getGJRewards.php
Gets the rewards from the chests.
Parameters
| Parameter | Explanation | Required |
|---|---|---|
udid | A unique identifier for the user's device. You can put anything here | Yes |
secret | Common Secret: Wmfd2893gb7 | Yes |
chk | Rewards CHK using the chest rewards key | Yes |
gameVersion | 22 | |
binaryVersion | 42 | |
gdw | 0 | |
accountID | Account ID of the user | |
gjp2 | The user's GJP2 | |
uuid | Seemingly a random number also used for identifying someone | |
rewardType | 0 for getting info about the chests, 1 for small chest, 2 for large chest. Defaults to 0 if left out | Yes |
r1 | A random 3-5 digit number | |
r2 | A random 3-5 digit number |
Response
A list of attributes of the Rewards, separated by colons : as follows:
- A random string of 5 characters
- User's player ID
- The number used for the
chk udid- User's account ID
- Small chest time remaining
- Small chest's rewards in a comma separated list
- Orbs
- Diamonds
- Item 1 (1 is Fire, 2 is Ice, 3 is Poison, 4 is Shadow, 5 is Lava, 6 is Demon Key, 10 is Earth, 11 is Blood, 12 is Metal, 13 is Light and 14 is Soul)
- Item 2
- Amount of small chests claimed
- Large chest time remaining
- Large chest's rewards in a comma separated list
- Amount of large chests claimed
rewardType
This list is then XOR'd and URL-Safe Base64 encoded. Then it is separated with its hash by a pipe |. It also has a random string of 5 characters appended to the front.
Example
Python
py
import requests
data = {
"accountID": 173831, # DevExit's account ID
"gjp2": "********", # This would be DevExit's password encoded with GJP2 encryption
"udid": "605BE9FD-300E-49EA-A45C-B272EE64D3E0",
"secret": "Wmfd2893gb7",
"chk": f"{''.join(random.choice('1234567890qwertyuiopaqsdfghjklzxcvbnmQWERTYUIOPASDFGHJKLZXCVBNM') for i in range(5))}{base64.b64encode(xor_cipher(str(random.randint(10000, 1000000)), '59182').encode()).decode()}",
"rewardType": 1
}
req = requests.post("https://www.boomlings.com/database/getGJRewards.php", data=data)
print(req.text)
decoded_text = xor_cipher(base64.urlsafe_b64decode(response_text.split("|")[0][5:].encode()).decode(), '59182')
print(decoded_text)Response
py
DA96FcVVmQnEPCggLBwMOAwIGDAAGDgsPcBFbU1sZQU1GFXtiGFpQS1QCAwIKCQsDDwsHDAQPDQEUAxkJHQgIBA4DDAgCDQcMAg8LAQgeAxUFFAIPDAILCAQ=|3f5f0ad92a601380e7eea113c223be94ff75304d
DlWzC:3935672:499769:I can put BS here:173831:2646:40,1,0,0:1724:74640:200,6,4,0:533:1