一下是分析制作过程:
1.首先登录农场,(建议从空间登录)。
2.打开抓包工具(我用的WSockExpert_Cn.exe),选进程iexplorer.exe,点打开,开始监视,如下图
(注:我用的ie8,进程较多,如不确定可以挨个试一下,ie6的话只有一个进程,没这么麻烦)
3.找到要赠送的好友,赠送牧草。然后返回抓包工具查看。如下图
(抓包分析的话当然要先找个开通了牧场的才能分析)
数据如下
post网址部分
POST /cgi-bin/cgi_feed_food HTTP/1.1
Accept: */*
Accept-Language: zh-CN
Referer: http://appimg.qq.com/happyfarm/module/Master_v_13.swf?v=1
x-flash-version: 10,0,32,18
Content-Type: application/x-www-form-urlencoded
Content-Length: 149
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 5.1; Trident/4.0; .NET CLR 2.0.50727)
Host: mc.qzone.qq.com
Connection: Keep-Alive
Cache-Control: no-cache
Cookie: __Q_w_s__appDataSeed=1; randomSeed=908772; login_time=3A4DCAE21B8577C02CDEF469E8DF6CD0B161F4F15D9B9B3C; uin=o0379184514; skey=@aX6MZB3vC; ssid=s5583724002; pt2gguin=o0574738500; ptcz=d1a0057d31caec87aeca1dcf672c3cb9f8c146a7b3f982a899982c26a808879d; pvid=9714891820; flv=10.0
post数据部分:
foodnum=10&uId=531348296&nick=%E5%97%9C%E8%A1%80%E5%88%80%E9%AD%94&type=0&farmKey=3ac36cc979237f6bda1c5f5765e13f86&uIdx=379004904&farmTime=1261587968
服务器返回数据
{"addExp":1,"added":10,"animal":[{"buyTime":1261451345,"cId":1504,"growTime":86899,"growTimeNext":19932,"hungry":0,"serial":1,"status":5,"statusNext":3,"totalCome":7},{"buyTime":1261451345,"cId":1504,"growTime":72499,"growTimeNext":6701,"hungry":0,"serial":2,"status":2,"statusNext":3,"totalCome":0},{"buyTime":1261451345,"cId":1504,"growTime":57600,"growTimeNext":21600,"hungry":0,"serial":3,"status":2,"statusNext":3,"totalCome":0},{"buyTime":1261451355,"cId":1005,"growTime":57600,"growTimeNext":18000,"hungry":0,"serial":4,"status":2,"statusNext":3,"totalCome":0},{"buyTime":1261451355,"cId":1005,"growTime":43200,"growTimeNext":32400,"hungry":1,"serial":5,"status":2,"statusNext":3,"totalCome":0},{"buyTime":1261451355,"cId":1005,"growTime":43200,"growTimeNext":32400,"hungry":1,"serial":6,"status":2,"statusNext":3,"totalCome":0},{"buyTime":1261451355,"cId":1005,"growTime":43200,"growTimeNext":32400,"hungry":1,"serial":7,"status":2,"statusNext":3,"totalCome":0}],"direction":"成功添加10棵牧草","money":0,"total":2,"type":0,"uId":531348296}
post网址部分
POST /cgi-bin/cgi_feed_food HTTP/1.1
Accept: */*
Accept-Language: zh-CN
Referer: http://appimg.qq.com/happyfarm/module/Master_v_13.swf?v=1
x-flash-version: 10,0,32,18
Content-Type: application/x-www-form-urlencoded
Content-Length: 149
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 5.1; Trident/4.0; .NET CLR 2.0.50727)
Host: mc.qzone.qq.com
Connection: Keep-Alive
Cache-Control: no-cache
Cookie: __Q_w_s__appDataSeed=1; randomSeed=908772; login_time=3A4DCAE21B8577C02CDEF469E8DF6CD0B161F4F15D9B9B3C; uin=o0379184514; skey=@aX6MZB3vC; ssid=s5583724002; pt2gguin=o0574738500; ptcz=d1a0057d31caec87aeca1dcf672c3cb9f8c146a7b3f982a899982c26a808879d; pvid=9714891820; flv=10.0
post数据部分:
foodnum=10&uId=531348296&nick=%E5%97%9C%E8%A1%80%E5%88%80%E9%AD%94&type=0&farmKey=3ac36cc979237f6bda1c5f5765e13f86&uIdx=379004904&farmTime=1261587968
服务器返回数据
