It seems like that our hoster Funpic took the site down without any warning.
We are looking for a good alternative, but meanwhile the site stay down.
We appreciate any hint to a good free webhoster or an alternative.
Monday, October 25, 2010
Friday, October 01, 2010
New website is now online
New page with new design and new functionality is going online now :)
Visit it on http://fvinternals.funpic.de/site/
The website is optimized for Internet Explorer 8, Firefox, Chrome, Safari and Opera. We recommend you to use an up to date browser.
The fvinternals team has grown up. You can find some information about us in the contact page.
This blog is still our main source for sharing new informations. We got some volunteers, who are working on site translations. Maybe you can view the website in your own language in future.
Visit it on http://fvinternals.funpic.de/site/
The website is optimized for Internet Explorer 8, Firefox, Chrome, Safari and Opera. We recommend you to use an up to date browser.
The fvinternals team has grown up. You can find some information about us in the contact page.
This blog is still our main source for sharing new informations. We got some volunteers, who are working on site translations. Maybe you can view the website in your own language in future.
Monday, September 20, 2010
Support haiti with the re-gift cheat
Farmville got updated with new a new function "re-gifting". This functions allows you to share the giftable items from your giftbox with your friends. There is a limit of three request per day.
Some information about the function:
FunctionName: UserService.giftStoredGiftBoxItems
Parameters: [itemcode], [number of elements to share]
The first release had no checks, it simple took the itemcode, and did following mathematical operation.
By changing the itemcode, you could simple share items like fv cash with your friends. But Zynga recognized this bug very fast and is now checking if the item is giftable. The giftable items can be viewed on http://fvinternals.funpic.de/giftable.php.
Now lets begin with a simple mathematic course to understand what the new haiti is doing.
We assume, that our giftbox has three haitibackpack_item_single items.
If we set number_of_shared_items to 1, the calculation will be
number_of_shared_items = 3 - 1 = 2.
But what happens if we set number_of_shared_items to -1?
number_of_shared_items = 2 - (-1) = 2 + 1 = 3.
Yes, we can add items to our giftbox.
If there is no item in the giftbox, the counter would be zero. So you can also add new giftable items to an empty giftbox.
We implemented this cheat to support the haiti school. If we understood it correctly, Zynga is counting the items on your backpack. Use this tool to get as many schoolitems into your giftbox as you want to support haiti.
Download the haiti.exe and put in into your FVinternals folder, should be on C:\FV\ for most of you.
Run it as follows to get 500 backpack items:
You can also get other items using this tool, just change the itemname and the counter. Visit http://fvinternals.funpic.de/giftable.php for itemnames.
Some further information, what happened in the last week.
Some information about the function:
FunctionName: UserService.giftStoredGiftBoxItems
Parameters: [itemcode], [number of elements to share]
The first release had no checks, it simple took the itemcode, and did following mathematical operation.
item_count = item_count - number_of_shared_itemsWhere item_count is the number of the items in your giftbox like "olivetree=3" and the number_of_shared_items.
By changing the itemcode, you could simple share items like fv cash with your friends. But Zynga recognized this bug very fast and is now checking if the item is giftable. The giftable items can be viewed on http://fvinternals.funpic.de/giftable.php.
Now lets begin with a simple mathematic course to understand what the new haiti is doing.
We assume, that our giftbox has three haitibackpack_item_single items.
If we set number_of_shared_items to 1, the calculation will be
number_of_shared_items = 3 - 1 = 2.
But what happens if we set number_of_shared_items to -1?
number_of_shared_items = 2 - (-1) = 2 + 1 = 3.
Yes, we can add items to our giftbox.
If there is no item in the giftbox, the counter would be zero. So you can also add new giftable items to an empty giftbox.
We implemented this cheat to support the haiti school. If we understood it correctly, Zynga is counting the items on your backpack. Use this tool to get as many schoolitems into your giftbox as you want to support haiti.
Download the haiti.exe and put in into your FVinternals folder, should be on C:\FV\ for most of you.
Run it as follows to get 500 backpack items:
haiti.exe youremail --reGift=haitibackpack_item_single --countItem=500
You can also get other items using this tool, just change the itemname and the counter. Visit http://fvinternals.funpic.de/giftable.php for itemnames.
Some further information, what happened in the last week.
- fvinternals beta3 is not working anymore, the trick is fixed, you cannot generate new animals using the old trick.
- We are working hard on the new weblayout. If everything works fine, you will see a new fvinternals page soon.
- We have now two more members (tutorial writer and web designer). More information about the fvinternals crew will be available on the new page.
- Re-gifting feature appeared with bugs. I assume this will be fixed soon.
- Comment function is not longer available for Anonymous.
Thursday, September 09, 2010
fvinternals tool beta3
We updated the fvinternals tool. We are using Python 2.6 now.
You have to redownload all files with the beta3.
