Bots work :) Good bots.
ZfsrGhS953 opened this issue · 10 comments
Bots: http://agarinfinity.com/
Please note that Agar Infinity emulates a agar.io page for each bot, because the owner couldn't decrypt agario.core.js. Because of this, a strong PC is needed.
Recommended settings:
Amount of bots: 35
Browser: Chrome 64-bit
Proxy: Betternet VPN
CPU: i7-4770 or higher
RAM: 8GB or higher
How to discover more bots?
For this, need to debug agario.core.js.
If you watch carefully, come across this piece of code, it is responsible for key generation of outgoing messages: Mouse Eject Split Spawn Spectate Q
function jc(b, d, e) {
b = b | 0;
d = d | 0;
e = e | 0;
var f = 0
, g = 0
, h = 0
, j = 0;
j = i;
i = i + 16 | 0;
h = j;
f = c[b + 20 >> 2] | 0;
if (!f) {
i = j;
return
}
if ((a[b + 36 >> 0] | 0) != 0 ? (e | 0) > 0 & (a[13884] | 0) != 0 : 0) {
g = lg((e | 0) > -1 ? e : -1) | 0;
qr(g | 0, d | 0, e | 0) | 0;
b = b + 40 | 0;
d = c[b >> 2] | 0;
c[h >> 2] = d;
d = _(d, 1540483477) | 0;
d = (_(d >>> 24 ^ d, 1540483477) | 0) ^ 114296087;
d = _(d >>> 13 ^ d, 1540483477) | 0;
c[b >> 2] = d >>> 15 ^ d;
if (e) {
d = 0;
do {
b = g + d | 0;
a[b >> 0] = a[b >> 0] ^ a[h + (d & 3) >> 0];
d = d + 1 | 0
} while ((d | 0) != (e | 0))
}
jb(9, c[f >> 2] | 0, g | 0, e | 0) | 0;
ng(g);
i = j;
return
}
jb(9, c[f >> 2] | 0, d | 0, e | 0) | 0;
i = j;
return
}But it's hard to analyse such a big encrypted code. So, I emphasise this part:
d = c[b >> 2] | 0;
c[h >> 2] = d;
d = _(d, 1540483477) | 0;
d = (_(d >>> 24 ^ d, 1540483477) | 0) ^ 114296087;
d = _(d >>> 13 ^ d, 1540483477) | 0;
c[b >> 2] = d >>> 15 ^ d;What happened? d is loaded from a memory location. The d is then stored in another memory location. Then modified the key with bit shifts, multiplications and XORs (xorshift random number algorithm). Then, it is applied to the message in this part of code:
if (e) {
d = 0;
do {
b = g + d | 0;
a[b >> 0] = a[b >> 0] ^ a[h + (d & 3) >> 0];
d = d + 1 | 0
} while ((d | 0) != (e | 0))
}To be continued...
http://192.99.58.70/deobfuscate/ < very good deobfuscator (if needed)
That's good. However, asm.js isn't on deobfuscation list. I need a deobfuscator that can convert asm.js back into minified javascript.
@ZfsrGhS953 this guy claim he decrypted core.js,look at his github https://github.com/G047/Agar.io-Bots
Starting value is 673720360. I'm also developing my own bots for agar.io clones(like Agar-API.tk). Currently, I'm trying to implement coordinate scrambling, so that the bots can work on agarlist.com.
Lol nuclearc said : It isn't good to put starting value here and you did it
He said that HE doesn't want to put the id here, he didn't tell ME anything about it.
Because everything's right! 673720360 is 0x28282828 in hex.
cant find you :/ can you add me? my skype is nuclear.agar
I just saw Mass bots today , did you guys made it ?
ItzLevvie He might have, I know him. His original name was DrGoat. if the decrypted version is written in CSS then it is right.