{"addExp":1,"added":10,"animal":[{"buyTime":1261451345,"cId":1504,"growTime":86899,"growTimeNext":19932,"hungry":0,"serial":1,"status":5,"statusNext":3,"totalCome":7},{"buyTime":1261451345,"cId":1504,"growTime":72499,"growTimeNext":6701,"hungry":0,"serial":2,"status":2,"statusNext":3,"totalCome":0},{"buyTime":1261451345,"cId":1504,"growTime":57600,"growTimeNext":21600,"hungry":0,"serial":3,"status":2,"statusNext":3,"totalCome":0},{"buyTime":1261451355,"cId":1005,"growTime":57600,"growTimeNext":18000,"hungry":0,"serial":4,"status":2,"statusNext":3,"totalCome":0},{"buyTime":1261451355,"cId":1005,"growTime":43200,"growTimeNext":32400,"hungry":1,"serial":5,"status":2,"statusNext":3,"totalCome":0},{"buyTime":1261451355,"cId":1005,"growTime":43200,"growTimeNext":32400,"hungry":1,"serial":6,"status":2,"statusNext":3,"totalCome":0},{"buyTime":1261451355,"cId":1005,"growTime":43200,"growTimeNext":32400,"hungry":1,"serial":7,"status":2,"statusNext":3,"totalCome":0}],"direction":"成功添加10棵牧草","money":0,"total":2,"type":0,"uId":531348296}
准备工作就这么多。下面是分析。
发送数据如下
(发送的数据本身有些是没用的,可省,比如主人编号和主人昵称)
下面是实现
1、第一种办法,利用html的表单。
view plaincopy to clipboardprint?
<mce:script type="text/javascript"><!--
/*
作者:王安林。QQ:379184514。邮箱:w18514379@126.com。博客:http://blog.csdn.net/w184514379或http://blog.csdn.net/lin379184514。
特别声明:本作品仅做研究交流用,仅为大家提供一点思路,可任意修改和传播,不追究版权亦不承担任何责任,不回答提问,不再更新。
2009.12.24
*/
// --></mce:script>
<mce:script type="text/javascript" src="md5.js" mce_src="md5.js" ></mce:script>
<mce:script type="text/javascript"><!--
function test()//计算farmKey并提交表单
{
var c = new Date();
var farmTime = Math.floor(c.getTime() / 1000);
var key = "fs#$hsJ!Fa*AF!-0aPS";
var farmKey = hex_md5(farmTime + key.substr(parseInt(farmTime) % 10, 19));
//key = "&farmTime=" + farmTime + "&farmKey=" + farmKey;
document.getElementById("farmTime").value=farmTime;//填充时间farmTime到表单
document.getElementById("farmKey").value=farmKey;//填充时间farmKey到表单
window.frames["free"].submit(); //执行提交表单
// return key;
};
// --></mce:script>
<form name="free" method="post" action="http://mc.qzone.qq.com/cgi-bin/cgi_feed_food">
uId<input name="uId" value="379004904"/>(好友编号,此编号并非QQ号,获得请参考js版)<br>
foodnum<input name="foodnum" value="10"/>(赠送牧草数量)<br>
<br>以下3项不需输入<br>
farmTime<input name="farmTime" value=""/><br>
farmKey<input name="farmKey" value=""/><br>
type<input name="type" value="0"/><br>
<input type="button" value="赠送牧草" onClick="test()">
</form>
<br>
<br>
<br>
作者:王安林。QQ:379184514。邮箱:w18514379@126.com。博客:http://blog.csdn.net/w184514379或http://blog.csdn.net/lin379184514。
特别声明:本作品仅做研究交流用,仅为大家提供一点思路,可任意修改和传播,不追究版权亦不承担任何责任,不回答提问,不再更新。
2009.12.24
<mce:script type="text/javascript"><!--
/*
作者:王安林。QQ:379184514。邮箱:w18514379@126.com。博客:http://blog.csdn.net/w184514379或http://blog.csdn.net/lin379184514。
特别声明:本作品仅做研究交流用,仅为大家提供一点思路,可任意修改和传播,不追究版权亦不承担任何责任,不回答提问,不再更新。
2009.12.24
*/
// --></mce:script>
<mce:script type="text/javascript" src="md5.js" mce_src="md5.js" ></mce:script>
<mce:script type="text/javascript"><!--
function test()//计算farmKey并提交表单
{
var c = new Date();
var farmTime = Math.floor(c.getTime() / 1000);
var key = "fs#$hsJ!Fa*AF!-0aPS";
