Last active
September 18, 2025 20:48
-
Star
(437)
You must be signed in to star a gist -
Fork
(133)
You must be signed in to fork a gist
-
-
Save feix/6dd1f62a54c5efa10f1e1c24f8efc417 to your computer and use it in GitHub Desktop.
Revisions
-
feix revised this gist
Jan 2, 2018 . 1 changed file with 1 addition and 1 deletion.There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -2,7 +2,7 @@ var CryptoJS = require('crypto-js') var request = require('request-promise') /* * npm install crypto-js request-promise request * node wx_t1t_hack.js */ -
Jan 1, 2018 . 1 changed file with 0 additions and 76 deletions.There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -1,76 +0,0 @@ -
Jan 1, 2018 . 1 changed file with 9 additions and 6 deletions.There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -64,7 +64,8 @@ function extend (target) { var version = 5, score = 2018, // replace with your session_id here session_id = 'xxxxx' var headers = { 'User-Agent': 'Mozilla/5.0 (iPhone; CPU iPhone OS 11_2_1 like Mac OS X) AppleWebKit/604.4.7 (KHTML, like Gecko) Mobile/15C153 MicroMessenger/6.6.1 NetType/WIFI Language/zh_CN', @@ -88,7 +89,9 @@ request({ headers: headers, json: true, body: base_req }).then(function (response) { // console.log(path, response) }) path = 'wxagame_getfriendsscore' request({ @@ -98,7 +101,7 @@ request({ json: true, body: base_req }).then(function (response) { // console.log(response.my_user_info) var times = response.my_user_info.times + 1 path = 'wxagame_init' request({ @@ -108,7 +111,7 @@ request({ json: true, body: extend({}, {version: 9}, base_req) }).then(function (response) { // console.log(path, response) var action = [], musicList = [], touchList = [] @@ -117,7 +120,6 @@ request({ // musicList.push(false) // touchList.push([185, 451]) // } var data = { score: score, times: times, @@ -137,7 +139,8 @@ request({ json: true, body: extend({}, {action_data: encrypt(data, session_id)}, base_req) }).then(function (response) { // console.log(path, response) console.log('2018! Happy new year! 🎉') }).catch(function (error) { console.log(error) }) -
Jan 1, 2018 . 1 changed file with 6 additions and 7 deletions.There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -109,16 +109,15 @@ request({ body: extend({}, {version: 9}, base_req) }).then(function (response) { console.log(path, response) var action = [], musicList = [], touchList = [] // for (var i = 0; i < score; i++) { // action.push([0.752, 1.32, false]) // musicList.push(false) // touchList.push([185, 451]) // } // console.log(score, times, action.length, musicList.length, touchList.length) var data = { score: score, times: times, -
Jan 1, 2018 . 1 changed file with 1 addition and 1 deletion.There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -63,7 +63,7 @@ function extend (target) { var version = 5, score = 2018, session_id = 'xxxxxxxx' var headers = { -
Jan 1, 2018 . 1 changed file with 3 additions and 0 deletions.There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -1,5 +1,8 @@ #!/usr/bin/env python2 ## Deprecated ## Python 版本加密实现有问题,导致无法超过 999, 建议用 Javascript 版本 from Crypto.Cipher import AES from pkcs7 import PKCS7Encoder import time -
Jan 1, 2018 . 1 changed file with 75 additions and 41 deletions.There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -1,6 +1,11 @@ var CryptoJS = require('crypto-js') var request = require('request-promise') /* * npm install crypto-js request-promise * node wx_t1t_hack.js */ // export function testEncription(msg, fullKey) { // var fullKey = fullKey.slice(0, 16) // var key = CryptoJS.enc.Utf8.parse(fullKey) @@ -22,92 +27,121 @@ var request = require('request-promise') // console.log('plaintext', plaintext) // } function encrypt (text, originKey) { var originKey = originKey.slice(0, 16), key = CryptoJS.enc.Utf8.parse(originKey), iv = CryptoJS.enc.Utf8.parse(originKey), msg = JSON.stringify(text) var ciphertext = CryptoJS.AES.encrypt(msg, key, { iv: iv, mode: CryptoJS.mode.CBC, padding: CryptoJS.pad.Pkcs7 }); return ciphertext.toString() } function decrypt (text, originKey) { var originKey = originKey.slice(0, 16), key = CryptoJS.enc.Utf8.parse(originKey), iv = CryptoJS.enc.Utf8.parse(originKey) var bytes = CryptoJS.AES.decrypt(text, key, { iv: iv }) var plaintext = CryptoJS.enc.Utf8.stringify(bytes) return plaintext } function extend (target) { var sources = [].slice.call(arguments, 1) sources.forEach(function (source) { for (var prop in source) { target[prop] = source[prop] } }) return