Guess who left the geek house yesterday...HABIB. Go #teamPeter
felly - 11 years ago
peter, peter it is
Gbenga Olaoye - 11 years ago
seriously...am speechless & humbled by all the love you guys have displayed towards me, am really close to tears right now........i just can't thank you 'll enough....for all the sacrifices you had to make , your precious time...Thank you once again.....i owe u all plenty :-)
i must stress that i love and admire Peter and Habib for real... the truth is the top 10 geeks will always stick together to make the world a better place,
ONE TEAM ONE MISSION
Thanks to Etisalat for this big opportunity...0809ja
God Bless You All
@gbenga@peter@Habib@Etisalat - 11 years ago
SCAM SCAM SCAM SCAM (Waiting to throw my Etisalat Sim away if the vote above counts)
Well, the poll was run by PollDaddy, a popular online poll service. The widget on the blog is a bit confusing because it's coded a bit funny to make up for the fact that it's not running off it's "home" website. Because of this fact, it's compressed and weird. So, instead of delving into the code on the blog, I figured there has to be an original version on "homepage" of the code back at the PollDaddy page. I used Firebug, a Firefox extension to look through the source revealed a NOSCRIPT tag used to provide a link for users without Javascript enabled.
Finding the URL of Polldaddy
Voila! We can now go straight to the PollDaddy poll here! OK, so we see a big form with all the entries. To vote, you click on the radio button and then click the big green vote button. Time to crack this baby open and see how she runs. Back to Firebug to inspect the radio button next to my name. The radio button appears to have a "name" of PDI_answer, an "id" of PDI_answer10761055 and a "value" of 10761055. So, based on this information, I am going to make the assumption that 10761055 is my unique identifier. This means that when you submit the form with me selected, it takes the value 10761055 and sends it to the code that processes the vote. Sure enough, all the other entries had values increasing incrementally. (Meaning that the next entry down [Gbenga] had a value of 33167422, Peter had a value of 33167423 and Habib had a value of 33167424 and so on.)
Grabbing Polldaddy Ids
Cool, now it's time to try and see if we can figure out what other data is passed to the code processor to create a "vote". The next step I did was look for the FORM tag to see if I could find secret variables sent to the code processor passed as hidden INPUT's. Instead of looking through the code, I used the powerful Firefox extension Web Developer Toolbar and ran the "Display Form Details" tool. This displayed all the details of every FORM on the page. The first FORM was the little Search form on the top right.
@gbenga@peter@Habib@etisalat - 11 years ago
The second FORM was the important voting form. Darn! It only shows the 5 radio buttons... even the action is blank. [The FORM action is the location of the code of the code processor... where the information is sent after you click "vote"]. And our report from Web Developer Toolbar has just given us what we already know...
Polldaddy Form Analysis
OK, not all is lost yet, we can still get a clue by looking at the "Vote" button which submits the form. Aha! The vote "button" isn't even a button at all! It's an image that calls a Javascript function when it's clicked. The function it calls is called "vote" and it passes 5 variables to the vote function. The data it's passing here appears to be 5 numbers. 2189218, 0, 1, 0 and 10.
Now, looking at the URL of the poll page, I can tell that the first number is the ID for the poll itself. This is sent so that when the vote is tallied, it'll know which poll to tally it to. OK, now we have to look for the javascript function called "vote". Hopefully, it will help clue us into what the other 4 numbers being passed are all about. Viewing the page source shows that the Javascript function isn't right on the page; it has to be in one of the included Javascript files. Again, the developer toolbar can help us out by going to "Information", then "View Javascrip"t. This features grabs the source of all the included Javascript files. Toolbar shows us that, not only are they non-obfuscated, the function we need to analyze is right in the first included Javascript file, "common.js"!