var farmKey = hex_md5(farmTime + key.substr(parseInt(farmTime) % 10, 19));
//key = "&farmTime=" + farmTime + "&farmKey=" + farmKey;
document.getElementById("farmTime").value=farmTime;//填充时间farmTime到表单
document.getElementById("farmKey").value=farmKey;//填充时间farmKey到表单
window.frames["free"].submit(); //执行提交表单
// return key;
};
// --></mce:script>
<form name="free" method="post" action="http://mc.qzone.qq.com/cgi-bin/cgi_feed_food">
uId<input name="uId" value="379004904"/>(好友编号,此编号并非QQ号,获得请参考js版)<br>
foodnum<input name="foodnum" value="10"/>(赠送牧草数量)<br>
<br>以下3项不需输入<br>
farmTime<input name="farmTime" value=""/><br>
farmKey<input name="farmKey" value=""/><br>
type<input name="type" value="0"/><br>
<input type="button" value="赠送牧草" onClick="test()">
</form>
<br>
<br>
<br>
作者:王安林。QQ:379184514。邮箱:w18514379@126.com。博客:http://blog.csdn.net/w184514379或http://blog.csdn.net/lin379184514。
特别声明:本作品仅做研究交流用,仅为大家提供一点思路,可任意修改和传播,不追究版权亦不承担任何责任,不回答提问,不再更新。
2009.12.24
2.第二种方法,利用js。
<script type="text/javascript">
/*
作者:王安林。QQ:379184514。邮箱:w18514379@126.com。博客:http://blog.csdn.net/w184514379或http://blog.csdn.net/lin379184514。
特别声明:本作品仅做研究交流用,仅为大家提供一点思路,可任意修改和传播,不追究版权亦不承担任何责任,不回答提问,不再更新。
2009.12.24
*/
</script>
<script type="text/javascript" src="md5.js"></script>
<script type="text/javascript">
//farmKey计算
function getkey()
{
var c = new Date();
var farmTime = Math.floor(c.getTime() / 1000);
var key = "fs#$hsJ!Fa*AF!-0aPS";
var farmKey = hex_md5(farmTime + key.substr(parseInt(farmTime) % 10, 19));
key = "&farmTime=" + farmTime + "&farmKey=" + farmKey;
//alert(key);
return key;
};
//XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX POST 发数据 end XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX//
function createXMLHttpRequest()
{
if (window.XMLHttpRequest) {
XMLHttpR = new XMLHttpRequest();
} else if (window.ActiveXObject) {
try {
XMLHttpR = new ActiveXObject("Msxml2.XMLHTTP");
} catch(e) {
try {
XMLHttpR = new ActiveXObject("Microsoft.XMLHTTP");
} catch(e) {}
}
}
}
function sendRequest(method , url, data, callback)
{
createXMLHttpRequest();
XMLHttpR.open(method=="p"?"POST":"GET", url, false);//method等于"p"为post方法,其他为get方法
XMLHttpR.setRequestHeader("Content-Type", "application/x-www-form-urlencoded");
XMLHttpR.onreadystatechange =eval(callback+"processResponse");//通过eval创建一列处理函数
XMLHttpR.send(data);
}
//XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX POST 发数据 end XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX//
//00000000000000000000000000000000000000000000 赠送牧草 start 000000000000000000000000000000000000000000000000000000000000000//
function feedfoodprocessResponse()
{
if (XMLHttpR.readyState == 4 && XMLHttpR.status == 200)
{
txtOutput.value =XMLHttpR.responseText;//服务返回值,送到文本域显示
}
}
function getfeedfood(foodnum,frienduId)
{
var url = "http://mc.qzone.qq.com/cgi-bin/cgi_feed_food";
var data ="foodnum="+foodnum+"&uId="+frienduId+"&type=0"+ getkey();
sendRequest("p",url, data,"feedfood");
}
//00000000000000000000000000000000000000000000 赠送牧草 end 000000000000000000000000000000000000000000000000000000000000000//
//zzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzz 获取个人信息 start zzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzz//
function userinfoprocessResponse() //通过eval函数创建的。即eval("userinfo"+"processResponse\(unm\)");
{
if (XMLHttpR.readyState == 4 && XMLHttpR.status == 200)
{
txtOutput.value =XMLHttpR.responseText;
transUserInfo(XMLHttpR.responseText);
}
}
function getUserInfo()
{
var url = "http://happyfarm.qzone.qq.com/api.php?mod=user&act=run";
var data = getkey();
sendRequest("p",url, data,"userinfo");
}
function transUserInfo(myString)
{
var userinfo = eval('(' + myString + ')'); //用字符串myString创建JSON对象userinfo。
//创建表格,利用innerHTML,注意,table的innerHTML属性是只读的,所以不能直接操作table的innerHTML,这里操作的是DIV的innerHTML。
var str='<TR align=middle bgColor="#ffff66"><TD>'+userinfo.user.uId+'</TD><TD>'+userinfo.user.yellowlevel+'</TD><TD>'+userinfo.user.exp+'</TD><TD>'+userinfo.user.money+'</TD><TD>'+getLevel(userinfo.user.exp)[0]+'</TD><TD>'+((getLevel(userinfo.user.exp)[0]+1)*200-getLevel(userinfo.user.exp)[1])+"\/"+(getLevel(userinfo.user.exp)[0]+1)*200+'</TD></TR>';
document.getElementById('userinfoDiv').innerHTML='<TABLE border=1><TBODY id=userinfoTab><TR align=middle><TH>UID</TH><TH>黄钻等级</TH><TH>经验</TH><TH>金币</TH><TH>等级</TH><TH>升级</TH></TR>' + str + '</TBODY></TABLE>';
}
//zzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzz 获取个人信息 end zzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzz//
//*************************************************** 等级计算 start *****************************************************************//
//9级以上的升级所需经验不对。具体计算方法不清楚。等级是都对的。
function getLevel(experience){
var levelArray = new Array(2);
levelArray[0] = 0;
levelArray[1] = 0;
for (var i = 1; i < 100; i++) {
levelArray[0] += 200 + 200 * (i - 1);
if (levelArray[0] > experience) {
//取得升级所需经验
levelArray[1] = levelArray[0] - experience;
//取得当前级别
levelArray[0] = i - 1;
break;
}
}
return levelArray;
};
//****************************************************** 等级计算 end ***************************************************************//
//----------------------------好友列表 start-------------------------------------------//
function FriendListprocessResponse()
{
if (XMLHttpR.readyState == 4 && XMLHttpR.status == 200)
{
txtOutput.value =XMLHttpR.responseText;
transFriend(XMLHttpR.responseText);
}
}
function getFriendList()
{
var url = "http://happyfarm.qzone.qq.com/api.php?mod=friend";
var data = getkey();
sendRequest("p",url, data,"FriendList");
}
function transFriend(myString)
{
var friendinfo = new Array();
friendinfo = eval('(' + myString + ')');
var friendTitle = '<TR align=middle><TH>序号</TH><TH>ID</TH><TH>QQ</TH><TH>昵称</TH><TH>头像</TH><TH>黄钻</TH><TH>经验</TH><TH>金币</TH><TH>等级</TH><TH>升级</TH><TH>狗粮</TH><TH>选中</TH></TR>';
//alert(friendinfo[0].userId);
var str="";
for (i = 0; i < friendinfo.length; i++)
{
//friendinfo[0].userId;
