如何获取用户游戏数据 How to get user game data

目录 Index

我的箱子 My Box

如果你使用我的箱子功能打开你的游戏数据,你将会获得如下功能。 If you use the My Box feature to open your game data, you will get the following features.

你保存的数据全部存于浏览器的本地 IndexedDB 内,不会被上传到服务器,因此更换浏览器就需要重新打开数据。 All of the data you save is stored in your browser's local IndexedDB and will not be uploaded to the server, so changing your browser will require you to reopen the data.

苹果用户 iOS User

我没有苹果设备,无法研究iOS。可以临时使用 Facebook SNS 跨平台到安卓模拟器登录,进行数据导出。 I don't have an Apple device so I can't research iOS. You can temporarily across platforms sign in to Android Simulator by Facebook Social Media Linking.
链接 SNS

安卓用户 Android User

因为此功能不会自动更新游戏数据,需要重新导出,因此强烈建议在模拟器内使用data048.bin实现多设备登录。 Because this feature does not automatically update game data and requires re-export, it is highly recommended to use data048.bin within the Emulator for multi-device login.

你需要在在电脑上安装一个能运行智龙迷城的安卓模拟器,比如 蓝叠模拟器国际版夜神模拟器国际版。选国际版是因为自带 Google Play,国内版没有。国际版安装好后也可以选择简体中文,所以没语言障碍。 You'll need to install an Android simulator on your PC that runs P&D, such as BlueStacks, NoxPlayer.

如果希望直接使用root后的设备,请参考HttpCanary方法。 If you wish to use the rooted device directly, refer to the HttpCanary method.

如何实现多设备登录 How to login with multiple devices

从你的安卓设备中提取data048.bin Extract data048.bin from your Android device

智龙迷城的账号唯一识别码(GUID)储存于/data/data/jp.gungho.pad/files/data048.bin中。 The unique account number (GUID) of P&D is stored in the /data/data/jp.gungho.pad/files/data048.bin.

只需要复制这个文件到另一台设备上的相同路径,就不需要 谷歌 引继,可以随时切换设备登录账号。 Simply copy this file to the same path on another device, you don't need to sign in by Google, you can switch device logins at any time.

用处 use:

Root 用户可以直接访问这个文件,复制到另一台设备,并覆盖相同文件即可。 Root users can access the file directly, copy to another device, and overwrite the same file.

无 Root 用户目前可以使用 Android 调试桥 (adb) 导出data048.bin,请看接下来的教学。 No-Root users can currently export data048.bin using Android Debug Bridge (adb), see the next lesson.

如要在通过 USB 连接的设备上使用 adb,您必须在设备的系统设置中启用 USB 调试(位于开发者选项下)。如需使用 WLAN 连接到设备来使用 adb,请参阅通过 WLAN 连接到设备 To use adb with a device connected over USB, you must enable USB debugging in the device system settings, under Developer options. To use adb with a device connected over Wi-Fi, see Connect to a device over Wi-Fi.

将你的手机用USB线缆连接到电脑上。 Connect your phone to your computer with a USB cable.
连接手机

打开 USB 调试。由于不同手机“开发者选项”所在的位置或名称可能有所不同,请您自行搜索您的手机型号的打开方式。 Turn on USB debugging. On different devices, the Developer options screen might be located or named differently, please search for your phone.
打开USB调试

如果你在设备管理器内能看到 ADB interface 驱动,那么你很可能可以使用 adb 工具。
否则你需要安装手机设备制造商的 USB 驱动程序或者尝试通用 ADB 驱动
If you can see the ADB interface driver in Device Manager, you're likely to use the adb tool.
Otherwise you'll need to install OEM USB drivers or try Universal ADB Drivers.

连接手机

下载 SDK Platform Tools,adb 工具在里面。 Download SDK Platform Tools, the adb tool in it.

您可以通过从 platform-tools 目录执行以下代码验证设备是否已连接。如果已连接,您将看到设备名称以“设备”形式列出。 You can verify that your device is connected by executing the following code from the platform-tools directory. adb devices
测试ADB连接

解锁手机,执行以下代码对游戏数据进行备份。在手机上弹出的确认窗口中输入任意密码并记住或留空。 Unlock your phone, perform the following code to back up game data. Enter any password and remember or leave it blank in the confirmation window that pops up on your phone. adb backup <包名Package Name> -f pad.ab 包名Package Name:

ADB备份

你需要使用Android backup extractor来解密 ab 文件。同时它是用 Java 编写的,你需要安装 Java 11 运行时或更高版本。 You need to use Android backup extractor to decrypt ab files. And it's written in Java, so you need to install the Java 11 runtime or later.

