Fee
Member
Registered: 16th Nov 05
Location: With AK
User status: Offline
|
I have done that already....every 15 days!
A lot of my friend's aren't really into cars though....so I don't think they pay any attention to it!
|
mike56gte
Member
Registered: 23rd Jun 09
Location: Fife, scotland Drives: Audi S3
User status: Offline
|
i may put the link up on my facebook and see if i can get some folk t vote for ye 
|
Paul_J
Member
Registered: 6th Jun 02
Location: London
User status: Offline
|
Hmm... surely there's a way we could scam this?
Also Fee / AK maybe try Reddit?
e.g. post something like this:
http://www.reddit.com/r/programming/comments/aobsa/vote_for_barbie_to_be_a_computer_engineer/
(Yes Reddit, mass voted and hence rigged it to make the next barbie a computer engineer haha!)
Essentially /r/AskReddit/ to vote for you explaining your story, who you are and asking people to help vote for you.
[Edited on 11-11-2010 by Paul_J]
|
gavin18787
Premium Member
Registered: 22nd Feb 05
Location: Basildon, Essex
User status: Offline
|
quote:
Originally posted by Paul_J
Hmm... surely there's a way we could scam this?
Also Fee / AK maybe try Reddit?
e.g. post something like this:
http://www.reddit.com/r/programming/comments/aobsa/vote_for_barbie_to_be_a_computer_engineer/
(Yes Reddit, mass voted and hence rigged it to make the next barbie a computer engineer haha!)
Essentially /r/AskReddit/ to vote for you explaining your story, who you are and asking people to help vote for you.
[Edited on 11-11-2010 by Paul_J]
Could back fire though if they dont know who you are and start voting for someone else though 
Drives supercharged Tec with torque  
|
Paul_J
Member
Registered: 6th Jun 02
Location: London
User status: Offline
|
This is true gav.
If you really really wanted to win, you may be able to open up the flash .swf file for the poll using a .swf decompiler and then look in there to see if it updates a database. Then just attempt manually updating the database.
Or try one of those proxy sites which hide your IP / spoof your IP to allow you to keep voting.
|
Fee
Member
Registered: 16th Nov 05
Location: With AK
User status: Offline
|
I don't want to cheat....I just don't want anyone else to win!
Never heard of Reddit before 
|
Paul_J
Member
Registered: 6th Jun 02
Location: London
User status: Offline
|
You don't want to cheat? ... posting on a forum begging people to keep voting each month is as good as cheating.
I just got the database to spew out some SQL, so probably not too hard to hack.
request "Could not execute SQL query" SELECT * FROM webpoll_votes WHERE QUESTION_ID='' AND DATE_SUB(CURDATE(),INTERVAL DAY) <= DATE_FORMAT(DT, '%Y-%m-%d') AND IP='XXX.XXX.XXX.XXX'
|
Fee
Member
Registered: 16th Nov 05
Location: With AK
User status: Offline
|
Why is this cheating? I'm sure the other finalists haven't just asked their mum and dads to vote
Just using my resources!
|
FAZ
Premium Member
Registered: 24th Nov 07
Location: Coventry
User status: Offline
|
wtf paul
|
taylorboosh
Member
Registered: 3rd Apr 07
User status: Offline
|
voted for you, will from phone and home too
|
Fee
Member
Registered: 16th Nov 05
Location: With AK
User status: Offline
|
|
Dom
Member
Registered: 13th Sep 03
User status: Offline
|
quote:
Originally posted by Paul_J
If you really really wanted to win, you may be able to open up the flash .swf file for the poll using a .swf decompiler and then look in there to see if it updates a database. Then just attempt manually updating the database.
Hacking it might be possible but i think it's a slim chance.
It uses actionscript's SharedObject (similar to a cookie) to store the pollid (in this case 4) and then uses the time of that stored object to determine whether someone can vote or not. If the SharedObject is stored locally then this is stored under AppData/Roaming/Macromedia/#SharedObject of the logged in user, but in this case no SharedObject file (*.so or *.sol) is being stored, so i'm assuming it's being stored remotely.
