[Br]eaking [Cl]icking [Ba]d - Episode 1
Posted on: October 23, 2013, 8:59 am

I recently happened across a simple game called 'Clicking Bad' while browsing reddit a few days ago. It's a simple game made by a Breaking Bad fan made entirely in javascript from what it seems. I started playing legitimately initially but after buying the best possible things it became boring.

http://clickingbad.nullism.com

So to make things more fun I decided to see if I could break the game. Opening up the javascript console lead to a plethora of fun with adding millions of dollars to my cash pool without having cooked a single batch. However, the creator has been updating the site daily and has since made hacking somewhat harder.

Originally the variable with the game stats was freely accessible so all that was needed to get some cheated cash was:

pd.cash.amount = pd.cash.amount + 1000000;

Easy.

Well an update later a new function was added that could add cash, but also triggered a cheat achievement to unlock. Now that's something I don't want showing off in my achievements. Looking into the code, the pd variable was changed to pdro. A simple name change? You gotta be kidding me.

pdro.cash.amount = pdro.cash.amount + 1000000;

Easy cash.

And now for the most recent: Well looking at it after yesterdays update proved fun. I poked and prodded. While I noticed the public add cash function wasn't triggering the cheated achievements, I knew that was not intended and would likely be fixed. I gotta hand it to you, Mr. Clicking-Bad-dev-guy: I was a bit stumped. The pd variable was not only accessible locally within the Game function.

So instead of trying to work with the game, I made the game work for me. I knew the game saves data locally, so I decided that would be the best point of attack...

gm.do_save();
var temp_save = $.parseJSON(localStorage.sv);
temp_save.cash = parseInt(temp_save.cash) + 1000000;
localStorage.sv = JSON.stringify(temp_save);
gm.do_load();
gm.do_save();

Bada-bing bada-boom.

Here's the code to my little "cheat console" I made for the fun of it...

$('#sell_div').after('<div id="hackmenu"><strong><span class="brba">Br</span>eaking <span class="brba">Cl</span>icking <span class="brba">Ba</span>d</strong><hr /></div>');

$('#hackmenu').append('<div class="hack"><span id="addcash">Add Cash</span><div id="cashform" style="display:none;"><input type="text" id="cashamount" value="100" /><input type="button" id="btnaddcash" name="Add" value="Add" /></div></div>');
$(document).on('click', '#addcash', function(){
    $('#cashform').slideToggle('slow', function(){});
});
$(document).on('click', '#btnaddcash', function(){
    gm.do_save();
    var temp_save = $.parseJSON(localStorage.sv);
    temp_save.cash = parseInt(temp_save.cash) + parseInt($('#cashamount').val());
    localStorage.sv = JSON.stringify(temp_save);
    gm.do_load();
    gm.do_save();
    $('#cashform').slideUp('slow', function(){});
});

$('#hackmenu').append('<div class="hack"><span id="addmeth">Add Meth</span><div id="methform" style="display:none;"><input type="text" id="methamount" value="100" /><input type="button" id="btnaddmeth" name="Add" value="Add" /></div></div>');
$(document).on('click', '#addmeth', function(){
    $('#methform').slideToggle('slow', function(){});
});
$(document).on('click', '#btnaddmeth', function(){
    gm.do_save();
    var temp_save = $.parseJSON(localStorage.sv);
    temp_save.widgets = parseInt(temp_save.widgets) + parseInt($('#methamount').val());
    localStorage.sv = JSON.stringify(temp_save);
    gm.do_load();
    gm.do_save();
    $('#methform').slideUp('slow', function(){});
});


$('#hackmenu').append('<div id="forcesave" class="hack">Force Save</div>');
$(document).on('click', '#forcesave', function(){gm.do_save();});
$('span.brba').css({'background':'#349E4E', 'color':'#FFFFFF', 'border':'1px solid #1F6931', 'padding':'0px 1px 0px 1px'});
$('#hackmenu').css({'background':'none repeat scroll 0% 0% rgb(255, 255, 255)','border-radius': '10px 10px 10px 10px','padding':'3px', 'margin-bottom':'4px'});
$('.hack').css({'cursor':'pointer'});
$('div.hack').hover(function(){$(this).css({'background':'#349E4E', 'color':'#FFFFFF', 'cursor':'pointer'});},
function(){$(this).attr('style', 'cursor:pointer;');});



Author: Infected Comments (0)

Battlefield Reports - New project
Posted on: April 24, 2013, 11:29 am

So for the past few weeks I've been working on a new project: Battlefield Reports. I've been practicing my recoil control and aiming along with my playstyle in BF3 and wanted to track my stats. I found very quickly that BattleLog isn't the best though. I had had no way to really see my daily stats and I found rounding errors in certain stats. While BF3Stats.com is a viable option it still did not offer me the kind of reporting I was looking for.