Get everything on http://fvinternals.funpic.de/codes/fvinternals_beta3/
As mentioned in our last post about gifts, the tool crashed on reading the new four items for dogs. There are no new features, we removed the openmysterybox function since the bug got fixed some days ago.
Send us the error messages you get, if you cannot find any update on this blog.
Our poll has finished with following results.
YES: 82 Votes (37%)
NO : 102 Votes (48%)
Not all features: 26 Votest (12%)
Onyl after multiple runs: 4 Votes (1%)
Seems many of the users have troubles to run. We got some e-mails, where we could see, that the runtime files are missing. This means, some of you don't read the blog but try to start the exe and vote with No? Which are the real problems, what kind of difficulties do you have beside download every file?
UPDATE:
You have to redownload all files with the beta3.
Get everything on http://fvinternals.funpic.de/codes/fvinternals_beta3/
As mentioned in our last post about gifts, the tool crashed on reading the new four items for dogs. There are no new features, we removed the openmysterybox function since the bug got fixed some days ago.
Send us the error messages you get, if you cannot find any update on this blog.
Our poll has finished with following results.
YES: 82 Votes (37%)
NO : 102 Votes (48%)
Not all features: 26 Votest (12%)
Onyl after multiple runs: 4 Votes (1%)
Seems many of the users have troubles to run. We got some e-mails, where we could see, that the runtime files are missing. This means, some of you don't read the blog but try to start the exe and vote with No? Which are the real problems, what kind of difficulties do you have beside download every file?
UPDATE:
This entry got removed by blogspot, because of violating some copyright rules. Wtf? What did we say here? Cheating is only violating terms of use of the flash game, but not the copyright. We have to change something to republish this entry, so we replaced the word "cheat" with "tool", which has the same meaning in this context and removed the itemnames.
Gifts in Farmville
Today, we got a request to publish the links for rare sendable items.
Here are the informations, how you can build the links for your own.
Pre selected wishlist
Start with the page, where you can share your wishlist, this has preselected items.
http://www.farmville.com/gifts.php?template=wishlist
You can manipulate this list, but that is not part of the entry.
Sending gifts to friends
Now lets talk about sending special gifts to your neighbors.
The URL has the following format:
http://www.farmville.com/gifts_send.php?gift=[itemname], where you have to replace [itemname] with a valid itemname, which you can get from the items.xml or our search engine.
A valid example would be http://www.farmville.com/gifts_send.php?gift=abcblocks
Let others send you gifts or send to non-neighbors
If you want to send an gift to somebody, who is not your neighbor, or if you want other to send gifts to you. You can take the following URL format:
http://www.farmville.com/wishlist_give.php?recipient=[facebookID]&giftId=[itemname], where you have to insert the Facebook ID (Profile ID) of the user, and the neededn itemname.
A valid example would be http://www.farmville.com/wishlist_give.php?recipient=10000xxxx&giftId=horseshoe
Sendable Items
You can send items, that are marked as sendable or giftable. You can select them from the items.xml and search for for giftable="true" or sendable="true". Keep attention on the dates, you cannot send them, if they have a <limitedGiftEnd> node, which is dating the past.
You can view the Giftable items on this page
Below is a example list of all sendable items of version 43104:
@Tool: The cheat is still working, but the last update updated the items.xml with waterbowl, waterbowl_red, toy_bone, toy_stuffeddog, which are leading to an error on farm access. We have a fix, but cannot compile it at the moment.
Here are the informations, how you can build the links for your own.
Pre selected wishlist
Start with the page, where you can share your wishlist, this has preselected items.
http://www.farmville.com/gifts.php?template=wishlist
You can manipulate this list, but that is not part of the entry.
Sending gifts to friends
Now lets talk about sending special gifts to your neighbors.
The URL has the following format:
http://www.farmville.com/gifts_send.php?gift=[itemname], where you have to replace [itemname] with a valid itemname, which you can get from the items.xml or our search engine.
A valid example would be http://www.farmville.com/gifts_send.php?gift=abcblocks
Let others send you gifts or send to non-neighbors
If you want to send an gift to somebody, who is not your neighbor, or if you want other to send gifts to you. You can take the following URL format:
http://www.farmville.com/wishlist_give.php?recipient=[facebookID]&giftId=[itemname], where you have to insert the Facebook ID (Profile ID) of the user, and the neededn itemname.
A valid example would be http://www.farmville.com/wishlist_give.php?recipient=10000xxxx&giftId=horseshoe
Sendable Items
You can send items, that are marked as sendable or giftable. You can select them from the items.xml and search for for giftable="true" or sendable="true". Keep attention on the dates, you cannot send them, if they have a <limitedGiftEnd> node, which is dating the past.