With the actual function, we can see the variable names being passed. They are id, poll_other, rand, poll_type and u. ID links with the poll and I assume rand is just a random number to prevent spamming. The other ones probably just identify the type of poll (e.g. non-multiple choice, etc.) Looking at the code of the function, we can see how the form is processed and the data is sent to the code processor.
function vote(id, poll_other, rand, poll_type, u)
{
var answerString = '';
var otherText = '';
for (i = 0; i 0 || otherText.length > 0)
{
location.href = '/vote/?va=' + u + '&pt=' + poll_type + '&r=' + rand + '&p=' + id + '&a=' + answerString + '&o=' + otherText;
}
else
{
alert('Please choose an answer first!');
}
}
The loop between the function whose brackets I highlighted in red go through the form and grab the value of the person you checked (in this case, my unique identifer of 33167424). The function whose brackets in green aren't used in this poll. And lastly, but most importantly, the part in the blue brackets is what sets the page to redirect to the code processor while sending along 6 variables.
va = "u", the 5th parameter in the vote function = 10
pt = "poll_type", the 4th parameter in the vote function = 0
r = "rand", the 3rd paramenter in the vote function = 1
p = id, the 1st parameter in the vote function = 2189218 [the poll's ID number]
a = answerString, the unique identifer of my entry in the poll = 33167424
o = otherText = [blank]
So using this data, we can create the way to make out votes. Every time the following URL is accessed, a vote is placed for me in the poll.
We're almost there... so close! Now, PollDaddy put some roadblocks in place to prevent the user from simply refreshing the page and revoting. The main way it does this is by setting a cookie on the user. A cookie is a piece of data stored by a website on your computer. In this case, the cookie says "I already voted in this poll". When you come back and try and vote on the poll again, the website reads your cookie, sees you've already voted and won't let you vote again. Now, there's 2 easy ways to counteract this. The first comes back to the good old Web Developer Toolbar. By going to "Cookies", then "Disable All Cookies". The website will not be able to store its "you already voted" cookie and therefore when you refresh the poll and come back, you can vote again! However, this vote, refresh, vote process is too slow and too boring for me. To truly dominate the poll, I need to create a program that could keep submitting the data for me automatically!
This can be achieved using PHP and the built-in cURL library. The cURL library is a very powerful library of codes that help the server running your PHP script communicate with another server (in our case, the PollDaddy server). So, all the code needs to do is just keep sending this data to server over and over again. The code I used to accomplish this is below.
This code begins by calling "set_time_limit(0)". This tells the PHP script to ignore the built-in time limit and to run forever. The next part begins a while loop which is deliberately written to loop forever. The next 3 lines set some of the data to be sent including the random number, the poll id and the id of my entry. The next line is used in a attempt to foll PollDaddy into thinking that it's a browser sending this data and not the truth, which is a server PHP script. Then the code sets up a connection to PollDaddy, sends out the data to be tallied and takes a quick 6 second "sleep" break before looping and sending the data again.
Poll Daddy Results
Now, PollDaddy has a system in place to prevent this type of "poll spamming". It tracks all incoming votes based on the unique IP address. And if alot of votes are coming from one IP address all at once, a temporary ban is placed on that IP address and all the questionable votes are deleted. This is why the script is told to sleep for 6 seconds because if you have run in a constantly loop, it will run multiple times every second and in about a minute, you could easily have over a 1,000 votes. This will get you banned very quickly as I soon discovered. When I ran this on the server, the whole office was blocked from voting on the poll since all the computers share an IP address. Through trial and error, I found that a 6 second sleep was perfect for getting a maximum amount of votes without being banned. Through the help of Wesley and other friends who had access to servers, we were able to spread the script around and run them all simultaneously. This is what allowed almost every body to rack up 1,000s of votes in less than an hour.
So, there you have it! With a little bit of ingenuity, a lot of technical skill and some luck, it can be quite easy and fun to do some low-grade "hacking". In my case, it can even be profitable!!
Will Etisalat accept this fake votes, TIME will tell.
@gbenga@peter@Habib AND @Etisalat - 11 years ago
SCAM SCAM SCAM SCAM (Waiting to throw my Etisalat Sim away if the vote above counts)
Well, the poll was run by PollDaddy, a popular online poll service. The widget on the blog is a bit confusing because it's coded a bit funny to make up for the fact that it's not running off it's "home" website. Because of this fact, it's compressed and weird. So, instead of delving into the code on the blog, I figured there has to be an original version on "homepage" of the code back at the PollDaddy page. I used Firebug, a Firefox extension to look through the source revealed a NOSCRIPT tag used to provide a link for users without Javascript enabled.
