New hacking method (look here) WORKS
-migrated-
Right, I tried out the method using "You have to burn the rope":

I used the following packet:

{"msg.id":1,"stamp":"9229216122396","game_id":8650,"slk":"1594186_ff42f2d5d3d293817562eff5811dc9078db1bca4","stats":"[{"name":"You Have Burned the Rope","value":1}]","user":"iamamachine"}

The username is: "iamamachine" and the password is: "123456" (as always).
The game ID is: 8650
The variable is: [{"name":"You Have Burned the Rope","value":1}]

I used the javascript commands to find out my username/password (the long one with numbers). But nothing...

Any ideas?





Tookie

Quote from: "tookie"
"123456" (as always).

My mushrooms account isn't. lol.



Check before you post, someone may have beaten you there.

Don't fear my banhammer, fear the God holding it...

Interestingly you can abuse this on some games by using a proxy, such as webscarab or paros, to inject a button that calls the javascript method from within the frame.

This doesn't work on all games, but I got it working on B29 Assault (though I already had the badge). This seems to be related to the flash itself, how I did this on B29 Assault was to do the following (all in FF3).

Load up webscarab and set it to intercept responses (intercept tab and check Intercept responses). Set the proxy up in FF3 (by default localhost:8008). Now load the page and accept all responses until you come across the iframe, which will have a URL like
Code: [Select]
http://a.kongregate.com/games/FreeWorldGroup/b29-assault/frame/1241548010558?gameplays_count=0&user_id=12345&username=abcdef.
Once we have the iframe, set the tab to "Text" and scroll down until you get to gamediv, it'll look like:
Code: [Select]
</script><script type="text/javascript">
//<![CDATA[
swfobject.embedSWF("http://chat.kongregate.com/flash/GameShell_1241113218.swf","gamediv","399","550","6",null,{"kongregate":"true","kongregate_host":"http%3A%2F%2Fwww.kongregate.com","kongregate_username":"abcdef","kongregate_game_url":"http%3A%2F%2Fa.kongregate.com%2Fgames%2FFreeWorldGroup%2Fb29-assault","game_url":"http%3A%2F%2Fa.kongregate.com%2Fgames%2FFreeWorldGroup%2Fb29-assault","kongregate_user_id":"12345","kongregate_channel_id":channel_id,"api_path":"%2Fflash%2FAPI_1241113218.swf","game_swf":"http%3A%2F%2Fchat.kongregate.com%2Fgame_files%2F0000%2F0618%2Fb29-assault.swf%3Fkongregate_game_version%3D1205904559","kongregate_game_id":"933","kongregate_game_version":"1205904559"},{"bgcolor":"#000000","allowscriptaccess":"never","allownetworking":"all","base":"http://chat.kongregate.com/gamez/0000/0933/live/"},{});
//]]>
</script>
After this, enter the below bit of HTML:
Code: [Select]
<button type="button" onClick="javascript:document.gamediv.SetVariable('roleLife','999');">Life</button>
<button type="button" onClick="javascript:document.gamediv.SetVariable('stageID','5');">Level</button>

And you should have nice little buttons to press to get the cheats.
Success; I managed to cut short my time playing Mindscape by doing the above technique with the below buttons:
Code: [Select]
<button type="button" onclick="javascript:document.gamediv.SetVariable('unlockedLevels','12');">Unlock</button>
<button type="button" onclick="javascript:document.gamediv.SetVariable('currLvl','4');">Sweets</button>
<button type="button" onclick="javascript:document.gamediv.SetVariable('currLvl','8');">Bolts</button>
<button type="button" onclick="javascript:document.gamediv.SetVariable('currLvl','12');">Meds</button>
And I saw my achievement stats increasing as I did it - definately a potential!
And did it with the Max Mesiria battle mode (finally I've got that badge!). Moved the buttons to the top, as it stops the flash object overlaying the buttons.



I need to think of a good way to freezing variables (probably setting up a time to reset every few microseconds. Then just need to whip together a quick proxy in perl to do this automatically!
Glad your using it correctly deity!
It doesn't work on all games though. The permission to use the Javascript->Flash methods depend on the flash object itself and what domains it trusts. The Lion's share of the Flash games won't let this work and generally these are ones that have been hosted on sites like Armor [sic] Games etc.

I've got this to work on Max Mesiria Chapter 2, Mindscape and B29 Assault; but little success on others. Fortunately there's a simple test: load up the game iframe in (say Firefox) and do a javascript:document.gamediv.GetVariable("health") (or another valid variable). If you get an error in the Error Console about a method failed with NPObject, then this technique won't work.
tried it, but the window keeps saying null...
I don't get the part where it changes the ingame values.
I'm completely lost :oops: .
I'm not entirely sure this is newbie-friendly, so is there a quick yet non-dirty way to do this? Thanks
Unfortunately not, you'll have to study quite a bit to get used to these kinds of hacks.

I suggest checking out the various videos that are here on the board related to bytecode hacking and _root variables.





Tookie

im learning _root variables hacking and already understood it since i have basic knowledge on CE

bytecode hacking also seems pretty easy... it looks easy but the brain part is pretty hard. :geek:
Quote from: "nunuwala"
im learning _root variables hacking and already understood it since i have basic knowledge on CE

bytecode hacking also seems pretty easy... it looks easy but the brain part is pretty hard. :geek:


seems easy, generally isn't XD



Check before you post, someone may have beaten you there.

Don't fear my banhammer, fear the God holding it...