开心网刷分程序详解以及web游戏破解思路分析（二）

 

************本人水平有限，在学习时请用批判的态度学习，有问题给我留言************

开心网刷分程序详解以及 web 游戏破解思路分析（二）

 

1 、黄开刷分程序提交失败，他们更改了游戏限制的策略，经过对截取的 http 请求的分析得出，他们在请求中加入了对 referer 的验证，如何模拟请求头中的 referer 呢，在老牌请求包 apache commons httpclient 中没有设置 referer 请求的实现方法。

上网搜索，查询到用 java.net 包中的类就能搞定，混合提交也可以应用，就是先用 httpclient 提交请求，然后用 java.net 中的类提交，最后还是用 httpclient 提交，没问题，搞定。

最后需要写个定时提交，需要隔一段时间提交一次，隔多长时间要看你的游戏玩了多长时间

 

需要用到的包和配置文件：

commons-codec.jar

commons-httpclient.jar

commons-logging.jar

commons-logging.properties

js.jar

log4j-1.2.8.jar

log4j.properties

 

2 、现在公布程序源代码：

************** 程序中账号、密码、游戏名称等参数可以做相应的更改 **************

定时执行类：

package httpClint;

import java.text.SimpleDateFormat;

/**
 * 定时
 * @author caohua
 */
public class FormLoginDemo {
    private static java.util.Timer timer = new java.util.Timer(false);
    public static void startTimer() {
        timer.schedule(new timerTask(), 0, 30000);
        System.out.println("start:");
    }
    public static void stopTimer() {
        timer.cancel();
        System.out.println("stop:");
    }
    public static void main(String args[]) {
        System.out.println("开始刷分："
                + new SimpleDateFormat("yyyy-MM-dd:HH:mm:ss"));
        timer.schedule(new timerTask(), 0, 30000);
    }
}

 

提交类

package httpClint;

import java.io.IOException;
import java.io.OutputStream;
import java.net.HttpURLConnection;
import java.net.URL;
import java.text.SimpleDateFormat;
import java.util.Date;
import java.util.TimerTask;

import org.apache.commons.httpclient.Header;
import org.apache.commons.httpclient.HttpClient;
import org.apache.commons.httpclient.HttpException;
import org.apache.commons.httpclient.HttpStatus;
import org.apache.commons.httpclient.NameValuePair;
import org.apache.commons.httpclient.methods.GetMethod;
import org.apache.commons.httpclient.methods.PostMethod;

public class timerTask extends TimerTask {

    static final String LOGON_SITE = "login.kaixin.com";

    static final int LOGON_PORT = 80;

    public timerTask() {}

    public void run() {
      
        try{
            HttpClient client = new HttpClient();
            client.getHostConfiguration().setHost(LOGON_SITE, LOGON_PORT);
            PostMethod post = new PostMethod("/Login.do");
            NameValuePair name = new NameValuePair("email", "caohua1012@hotmail.com");
            NameValuePair pass = new NameValuePair("password", "111111");
            post.setRequestBody(new NameValuePair[] { name, pass });// 设置post参数
            client.executeMethod(post);// 执行post方法
            post.releaseConnection(); // 关闭连接
  
            // 检查是否重定向
            int statuscode = post.getStatusCode();// 得到相应状态码
  
            // 判断是否是请求转发 是的话请求转发的地址
            if ((statuscode == HttpStatus.SC_MOVED_TEMPORARILY)
                    || (statuscode == HttpStatus.SC_MOVED_PERMANENTLY)
                    || (statuscode == HttpStatus.SC_SEE_OTHER)
                    || (statuscode == HttpStatus.SC_TEMPORARY_REDIRECT)) {
                // 读取新的URL地址
                Header header = post.getResponseHeader("location");
                if (header != null) {
                    String newuri = header.getValue();
                    if ((newuri == null) || (newuri.equals("")))
                        newuri = "/";
                    GetMethod redirect = new GetMethod(newuri);
                    client.executeMethod(redirect);// 请求转发的地址
                    redirect.releaseConnection();
  
                } else
                    System.out.println("error");
            }
  
            runGetMethod(client, "http://xyx.kaixin.com/?mm_id=49");// 请求模块url
            runGetMethod(client,
                    "http://xyx.kaixin.com/upload/detail.php?game=puppyred_2");// 请求游戏url
  
            runPostMethod();// 发送带referer的请求
  
            // 计算时间 提交时服务器端会判断时间是否是开始时间减结束时间
            long l = new Date().getTime();
            String starttime1 = String.valueOf(l);
            l = l + 230000;// 对应playertime
            String endtime = String.valueOf(l);
  
            // Thread.sleep(23000);
  
            PostMethod post1 = new PostMethod(
                    "http://xyx.kaixin.com/upload/plugins.php");
            // 加入请求参数
            NameValuePair bonus = new NameValuePair("bonus", "0");
            NameValuePair level = new NameValuePair("level", "7");
            NameValuePair fscore = new NameValuePair("fscore", "7210");
            NameValuePair playertime = new NameValuePair("playertime", endtime);
            NameValuePair playedtime = new NameValuePair("playedtime", "23");
            NameValuePair starttime = new NameValuePair("starttime", starttime1);
            NameValuePair action1 = new NameValuePair("action", "swfrecord");
            NameValuePair game1 = new NameValuePair("game", "puppyred_2");
            NameValuePair p1 = new NameValuePair("p", "nkflash");
  
            post1.setRequestBody(new NameValuePair[] { bonus, level, fscore,
                    playertime, playedtime, starttime, action1, game1, p1 });
            client.executeMethod(post1);// 发送请求
            post1.releaseConnection();
  
            // 请求游戏首页 得到当前分数
            GetMethod get1 = new GetMethod("http://xyx.kaixin.com/index.php");
            client.executeMethod(get1);
  
            String responsekaixin2 = get1.getResponseBodyAsString();
            int i1 = responsekaixin2.lastIndexOf("牛粪");
            System.out.print("您现在有:" + responsekaixin2.substring( i1 - 4 , i1) + "牛粪了！" );
            System.out.println("   " + new SimpleDateFormat("yyyy-MM-dd:HH:mm:ss").format(new Date()));
            get1.releaseConnection();
        }catch(Exception e){
            e.printStackTrace();
        }
    }
 
    /**
     * 发送get请求的方法
     * @param client
     * @param url
     * @return
     * @throws HttpException
     * @throws IOException
     */
    public static GetMethod runGetMethod(HttpClient client , String url) throws HttpException, IOException{
        GetMethod get1 = new GetMethod(url);
        client.executeMethod(get1);
        get1.releaseConnection();
      
        return get1;
    }
  
    /**
     * 发送带referer的post请求
     * @throws IOException
     */
    public static void runPostMethod() throws IOException{
      
        URL url = new URL("http://xyx.kaixin.com/getMessageInfo.do");
        HttpURLConnection connection = null;
        connection = (HttpURLConnection) url.openConnection();
        //设置允许output
        connection.setDoOutput(true);
        //设置为post方式
        connection.setRequestMethod("POST");
      
        connection.setRequestProperty("referer", "http://xyx.kaixin.com/upload/detail.php?game=puppyred_2");
        StringBuffer sb = new StringBuffer();
        sb.append("referrer="+"xyx");
      
        //post信息
        OutputStream os = connection.getOutputStream();
        os.write(sb.toString().getBytes("GBK"));
        os.close();
      
    }

}


配置文件 1  commons-logging.properties

 org.apache.commons.logging.simplelog.defaultlog=error
org.apache.commons.logging.Log=org.apache.commons.logging.impl.Log4JCategoryLog

配置文件 2  log4j.properties

 log4j.rootCategory=fatal, stdout
log4j.appender.stdout=org.apache.log4j.ConsoleAppender
log4j.appender.stdout.layout=org.apache.log4j.PatternLayout
log4j.appender.stdout.layout.ConversionPattern=%5p [%d] %c{2} /"%m/"%n

 

java工程源码下载：http://download.youkuaiyun.com/source/1474043