Finding the URL of Polldaddy
Voila! We can now go straight to the PollDaddy poll here! OK, so we see a big form with all the entries. To vote, you click on the radio button and then click the big green vote button. Time to crack this baby open and see how she runs. Back to Firebug to inspect the radio button next to my name. The radio button appears to have a "name" of PDI_answer, an "id" of PDI_answer10761055 and a "value" of 10761055. So, based on this information, I am going to make the assumption that 10761055 is my unique identifier. This means that when you submit the form with me selected, it takes the value 10761055 and sends it to the code that processes the vote. Sure enough, all the other entries had values increasing incrementally. (Meaning that the next entry down [Gbenga] had a value of 33167422, Peter had a value of 33167423 and Habib had a value of 33167424 and so on.)
Grabbing Polldaddy Ids
Cool, now it's time to try and see if we can figure out what other data is passed to the code processor to create a "vote". The next step I did was look for the FORM tag to see if I could find secret variables sent to the code processor passed as hidden INPUT's. Instead of looking through the code, I used the powerful Firefox extension Web Developer Toolbar and ran the "Display Form Details" tool. This displayed all the details of every FORM on the page. The first FORM was the little Search form on the top right. The second FORM was the important voting form. Darn! It only shows the 5 radio buttons... even the action is blank. [The FORM action is the location of the code of the code processor... where the information is sent after you click "vote"]. And our report from Web Developer Toolbar has just given us what we already know...
Polldaddy Form Analysis
OK, not all is lost yet, we can still get a clue by looking at the "Vote" button which submits the form. Aha! The vote "button" isn't even a button at all! It's an image that calls a Javascript function when it's clicked. The function it calls is called "vote" and it passes 5 variables to the vote function. The data it's passing here appears to be 5 numbers. 2189218, 0, 1, 0 and 10.
Now, looking at the URL of the poll page, I can tell that the first number is the ID for the poll itself. This is sent so that when the vote is tallied, it'll know which poll to tally it to. OK, now we have to look for the javascript function called "vote". Hopefully, it will help clue us into what the other 4 numbers being passed are all about. Viewing the page source shows that the Javascript function isn't right on the page; it has to be in one of the included Javascript files. Again, the developer toolbar can help us out by going to "Information", then "View Javascrip"t. This features grabs the source of all the included Javascript files. Toolbar shows us that, not only are they non-obfuscated, the function we need to analyze is right in the first included Javascript file, "common.js"!
With the actual function, we can see the variable names being passed. They are id, poll_other, rand, poll_type and u. ID links with the poll and I assume rand is just a random number to prevent spamming. The other ones probably just identify the type of poll (e.g. non-multiple choice, etc.) Looking at the code of the function, we can see how the for
lydia - 11 years ago
Voting is over and we have our winner... GBENGA all the way
Lily - 11 years ago
Thank God, its Lifted "Gbenga" all d way. Dancing mukulumuke
tolubori - 11 years ago
Heavy weight shampion... GBENGA on POINT
Naijaman - 11 years ago
above P and H.. iam LIFTED UP ABOVE.... as in lifted liftd
in this trio contest.... The man is GBENGA...
in the words of WIZKID"Efiile fun , Ohun loni" .... Dbanj will say "File" dont toush it>>>heheheh
the Akpako master will shout it loud... FREE ME NOWWWW>>>
Endo of Discussion as an automobile pus it....
It goes to GBENGA....
Olumide - 11 years ago
Go GBENGA GO GBNEGA GO GBENGA---------------------------and all we are saying .... GBENGA has WOOOOOOOOOONNNNNNNNNN... yeah!
Oyebisi - 11 years ago
With the time remaining, it is advisable for all teams to rally round and PORT to ETISALAT TEAM GBENGA...
THE IDEAL GEEK AMBASSADOR GBENGA-----abi wetin you talk say i talk???? TEAM GBENGA
oyinda - 11 years ago
Gbenga you're indeed lifted. oruko omo lon ro omo. you deserve this dear
suzzie - 11 years ago
#teamPeter.we have the backing of the angels
asiwaju - 11 years ago
Its Gbengas show now....
Brightrn up guys&
Stand up for the champion.... And all say::::: GBENGA
when it comes to being a geek only one name i know and thats'... PETER... oya na lets go there
emenalo - 11 years ago
Buteh yyyyyy
.......... Baaa controversy...... GBENGA noni
shalom Ajiyana - 11 years ago
Yes we are gettin there at team peter
Jack Achi - 11 years ago
Peter, Peter and Peter
Ashiyya jonah - 11 years ago
peter peter peter ol d way
shalom - 11 years ago
Peter is the geek........... Even the host of heaven bear witness to that...... Go team Peter
marshall - 11 years ago
Our GBENGA.