To track my stats I first started a spreadsheet in my Google Drive. Bear in mind that I had no idea how to effectively create a spreadsheet since the last class about excel I had was in middle school. I began filling out the data with the information I got from BF3Stats. This turned into a tiring process however. The process took around 5 minutes to complete this way.

So instead of wasting an hour or so each day entering the data I thought, "Hey why not automate the process!" Awesome idea, Craig. I started looking into BF3Stats' API but realized it wasn't going to do the job. So I started sniffing around BattleLog. I found the JSON calls that got the data for the battle reports and started playing with those. There is a large amount of data in that so it was a bit to sift through. Nevermind that the infromation I was after was named in a way that doesn't make it extremely obvious.

Fast forward to now: What started as a project for myself is growing to a fullblown site. To gather the information automatically I've written a Google Chrome extension (coming soon to Firefox) to gather match info on an hourly basis. I've also turned the original stat gathering php file into an API which I'm constantly updating.

Right now my short term goals are simple:
- Allow users to login and view their stats
- Simple reports (daily stats, progressive daily stats, stats by map, stats by mode)
- Little to no interaction from user to setup other than installing the extension

What's great is that I spent little to no time setting up the site. All I did was copy/paste my cms, edited the config (working on a setup system), and added a new style. This project is also an extension of my cms project. Any changes made to this site will be reflected on either end. I do need to take a weekend and work in the admin section. and maybe add pretty URLs (Just learned how to do that!) that way I don't have to rewrite portions of the code later.



Author: Infected Comments (0)

PC gaming, site, and this year
Posted on: January 3, 2013, 12:25 pm

I may or may not have gotten sidetracked back in April/May from my work on the site. However, it was a worthwhile sidetrack!



I built my own gaming computer. It started off with some different parts than pictured. I originally had a Sapphire Radeon HD 7850 OC graphics card and a corsair HX650w power supply. I've upgraded though. AMD's drivers did not sit well with me at all. And as powerful as the 7850 was, it still did not handle the games the way I wanted it to (60 FPS on ultra!). So I upgraded to two EVGA GeForce GTX 670's in SLI. And I have not been disappointed so far. They've torn apart any game I throw at them.

So what now? Well I stopped playing WoW again, this time for good. I couldn't keep up with the raid schedule that allowed me to play with my friends. So I gave away all my gold and gems, making it not worth my while to start up again, and uninstalled the game. Since then I've been playing more FPSes, specifically Battlefield 3. Now I also plan on continuing work on the site. I've made small backend changes throughout the year to make things easier, but I need to actually put those changes to use at some point.

On the note of the site, there was a small issue. Someone managed to modify the index.php's of every site in our directory and put in some malicious php code. Took us a couple weeks to notice, but it is fixed.



Author: Infected Comments (0)

Today I learned: DON'T KEEP THAT PAGE OPEN
Posted on: December 31, 1969, 5:00 pm

I began working a feed system when I got home from work today. I've never worked JSON let alone used Jquery much. The most I've used Jquery for was a tabbed navigation in an old concept template for what was then "Infected Designs", and at my internship to use lightbox on a gallery.

This became a learning experience right from the start. I started by setting up the php page since that would be the easy part for me. After reading through some documentation and tutorials I set on getting at least one record displayed. After about an hour and a half of working on the feed system I decided to take a break and got play some Modern Warfare 3. Long story short here's how that turned out:


So I come back to phpdesigner and start working again. I modify the php file that's querying the database. Now unbeknownst to me, I had the html page that was sending a request to that page every 5 seconds open. Turns out I made a small error in my for loop which was causing a memory allocation error. Immediately my computer started to look more like a slideshow. I thankfully was able to kill apache through the mess and fixed my error before starting it up again.

Moral of the story: Close the page when modifying the php file.



Author: Infected Comments (0)

Code tag - 0, Me - 1
Posted on: December 31, 1969, 5:00 pm

I finally beat this code bbcode tag. As you can see in my previous post the example of how it didn't work doesn't work anymore....if that makes sense.

Basically, because highlight_string() was creating new line characters that nl2br() was rendering to line breaks. This was causing all sorts of issues with having extra breaks at the beginning and end of the string inside the code tag. So to solve this I just removed the extra line breaks.

function highlight_code($string) {
    $string = highlight_string(html_entity_decode($string), true);
    $string = substr($string, 0, strlen($string) - 15).'</code>';
    return substr($string, 0, 35).substr($string, 36, strlen($string));
}

Now I can add padding to the top and bottom in the css to make it look correct.

One thing I want to try and work on is getting it to highlight without needing to be php (enclosed in <?php ?>). Perhaps this'll be something I can look into for a future version. For now, it works. I ain't touching it.



Author: Infected Comments (0)

Next Page