Packet Editing - POST Daten verschl�sselt?

Ich hab mal alle GETs rausgesucht die in Frage kommen, aber nicht wirklich was darin gefunden, womit man nen zuf�lligen String erzeugen k�nnte, der ja bei jedem POST anders ist...

Hier mal die gesnifften Daten bis zum ersten zuf�lligen String(die Google Analytics Sachen etc. hab ich rausgenommen). Das [URL] vor den URLs. und die *** in den URLs sind normal nicht dabei, wird aber igrendwie automatisch hier im Forum dazugef�gt.

Spoiler

Code:

http://de.forgeofempires.com/start/index?action=fetch_worlds_for_login_page

POST /start/index?action=fetch_worlds_for_login_page HTTP/1.1
Host: de.forgeofempires.com
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:29.0) Gecko/20100101 Firefox/29.0
Accept: text/plain, */*; q=0.01
Accept-Language: de,en-US;q=0.7,en;q=0.3
Accept-Encoding: gzip, deflate
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
X-Requested-With: XMLHttpRequest
Referer: [url=http://de.forgeofempires.com/page/]Forge of Empires ? Das Online Strategiespiel. Dein Imperium im Browser[/url]
Content-Length: 9
Cookie: ***zensiert***
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
json=null

HTTP/1.1 200 OK
Server: nginx/1.4.6
Date: Thu, 12 Jun 2014 15:44:04 GMT
Content-Type: application/json
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: PHP/5.5.10-1~dotdeb.1
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Content-Encoding: gzip
----------------------------------------------------------
[url=http://de.forgeofempires.com/start/index?action=play_now_login]Forge of Empires ? Das Online Strategiespiel. Dein Imperium im Browser[/url]

POST /start/index?action=play_now_login HTTP/1.1
Host: de.forgeofempires.com
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:29.0) Gecko/20100101 Firefox/29.0
Accept: text/plain, */*; q=0.01
Accept-Language: de,en-US;q=0.7,en;q=0.3
Accept-Encoding: gzip, deflate
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
X-Requested-With: XMLHttpRequest
Referer: [url=http://de.forgeofempires.com/page/]Forge of Empires ? Das Online Strategiespiel. Dein Imperium im Browser[/url]
Content-Length: 37
Cookie: ***zensiert***
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
json=%7B%22world_id%22%3A%22de4%22%7D

HTTP/1.1 200 OK
Server: nginx/1.4.6
Date: Thu, 12 Jun 2014 15:44:05 GMT
Content-Type: application/json
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: PHP/5.5.10-1~dotdeb.1
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Content-Encoding: gzip
-------------------------------------------------------
[url=http://de4.forgeofempires.com/game/login?token=d8j3eeo15oo4&cid=1673635928******&start_page_type=game_v1]Forge of Empires ? Das Online Strategiespiel. Dein Imperium im Browser[/url]

GET /game/login?token=d8j3eeo15oo4&cid=1673635928******&start_page_type=game_v1 HTTP/1.1
Host: de4.forgeofempires.com
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:29.0) Gecko/20100101 Firefox/29.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: de,en-US;q=0.7,en;q=0.3
Accept-Encoding: gzip, deflate
Referer: [url=http://de.forgeofempires.com/page/]Forge of Empires ? Das Online Strategiespiel. Dein Imperium im Browser[/url]
Cookie: ***zensiert***
Connection: keep-alive

HTTP/1.1 302 Moved Temporarily
Server: nginx/1.4.6
Date: Thu, 12 Jun 2014 15:44:06 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: PHP/5.5.10-1~dotdeb.1
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Location: /game/index?login=1******
Set-Cookie: sid=6w3jl4pqtkco; path=/
Set-Cookie: req_page_info=game_v1; path=/
Set-Cookie: start_page_type=game; path=/
Set-Cookie: start_page_version=v1; path=/
Set-Cookie: email=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/
Set-Cookie: ref=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/
----------------------------------------------------------
[url=http://de4.forgeofempires.com/game/index?login=1******]Forge of Empires ? Das Online Strategiespiel. Dein Imperium im Browser[/url]

GET /game/index?login=1****** HTTP/1.1
Host: de4.forgeofempires.com
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:29.0) Gecko/20100101 Firefox/29.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: de,en-US;q=0.7,en;q=0.3
Accept-Encoding: gzip, deflate
Referer: [url=http://de.forgeofempires.com/page/]Forge of Empires ? Das Online Strategiespiel. Dein Imperium im Browser[/url]
Cookie:***zensiert***
Connection: keep-alive