Yes our GBENGA
alade - 11 years ago
LIFTED GBENGA the man to beat
Val - 11 years ago
Lifted aka Gbenga... U r da main man... U r d GEEK. Let's keep voting
Troll - 11 years ago
Hello! I am a troll. My mission is to be mean. So here goes: Hope those radio ads were free..............MMMMMMuhahahahahahahahahaha! Ok! Ok! Just kidding........I know they were. But seriously, i smell discrimination in the air. How is it that the skinniest geeks are up for eviction this week? Gives a new meaning to 'thinning out the herd'.......Hahahahahahahahahahahahahahaha!
Jennifer - 11 years ago
@ Aieshat, we see with d eyes of d spirit, its not obvious to you that Habib is the man?
Rexspect - 11 years ago
Peter got my respect! He is the guy.
jonah Gimba - 11 years ago
Na only peter
diana oboite - 11 years ago
peter.......is da Geek.vote for peter
yella Raiya - 11 years ago
Peter,Ɠ♡D Ȋ̝̊̅§ surely by your side he will take you to your final step,be strong and put in your best,success.
Daniel Yarama Ndirpaya - 11 years ago
Gentlemen Peter Or Nothing ,, ure dia Bruv ,, d Geek of all tym
ifedayo - 11 years ago
Gbenga @ d top...........guys kip voting for Gbenga.....am very sure he's gonna make us proud........let's do ds togeda...............Gbenga is da real GEEK..........
AIESHAT - 11 years ago
Nigerian mentality habib is d least on d vote oOoOo they still calling him d geek"they have eyes but they are too blind to see d vote rate.peter stay focus u will win by God Grace
Leah - 11 years ago
Peter u r d man,d true Geek.....Make us proud dear
Leah - 11 years ago
Peter u r d man,d true Geek.....Make us proud dear
AIESHAT - 11 years ago
Peter I hail u kip d going Almighty Allah will lead u through nd dnt gt discouraged by d praising of habib habib u are a hero peter u different to cut the long SToRy sHoRt PETER U ARE THE GEEK
melody - 11 years ago
Tnx guys 4 supporting my bro uve really shown U̶̲̥̅̊ r friends in deed @leah n Aisha let's go team peter
Leah - 11 years ago
Go baby,we r proud of u......Missin u bck @ home,God s ur straight dear.
Anonymous - 11 years ago
I know a lot support Habib, but he is the least in this online poll. How are you sure he is winning overall?
habiba - 11 years ago
bro habib,may God perfect your life for his glory¬ d world because you have overcome d world.I luv you but God love you best&has d best wish 4 you
oluwatosin - 11 years ago
I vote habib.............#Chikena
opakunle - 11 years ago
Gbenga is the man, he is the geek he remains the geek for ever..
TJBolabak - 11 years ago
Habib Lawal is the man oooooo.
@cinderrella_lab - 11 years ago
Habib all the way
oby - 11 years ago
Gbenga fits in properly..
Gbenga has my vote..
Kunle Adetunji - 11 years ago
Gbenga twa ga gan,we are for you o
lawal moshood olamide - 11 years ago
never seen campaign like this before , but by the grace of God, we shall make it. lets make it happen. TEAMHABIBSALAT on point. LEEEEEGGGOOOO!!!!!>
Habib Lawal - 11 years ago
@tejubabyface. Oga I hail o!!!! Thank you for the vote of confidence! I won't let you down.
pindo - 11 years ago
@ Olayimika; It will be clear to all very soon.It is just a matter of time.
Olayimika - 11 years ago
Gbenga, you really deserve our vote. Ride on cos you are gonna make it to the final. God is behind you= Majority!
Gbenga Olaoye - 11 years ago
Thanks guys for taking me to the top.......i wish i can mention all your names ...but you know i love you all......iREP you all......
Jonah Gimba - 11 years ago
peter is da 1
Habib Lawal - 11 years ago
Hello guys! I just want to say I feel privileged to have the support of all of you on this mission. Thank you so much for believing in me. I love you guys! Go TeamHabib!
Yvonne Team Habib - 11 years ago
We gats yarn ds one 4 pidgin because ds man done go beyond borders! Habib all d way! If u no dey vote ds guy, mehn na loss ur money dey loss o
LESLIE - 11 years ago
D LAST SHALL B D FIRST, NA ME DEY YAN!!!
shalom - 11 years ago
Yes peter.