target } var version = 5, score = 666, session_id = 'xxxxxxxx' var headers = { 'User-Agent': 'Mozilla/5.0 (iPhone; CPU iPhone OS 11_2_1 like Mac OS X) AppleWebKit/604.4.7 (KHTML, like Gecko) Mobile/15C153 MicroMessenger/6.6.1 NetType/WIFI Language/zh_CN', 'Referer': 'https://servicewechat.com/wx7c8d593b2c3a7703/' + version + '/page-frame.html', 'Content-Type': 'application/json', 'Accept-Language': 'zh-cn', 'Accept': '*/*' } var base_req = { 'base_req': { 'session_id': session_id, 'fast': 1 } } var base_site = 'https://mp.weixin.qq.com/wxagame/' var path = 'wxagame_getuserinfo' request({ method: 'POST', url: base_site + path, headers: headers, json: true, body: base_req }).then(function (response) { console.log(path, response) }) path = 'wxagame_getfriendsscore' request({ method: 'POST', url: base_site + path, headers: headers, json: true, body: base_req }).then(function (response) { console.log(response.my_user_info) var times = response.my_user_info.times + 1 path = 'wxagame_init' request({ method: 'POST', url: base_site + path, headers: headers, json: true, body: extend({}, {version: 9}, base_req) }).then(function (response) { console.log(path, response) // "{"seed":1514756173427,"action":[[0.852,1.02,false],[0.452,1.84,false],[0.998,0.72,false],[0.506,1.7,false],[0.55,1.63,false],[0.821,1.09,false],[0.706,1.29,false],[0.634,1.46,false],[0.517,1.7,false],[0.564,1.6,false],[0.895,0.95,false],[0.645,1.46,false],[0.315,2.11,true],[0.516,1.7,false],[0.138,2.45,false],[0.163,2.41,false]],"musicList":[false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false],"touchList":[[155,421],[155,421],[155,421],[155,421],[155,421],[155,421],[155,421],[155,421],[155,421],[155,421],[155,421],[155,421],[155,421],[155,421],[161,420],[161,420]],"version":1}" var action = [], musicList = [], touchList = [] for (var i = 0; i < score; i++) { action.push([0.752, 1.32, false]) musicList.push(false) touchList.push([185, 451]) } console.log(score, times, action.length, musicList.length, touchList.length) var data = { score: score, times: times, game_data: JSON.stringify({ seed: Date.now(), action: action, musicList: musicList, touchList: touchList, version: 1 }) } path = 'wxagame_settlement' request({ method: 'POST', url: base_site + path, headers: headers, json: true, body: extend({}, {action_data: encrypt(data, session_id)}, base_req) }).then(function (response) { console.log(path, response) }).catch(function (error) { console.log(error) }) }) }).catch(function (error) { console.log('something crash') -
Jan 1, 2018 . 1 changed file with 114 additions and 0 deletions.There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -0,0 +1,114 @@ var CryptoJS = require('crypto-js') var request = require('request-promise') // export function testEncription(msg, fullKey) { // var fullKey = fullKey.slice(0, 16) // var key = CryptoJS.enc.Utf8.parse(fullKey) // var iv = CryptoJS.enc.Utf8.parse(fullKey) // var passWord = CryptoJS.AES.encrypt(msg, key, { iv: iv, mode: CryptoJS.mode.CBC, padding: CryptoJS.pad.Pkcs7 }) // var base64 = passWord.toString() // console.log('passWord', passWord) // console.log('sessionId', sessionId) // console.log('key', key) // console.log('base64', base64) // var bytes = CryptoJS.AES.decrypt(base64, key, { // iv: iv // }); // console.log('bytes', bytes) // var plaintext = CryptoJS.enc.Utf8.stringify(bytes); // console.log('plaintext', plaintext) // } function encrypt(text, originKey) { var originKey = originKey.slice(0, 16), key = CryptoJS.enc.Utf8.parse(originKey), iv = CryptoJS.enc.Utf8.parse(originKey), msg = JSON.stringify(text); var ciphertext = CryptoJS.AES.encrypt(msg, key, { iv: iv, mode: CryptoJS.mode.CBC, padding: CryptoJS.pad.Pkcs7 }); return ciphertext.toString(); } function decrypt(text, originKey) { var originKey = originKey.slice(0, 16), key = CryptoJS.enc.Utf8.parse(originKey), iv = CryptoJS.enc.Utf8.parse(originKey) var bytes = CryptoJS.AES.decrypt(text, key, { iv: iv }); var plaintext = CryptoJS.enc.Utf8.stringify(bytes) return plaintext } var version = 5, score = 1000, // change session_id session_id = 'xxxxx' var headers = { 'User-Agent': 'Mozilla/5.0 (iPhone; CPU iPhone OS 11_2_1 like Mac OS X) AppleWebKit/604.4.7 (KHTML, like Gecko) Mobile/15C153 MicroMessenger/6.6.1 NetType/WIFI Language/zh_CN', 'Referer': 'https://servicewechat.com/wx7c8d593b2c3a7703/' + version + '/page-frame.html', 'Accept-Language': 'zh-cn' } console.log(headers) var base_req = { 'base_req': { 'session_id': session_id, 'fast': 1 } } request({ method: 'POST', url: 'https://mp.weixin.qq.com/wxagame/wxagame_getfriendsscore', headers: headers, json: true, body: base_req }).then(function (response) { console.log(response.my_user_info) var times = response.my_user_info.times + 1 var action = [], musicList = [], touchList = [] for (var i = 0; i < score; i++) { action.push([0.752, 1.32, false]) musicList.push(false) touchList.push([185, 451]) } // "{"seed":1514756173427,"action":[[0.852,1.02,false],[0.452,1.84,false],[0.998,0.72,false],[0.506,1.7,false],[0.55,1.63,false],[0.821,1.09,false],[0.706,1.29,false],[0.634,1.46,false],[0.517,1.7,false],[0.564,1.6,false],[0.895,0.95,false],[0.645,1.46,false],[0.315,2.11,true],[0.516,1.7,false],[0.138,2.45,false],[0.163,2.41,false]],"musicList":[false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false],"touchList":[[155,421],[155,421],[155,421],[155,421],[155,421],[155,421],[155,421],[155,421],[155,421],[155,421],[155,421],[155,421],[155,421],[155,421],[161,420],[161,420]],"version":1}" console.log(score, times, action.length, musicList.length, touchList.length) var data = { score: score, times: times, game_data: JSON.stringify({ seed: Date.now(), action: action, musicList: musicList, touchList: touchList, version: 1 }) } request({ method: 'POST', url: 'https://mp.weixin.qq.com/wxagame/wxagame_settlement', headers: headers, json: true, body: { base_req: base_req, action_data: encrypt(data, session_id) } }).then(function (response) { console.log(response) }).catch(function (error) { console.log(error) }) }).catch(function (error) { console.log('something crash') }) -
Dec 31, 2017 . 1 changed file with 2 additions and 0 deletions.There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -1,3 +1,5 @@ #!/usr/bin/env python2 from Crypto.Cipher import AES from pkcs7 import PKCS7Encoder import time -
Dec 31, 2017 . 1 changed file with 1 addition and 1 deletion.There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -32,7 +32,7 @@ def decrypt(self, text): def update_score(session_id, score): headers = { 'User-Agent': 'Mozilla/5.0 (iPhone; CPU iPhone OS 11_2_1 like Mac OS X) AppleWebKit/604.4.7 (KHTML, like Gecko) Mobile/15C153 MicroMessenger/6.6.1 NetType/WIFI Language/zh_CN', 'Referer': 'https://servicewechat.com/wx7c8d593b2c3a7703/4/page-frame.html', 'Accept-Language': 'zh-cn' } base_req = { -
Dec 31, 2017 .There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -0,0 +1,71 @@ from Crypto.Cipher import AES from pkcs7 import PKCS7Encoder import time import json import base64 import requests class WxCrypto(object): def __init__(self, key): self.key = key[:16] self.iv = key[:16] self.mode = AES.MODE_CBC def encrypt(self, text): aes = AES.new(self.key, self.mode, self.iv) encoder = PKCS7Encoder() pad_text = encoder.encode(text) cipher = aes.encrypt(pad_text) enc_cipher = base64.b64encode(cipher) return enc_cipher def decrypt(self, text): aes = AES.new(self.key, self.mode, self.iv) plain_text = aes.decrypt(base64.b64decode(text)) encoder = PKCS7Encoder() plain_text = encoder.decode(plain_text) return plain_text def update_score(session_id, score): headers = { 'User-Agent': 'Mozilla/5.0 (iPhone; CPU iPhone OS 11_2_1 like Mac OS X) AppleWebKit/604.4.7 (KHTML, like Gecko) Mobile/15C153 MicroMessenger/6.6.1 NetType/WIFI Language/zh_CN', 'Referer': 'https://servicewechat.com/wx7c8d593b2c3a7703/3/page-frame.html', 'Accept-Language': 'zh-cn' } base_req = { 'base_req': { 'session_id': session_id, 'fast': 1 } } session = requests.Session() session.headers.update(headers) my_user_info_resp = session.post('https://mp.weixin.qq.com/wxagame/wxagame_getfriendsscore', json=base_req) if not my_user_info_resp.ok or not my_user_info_resp.json().get('my_user_info'): print(my_user_info_resp.json()) raise Exception('something crash') times = my_user_info_resp.json()['my_user_info']['times'] action_data = { 'score': score, 'times': times, 'game_data': json.dumps({ # 'seed': int(time.time()), # 'action': [[0.816, 1.09, False], # [0.275, 2.21, True]], # 'musicList': [False, False] }) } wx_crypto = WxCrypto(session_id[:16]) action_data_cipher = wx_crypto.encrypt(json.dumps(action_data, separators=(',', ':'))) data = {'action_data': action_data_cipher} data.update(base_req) result_resp = requests.post('https://mp.weixin.qq.com/wxagame/wxagame_settlement', json=data) print(result_resp.json()) session_id = 'xxxxxxxxxx' update_score(session_id, score)