HTTP/1.1 200 OK
Server: nginx/1.4.6
Date: Thu, 12 Jun 2014 15:44:06 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: PHP/5.5.10-1~dotdeb.1
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Content-Encoding: gzip
----------------------------------------------------------
[url]http://de4.forgeofempires.com:8080/crossdomain.xml[/url]

GET /crossdomain.xml HTTP/1.1
Host: de4.forgeofempires.com:8080
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:29.0) Gecko/20100101 Firefox/29.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: de,en-US;q=0.7,en;q=0.3
Accept-Encoding: gzip, deflate
Referer: [url]http://foede.innogamescdn.com/swf/Preloader.swf?1402571362[/url]
Cookie: ***zensiert***
Connection: keep-alive

HTTP/1.1 200 OK
Server: nginx/1.4.6
Date: Thu, 12 Jun 2014 15:44:08 GMT
Content-Type: text/xml
Transfer-Encoding: chunked
Connection: keep-alive
----------------------------------------------------------
[url]http://de4.forgeofempires.com:8080/socket.io/1/?t=1402587842274[/url]

GET /socket.io/1/?t=1402587842274 HTTP/1.1
Host: de4.forgeofempires.com:8080
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:29.0) Gecko/20100101 Firefox/29.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: de,en-US;q=0.7,en;q=0.3
Accept-Encoding: gzip, deflate
Referer: [url]http://foede.innogamescdn.com/swf/Preloader.swf?1402571362[/url]
Cookie: ***zensiert***
Connection: keep-alive

HTTP/1.1 200 OK
Server: nginx/1.4.6
Date: Thu, 12 Jun 2014 15:44:08 GMT
Content-Type: text/plain
Transfer-Encoding: chunked
Connection: keep-alive
----------------------------------------------------------
[url]http://de4.forgeofempires.com/game/json?h=0df76bfafa3[/url]

POST /game/json?h=0df76bfafa3 HTTP/1.1
Host: de4.forgeofempires.com
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:29.0) Gecko/20100101 Firefox/29.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: de,en-US;q=0.7,en;q=0.3
Accept-Encoding: gzip, deflate
Cookie: ***zensiert***
Connection: keep-alive
Referer: [url]http://foede.innogamescdn.com/swf/Main.swf?1402571362[/url]
Content-type: application/x-www-form-urlencoded
Content-length: 368

//Kommentar: hier der erste zuf�llige String (c178f8c0f6):

c178f8c0f6[{"__class__":"ServerRequest","requestData":[],"requestClass":"StartupService","clientIdentification":{"__class__":"ClientIdentification","clientVersionNumber":"1.27","requiredBackendVersion":"1.27","appType":null,"deviceId":null,"registrationId":null,"platform":"bro","androidDeviceId":null,"platformVersion":"web"},"requestMethod":"getData","requestId":0}]

HTTP/1.1 200 OK
Server: nginx/1.4.6
Date: Thu, 12 Jun 2014 15:44:08 GMT
Content-Type: application/json
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: PHP/5.5.10-1~dotdeb.1
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Content-Encoding: gzip

Code:

public static string CreateChecksum(string url, string json)
        {
            var pos = url.IndexOf("?h=", System.StringComparison.Ordinal) + 3;
            var h = url.Substring(pos, url.Length - pos);

          
            var hash = new MD5CryptoServiceProvider().ComputeHash(Encoding.ASCII.GetBytes(h + "forgeofempires" + json));
            var md5 = BitConverter.ToString(hash).Replace("-","").ToLower();
            return md5.Substring(0, 10);
        }

Falls es wem hilft... Benutzt wird das ganze dann folgenderma�en:

Code:

var gatewayURL = "http://de4.forgeofempires.com/game/json?h=0df76bfafa3";
            var jsonString =
                "[{\"__class__\":\"ServerRequest\",\"requestData\":[],\"requestClass\":\"StartupService\",\"clientIdentification\":{\"__class__\":\"ClientIdentification\",\"clientVersionNumber\":\"1.27\",\"requiredBackendVersion\":\"1.27\",\"appType\":null,\"deviceId\":null,\"registrationId\":null,\"platform\":\"bro\",\"androidDeviceId\":null,\"platformVersion\":\"web\"},\"requestMethod\":\"getData\",\"requestId\":0}]";
            var key = CreateChecksum(gatewayURL, jsonString);