Gbenga's Twin - 11 years ago
While i may not have any fancy, exaggerated epithets to bestow (RME @ some folks in the comment section), I'm just going to be honest and say that GBENGA deserves to remain in the contest IMHO, on the bases of consistency and sheer talent. We are solidly behind you, our very own NFC guru. Shout out to Elect./Telecomms PG class 2012......I see you, Dave n co..........Zainipe has left the building......
tejubabyface - 11 years ago
i vote for habib. he inspires the next generation youth. so vote for him
Chinwe - 11 years ago
You are Right Demola, GBENga is the Man
demola - 11 years ago
Gbenga.. YES. GBENGA
Sunny@TEAM HABIB.com - 11 years ago
Habib is one in a mllion! You need to read his acknowledgememt n see a man that value people. This is one of the characteristic of a man full of Wisdom(Geek). And if you don't have it, you can't give it. But if you're looking for one; Habib is the right one! No mistake. One LOVE!!!
Tola 4 Habib - 11 years ago
Habib all d way. A champion is who u re
bamidele infinity - 11 years ago
vote gbeeeeeenguze,he's d real deal.He neva stops wowing me since school days.......Gbenga d real deal.
charity - 11 years ago
habib you re going to fly so high, 1o times ahead of your equals
charity - 11 years ago
habib be straightened its in your DNA, success oriented, born to win! habib my geek
david - 11 years ago
Habib th animatum u re the best man!!
LESLIE - 11 years ago
WE DON'T NEED NO WINGS TO FLY, .....JUST TAKE UR LAPTOP- http://polldaddy.com/poll/7307197 OR UR PHONE - Text 402 to 33637, HE DESERVES IT!! YES NA, NA HABIB LAWAL I DEY TALK ABOUT NA>>>> REALLLLY??? BEFORE!!!
vivian ume - 11 years ago
Habib is the right man to stay
LESLIE - 11 years ago
HABIB AS LONG AS WE'RE OUT HERE 4 U, U WILL NEVER STARVE 4 VOTES, COS U'RE OUR PLATINUM, OUR SILVER, & OUR GOLD!!!
SARAH - 11 years ago
Habibsalat tins. winning is our lifestyle
SARAH - 11 years ago
habib is a champion, he was born this way. Go habiiiiiiiiiiiib, you are the geek for life
chioma moh - 11 years ago
LAWAL HABIB is a champion!!! He was born this way....he has to fly so high cos it his DNA!
kingsley - 11 years ago
Who is this guy, he's on cool FM, his pic is going viral on facebook, everybody talking about him, common you must be a real geek sha, well you ve got my vote. GEKK FOR LIFE man.
you are the man
Yvonne Team Habib! - 11 years ago
If u r not with Team Habib...u r lost! Habib all d way people! Lets make this happen!!!
LESLIE - 11 years ago
CORRECT GUY!! LEGIT GUY!! EVER BLAZING GURU!! GALLANT NIGGER!! PKOKISH IDEALIST!! MAKE DEM GBAINGBE 4 U!! ASK ME WHO B D GUY? NA HABIB Ooo, D MAN WAY SABI THINGS>>>>> I DEY TELL U PEOPLE
Chioma Moh - 11 years ago
HABIB LAWAL HABIB....The Geekiest ever
Geekforce - 11 years ago
Hello Hlawal,
WOW!!! You are too much.
We are solidly behind you.
The geek force
Akpako Master - 11 years ago
I CAN SEE THE "GEEK FORCE" IN HABIB. YOU ARE THE VERY BEST AND OUR NUMBER ONE.
ALL OF US IN "TERRY GEES' HOUSE OF GINGER LOVE AND SUPPORT YOU.
INFACT NO SHAKING MAN, FROM NOW ON YOU DON BECOME OUR MAN
Chioma Moh - 11 years ago
Porting to HABIB LAWAL is the best thing that can happen to you this season!
LEE - 11 years ago
HHHHHAAAAABBBBBIIIIIIIIBBBBBBBB!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! ON POINT. SUCCESS ALL THE WAY GUY. GOD IS SOLIDLY AND WE ARE SOLIDLY BEHIND YOU. all the joyful mothers are behind you. Bite bell people na u get ur mouth.
d-yaw - 11 years ago
peter nd gbengz- elemeyoyoyo...habib yoyoyo-yo...