str += '<TR align=middle><TD>' + i + '</TD><TD>' + friendinfo[i].userId + '</TD><TD>' + friendinfo[i].uin + '</TD><TD>' + friendinfo[i].userName+ '</TD><TD><IMG height=40 width=40 src=' + friendinfo[i].headPic + '></TD></TD><TD>' + friendinfo[i].yellowlevel + '</TD><TD>' + friendinfo[i].exp + '</TD><TD>' + friendinfo[i].money + '</TD><TD>'+ getLevel(friendinfo[i].exp)[0] +'</TD><TD>'+ ((getLevel(friendinfo[i].exp)[0]+1)*200-getLevel(friendinfo[i].exp)[1]*1)+'\/'+(getLevel(friendinfo[i].exp)[0]+1)*200+'</TD><TD>?</TD><TD><input type="checkbox" id="friendinfo'+ i +'" checked></TD></TR>';
}
var userinfo='<TR align=middle bgColor="#ffff66"><TD>' + i + '</TD><TD>' + document.getElementById("userinfoTab").rows[1].cells[0].innerText + '</TD><TD>NULL</TD><TD>主人</TD><TD>NULL</TD><TD>' + document.getElementById("userinfoTab").rows[1].cells[1].innerText + '</TD><TD>' + document.getElementById("userinfoTab").rows[1].cells[2].innerText + '</TD><TD>' + document.getElementById("userinfoTab").rows[1].cells[3].innerText + '</TD><TD>' + document.getElementById("userinfoTab").rows[1].cells[4].innerText + '</TD><TD>' + document.getElementById("userinfoTab").rows[1].cells[5].innerText + '</TD><TD>?</TD><TD><input type="checkbox" id="friendinfo'+ i +'" checked></TD></TR>';
document.getElementById('friendListDiv').innerHTML = '<TABLE border=1><TBODY id=friendTab>' + friendTitle + str +userinfo+ '</TBODY></TABLE>';
}
//-----------------------------好友列表 end-----------------------------------------------//
</script>
<a target="_blank" tabindex="8" href="http://qzone.qq.com" id="label_forget_pwd">登录</a>
(必须首先通过空间登录农场才可以使用此外挂!)
<br>
<br>
<input type="button" value="获取个人信息" onClick="getUserInfo()">
<div id="userinfoDiv">
<TABLE border=1 >
<TBODY id=userinfoTab>
</TBODY>
</TABLE>
</div>
<br>
<input type="button" value="获取好友列表" onClick="getFriendList()">
(需要“获取个人信息”)
<div id="friendListDiv">
<TABLE border=1>
<TBODY id=friendTab>
</TBODY>
</TABLE>
</div>
<br><br><br><br>
赠送牧草数量<input id="foodnum" value=""/><br>
好友代号<input id="frienduId" value=""/>
(注:好友代号并不是QQ号,是通过“获取个人信息”和"获取好友列表" 获得的uid,一般前3位跟qq号相同)
<br>
<input type="button" value="送牧草" onClick='getfeedfood(foodnum.value,frienduId.value)'>
<br>
<br><br>
服务器返回的原始数据<br>
<textarea id="txtOutput" style="850px;border:1px solid #c5e2f2;overflow:visible;" rows="15" ></textarea>
<input class="but" id="res" type="button" value="UTF-8 还原 中文 ↓" onclick="txtresult.value=unescape(txtOutput.value.replace(/\\u/g,'%u'));" />
<input class="but" id="conv" type="button" value="中文 转换 UTF-8 ↑" onclick='txtOutput.value=txtresult.value.replace(/[^\u0000-\u00FF]/g,function($0){return escape($0).replace(/(%u)(\w{4})/gi,"\\u$2")});'/>
<textarea id="txtresult" style="850px;border:1px solid #c5e2f2;overflow:visible;" rows="15"></textarea>
<br><br><br>
为防止时间太久需要重新登录,可没隔一段时间调用刷新农场
<br>
<input type="button" value="刷新农场" onClick='document.getElementById("happyfarm").src = "http://happyfarm.qzone.qq.com/";'>
<iframe id="happyfarm" width="100%" height="670" frameborder="0" application="yes" scrolling="no" src='http://happyfarm.qzone.qq.com'></iframe>
<br>
特别声明:本作品仅做研究交流用,仅为大家提供一点思路,可任意修改和传播,不追究版权亦不承担任何责任,不回答提问,不再更新。
2009.12.24