HP's code

[Volt]

Anyone here knows how to fix this problem?

Code:

LoginComplete:<login bSuccess="0" sMsg="The game encountered an internal session error or misconfiguration and was unable to complete your request. Please refresh this page and try again."/>

[emoric28]

@Great Barrier
I know the chances that you won't reply but I'm still hoping

I believe this is their 'patch' after your last release.

[Great Barrier]

@Great Barrier
I know the chances that you won't reply but I'm still hoping

I believe this is their 'patch' after your last release.

Yeah there were several barriers put up, this was one of them, which you can manually bypass but it just looks ugly.
There's definitely an automatic bypass too, but I'm too much of a scrub to know how. They basically make sure you're playing legitimately by using a session ID, which is generated when you play the game in the browser. But if you open the game in the browser, the copy the session ID from the URL there, and then submit it with the login in your code - then you can get past this one.

I don't think that was the main reason it got hard to make a trainer for HP though, I really can't remember what else it was, but they had other shit to try and stop you

[Volt]

I tried that couple days back, couldn't get it working. Keep on saying something the session ID is invalid.

[Great Barrier]

I tried that couple days back, couldn't get it working. Keep on saying something the session ID is invalid.

When you load the game with the loader code, you need to set the session variable to the string from URL in the browser too.
Hard to explain, but basically you'll see in the loader code a load of parameters being set when the game finishes loading.
It will be something like: Game.sessionID = "SESSIONSTRINGHERE"
But the actual variable name I'm unsure of, you'll have to look in the game's source.
This needs to be done, because the game's login function submits the login URL using whatever is stored on that variable as the session. If you don't set it, the session is blank, and therefore the login will return that error.

Keep in mind though, that I haven't looked at this code in a while. They could well have changed it but I doubt it.

[Volt]

@ @Great Barrier

Everything got changed, which I have updated the code, but the only problem I get it's the login part.

Code:

LoginURL: https://augoeides.world/cf-userlogin.asp
Sending: pass=Not allowed to see.
LoginComplete:<login bSuccess="0" sMsg="The game encountered an internal session error or misconfiguration and was unable to complete your request. Please refresh this page and try again."/>

HP doesn't have 'Session ID' anymore.

[emoric28]

@MLGB @Great Barrier

Dunno how to put it into code but hope this helps

Code:

LoginURL: https://augoeides.world/cf-userlogin.asp
Sending: unm=%20&pass=%20&user=%20&pwd=%20&strSession=null
LoginComplete:<login bSuccess="0" sMsg="The game encountered an internal session error or misconfiguration and was unable to complete your request. Please refresh this page and try again."/>

And this is the example of a session string from the url in the browser:

Code:

https://augoeides.world/game?session=69CAE0694B4E3BDB39588FB494B02B88

Edit: Somehow the link of HP now doesn't have a session string anymore.

[Great Barrier]

@emoric28 @MLGB
Hmm yeah seems you're both right in a way. The sessionID is still there, and still used for the game login, but they've removed it from the URL.


And yeah here's where it's submitted in the code


It's just sending off whatever is stored as 'sessionId' in the Game class.
So if you set that variable to a string you retrieve from the Game site, it should work as a manual bypass.
Google Chrome > Developer Tools > Network > Login on the game > Look at Form Data > Copy value of sessionId

Then in your loader code, in the onGameComplete function, add the line:
Game.sessionId = WhateverYouCopied

Alternatively, make it:
Game.sessionId = userInput.text;

Then the user can update the sessionId every time they use the application.

---

Anyway I just rushed through, but that should hopefully work. As I said previously, there's probably a way to retrieve the sessionId through code but I don't have time to work out how.

[Volt]

@ @Great Barrier
Found the sessionId, but still couldn't get it working.

Here's the error:

Code:

*** Security Sandbox Violation ***Connection to file:///C|/Users/iPhone%207/Desktop/Gamefiles/undefined halted - not permitted from https://augoeides.world/gamefiles/Client-06.12.05-HP.R23.swf
-- Remote SWFs may not access local files.
SecurityError: Error #2148: SWF file https://augoeides.world/gamefiles/Client-06.12.05-HP.R23.swf cannot access local resource file:///C|/Users/iPhone%207/Desktop/Gamefiles/undefined. Only local-with-filesystem and trusted local SWF files may access local resources.
	at flash.media::Sound/_load()
	at flash.media::Sound/load()
	at Game/loadBGM()
	at Game/frame10()
LoginURL: https://augoeides.world/cf-userlogin.asp
Sending: 
LoginURL: https://augoeides.world/cf-userlogin.asp
Sending: 
LoginComplete:<login bSuccess="0" sMsg="The game encountered an internal session error or misconfiguration and was unable to complete your request. Please refresh this page and try again."/>

[Great Barrier]

@ @Great Barrier
Found the sessionId, but still couldn't get it working.