Team Habib for Geek - 11 years ago
This HABIB Geek fever don dey geek Nigerians o... Imagine my 4 months old child just said "GEEK HABIB"... This truly a sign o... I believe this guy is God ordained Geek and highly favoured... All the best habib
jewel - 11 years ago
WOW WOW WOW........HIP HIP HIP HURRAY.
AM BEGINNING TO LOVE THIS HABIB GUY OOOOO.
I JUST HEARD YOUR NAME ON COOL FM.
GUY FROM NOW ONWARD YOU GOT MY FULL AND ATTENTION.
JESUS AND ALL ANGELS GOT UR FRONT AND BACK
ITS NOT BY POWER NOR BY MIGHT BUT BY THE SPIRIT OF GOD
GO AND SUCCEED FRIEND
PEKAS UNION - 11 years ago
HABIB of d most high, U na bado, I pray mai no vote 4 u oo, na today, e don taay wa yansh get parting & e don taay we friendship. ICE 4 D MATTER.
Ngy Chukwu - 11 years ago
Habib Lawal, u surely are a geek.. I just loaded my Etisalat line now. I must vote for you. Congratulation in advance. with all i've seen, (ur presentation), and heard (from cool FM) you surely are the geek etilate needs. Kudos!
Listen to another round of Announcement on Cool FM 96.9...Vote Habib as the ETISALAT GEEK http://polldaddy.com/poll/7307197...or Send 402 to 33637 with and Etisalat Line.
Koko - 11 years ago
Listen to another round of Announcement on Cool FM 96.9...Vote Habib as the ETISALAT GEEK http://polldaddy.com/poll/7307197...or Send 402 to 33637 with and Etisalat Line.
hey habib, I don't you but you seem to be every where on this matter, well, I've got no choice than to give you my vote. YOU are the real geek. VOTE HABIB for "geek"
Habibsalat!!! - 11 years ago
we got ur back nd @peter nd gbengzy we got d exit door for u. hehehhehehe habibibibiibibibibiibibibiibibibiibibibibibiibibibiibibibibiibibibi...............everybody i don port to habib-salat.krikatakrikata!
We are at you back Habib Lawal... You are the true geek !!!! Success
ebrechi - 11 years ago
This Habib guy is really the geek. Love from everywhere. Tanx cool FM. wink@GeekHabib
Habibibibibibibiibibibiibiibibibibibibibibibibi... - 11 years ago
Team Habibibibibibi send 402 to 33637 now!
Koko - 11 years ago
Where is Linda Ikeji on this matter...She should be putting this up on her blog right now...is she a learner? By the way keep the votes up for Habib!!!! A geek with the Geeky attitude...he will Geek you all...YOU ARE GEEKED by HABIB lolz!
Baba Solo - 11 years ago
Habib is the man.... I heard your name on cool fm now.. I dey your back men l.. nothing dey happen !!
Educanada - 11 years ago
Jesus eee... I never see campaign like this before o... Dem no campaign for Mr president like this sef... This HABIB guy na real geek o.. You have my vote jorrr.. I dey follow successful people jare.... see facebook, twitter, radio station, television sef(no be me talk am o)... But this guy na geek true true...
Guess who left the geek house yesterday...HABIB. Go #teamPeter
peter, peter it is
seriously...am speechless & humbled by all the love you guys have displayed towards me, am really close to tears right now........i just can't thank you 'll enough....for all the sacrifices you had to make , your precious time...Thank you once again.....i owe u all plenty :-)
i must stress that i love and admire Peter and Habib for real... the truth is the top 10 geeks will always stick together to make the world a better place,
ONE TEAM ONE MISSION
Thanks to Etisalat for this big opportunity...0809ja
God Bless You All
SCAM SCAM SCAM SCAM (Waiting to throw my Etisalat Sim away if the vote above counts)
Well, the poll was run by PollDaddy, a popular online poll service. The widget on the blog is a bit confusing because it's coded a bit funny to make up for the fact that it's not running off it's "home" website. Because of this fact, it's compressed and weird. So, instead of delving into the code on the blog, I figured there has to be an original version on "homepage" of the code back at the PollDaddy page. I used Firebug, a Firefox extension to look through the source revealed a NOSCRIPT tag used to provide a link for users without Javascript enabled.