Plus i'm sure the AllowVote value is stored in the DB (MySQL) as there is a tag in the XML file (can easily be found).
As for the actual sending of the vote, it's done via a php backend. I've yet to test it but i'm also not 100% sure that i've worked out all of the variables to send as my Actionscript is rusty.
Eitherway, Fee said she isn't interested in cheating so i'm leaving it there. Although i will say that Erick's votes do look a little odd as they only seem to change when Fee gets a vote
|
Dom
Member
Registered: 13th Sep 03
User status: Offline
|
quote:
Originally posted by Paul_J
You don't want to cheat? ... posting on a forum begging people to keep voting each month is as good as cheating.
I just got the database to spew out some SQL, so probably not too hard to hack.
request "Could not execute SQL query" SELECT * FROM webpoll_votes WHERE QUESTION_ID='' AND DATE_SUB(CURDATE(),INTERVAL DAY) <= DATE_FORMAT(DT, '%Y-%m-%d') AND IP='XXX.XXX.XXX.XXX'
XML file can be found here - http://www.totalcarmagazines.co.uk/scripts/poll.php?ac=xml&id=4×tamp=1289506504000
|
Fee
Member
Registered: 16th Nov 05
Location: With AK
User status: Offline
|
quote:
Originally posted by Dom
Although i will say that Erick's votes do look a little odd as they only seem to change when Fee gets a vote
uhuh
I've got a screen up which shows the number of votes rather than the percentages....it's just me and him that are changing
it's been like that for weeks now...people vote for me...he goes up
|
Fee
Member
Registered: 16th Nov 05
Location: With AK
User status: Offline
|
it's the XML thingy that I've got up
I don't know much about computers!
|
Jake
Member
Registered: 24th Jan 05
User status: Offline
|
dom just pwnd paul right in front of everyone
|
AK
Member
Registered: 5th Jul 00
Location: Aberdeen City
User status: Offline
|
146 votes now!!! Go Go Go
|
Paul_J
Member
Registered: 6th Jun 02
Location: London
User status: Offline
|
quote:
Originally posted by jake
dom just pwnd paul right in front of everyone
Did you understand anything he just said? hardly 'pwnd'.
Fee said she didn't want to cheat, so I stopped looking into what could be done.
|
Havoc
Banned
Registered: 9th Aug 10
User status: Offline
|
quote:
Originally posted by Fee
you can vote every 15 days...if that's what you mean
why did you vote for him? I'm going to get Ian to ban you
i never got pics of your tits 
|
AK
Member
Registered: 5th Jul 00
Location: Aberdeen City
User status: Offline
|
i'll send you a pic
|
AK
Member
Registered: 5th Jul 00
Location: Aberdeen City
User status: Offline
|
141 votes in it now!
|
Dom
Member
Registered: 13th Sep 03
User status: Offline
|
quote:
Originally posted by Paul_J
quote:
Originally posted by jake
dom just pwnd paul right in front of everyone
Did you understand anything he just said? hardly 'pwnd'.
Fee said she didn't want to cheat, so I stopped looking into what could be done.
Was going to say the same, it's nothing that isn't in the source code
Eitherway i don't think it's possible to hack as your vote get's registered on the backend, which is probably why the 'SELECT' sql string does a search on your IP address.
Only thing Fee and AK can do is spam the hell out of forums and social networking sites to try and get people to vote.
|
Havoc
Banned
Registered: 9th Aug 10
User status: Offline
|
quote:
Originally posted by AK
i'll send you a pic
waiting for it lol
|
Ian
Site Administrator
Registered: 28th Aug 99
Location: Liverpool
User status: Online
|
At a guess, the IP is an environment variable on the server side. They appear to be fairly worried about logging it so the best you can hope for is renewing a DHCP lease and perhaps spoof the user agent if they're logging that.
Or if you're any sort of decent geek, you'll have a few boxes on a few networks anyway so you can log a few votes each that way.
|
Andy Stocker
Member
Registered: 31st Aug 00
Location: Herts Drives: Porsche 911
User status: Offline
|
Done again
|