Here's the error:

Code:

*** Security Sandbox Violation ***Connection to file:///C|/Users/iPhone%207/Desktop/Gamefiles/undefined halted - not permitted from https://augoeides.world/gamefiles/Client-06.12.05-HP.R23.swf
-- Remote SWFs may not access local files.
SecurityError: Error #2148: SWF file https://augoeides.world/gamefiles/Client-06.12.05-HP.R23.swf cannot access local resource file:///C|/Users/iPhone%207/Desktop/Gamefiles/undefined. Only local-with-filesystem and trusted local SWF files may access local resources.
	at flash.media::Sound/_load()
	at flash.media::Sound/load()
	at Game/loadBGM()
	at Game/frame10()
LoginURL: https://augoeides.world/cf-userlogin.asp
Sending: 
LoginURL: https://augoeides.world/cf-userlogin.asp
Sending: 
LoginComplete:<login bSuccess="0" sMsg="The game encountered an internal session error or misconfiguration and was unable to complete your request. Please refresh this page and try again."/>

Hmm this is the problem:
file:///C|/Users/iPhone%207/Desktop/Gamefiles/undefined

They've detected something's up and their code is trying to access a certain file from your local files, rather than the augoeides game files.
The specific file also hasn't been set for the same reason, hence why it says 'undefined'.

Does this appear when you press login?

[Volt]

Hmm this is the problem:
file:///C|/Users/iPhone%207/Desktop/Gamefiles/undefined

They've detected something's up and their code is trying to access a certain file from your local files, rather than the augoeides game files.
The specific file also hasn't been set for the same reason, hence why it says 'undefined'.

Does this appear when you press login?

When I login, I only get the bSuccess=0 part. Couldn't login.

[Great Barrier]

When I login, I only get the bSuccess=0 part. Couldn't login.

Hmmm I'm stumped at this point - I don't have time to look through the code but the reason why will be somewhere in here.

In the game's Loader file, I noticed it calls the function 'loginToken' when the game has finished loading - maybe you need to do the same in your Loader code.

Code:

public function onComplete(param1:Event) : void
      {
         var _loc2_:* = null;
         var _loc3_:* = undefined;
         var _loc4_:* = stage;
         var _loc5_:* = root.loaderInfo.parameters;
         _loc4_.removeChildAt(0);
         game = _loc4_.addChild(MovieClip(Loader(param1.target.loader).content));
         for(_loc3_ in root.loaderInfo.parameters)
         {
            trace(_loc3_ + ": " + _loc5_[_loc3_]);
            game.params[_loc3_] = _loc5_[_loc3_];
         }
         game.params.sURL = sURL;
         game.params.sTitle = sTitle;
         game.params.sNews = sNews;
         game.params.sBGM = sBGM;
         game.titleDomain = titleDomain;
         _loc2_ = game.params.strCode;
         game.sessionId = _loc2_;
         if(_loc2_ && game.params.bLogin == "true")
         {
            game.loginToken(_loc2_);
         }
      }

This is what all the login functions look like in the Game file

Code:

public function login(param1:String, param2:String) : *
      {
         var rand:Number = NaN;
         var url:String = null;
         var request:URLRequest = null;
         var variables:URLVariables = null;
         var strUsername:String = null;
         var strPassword:String = null;
         var _arg1:String = param1;
         var _arg2:String = param2;
         strUsername = _arg1;
         strPassword = _arg2;
         var arrAllowLocal:Array = new Array("zhoom","ztest00","ztest01","ztest02","minimal","iterator","zdhz","yorumi");
         mcConnDetail.showConn("Authenticating Account Info...");
         loginInfo.strUsername = strUsername;
         loginInfo.strPassword = strPassword;
         rand = rn.rand();
         url = "https://augoeides.world/cf-userlogin.asp";
         trace("LoginURL: " + url);
         request = new URLRequest(url);
         variables = new URLVariables();
         variables.unm = strUsername;
         variables.pwd = strPassword;
         variables.user = strUsername;
         variables.pass = strPassword;
         variables.strSession = this.sessionId;
         if(checkPasswordStrength(strPassword) < 18)
         {
            bPassword = false;
         }
         if(params.strSourceID == "FACEBOOK")
         {
            variables.strSourceID = params.strSourceID;
            variables.FBID = params.FBID;
            variables.token = params.token;
         }
         else if(params.strSourceID == "TAGGED")
         {
            variables.strSourceID = params.strSourceID;
            variables.SrcUserID = params.SrcUserID;
            variables.token = params.token;
         }
         trace("Sending: " + variables);
         request.data = variables;
         request.method = URLRequestMethod.POST;
         loginLoader.removeEventListener(Even*****MPLETE,onLoginComplete);
         loginLoader.addEventListener(Even*****MPLETE,onLoginComplete);
         loginLoader.addEventListener(IOErrorEvent****_ERROR,onLoginError,false,0,true);
         try
         {
            loginLoader.load(request);
            return;
         }
         catch(error:Error)
         {
            trace("Unable to load URL");
            return;
         }
      }
      