You can view the Giftable items on this page
Below is a example list of all sendable items of version 43104:
http://www.farmville.com/gifts_send.php?gift=amethystUPDATE:
http://www.farmville.com/gifts_send.php?gift=topaz
http://www.farmville.com/gifts_send.php?gift=turquoise
http://www.farmville.com/gifts_send.php?gift=abcblocks
http://www.farmville.com/gifts_send.php?gift=trainwhistle
http://www.farmville.com/gifts_send.php?gift=duckpushtoy
http://www.farmville.com/gifts_send.php?gift=jack
http://www.farmville.com/gifts_send.php?gift=marble
http://www.farmville.com/gifts_send.php?gift=paddleball
Seems like, you need a referer for the piglet.
@Tool: The cheat is still working, but the last update updated the items.xml with waterbowl, waterbowl_red, toy_bone, toy_stuffeddog, which are leading to an error on farm access. We have a fix, but cannot compile it at the moment.
Saturday, September 04, 2010
New page with unreleased items online
After looking for help with the unreleased we got 1,5 days ago an offer for help. Now we can publish the new site with all the images, that are manually verified. Our new member want to stay anonymous, so no nick- or real name is given. But we want to thank our new member for doing this great and fast work. Verifying about 1000 images in just 1,5 days. We also want to thank all the others, who got a login to the member area and tried to help us. They have also spend much time into the verification.
Visit the manually verified unreleased.php and write here a comment if you find an item, that is already released, or if you have any suggestions.
The items are categorized, so you can select the category you are interested in.
Visit the manually verified unreleased.php and write here a comment if you find an item, that is already released, or if you have any suggestions.
The items are categorized, so you can select the category you are interested in.
Thursday, September 02, 2010
Farmville doesn't use the gzip obfuscation anymore
We blogged about itemx.xml.gz and gameSettings.xml.gz obfuscation of the Farmville game. Now they removed the obfuscation, and you get the XML Files z-compressed without the any header you have to remove.
If you want to use python, update the decompress.py with the code below.
You can download here the windows binary for .xml.gz decompression and here the python file.
Compression: compress.py and compress.exe
UPDATE:
We also recompiled the fvinternals cheat tool.
If you want to use python, update the decompress.py with the code below.
import zlib
import urllib
import sys
def main():
file = urllib.urlopen(sys.argv[1]).read()
print zlib.decompress(file)
if __name__=="__main__":
main()
You can download here the windows binary for .xml.gz decompression and here the python file.
Compression: compress.py and compress.exe
import zlib
import urllib
import sys
def main():
file = open(sys.argv[1], 'r').read()
output = open(sys.argv[1]+'.gz', 'w')
output.write(zlib.compress(file))
output.close()
if __name__=="__main__":
main()
UPDATE:
We also recompiled the fvinternals cheat tool.
Tuesday, August 31, 2010
Fast tool bugfix
Here is a fast bugfix for the cheat tool.
Dowload the fvinternals cheat tool bugfix. Download the runtime files and overwrite the library.zip with the new library.zip.
Reported bugs:
Following line will use the commandline for password input and open 3 eggs on each login.
If you leave the password empty it will ask for it.
Dowload the fvinternals cheat tool bugfix. Download the runtime files and overwrite the library.zip with the new library.zip.
Reported bugs:
- some animal values are static (fixed: our fault, we forgot to disable the debugging line)
- password is rejected by facebook (not fixed: actually we need some example passwords to verify this. We assume, this is a unicode problem. Workaround: Change your facebook pass to non unicode password)
- Opening multiple mysteryboxes at a time (done! use --numEggs=<number>)
- Password typing every start is annoying (done! use can now optionally insert it as argument into the commandline)
- Place mysterygifts into the farm (queued)
Following line will use the commandline for password input and open 3 eggs on each login.
c:\FV\fvinternals_beta2.exe alice@facebook.com secretpassword --openEggs=mysterbox --numEggs=3
If you leave the password empty it will ask for it.
SQL Server for Farmville
Today i got an interested error message.
Farmville uses PHP Data Objects for the MySQL requests.
In line 70 of the php class, they are using the command PDO::__construct().
The MySQL server runs on:
I assume Farmville run multiple hosts with MySQL databases, but this is one we could extract from the error messages :)
can't connect to server with dsn='mysql:host=10.211.50.239;port=3306;dbname=farm_1;',What information can we extract from it?
error message SQLSTATE[HY000] [2003]
Can't connect to MySQL server on '10.211.50.239' (4).;
PDOMySqlClient.class.php:70
Farmville uses PHP Data Objects for the MySQL requests.
In line 70 of the php class, they are using the command PDO::__construct().
The MySQL server runs on:
- ip = 10.211.50.239
- port = 3306 (default)
I assume Farmville run multiple hosts with MySQL databases, but this is one we could extract from the error messages :)
Sunday, August 29, 2010
Items in mysteryboxes
Yesterday, we published the first cheat tool of fvinternals, which has the feature of opening every mysteryegg as a mysterybox item.
