A Bloxd.io cheat with features like: kill aura, etc. tags: bloxd, bloxd io, bloxd cheat, bloxd hack, hack bloxd io, cristl, spectra, wisk, bloxd auto clicker
Size
3.7 KB
Version
1.2
Created
Oct 31, 2025
Updated
about 1 month ago
1// ==UserScript==
2// @name CRISTL (reuploaded) [BLOXD IO CHEAT V1.2]
3// @namespace CRISTL
4// @match *://bloxd.io/*
5// @grant GM_xmlhttpRequest
6// @version 1.2
7// @author cristll :3
8// @description A Bloxd.io cheat with features like: kill aura, etc. tags: bloxd, bloxd io, bloxd cheat, bloxd hack, hack bloxd io, cristl, spectra, wisk, bloxd auto clicker
9// @downloadURL https://update.greasyfork.org/scripts/554249/CRISTL%20%28reuploaded%29%20%5BBLOXD%20IO%20CHEAT%20V12%5D.user.js
10// @updateURL https://update.greasyfork.org/scripts/554249/CRISTL%20%28reuploaded%29%20%5BBLOXD%20IO%20CHEAT%20V12%5D.meta.js
11// ==/UserScript==
12
13(function(){
14 'use strict';
15
16 // raw URL to the file in Gitea
17 const remoteUrlBase = 'https://gitea.com/cristl/cristl-bloxd-cheat/raw/branch/main/cristl.js';
18
19 // Add cache-busting param (use commit SHA instead for a permanent solution)
20 const remoteUrl = remoteUrlBase + (remoteUrlBase.includes('?') ? '&' : '?') + '_=' + Date.now();
21
22 function tryInlineInjection(code){
23 try {
24 const si = document.createElement('script');
25 si.type = 'text/javascript';
26 si.textContent = code;
27 (document.head || document.documentElement).appendChild(si);
28 console.log('[CRISTL] Inline injection succeeded.');
29 setTimeout(()=>si.remove(), 1500);
30 } catch (e) {
31 console.error('[CRISTL] Inline injection failed:', e);
32 }
33 }
34
35 function performInjection(text){
36 const looksLikeHtml = /^\s*<!doctype|^\s*<html/i.test(text) || text.includes('<html') || text.length < 20;
37 if (looksLikeHtml) {
38 console.warn('[CRISTL] Remote response looks like HTML (maybe a viewer or error page). Aborting blob injection. Response snippet:', text.slice(0,200));
39 return;
40 }
41
42 try {
43 const s = document.createElement('script');
44 s.type = 'text/javascript';
45 const blob = new Blob([text], { type: 'text/javascript' });
46 s.src = URL.createObjectURL(blob);
47 s.onload = () => {
48 setTimeout(()=> {
49 try { URL.revokeObjectURL(s.src); } catch(e) {}
50 s.remove();
51 }, 30000);
52 console.log('[CRISTL] Script injected via blob URL.');
53 };
54 s.onerror = () => {
55 console.warn('[CRISTL] Blob script failed to load; falling back to inline.');
56 tryInlineInjection(text);
57 s.remove();
58 };
59 (document.head || document.documentElement).appendChild(s);
60 } catch(err){
61 console.warn('[CRISTL] Blob creation/insertion failed, falling back to inline injection.', err);
62 tryInlineInjection(text);
63 }
64 }
65
66 console.log('[CRISTL] fetching remote script from:', remoteUrlBase);
67
68 GM_xmlhttpRequest({
69 method: 'GET',
70 url: remoteUrl,
71 headers: {
72 // try to get freshest copy
73 'Cache-Control': 'no-cache, no-store, must-revalidate',
74 'Pragma': 'no-cache'
75 },
76 onload(response){
77 try {
78 const status = response.status || 0;
79 console.log('[CRISTL] GM_xmlhttpRequest status:', status, 'response length:', (response.responseText||'').length);
80 if (status < 200 || status >= 300) {
81 console.warn('[CRISTL] Unexpected status code; response likely not raw JS. Snippet:', (response.responseText||'').slice(0,300));
82 return;
83 }
84 const text = response.responseText || '';
85 // quick sanity: log first 200 chars (helps detect HTML viewer)
86 console.log('[CRISTL] response snippet:', text.slice(0,200));
87 performInjection(text);
88 } catch (e){
89 console.error('[CRISTL] Error processing response', e);
90 }
91 },
92 onerror(err){
93 console.error('[CRISTL] GM_xmlhttpRequest error', err);
94 },
95 ontimeout(){
96 console.warn('[CRISTL] GM_xmlhttpRequest timeout');
97 },
98 timeout: 15000
99 });
100
101})();