      public function loginToken(param1:String) : *
      {
         var rand:Number = NaN;
         var url:String = null;
         var request:URLRequest = null;
         var variables:URLVariables = null;
         var _local4:* = undefined;
         var strToken:String = param1;
         ;
         var arrAllowLocal:Array = new Array("zhoom","ztest00","ztest01","ztest02","minimal","iterator","zdhz","yorumi","yorumi");
         mcConnDetail.showConn("Authenticating Account Info...");
         url = "cf-userlogin.asp";
         if(this.loaderInfo.url.toLowerCase().indexOf("file://") >= 0 || this.loaderInfo.url.toLowerCase().indexOf("/") >= 0 || this.loaderInfo.url.toLowerCase().indexOf("aqworldscdn.aq.com") >= 0)
         {
            _local4 = url;
            url = _local4;
            _local4;
         }
         else
         {
            _local4 = params.sURL + url;
            url = _local4;
            _local4;
         }
         trace("LoginURL: " + url);
         request = new URLRequest(url);
         variables = new URLVariables();
         variables.token = strToken;
         trace("Sending: " + variables);
         request.data = variables;
         request.method = URLRequestMethod.POST;
         loginLoader.removeEventListener(Even*****MPLETE,onTokenLoginComplete);
         loginLoader.addEventListener(Even*****MPLETE,onTokenLoginComplete);
         loginLoader.addEventListener(IOErrorEvent****_ERROR,onLoginError,false,0,true);
         try
         {
            loginLoader.load(request);
            return;
         }
         catch(error:Error)
         {
            trace("Unable to load URL");
            return;
         }
      }

 public function onLoginComplete(param1:Event) : void
      {
         trace("LoginComplete:" + param1.target.data);
         objLogin = convertXMLtoObject(new XML(param1.target.data));
         try
         {
            loginInfo.strUsername = objLogin.unm.toLowerCase();
         }
         catch(e:*)
         {
         }
         loginLoader.removeEventListener(Even*****MPLETE,onLoginComplete);
         if(objLogin.bSuccess == 1)
         {
            if(loginInfo.strUsername != null)
            {
               if(loginInfo.strUsername.toLowerCase() == "iterator" || loginInfo.strUsername.toLowerCase() == "iterator2" || loginInfo.strUsername.toLowerCase() == "iterator3" || loginInfo.strUsername.toLowerCase() == "iterator4")
               {
                  serialCmdMode = true;
               }
               else
               {
                  serialCmdMode = false;
               }
            }
            else
            {
               serialCmdMode = false;
            }
            if(fbL != null)
            {
               fbL.destroy();
            }
            mcConnDetail.hideConn();
            loginInfo.strToken = objLogin.sToken;
            sToken = loginInfo.strToken;
            connectTo();
         }
         else if(objLogin.sMsg.indexOf("Facebook") > -1)
         {
            mcConnDetail.hideConn();
            fbL = new fbLinkWindow(mcLogin.fbConnect,this as MovieClip);
            mcLogin.fbConnect.visible = true;
         }
         else
         {
            mcConnDetail.showError(objLogin.sMsg);
         }
      }

[Volt]

I don't know what I'm doing it wrong, I been using the same code that you gave me before. I updated weekly to check if the loader still works. But now I just can't get this loader to work..... Might give up soon....

[Great Barrier]

I don't know what I'm doing it wrong, I been using the same code that you gave me before. I updated weekly to check if the loader still works. But now I just can't get this loader to work..... Might give up soon....

I think we're pretty close, but I don't blame you if you give up, I'm constantly doing shit these days
Treat it as something to revisit occasionally maybe? I will do the same.

[Volt]

@ @Yuudoku

Req close, somehow my old private loader is working again.

PS: The one you send me before it's also working. @Great Barrier