执行以下代码进行解密。 perform the following code to decrypt. java -jar abe.jar unpack pad.ab pad.tar [备份密码backup password]
解包 AB

打开这个 pad.tar 压缩包你将会看到 data048.bin Open this pad.tar package and you'll see the data048.bin
解包 AB-打开

导出失败的可能原因 Possible reasons for export failures

data048.bin 导入模拟器 Import data048.bin into the simulator

你需要先打开模拟器的 root。 You need to open the emulator's root first.

使用data048.bin覆盖模拟器内的/data/data/jp.gungho.pad/files/data048.bin,并推荐删除data048.binmons文件夹以外的其他文件。 Use data048.bin override the /data/data/jp.gungho.pad/files/data048.bin in the emulator, and it is recommended to delete files other than data048.bin and mons folders.
覆盖048

打开游戏,然后你就可以在手机和模拟器登录同一个帐号了。 Open the game. Then you can log in to the same account on your phone and emulator.
手机模拟器同时登陆
注意:note:

然后你可以选择在安卓内使用 APP 和电脑上用代理软件两种方式抓包。 You can then choose to sniffer in both use the APP within Android and proxy software on your PC.

使用 HttpCanary APP Use HttpCanary APP

请自行从网上搜索并安装 HttpCanary(已被谷歌商店下架)。 Please search the web and install HttpCanary yourself (It's blocked by google store).
安装 APK

打开模拟器的 Root,并重启。 Open the simulator's root and restart.
打开 Root

运行 HttpCanary,按照提示配置本地 VPN 和导入证书(系统可能要求设置密码)。 Run HttpCanary, follow the prompts to configure the local VPN and import certificates (The system may require a password).
开启 VPN 安装证书
授予 Root 权限,将证书移至系统目录。安卓 7 以上必须这样做才能嗅探到 https 的流量。 Grant Root permission to move the certificates to the system directory. Android 7 or above must do this to sniff out https traffic.
移动证书到系统目录

可以根据需要关闭 Root 了(日服客户端需要关闭 Root 才能运行)。 Root can be closed as needed. (The Japanese version client needs to close Root operation.)

HttpCanary 菜单内添加智龙迷城为目标应用,可减少其他流量的干扰。 Add P&D to the target app in HttpCanary menu, to reduce interference with other traffic.
设置目标应用

回到首页,点击主按钮开始嗅探流量。 Back on the home page, click the main button to start sniffing traffic.
开始嗅探

运行智龙迷城游戏,直到登陆成功。 Run the P&D game until log in successfully.
登录游戏

返回 HttpCanary,找到padsv.gungho.jp/api.php?action=get_player_data网络请求。(一般紧跟api.php?action=login Go back to HttpCanary to find the network request padsv.gungho.jp/api.php?action=get_player_data.(Generally followed by api.php?action=login)
找到请求

进入该条目,保存响应体。 Go to the entry and Save Response Body.
保存响应体

使用文件管理器找到手机储存/HttpCanary/download/[你保存的名称]/response_body.html,这个就是你的游戏数据。 Use the file manager to find [Phone Storage]/HttpCanary/download/[The name you saved]/response_body.html, and this is your game data.
保存的文件

打开模拟器的电脑共享目录。 Open the simulator's PC shared folder.
打开电脑共享路径
response_body.html复制到手机储存/Download文件夹,即可在电脑上看到文件。 Copy response_body.html to [Phone Storage]/Download folder to see files on your PC.
复制到下载文件夹
其他模拟器拥有类似传输数据到真实电脑的功能,在此不再赘述。 Other emulators have similar features for transferring data to a real computer, please check it yourself.

到我的箱子功能里打开即可。 Open my box function and open it.
打开数据

每次获取新的数据,重复 启动 HttpCanary > 登录游戏 > 保存响应体 的步骤。 Each time you get new data, repeat the steps to Start httpCanary > Log in to the game > Save Response Body.

如果希望不要每次都重新使用 SNS 登录游戏,可以查看如何多设备登录 If you want to not reuse the SNS login game every time, you can see How to login with multiple devices.

在电脑上使用 Fidder Use Fidder on PC

在电脑上安装Fiddler Classic Install Fiddler Classic on your PC.
装好的 Fidder

打开 Fiddler 的自动解码和流式传输。 Turn on Fiddler's auto Decode and Stream.
自动解码

为了使模拟器能连接 Fidder,打开允许远程计算机连接的功能。
同时为避免抓到其他无用的流量,推荐你关闭自动设为系统代理的选项并重启 Fidder。
In order for the simulator to connect to Fidder, turn on the feature that Allow remote computers to connect.
And for avoid catching unwanted traffic, it is recommended that turn off the option Act as the system proxy on startup and restart the Fidder.

关闭默认代理
可以看到默认的代理端口是8888,如果需要修改,请自行记住修改后的端口号。 You can see that the default proxy port is 8888, if you need to modify it, please remember the modified port number.