Today we googled for other farmville blogs and sites, which contain information about the mysterybox contents.
We added some items and want to share the list with you, so you can select your item and the belonging mysterybox itemcode.
Here is our list of mysteryboxes and their contents. We would appreciate every help to complete the list.
Today we googled for other farmville blogs and sites, which contain information about the mysterybox contents.
We added some items and want to share the list with you, so you can select your item and the belonging mysterybox itemcode.
Here is our list of mysteryboxes and their contents. We would appreciate every help to complete the list.
Tool for getting storable animals for free
Some infos about the events of the last days.
We couldn't completely automate the unreleased items page, so we are looking for help. At the moment some trials are trying to select all images, but this task takes little time. If they can manage it in time, we will publish the manual selected unreleased items here.
We have also played with some AMF functions and implemented some "cheats". We thank here our supporter lotm, who helped us with the AMF codes. This wouldn't be possible without his work.
Since our main readers are using MS Windows, we tried to compile our code to an EXE again. But this was more difficult than developing the cheats :) After some days of library code patching we finally publish our first fvinternals cheat tool.
Which functionalities does it have:
Download the file fvinternals.exe from our download site and download the runtime files. You have to overwrite the old library.zip with the new library.zip. Place everything on "C:\FV\" and start "cmd.exe" to execute it, read older posts, if you don't know how.
As mentioned above, creating the .exe was a big trouble. That's why it is unstable. If it doesn't work, run it multiple times. If it is still not working report the bug to us.
How are the cheats working?
Screenshot after our tests:
We couldn't completely automate the unreleased items page, so we are looking for help. At the moment some trials are trying to select all images, but this task takes little time. If they can manage it in time, we will publish the manual selected unreleased items here.
We have also played with some AMF functions and implemented some "cheats". We thank here our supporter lotm, who helped us with the AMF codes. This wouldn't be possible without his work.
Since our main readers are using MS Windows, we tried to compile our code to an EXE again. But this was more difficult than developing the cheats :) After some days of library code patching we finally publish our first fvinternals cheat tool.
Which functionalities does it have:
- Adding any storable animal to one of your storages (Dairy-, Nursery-, Horse- and Chickenstorage)
- The binary places mysteryeggs from your giftbox into your farm
- Opening the mysteryeggs as a mysterybox or mysterygame (Thx for telling us this)
- (Turning christmas lights on/off. This was fixed today, so it is historical in the binary)
--getHorse=horse_item_codeRun it as:
--getBaby=foal/calf_item_code
--getCow=cow_item_code
--getChicken=chicken_item_code
--getPig=pig_item_code
--openEggs=mysterybox_code
--enableLights=1
--disableLights=1
fvinternals.exe your@email.com --optionExample: (Visit fvinternals item search and search for "mystery" to get the codes)
C:\FV\fvinternals.exe your@email.com --openEggs=mysterybox100824
Download the file fvinternals.exe from our download site and download the runtime files. You have to overwrite the old library.zip with the new library.zip. Place everything on "C:\FV\" and start "cmd.exe" to execute it, read older posts, if you don't know how.
As mentioned above, creating the .exe was a big trouble. That's why it is unstable. If it doesn't work, run it multiple times. If it is still not working report the bug to us.
How are the cheats working?
- mysteryegg: Opening a mysteryegg, that is placed on the farm and change the itemname to a mysterybox itemname.
- animalstorage: you put two animals into the storage. the first one have to be valid and the second one is a generated one.
- lights trick: you could set alternate graphics to some objects, this action was free. we just send the command to server. Nothing special, but since today, they charge FV cash for it.
Screenshot after our tests:
Sunday, August 22, 2010
Getting the redbrown calf or any other calf you want
Our research on Farmville is still going on. Today we are going to tell you something about the lonely animals links and how you can change them to get another rewards.
The links in Facebook have this format:
Interesting is, that the key is not needed and if you use farmville.com to play you will get another links like:
Since the farmville.com URL is simpler, we concentrate on this.
Lets have a look at the variables.
owner_id = this is the facebook id of the user, who found the animal
animalType = this is the animal type like cow_pinkm calf_pink , ...
lonely_cow_id = this id is unique for every lost animal
lonely_cow_sig = this is a signature of the string
Zynga is using this signature to protect user changes in the url like changing the animalType to calf_redbrown.
Interesting is, that Zynga is only saving the cow_id on the serverside. The signature is calculated by the client.
What does this mean for us? We can generate our own links, just by using the cow_id.
Back to redbrown calf, this calf cannot be born, because the redbrown cow cannot be stored in the dairybarn. But it is a valid object in the gamedata and we can now convert every lonely cow link to a redbrown calf link.
As proof of concept we implemented this and testet it with some calfs, seems like you can generate every calf from any lonely cow link, even from deer bucks or horses.
Visit http://fvinternals.funpic.de/convert.php and test it with a valid lonely animal link.
The links in Facebook have this format:
http://apps.facebook.com/onthefarm/track.php?creative&cat=lonely_cow&subcat=pink&key=&next=lonelycow.php%3Fowner_id%3D %26lonely_cow_id%3D %26animalType%3Dcow_pink%26lonely_cow_sig%3D &ref=nf
Interesting is, that the key is not needed and if you use farmville.com to play you will get another links like:
http://www.farmville.com/lonelycow.php?owner_id=1234&animalType=cow_pink&lonely_cow_id=123456456345&lonely_cow_sig=234523452345
Since the farmville.com URL is simpler, we concentrate on this.
Lets have a look at the variables.
owner_id = this is the facebook id of the user, who found the animal
animalType = this is the animal type like cow_pinkm calf_pink , ...
lonely_cow_id = this id is unique for every lost animal
lonely_cow_sig = this is a signature of the string
Zynga is using this signature to protect user changes in the url like changing the animalType to calf_redbrown.
Interesting is, that Zynga is only saving the cow_id on the serverside. The signature is calculated by the client.
What does this mean for us? We can generate our own links, just by using the cow_id.
Back to redbrown calf, this calf cannot be born, because the redbrown cow cannot be stored in the dairybarn. But it is a valid object in the gamedata and we can now convert every lonely cow link to a redbrown calf link.
As proof of concept we implemented this and testet it with some calfs, seems like you can generate every calf from any lonely cow link, even from deer bucks or horses.
Visit http://fvinternals.funpic.de/convert.php and test it with a valid lonely animal link.
Saturday, August 21, 2010
Getting images (and codes) of unreleased items
Since Zynga updated the item image links we wondered about the big size of the hashtable. By looking deeper at this hashtable and viewing some images we recognized, that there are images, you never see during the game. For example, there is an image of Craig's farm.
We filtered then all links, that are not used by the items.xml. There are many images that are still used by the game, like misson completed images.
We set a filter on buildings, animals and crops and this helped to get a viewable size of images. Interesting is, that much of them are not released.
It seems like you can also get the future itemcodes from the images. The plain image links are in the form
"assets/buildings/building_doghouse_icon.png" and the format is looking like <path>/<type><itemcode>_icon.png.
We tried to filter out the unreleased items, since there is now flag if the url is unreleased or not. You can view the images and codes by visiting http://fvinternals.funpic.de/unreleased.php. If there are some missing, we couldn't catch by our filter, please tell us. And if you want us to filter out some items, to remove already released items, so write a comment or send an e-mail.
We filtered then all links, that are not used by the items.xml. There are many images that are still used by the game, like misson completed images.
We set a filter on buildings, animals and crops and this helped to get a viewable size of images. Interesting is, that much of them are not released.
It seems like you can also get the future itemcodes from the images. The plain image links are in the form
"assets/buildings/building_doghouse_icon.png" and the format is looking like <path>/<type><itemcode>_icon.png.
We tried to filter out the unreleased items, since there is now flag if the url is unreleased or not. You can view the images and codes by visiting http://fvinternals.funpic.de/unreleased.php. If there are some missing, we couldn't catch by our filter, please tell us. And if you want us to filter out some items, to remove already released items, so write a comment or send an e-mail.
Friendlynames of items
As we mentioned, Farmville is using a hashtable and how you can get them.
Sometimes you are looking for codes of items, that already are on your farm. For example the kelly green cow. The problem is, the code name is "cow_shamrock" and you don't know, what you have to search for. You can only filter by "cow" and look at the images. The solution for this is easy, inside the flashLocaleXml.xml are the displayed names stored. They are looking like:
We used again XSLT to get the data out of XML. You can change the XSL File like this to get the new values. If you need help with this, you may contact us, or write a comment below.
Now we have itemcodes, hashed image links and now the displayed names.
We used that info for building a full List of all hashed links.
We have also updated the search function a little bit. You can now search for displayed names and item codes.
Sometimes you are looking for codes of items, that already are on your farm. For example the kelly green cow. The problem is, the code name is "cow_shamrock" and you don't know, what you have to search for. You can only filter by "cow" and look at the images. The solution for this is easy, inside the flashLocaleXml.xml are the displayed names stored. They are looking like:
<l k="cow_shamrock_friendlyName">
<v>Kelly Green Cow</v>
</l>
<l k="calf_shamrock_friendlyName">
<v>Kelly Green Calf</v>
</l>
We used again XSLT to get the data out of XML. You can change the XSL File like this to get the new values. If you need help with this, you may contact us, or write a comment below.
<xsl:for-each select="localization/b/l">
<xsl:if test="contains(@k,'friendlyName')">
... access itemcode using 'v' and
friendlyname using '@k'
</xsl:if>
</xsl:for-each>
Now we have itemcodes, hashed image links and now the displayed names.
We used that info for building a full List of all hashed links.
We have also updated the search function a little bit. You can now search for displayed names and item codes.
Tuesday, August 17, 2010
Getting new Images without decompiling the Flashgame
Yesterday we blogged about the new images in Farmville. Today we want to show you a method of how you can get them without the hard work of decompilation. No more need for commercial decompiler.
Since the URL are in the SWF, we started looking deeper inside the binary and the SWF Format. SWF Files have a header, which is telling if the SWF file is compressed or not. In our case it was, so you cannot look into binary and see the URLs in plain text. We had former experience with SWF files, so we knew how to compress/decompress SWF files. That's the reason why we use our own code for decompressing it.
After decompressing it, you can see the URLs in plaintext, the only problem is, that there is much binary crap. So we wrote some small python code, to search for the links inside the binary.
The final program can be found on our site.
Download it from http://fvinternals.funpic.de/codes/extracthashedimages.exe
You will also need the runtimes from http://fvinternals.funpic.de/codes/runtime/
Copy all files to "C:\FV\"
Download the Farmgame.swf from Farmville, we used FarmGame.release-10-08-12.39998.swf for our tests.
old link:new hashed link
If you need the source code, feel free to e-mail us.
We used the data for generating a website, which displays the itemcodes and the belonging new image URL. Visit it on http://fvinternals.funpic.de/hashedimages.php
We also made a search formular to filter interesting values like
If you have questions, or request, you can e-mail us, just read our first post for e-mail or write a comment.
Since the URL are in the SWF, we started looking deeper inside the binary and the SWF Format. SWF Files have a header, which is telling if the SWF file is compressed or not. In our case it was, so you cannot look into binary and see the URLs in plain text. We had former experience with SWF files, so we knew how to compress/decompress SWF files. That's the reason why we use our own code for decompressing it.
After decompressing it, you can see the URLs in plaintext, the only problem is, that there is much binary crap. So we wrote some small python code, to search for the links inside the binary.
The final program can be found on our site.
Download it from http://fvinternals.funpic.de/codes/extracthashedimages.exe
You will also need the runtimes from http://fvinternals.funpic.de/codes/runtime/
Copy all files to "C:\FV\"
Download the Farmgame.swf from Farmville, we used FarmGame.release-10-08-12.39998.swf for our tests.
c:\FV> extracthashedimages.exe FarmGame.release-10-08-12.39998.swfand you should see a new file images.txt in your folder. Open it and you see the Hashtable in the format
old link:new hashed link
If you need the source code, feel free to e-mail us.
We used the data for generating a website, which displays the itemcodes and the belonging new image URL. Visit it on http://fvinternals.funpic.de/hashedimages.php
We also made a search formular to filter interesting values like
- Item type, e.g. show only animals
- Item code search, e.g. display only code with "horse" in text
- Show only items, that doesn't need Farmville cash
- Show only items, that are only buyable with Farmville cash
If you have questions, or request, you can e-mail us, just read our first post for e-mail or write a comment.
Monday, August 16, 2010
Farmville uses new image links
We received some feedback to our previous post. Farmville changed the links to the images, we didn't recognize this, because almost every image of every item loaded using the old image url.
We took the time and checked the diffrences today and we are going to explain it now.
The old images had the form of http://static-2.farmville.com/v36206/assets/animals/animal_horse_red_icon.png, you could build them using the items.xml. For explanation look at http://fvinternals.blogspot.com/2010/08/viewing-items-as-html-using-xslt.html
The new images are now using a hashed itemname in the form
http://static-0.farmville.com/prod/hashed/assets/animals/c5153828b93c6ea1259d7e0b7cd8c4a2.png.
Our first approach was to identify a rule for generating these hashes by logic. During our tests, we recognized, that every change in the items.xml lead to a non-hashed request. The idea was: "Is Farmville using a Hashtable?". So we were looking for new files which involve these hashes, but couldn't find something.
The next step was to reverse engineering the flash file of today. We couldn't find any free decompiler, so we used a shareware version of swf-kit to decompile it. Looking around we found the function for building the strings.
We uploaded the actual Hashmap, so you can download it from here.
The bad news are, that you have to decompile the swf on each update, to get the hashmap.
We took the time and checked the diffrences today and we are going to explain it now.
The old images had the form of http://static-2.farmville.com/v36206/assets/animals/animal_horse_red_icon.png, you could build them using the items.xml. For explanation look at http://fvinternals.blogspot.com/2010/08/viewing-items-as-html-using-xslt.html
The new images are now using a hashed itemname in the form
http://static-0.farmville.com/prod/hashed/assets/animals/c5153828b93c6ea1259d7e0b7cd8c4a2.png.
Our first approach was to identify a rule for generating these hashes by logic. During our tests, we recognized, that every change in the items.xml lead to a non-hashed request. The idea was: "Is Farmville using a Hashtable?". So we were looking for new files which involve these hashes, but couldn't find something.
The next step was to reverse engineering the flash file of today. We couldn't find any free decompiler, so we used a shareware version of swf-kit to decompile it. Looking around we found the function for building the strings.
static public final function getAssetURL(param1:String) : String {We were right, FV is really using a Hashtable to map the images. The Hashmap is an object in the Displays package and has the format imageicon:hashimage and looks like this.
if (AssetHashMap.hasOwnProperty(param1)) {
param1 = GlobalEngine.getAssetUrl(AssetHashMap[param1]);
} else {
param1 = GlobalEngine.getAssetUrl(param1);
}
return param1;
}
Display.AssetHashMap = {"assets/decorations/deco_bushgoose_icon.png":"assets/decorations/fe7cde4c1df363c2696423483e626da2.png", "assets/decorations/flags/flag_alpha_i_icon.png":"assets/decorations/flags/9cd115ac353499e998a24f25b17c8dc7.png", "assets/flowers/flower_lily_icon.png":"assets/flowers/2f2b4a9ef50f24d156e71d884fe4a336.png",
...
};
We uploaded the actual Hashmap, so you can download it from here.
The bad news are, that you have to decompile the swf on each update, to get the hashmap.
Sunday, August 15, 2010
Farmville AMF Request to /flashservices/gateway.php
We had a look into the Farmville Requests. Farmville is using AMF3 to send and recieve gamedata.
To deserialize this, we used an intercept proxy called burp.
We have seen that, Farmville is sending these Request to one of the gateway services.
http://fb-tc-[1-3].farmville.com/flashservices/gateway.php.
The deserialized AMF Request looks like.
We have a target and response method, which is a Flash function. the response-filed is just for identifying the response, for testing you can keep the same value.
The data array is the request body, where Array 0 is containg some tokens which have to match. but can be keeped constant for the whole game. The Array 1 is the Request, which tells what to do. This one contains a sequence number, which you have to count up after every request. The functionname is triggerind the flashfunction with the parameters given above.
We have chosen a basic example with less data. We just call PregnantSowUtiliyService.onActivateSow(true) and this will give us the reward link, that can be shared with friends. During our tests, you can create as many Links as you want by just increasing the sequence number using the burp repeater. The function for Lostanimals is called LonelyCowService.createLonelyAnimal, but for some reason you cannot generate them.
It would be interesting to learn about how many functions Farmville is supporting and what their syntax is. If you are interested in this question ,so we can start to build a function database for Farmville.
On interests, just contact us.
Burp can only change the value inside the AMF request, but you cannot build your own AMF packages. You cannot remove or add arrays from the body. If you know any better proxy please let us know.
To deserialize this, we used an intercept proxy called burp.
We have seen that, Farmville is sending these Request to one of the gateway services.
http://fb-tc-[1-3].farmville.com/flashservices/gateway.php.
The deserialized AMF Request looks like.
We have a target and response method, which is a Flash function. the response-filed is just for identifying the response, for testing you can keep the same value.
The data array is the request body, where Array 0 is containg some tokens which have to match. but can be keeped constant for the whole game. The Array 1 is the Request, which tells what to do. This one contains a sequence number, which you have to count up after every request. The functionname is triggerind the flashfunction with the parameters given above.
We have chosen a basic example with less data. We just call PregnantSowUtiliyService.onActivateSow(true) and this will give us the reward link, that can be shared with friends. During our tests, you can create as many Links as you want by just increasing the sequence number using the burp repeater. The function for Lostanimals is called LonelyCowService.createLonelyAnimal, but for some reason you cannot generate them.
It would be interesting to learn about how many functions Farmville is supporting and what their syntax is. If you are interested in this question ,so we can start to build a function database for Farmville.
On interests, just contact us.
Burp can only change the value inside the AMF request, but you cannot build your own AMF packages. You cannot remove or add arrays from the body. If you know any better proxy please let us know.
Viewing the Items as HTML using XSLT
The items.xml only contains the itemnames and not the displayed names insided the game. For example cow_shamrock is displayed as "Kelly Green Cow". And for some items, we wanted to know which picture is behind, or the other way round, which code is belonging to an item we have seen in Farmville.
We wrote a simple XSL File to transform and filter out the items we need and display the pictures.
A sample output from the Transformation with a filter for decorations without limits.
First of all, how can we get the pictures. We started a Network sniffer and looked into the traffic and saw much request to http://static-2.farmville.com/v36206/ so we took this address to and appended the path from the items.xml. The path could change, so looked into the traffic with tools like wireshark to get the new path for the new images.
We documented the Code,if you have Questions just write a comment and we can update the explanation. The code should be useable for everyone even if you don't now anything about XSL.
The example code below sets a filter for all "buyable" items. Later it checks IF the item is limited, if NOT it displays the data.
