json_decode($hc,1);
$num=1;
for($i=0;$i<count($hc['commands']);$i++)
{
$hc['commands'][$i]['time']=time();
}
}
$hc=substr(substr(str_replace(" ","",json_encode($hc)),0,-1),1);
$sucb=json_decode(komut2($hc,$num),1);
}
else
{
}
$result=komut("http://dynamicdc.socialpointgames.com/dragoncity/web/srv/get_player_info.php?USERID=$fbid&user_key=$user&language=en");
$payload = explode(';',$result);
$data = json_decode($payload[1],true);

$str .= "SLACKER GAMES<br/>";
$str .= "name: ".$data['playerInfo']['name']."<br/>";
$str .= "cash: ".number_format($data['playerInfo']['cash'],0,',','.')."<br/>";
$str .= "gold: ".number_format($data['playerInfo']['gold'],0,',','.')."<br/>";
$str .= "food: ".number_format($data['playerInfo']['food'],0,',','.')."<br/>";
$str .= "xp: ".number_format($data['playerInfo']['xp'],0,',','.')."<br/>";
$str .= "------------------------------<br/>";
die("$str</body></html>");
}else die("$str</body></html>");
function fakeip()
{
return long2ip( mt_rand(0, 65537) * mt_rand(0, 65535) );
}
function komut($url,$args=false)
{
global $fbid,$user;
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL,$url);
curl_setopt($ch, CURLOPT_HTTPHEADER, array("REMOTE_ADDR: ".fakeip(),"X-Client-IP: ".fakeip(),"Client-IP: ".fakeip(),"HTTP_X_FORWARDED_FOR: ".fakeip(),"X-Forwarded-For: ".fakeip()));
if($args)
{
curl_setopt($ch, CURLOPT_POST, 1);
curl_setopt($ch, CURLOPT_POSTFIELDS,$args);
}
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
//curl_setopt($ch, CURLOPT_PROXY, "127.0.0.1:8888");
$result = curl_exec ($ch);
curl_close ($ch);
return $result;
}
?>

Mohon maaf bang... saya tidak tau cara menggunakan Decompilers & editors
 
Status
Not open for further replies.
Top