-
-
Save danieleth2/caa4ac7744628f59b1b25c9975f729b6 to your computer and use it in GitHub Desktop.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| var CryptoJS = require('crypto-js') | |
| var request = require('request-promise') | |
| /* | |
| * npm install crypto-js request-promise | |
| * node wx_t1t_hack.js | |
| */ | |
| // export function testEncription(msg, fullKey) { | |
| // var fullKey = fullKey.slice(0, 16) | |
| // var key = CryptoJS.enc.Utf8.parse(fullKey) | |
| // var iv = CryptoJS.enc.Utf8.parse(fullKey) | |
| // var passWord = CryptoJS.AES.encrypt(msg, key, { iv: iv, mode: CryptoJS.mode.CBC, padding: CryptoJS.pad.Pkcs7 }) | |
| // var base64 = passWord.toString() | |
| // console.log('passWord', passWord) | |
| // console.log('sessionId', sessionId) | |
| // console.log('key', key) | |
| // console.log('base64', base64) | |
| // var bytes = CryptoJS.AES.decrypt(base64, key, { | |
| // iv: iv | |
| // }); | |
| // console.log('bytes', bytes) | |
| // var plaintext = CryptoJS.enc.Utf8.stringify(bytes); | |
| // console.log('plaintext', plaintext) | |
| // } | |
| function encrypt (text, originKey) { | |
| var originKey = originKey.slice(0, 16), | |
| key = CryptoJS.enc.Utf8.parse(originKey), | |
| iv = CryptoJS.enc.Utf8.parse(originKey), | |
| msg = JSON.stringify(text) | |
| var ciphertext = CryptoJS.AES.encrypt(msg, key, { | |
| iv: iv, | |
| mode: CryptoJS.mode.CBC, | |
| padding: CryptoJS.pad.Pkcs7 | |
| }); | |
| return ciphertext.toString() | |
| } | |
| function decrypt (text, originKey) { | |
| var originKey = originKey.slice(0, 16), | |
| key = CryptoJS.enc.Utf8.parse(originKey), | |
| iv = CryptoJS.enc.Utf8.parse(originKey) | |
| var bytes = CryptoJS.AES.decrypt(text, key, { | |
| iv: iv | |
| }) | |
| var plaintext = CryptoJS.enc.Utf8.stringify(bytes) | |
| return plaintext | |
| } | |
| function extend (target) { | |
| var sources = [].slice.call(arguments, 1) | |
| sources.forEach(function (source) { | |
| for (var prop in source) { | |
| target[prop] = source[prop] | |
| } | |
| }) | |
| return target | |
| } | |
| var version = 5, | |
| score = 2018, | |
| session_id = 'xxxxxxxx' | |
| var headers = { | |
| 'User-Agent': 'Mozilla/5.0 (iPhone; CPU iPhone OS 11_2_1 like Mac OS X) AppleWebKit/604.4.7 (KHTML, like Gecko) Mobile/15C153 MicroMessenger/6.6.1 NetType/WIFI Language/zh_CN', | |
| 'Referer': 'https://servicewechat.com/wx7c8d593b2c3a7703/' + version + '/page-frame.html', | |
| 'Content-Type': 'application/json', | |
| 'Accept-Language': 'zh-cn', | |
| 'Accept': '*/*' | |
| } | |
| var base_req = { | |
| 'base_req': { | |
| 'session_id': session_id, | |
| 'fast': 1 | |
| } | |
| } | |
| var base_site = 'https://mp.weixin.qq.com/wxagame/' | |
| var path = 'wxagame_getuserinfo' | |
| request({ | |
| method: 'POST', | |
| url: base_site + path, | |
| headers: headers, | |
| json: true, | |
| body: base_req | |
| }).then(function (response) { console.log(path, response) }) | |
| path = 'wxagame_getfriendsscore' | |
| request({ | |
| method: 'POST', | |
| url: base_site + path, | |
| headers: headers, | |
| json: true, | |
| body: base_req | |
| }).then(function (response) { | |
| console.log(response.my_user_info) | |
| var times = response.my_user_info.times + 1 | |
| path = 'wxagame_init' | |
| request({ | |
| method: 'POST', | |
| url: base_site + path, | |
| headers: headers, | |
| json: true, | |
| body: extend({}, {version: 9}, base_req) | |
| }).then(function (response) { | |
| console.log(path, response) | |
