Friday, May 13, 2011
Openfeint Achievement Hacking!
************
You hold yourself accountable for your own actions, don't blame me if you get reset or banned from Open-feint.
First, you will need a jail-broken device, iphone, iPod or ipad. I also recommend installing UDID Faker on your device so you can test with it and NOT use your real devices UDID on the game at first.
If you do use UDID Faker for testing, just uninstall the app before using your real UDID so you can reset the connection settings to the Open-feint servers.
Ok lets get started!
I will pressume that you have already installed from cydia the following packages:
iFile - an app and
afc2add - an addon that allows you to use iPhoneBrowser to navigate through your device's filesystem.
On your Windows PC, you will need to download SQLite editor from here. And iPhoneBrowser from here.
We need to configure iFile for easy use so make a settings change in iFile to display the App name along with its GUID.
Run iFile and click the settings button on the bottom left (gear icon).
Then turn on 'Application Names' then click done.
The current version of iFile should have a home button. Touch the button and you should be at
/var/mobile
from there, touch Applications and find the App you want by name. In this example, i will be using Jet Car Stunts which is named JetCarStunts and its GUID begins with D07A2AC9, it will be different on you idevice. Notice the first 8 bytes of the GUID, that's all you need.
I know that SQLite for the iPhone can be used, but its a pain to navigate, in iFile to, the apps document folder,copy the db, then navigate to the SQLite app documents folder, paste, than exit iFile and then run SQLite on the iphone, back to iFile, and copy db back to the game folder. PAIN, PAIN,PAIN. So i use iPhoneBrowser instead.
iPhoneBrowser does not display Apps by name so you will need to use iFile from the steps above to find the GUID for the App in question.
Open iPhoneBrowser. You will need to wait as it reads the folder's structure when you click on any folder item.
in the left hand pane, click 'User'
then
Applications
then
Find the GUID associated with the app from the steps above.
Click the GUID folder, then find the Documents folder. The data base is stored in there as feint_offline.
right click on it then 'Save As'. I saved it to my Desktop.
Leave iPhoneBrowser running and then open 'SQLite Database Browser 2.0 b1' on your pc.
From there do the following
File
->Open Database
and navigate to your Desktop and click on feint_offline, then open.
You should see a list of tables. We are only interested in 'unlocked_achievements' and 'achievement_definitions'.
You should also notice the tabs along the top of the editor, click on 'Browse Data' and the the 'users' table from the drop down menu. In that table, notice your id, this will be needed in the next step.
Now click on 'Execute SQL' tab and paste the following in then 'SQL string'
insert into unlocked_achievements (user_id, achievement_definition_id, gamerscore) select [myid]
,id, gamerscore from achievement_definitions where id not in (select achievement_definition_id from unlocked_achievements)
*** change [myid] to your numeric id. so [myid] becomes 1234567 , but your numeric id instead.
Click 'Execute query' and that should do it. It should response with 'No error' in the message area. 'Data returned' section will be blank.
***NOTE: some games have a percent complete field in the database. Use the following query in the 'Execute SQL' tab to update it.
update unlocked_achievements set percent_complete=100
Click the save button (floppy disk icon) along the top, then File-->Close Database.
Now we are ready to replace the feint_offline file on the idevice.
Go back to iPhoneBrowser and rename the original db. Right click on it and then 'Rename File' and change it to feint_offline_org or something that you can tell its original.
Now drag the feint_offline file from the desktop to the folder in iPhoneBrowser where you just renamed the original.
Run the app once and open up the Open-feint dialog from with in the app, check your achievements. Your total for the achievements will be incorrect until you exit and then run the app again.
My Open-feint handle is DuhKidd[usa flag icon]. I have done this on over 100 games and my total achievement score is at 69731. I might get reset but hay, it's just a game, right?! I can always use UDID Faker to start over on every game!
This will work for about 99% of the games. I can not get it to work with 'Flamin Maze' and i have played over 90 games that use Open-feint.
One more thing, not every Open-feint game has achievements.
Have fun!
You hold yourself accountable for your own actions, don't blame me if you get reset or banned from Open-feint.
First, you will need a jail-broken device, iphone, iPod or ipad. I also recommend installing UDID Faker on your device so you can test with it and NOT use your real devices UDID on the game at first.
If you do use UDID Faker for testing, just uninstall the app before using your real UDID so you can reset the connection settings to the Open-feint servers.
Ok lets get started!
I will pressume that you have already installed from cydia the following packages:
iFile - an app and
afc2add - an addon that allows you to use iPhoneBrowser to navigate through your device's filesystem.
On your Windows PC, you will need to download SQLite editor from here. And iPhoneBrowser from here.
We need to configure iFile for easy use so make a settings change in iFile to display the App name along with its GUID.
Run iFile and click the settings button on the bottom left (gear icon).
Then turn on 'Application Names' then click done.
The current version of iFile should have a home button. Touch the button and you should be at
/var/mobile
from there, touch Applications and find the App you want by name. In this example, i will be using Jet Car Stunts which is named JetCarStunts and its GUID begins with D07A2AC9, it will be different on you idevice. Notice the first 8 bytes of the GUID, that's all you need.
I know that SQLite for the iPhone can be used, but its a pain to navigate, in iFile to, the apps document folder,copy the db, then navigate to the SQLite app documents folder, paste, than exit iFile and then run SQLite on the iphone, back to iFile, and copy db back to the game folder. PAIN, PAIN,PAIN. So i use iPhoneBrowser instead.
iPhoneBrowser does not display Apps by name so you will need to use iFile from the steps above to find the GUID for the App in question.