Download the file from here.
We used SAXON Java version to perform this XSLT transformation.
Usage:
We wrote a simple XSL File to transform and filter out the items we need and display the pictures.
A sample output from the Transformation with a filter for decorations without limits.
We documented the Code,if you have Questions just write a comment and we can update the explanation. The code should be useable for everyone even if you don't now anything about XSL.
The example code below sets a filter for all "buyable" items. Later it checks IF the item is limited, if NOT it displays the data.
Download the file from here.
We used SAXON Java version to perform this XSLT transformation.
Usage:
java -cp saxon9he.jar net.sf.saxon.Transform -o output.html items.xml transform.xslIf you open the output.html, you should see an output like the first image in this post.
Saturday, August 14, 2010
gameSettings.xml.gz items.xml.gz and other .xml.gz files in Farmville
Looking into the communication between the Farmville game and the server, i recognized that there are some files called:
First i thought about simple gunzip packed files, but looking into the files i found out that there were used ASCII strings and no binary format.
Looking into the characters i gave BASE64 i try and decoded it. Finally i got a binary file. But i still couldn't decompress it with gunzip. There must be something else. So i read about compressions in Flash applications and found that flash uses zlib. Hmm, but zlib also didn't the way. By playing around we found out that the first bytes are some kind of header. After removing the first bytes we could easily decompress it.
So our final decompressing algorithmus was
Our Python code for decompressing the .xml.gz files, which you can download from here.
Running it as follows
Our Python code for compressing the .xml files, which you can download from here.
Running it as follows
Now we could look into this files and change the content :) Farmville is updating this files with future items like the ufo (see picture). So you can see the pictures and get the itemname before release.
You can get decompressed XML Files version 39886 from here, if needed.
Update: We added compiled .exe version of compress.exe and decompress.exe for the Windows user. Then you don't need the Python files anymore. Usage is the same. Open "cmd.exe" and run it as described above. Download the Runtime Files else it won't run on your computer. If other files are need, please leave a comment.
First i thought about simple gunzip packed files, but looking into the files i found out that there were used ASCII strings and no binary format.
00000000: 30 32 47 4d 65 4a 7a 74 76 57 6c 33 34 7a 69 53 02GMeJztvWl34ziS
00000010: 4b 50 72 5a 2b 53 73 34 76 75 65 38 71 5a 70 58 KPrZ+Ss4vue8qZpX
00000020: 61 56 6d 62 5a 64 63 34 50 53 65 39 5a 57 56 50 aVmbZdc4PSe9ZWVP
00000030: 4f 74 4e 6a 4f 32 75 5a 4c 7a 6f 51 43 55 6b 73 OtNjO2uZLzoQCUks
...
Looking into the characters i gave BASE64 i try and decoded it. Finally i got a binary file. But i still couldn't decompress it with gunzip. There must be something else. So i read about compressions in Flash applications and found that flash uses zlib. Hmm, but zlib also didn't the way. By playing around we found out that the first bytes are some kind of header. After removing the first bytes we could easily decompress it.
So our final decompressing algorithmus was
- Remove magic header "02GM" from the string
- BASE64 decode it
- zlib decompress it
Our Python code for decompressing the .xml.gz files, which you can download from here.
import zlib
import base64
import urllib
import sys
def entpacken( b64string ):
decoded_data = base64.b64decode( b64string[4:] )
return zlib.decompress( decoded_data )
def main():
file = urllib.urlopen(sys.argv[1]).read()
print entpacken(file)
if __name__=="__main__":
main()
Running it as follows
python decompress.py http://static-facebook.farmville.com/v39886/items.xml.gz > items.xml
Our Python code for compressing the .xml files, which you can download from here.
import zlib
import base64
import urllib
import sys
def packen( xml ):
zlibbed_str = zlib.compress( xml )
return "02GM" + base64.b64encode( zlibbed_str )
def main():
file = open(sys.argv[1], 'r').read()
print packen(file)
if __name__=="__main__":
main()
Running it as follows
python compress.py items.xml > items.xml.gz
Now we could look into this files and change the content :) Farmville is updating this files with future items like the ufo (see picture). So you can see the pictures and get the itemname before release.
You can get decompressed XML Files version 39886 from here, if needed.
Update: We added compiled .exe version of compress.exe and decompress.exe for the Windows user. Then you don't need the Python files anymore. Usage is the same. Open "cmd.exe" and run it as described above. Download the Runtime Files else it won't run on your computer. If other files are need, please leave a comment.
Farmville internals
Hello we started this blog, to collect and share our findings about Farmville.
We are looking for other people, who are also interested in Farmville and its internals.
Feel free to contact us at our gmail account fvinternals.
We are looking for other people, who are also interested in Farmville and its internals.
Feel free to contact us at our gmail account fvinternals.
Subscribe to:
Posts (Atom)