| var action = [], | |
| musicList = [], | |
| touchList = [] | |
| // for (var i = 0; i < score; i++) { | |
| // action.push([0.752, 1.32, false]) | |
| // musicList.push(false) | |
| // touchList.push([185, 451]) | |
| // } | |
| // console.log(score, times, action.length, musicList.length, touchList.length) | |
| var data = { | |
| score: score, | |
| times: times, | |
| game_data: JSON.stringify({ | |
| seed: Date.now(), | |
| action: action, | |
| musicList: musicList, | |
| touchList: touchList, | |
| version: 1 | |
| }) | |
| } | |
| path = 'wxagame_settlement' | |
| request({ | |
| method: 'POST', | |
| url: base_site + path, | |
| headers: headers, | |
| json: true, | |
| body: extend({}, {action_data: encrypt(data, session_id)}, base_req) | |
| }).then(function (response) { | |
| console.log(path, response) | |
| }).catch(function (error) { | |
| console.log(error) | |
| }) | |
| }) | |
| }).catch(function (error) { | |
| console.log('something crash') | |
| }) |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/env python2 | |
| ## Deprecated | |
| ## Python 版本加密实现有问题,导致无法超过 999, 建议用 Javascript 版本 | |
| from Crypto.Cipher import AES | |
| from pkcs7 import PKCS7Encoder | |
| import time | |
| import json | |
| import base64 | |
| import requests | |
| class WxCrypto(object): | |
| def __init__(self, key): | |
| self.key = key[:16] | |
| self.iv = key[:16] | |
| self.mode = AES.MODE_CBC | |
| def encrypt(self, text): | |
| aes = AES.new(self.key, self.mode, self.iv) | |
| encoder = PKCS7Encoder() | |
| pad_text = encoder.encode(text) | |
| cipher = aes.encrypt(pad_text) | |
| enc_cipher = base64.b64encode(cipher) | |
| return enc_cipher | |
| def decrypt(self, text): | |
| aes = AES.new(self.key, self.mode, self.iv) | |
| plain_text = aes.decrypt(base64.b64decode(text)) | |
| encoder = PKCS7Encoder() | |
| plain_text = encoder.decode(plain_text) | |
| return plain_text | |
| def update_score(session_id, score): | |
| headers = { | |
| 'User-Agent': 'Mozilla/5.0 (iPhone; CPU iPhone OS 11_2_1 like Mac OS X) AppleWebKit/604.4.7 (KHTML, like Gecko) Mobile/15C153 MicroMessenger/6.6.1 NetType/WIFI Language/zh_CN', | |
| 'Referer': 'https://servicewechat.com/wx7c8d593b2c3a7703/4/page-frame.html', | |
| 'Accept-Language': 'zh-cn' | |
| } | |
| base_req = { | |
| 'base_req': { | |
| 'session_id': session_id, | |
| 'fast': 1 | |
| } | |
| } | |
| session = requests.Session() | |
| session.headers.update(headers) | |
| my_user_info_resp = session.post('https://mp.weixin.qq.com/wxagame/wxagame_getfriendsscore', json=base_req) | |
| if not my_user_info_resp.ok or not my_user_info_resp.json().get('my_user_info'): | |
| print(my_user_info_resp.json()) | |
| raise Exception('something crash') | |
| times = my_user_info_resp.json()['my_user_info']['times'] | |
| action_data = { | |
| 'score': score, | |
| 'times': times, | |
| 'game_data': json.dumps({ | |
| # 'seed': int(time.time()), | |
| # 'action': [[0.816, 1.09, False], | |
| # [0.275, 2.21, True]], | |
| # 'musicList': [False, False] | |
| }) | |
| } | |
| wx_crypto = WxCrypto(session_id[:16]) | |
| action_data_cipher = wx_crypto.encrypt(json.dumps(action_data, separators=(',', ':'))) | |
| data = {'action_data': action_data_cipher} | |
| data.update(base_req) | |
| result_resp = requests.post('https://mp.weixin.qq.com/wxagame/wxagame_settlement', json=data) | |
| print(result_resp.json()) | |
| session_id = 'xxxxxxxxxx' | |
| update_score(session_id, score) |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment