Hacking Every Second Counts
Once again I needed a break from hardcore coding and decided to play some online games. As I was surfing around I came across this game on zefrank.com, a website as old as the internet itself. A simple game that tests the accuracy of your internal clock with no end. The only incentive is beating the people on the highscore list. The player with the highest score gets to leave a little message for the world to see.
The game is not at all easy even if you use some kind of timer and it’s pretty safe to assume that #1 is there to stay. Or is he?
I’ve decided to hack this. I’m still not sure if it will work (I’m literally typing this at the same time as said hacking) but I have high hopes since it’s unlikely there’s going to be a lot of security layers in my way. I wouldn’t even really call it “hacking”. Ze, if you’re reading this, I’m sorry ahead of time and if I do end up on the highscore list, feel free to remove me from your database.
Changing the score with the usual memory scanner/hex editor treatment looks like a no-go alone due to the nature of the game. Right, so let decompile the code and look for anything immediately noticeable. Ah a url:
http://www.zefrank.com/everysecond/getdata.php?tablename=everysecond&cache=“+random(999),”_root.highscore”
Looks like it queries some database for data via PHP. Plug in a random number up to 999 and you get this:
&name0=Sorry Sean..&score0=136.2&extra0=How the mighty have fallen! ~Matt&name1=BIG SEAN&score1=135&extra1=VICTORY IS MINE- I LEAVE BEHIND ME A PATH OF DESTRUCTION, A LEGACY OF TRIUMPH. KNEEL BEFORE MY AWESOME POWER AND TYRANNY; THIS CONQUEST OF THE SCIENCES SHALL FOREVER BE REMEMBERED IN AWE AND FEAR. KNEEL!!&name2=JoJoBloMo&score2=125.2&extra2=I am internet famous! This is a story all about how my life got flipped, turned upside down… Go to flash.landrycoolers.com to learn how to get these high scores.&name3=Logger067&score3=104.4&extra3=Ha-ha! Losers!&name4=Ralle&score4=100&extra4=Hahahaha!
Nice! Looks like we can read the messages for all the runner-ups too. You don’t even need the “cache” variable. Let’s clean that up a bit:
Sorry Sean.. - 136.2 How the mighty have fallen! ~Matt
BIG SEAN - 135 VICTORY IS MINE- I LEAVE BEHIND ME A PATH OF DESTRUCTION, A LEGACY OF TRIUMPH. KNEEL BEFORE MY AWESOME POWER AND TYRANNY; THIS CONQUEST OF THE SCIENCES SHALL FOREVER BE REMEMBERED IN AWE AND FEAR. KNEEL!!
JoJoBloMo - 125.2 I am internet famous! This is a story all about how my life got flipped, turned upside down… Go to flash.landrycoolers.com to learn how to get these high scores.
Logger067 - 104.4 Ha-ha! Losers!
Ralle - 100 Hahahaha!
So far so good! It looked like JoJoBloMo may have gotten there before me but their website seems to be dead and has nothing relevant on it on WayBack Machine. Chances are some of them got those scores unfairly too though. To get a score of 100 you would have to play perfectly for 16.83 minutes (0.2 * n*(n+1)/2) and to beat “Matt” you need to do the same for at least 31.14 mins. Ain’t nobody got time fo’ that!
So let’s see what else we can find…
if(!(_root.level<hiscore)) { submit.userscore=_root.level; win_message="Cogratulations! You have the top score. Enter your name below, as well as you victory message and press submit."; } else { win_message="Cogratulations! You have a high score. Enter your name below and press submit."; submit.userscore=_root.level; submit.usermessage="You need the top score to post a message!"; } update(); stop();
And Jackpot!
if(userscore>_root.lowestscore&&sent<1) { sent=1; output="please wait : sending score"; lowscore=_root.lowestscore; loadVariables("http://www.zefrank.com/everysecond/insertdelete.php?tablename=everysecond&cache="+random(9999),this); }
Huehuehuehue…
Well, I don’t feel like trying to figure out what the correct GET variables are and I don’t want to screw it up so instead I’ll just set the starting level to 1337 (literally just a single assignment) and lose the game immediately. It would take 49.69 perfect, non-stop hours to get that score fairly. Advertising my blog in the message may be a bit tactless so instead I’ll just let whoever sees it google my name for more info.
And happy trails to you too!