preface
Some time ago, I shared a small game in the group. After many times doubting my eyes, I tried to write a plug-in. The middle of the process is a typical analysis of the page source code steps, so collate this article to share.
Game portal: Find blocks
The specific work
1 Open the resource panel
Open the check with F12 / CTRL + Shift + I/CMD + Shift + I and click on the Sources TAB to open the Resources panel.
2 Understand the system structure
If you expand the res folder, you can see that there are very few resource files for the entire game, mainly related images and a game.min.js file that is responsible for the main logic.
3. Positioning and judgment logic
A group of friends want to automatically get different colors of the area and click to achieve plugins, at the beginning of my thinking is also like this, later changed, if I can find the end of the game to judge the logic, and let it always keep successful, can achieve “invincible”.
Here are a few steps I took to identify the end of the game.
3.1 Formatting Source Files
Open the game.min.js file in the resource panel and use Pretty Print to format the source code as shown in the image.
To better find the code, click CMD + A/CTRL + A in the code area to select all the code and copy it to VS Code. VSC CMD + N/CTRL + N create a new file to paste, no need to save. Then CMD + k, m/ CTRL + k, m select javascript and highlight the code. You can also switch by clicking plain Text in the lower right corner of the image.
3.2 Searching for resource links
Run CMD + F/CTRL + F to search for the end of the game resource file in the source file, and the following results are displayed.
Use this variable to locate the gameEndAction method.
Through the above method, locate to the judgment logic.
If you look at judgeIsBlockTouch, this is where the logic is judged.
4 Intercept games
Add a breakpoint to the judgeIsBlockTouch method and click on the game area once at will, and we are already in this method.
Analyzing this method, we can see that the method logic is to determine whether the player has passed the test by determining whether the click position is in the rectangular area. We pull out the successful code and run it once in the console.
Stop the debugger and you’ll see that even if we click on the wrong location, we still get to the next level. At this point, we are already invincible.
Rewrite the judgment logic
Up until now, we could only bypass the judgment by executing the success logic in the console every time we clicked, so we had to modify the in-game execution logic, the judgeIsBlockTouch method.
And to change it, we need to know what object it’s defined in.
I started by finding the object that controlled the whole game, which was cc, but finding the logic inside took time to sort out. I then decided to look at the judgeIsBlockTouch definition. Scroll up the code and you can see that it’s defined on the GameLayer.
We print this object in the console and discover that it’s a method, so we know that GameLayer is a class method even if we don’t know what’s going on in cc.layer.extend.
We now have two ways to modify the judgeIsBlockTouch method. The first is to modify the instance object on cc, this is not easy to take, have to step by step analysis. Second, modify the GameLayer class directly. Try getting this method.
Once you’ve got it, execute the following code and verify.
OK, so far, in the game arbitrary click can cross the border.
conclusion
Write this article, just to share the analysis process of this plug-in implementation process, the principle is also common in other systems. This analysis method is also the analysis method used in production when I encounter some bugs that are difficult to reproduce. Please do not use it randomly. The author is not responsible for the consequences caused.