打开解密 HTTPS 流量,警告询问你是否添加证书到电脑,可以选择否,因为我们不需要解密电脑上的流量。 Turn on decrypt HTTPS traffic. The warning asks if you want to add the certificate to your PC and you can choose No because we don't need to decrypt traffic from your PC.
打开 HTTPS解密

转换 DER 证书到 PEM 格式 Convert DER certificates to PEM format

点击 Actions-Export Root Certificate to Desktop 将根证书导出到桌面,之后你将会在桌面上看到一个FiddlerRoot.cer文件。 Click Actions-Export Root Certificate to Desktop. You will then see a file FiddlerRoot.cer on your desktop.
导出证书到桌面

如果你有 openssl 程序,你可以直接将FiddlerRoot.cer转换到安卓需要的格式。 If you have openssl CLI, you can directly convert FiddlerRoot.cer to the format android need.
::Get Hash Value openssl x509 -inform DER -in FiddlerRoot.cer -subject_hash_old -noout ::It should output "269953fb" ::Convert to PEM version and rename to Android system rule, <Hash Value>.0 openssl x509 -inform DER -in FiddlerRoot.cer -outform PEM -out 269953fb.0

如果没有 openssl ,你可以在桌面按住 Shift 点击鼠标右键,在此打开 PowerShell。 If you don't have openssl, press and hold Shift on the desktop and right-click to open PowerShell here.
打开PowerShell

在 PowerShell 中,执行以下代码,之后你将会在桌面上,见到一个269953fb.0文件。 In PowerShell, execute the following codes, and then you'll see a 269953fb.0 file on your Desktop.
# get the cer full path $cert_path=Resolve-Path "FiddlerRoot.cer"; # create a cert object $cert=New-Object System.Security.Cryptography.X509Certificates.X509Certificate2($cert_path); # create a md5 object $md5 = New-Object -TypeName System.Security.Cryptography.MD5CryptoServiceProvider; # to openssl hash "-subject_hash_old" # get the cert SubjectName md5 hash $md5bin = $md5.ComputeHash($cert.SubjectName.RawData); # convert to this format bytes $hashnum = ([long]$md5bin[0] -bor ([long]$md5bin[1] -shl 8) -bor ([long]$md5bin[2] -shl 16) -bor ([long]$md5bin[3] -shl 24)) -band 0xffffffff; # convert bytes to file name $pem_name = [Convert]::ToString($hashnum, 16).padleft(8,"0")+".0"; # create PEM format content $str=New-Object System.Text.StringBuilder(""); $str.AppendLine("-----BEGIN CERTIFICATE-----"); $str.AppendLine([Convert]::ToBase64String($cert.RawData, [Base64FormattingOptions]::InsertLineBreaks)); $str.AppendLine("-----END CERTIFICATE-----"); # save the file $str.ToString() | Out-File -Encoding ascii -FilePath $pem_name
证书格式转换

将证书放入安卓系统证书文件夹 Place the certificate in the Android system certificate folder

让模拟器内的网络通过 Fiddler 代理 Let the network inside the emulator go through the Fiddler proxy

运行智龙迷城游戏,直到登陆成功。
然后在 Fidder内找到padsv.gungho.jp/api.php?action=get_player_data网络请求。(一般紧跟api.php?action=login
Run the P&D game until log in successfully.
Go back to Fidder to find the network request padsv.gungho.jp/api.php?action=get_player_data.(Generally followed by api.php?action=login)

发现网络请求

在右键菜单内选择 Save-Response-Response Body... 保存响应体。 Right-click and select Save-Response-Response Body....
保存响应体

到我的箱子功能里打开即可。 Open my box function and open it.
打开数据

每次获取新的数据,重复 开启 Fidder > 模拟器内登录游戏 > 保存响应体 的步骤。 Each time you get new data, repeat the steps to Start Fidder > Log in to the game in the simulator > Save Response Body.

如果希望不要每次都重新使用 SNS 登录游戏,可以查看如何多设备登录 If you want to not reuse the SNS login game every time, you can see How to login with multiple devices.

自动保存响应体 Auto Save Response Body

Fidder 可以使用脚本自动保存响应体。 Fidder can use scripts to automatically save Response Body.

在 Fidder 脚本中,快速跳转到OnBeforeResponse In the Fidder Script, quickly jump to the OnBeforeResponse
跳到 OnBeforeResponse

将以下代码插入OnBeforeResponse代码括号内,并保存。 Insert the following code into the parenthesis of the OnBeforeResponse code and save it.
保存代码
记得将第一行的文件路径修搞到你自己的文件夹,因为是转义符,右斜杠需要写两次。 Remember to fix the first line of file paths to your own folder, because it's an escape character, and the right slash needs to be written twice.
// the file saved path var PADDataPath = "D:\\PAD_Data"; if (oSession.uriContains("action=get_player_data")) { oSession.SaveResponseBody(PADDataPath + "\\player-data-" + new Date().getTime() + ".json"); }