Open iPhoneBrowser. You will need to wait as it reads the folder's structure when you click on any folder item.
in the left hand pane, click 'User'
then
Applications
then
Find the GUID associated with the app from the steps above.
Click the GUID folder, then find the Documents folder. The data base is stored in there as feint_offline.
right click on it then 'Save As'. I saved it to my Desktop.
Leave iPhoneBrowser running and then open 'SQLite Database Browser 2.0 b1' on your pc.
From there do the following
File
->Open Database
and navigate to your Desktop and click on feint_offline, then open.
You should see a list of tables. We are only interested in 'unlocked_achievements' and 'achievement_definitions'.
You should also notice the tabs along the top of the editor, click on 'Browse Data' and the the 'users' table from the drop down menu. In that table, notice your id, this will be needed in the next step.
Now click on 'Execute SQL' tab and paste the following in then 'SQL string'
insert into unlocked_achievements (user_id, achievement_definition_id, gamerscore) select [myid]
,id, gamerscore from achievement_definitions where id not in (select achievement_definition_id from unlocked_achievements)
*** change [myid] to your numeric id. so [myid] becomes 1234567 , but your numeric id instead.
Click 'Execute query' and that should do it. It should response with 'No error' in the message area. 'Data returned' section will be blank.
***NOTE: some games have a percent complete field in the database. Use the following query in the 'Execute SQL' tab to update it.
update unlocked_achievements set percent_complete=100
Click the save button (floppy disk icon) along the top, then File-->Close Database.
Now we are ready to replace the feint_offline file on the idevice.
Go back to iPhoneBrowser and rename the original db. Right click on it and then 'Rename File' and change it to feint_offline_org or something that you can tell its original.
Now drag the feint_offline file from the desktop to the folder in iPhoneBrowser where you just renamed the original.
Run the app once and open up the Open-feint dialog from with in the app, check your achievements. Your total for the achievements will be incorrect until you exit and then run the app again.
My Open-feint handle is DuhKidd[usa flag icon]. I have done this on over 100 games and my total achievement score is at 69731. I might get reset but hay, it's just a game, right?! I can always use UDID Faker to start over on every game!
This will work for about 99% of the games. I can not get it to work with 'Flamin Maze' and i have played over 90 games that use Open-feint.
One more thing, not every Open-feint game has achievements.
Have fun!
Labels: Openfeint Hack, Openfeint Hacking, Openfeint Points Hack
Saturday, April 30, 2011
BeeZid.com Scanner
I saw a commercial for beezid.com late one nite and from a developers perspective, I realized a few things:
1. Thats a lot of ajax being used to update those auction previews.
2. I bet i can data-mine that site.
3. Let the data-mining begin.
I started of with just pounding everything out in MS Word's VBA as its 1000 times easier to do. Sure, I then had to port everything over to .Net but it was worth it.
Here's what the scanner does: (console app)
It will take a command line parameter in the form of an auction id. i.e. 248199
It will then display in its title, the auction id,the start time (app running), and the current time.
In the window, it displays the auction location. minus the domain. Along with the current history (last 18) of bid information. that being:
current bid, bid count for user, user, time of last bid (from server)
When the auction is done it will dump its entire scan report into a file. Check the read-me file contained with in the archive for more info.
Here is the scanner. MegaUpload
It's not obfuscated so you developers can dump it.
1. Thats a lot of ajax being used to update those auction previews.
2. I bet i can data-mine that site.
3. Let the data-mining begin.
I started of with just pounding everything out in MS Word's VBA as its 1000 times easier to do. Sure, I then had to port everything over to .Net but it was worth it.
Here's what the scanner does: (console app)
It will take a command line parameter in the form of an auction id. i.e. 248199
It will then display in its title, the auction id,the start time (app running), and the current time.
In the window, it displays the auction location. minus the domain. Along with the current history (last 18) of bid information. that being:
current bid, bid count for user, user, time of last bid (from server)
When the auction is done it will dump its entire scan report into a file. Check the read-me file contained with in the archive for more info.
Here is the scanner. MegaUpload
It's not obfuscated so you developers can dump it.
Labels: Beezid, BeeZid Scanner
Tuesday, October 13, 2009
iMobsters running in FireFox
| UPDATE: 2/14/10 got it working again. you will need greasemonkey for the following code. you will need to learn how to use greasemonkey as i wont teach you. //back ground color document.body.style.background=’#000000′; //show the main content div. document.getElementsByTagName(“div”).item(0).style.display=”block”; //reset the media property in the link tags. //this will allow the stylesheet to display the page correctly. document.getElementsByTagName(“link”).item(0).media=”" document.getElementsByTagName(“link”).item(1).media=”" document.getElementsByTagName(“link”).item(2).media=”" Using an ad-hoc network through my pc and wireshark sniffer, i managed to get the urls and cookies for the game while it ran on the iphone. | ||
Using Chris Pedericks 'User Agent Switcher', and his 'Web Developer' add-ons, you can have firefox report that it' an iphone browser, and with the web developer plugin, you can add cookies to a site. The menu along the bottom is missing which makes it hard to buy equipment, do missions or attack a rival mob. From the looks of it, the app really just retrieves a web page and runs them in an encapsulated safari browser. | ||
Now to see if there are any exploits to be found. | ||
  | ||
Labels: FireFox, iMobsters, iPhone, Storm8
Subscribe to Posts [Atom]