This is script which hackers use to hack spins in coin master game.
Kindly fix this bug ASAP.
Thank you
Here's other codes :
<?php
$sesionId = "private"; $userId = "private";
header('Content-Type: text/event-stream');
header('Cache-Control: no-cache');
echo "starting/...";
while (true) {
ob_flush();
flush();
echo "ok...";
echo sendPacket($sesionId,$userId ).PHP_EOL;
sleep(1);
if (connection_aborted()) {
break;
}
}
ob_end_flush();
function sendPacket($sesionId,$userId ){ $ch = curl_init();
curl_setopt($ch, CURLOPT_URL, 'https://167.875.98:60051/rewards.Rewards/receiveAdReward'); curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1); curl_setopt($ch, CURLOPT_POST, 1); curl_setopt($ch, CURLOPT_POSTFIELDS, "ca-app-pub-3091286968802858/9199177372");
$headers = array();
$headers[] = 'Host: 167.875.98:60051';
$headers[] = 'User-Agent: grpc-java-okhttp/1.36.0';
$headers[] = 'Content-Type: application/grpc';
$headers[] = 'Te: trailers';
$headers[] = 'Platform: ANDROID';
$headers[] = 'Version: 3.7.1';
$headers[] = 'App_name: coin.master';
$headers[] = 'Sessionid: '.$sesionId;
// $headers[] = 'Sessionid: private';
$headers[] = 'User_id: '.$userId ;
$headers[] = 'Grpc-Accept-Encoding: gzip';
curl_setopt($ch, CURLOPT_HTTPHEADER, $headers);
$result = curl_exec($ch);
if (curl_errno($ch)) {
return 'Error:' . curl_error($ch);
}
curl_close($ch);
return $result;
}