Finding the URL of Polldaddy
Voila! We can now go straight to the PollDaddy poll here! OK, so we see a big form with all the entries. To vote, you click on the radio button and then click the big green vote button. Time to crack this baby open and see how she runs. Back to Firebug to inspect the radio button next to my name. The radio button appears to have a "name" of PDI_answer, an "id" of PDI_answer10761055 and a "value" of 10761055. So, based on this information, I am going to make the assumption that 10761055 is my unique identifier. This means that when you submit the form with me selected, it takes the value 10761055 and sends it to the code that processes the vote. Sure enough, all the other entries had values increasing incrementally. (Meaning that the next entry down [Gbenga] had a value of 33167422, Peter had a value of 33167423 and Habib had a value of 33167424 and so on.)
Grabbing Polldaddy Ids
Cool, now it's time to try and see if we can figure out what other data is passed to the code processor to create a "vote". The next step I did was look for the FORM tag to see if I could find secret variables sent to the code processor passed as hidden INPUT's. Instead of looking through the code, I used the powerful Firefox extension Web Developer Toolbar and ran the "Display Form Details" tool. This displayed all the details of every FORM on the page. The first FORM was the little Search form on the top right.
The second FORM was the important voting form. Darn! It only shows the 5 radio buttons... even the action is blank. [The FORM action is the location of the code of the code processor... where the information is sent after you click "vote"]. And our report from Web Developer Toolbar has just given us what we already know...
Polldaddy Form Analysis
OK, not all is lost yet, we can still get a clue by looking at the "Vote" button which submits the form. Aha! The vote "button" isn't even a button at all! It's an image that calls a Javascript function when it's clicked. The function it calls is called "vote" and it passes 5 variables to the vote function. The data it's passing here appears to be 5 numbers. 2189218, 0, 1, 0 and 10.
Now, looking at the URL of the poll page, I can tell that the first number is the ID for the poll itself. This is sent so that when the vote is tallied, it'll know which poll to tally it to. OK, now we have to look for the javascript function called "vote". Hopefully, it will help clue us into what the other 4 numbers being passed are all about. Viewing the page source shows that the Javascript function isn't right on the page; it has to be in one of the included Javascript files. Again, the developer toolbar can help us out by going to "Information", then "View Javascrip"t. This features grabs the source of all the included Javascript files. Toolbar shows us that, not only are they non-obfuscated, the function we need to analyze is right in the first included Javascript file, "common.js"!
With the actual function, we can see the variable names being passed. They are id, poll_other, rand, poll_type and u. ID links with the poll and I assume rand is just a random number to prevent spamming. The other ones probably just identify the type of poll (e.g. non-multiple choice, etc.) Looking at the code of the function, we can see how the form is processed and the data is sent to the code processor.
function vote(id, poll_other, rand, poll_type, u)
{
var answerString = '';
var otherText = '';
for (i = 0; i 0 || otherText.length > 0)
{
location.href = '/vote/?va=' + u + '&pt=' + poll_type + '&r=' + rand + '&p=' + id + '&a=' + answerString + '&o=' + otherText;
}
else
{
alert('Please choose an answer first!');
}
}
The loop between the function whose brackets I highlighted in red go through the form and grab the value of the person you checked (in this case, my unique identifer of 33167424). The function whose brackets in green aren't used in this poll. And lastly, but most importantly, the part in the blue brackets is what sets the page to redirect to the code processor while sending along 6 variables.
va = "u", the 5th parameter in the vote function = 10
pt = "poll_type", the 4th parameter in the vote function = 0
r = "rand", the 3rd paramenter in the vote function = 1
p = id, the 1st parameter in the vote function = 2189218 [the poll's ID number]
a = answerString, the unique identifer of my entry in the poll = 33167424
o = otherText = [blank]
So using this data, we can create the way to make out votes. Every time the following URL is accessed, a vote is placed for me in the poll.
http://answers.polldaddy.com/vote/?va=10&pt=0&r=1&p=2189218&a=33167424&o=
We're almost there... so close! Now, PollDaddy put some roadblocks in place to prevent the user from simply refreshing the page and revoting. The main way it does this is by setting a cookie on the user. A cookie is a piece of data stored by a website on your computer. In this case, the cookie says "I already voted in this poll". When you come back and try and vote on the poll again, the website reads your cookie, sees you've already voted and won't let you vote again. Now, there's 2 easy ways to counteract this. The first comes back to the good old Web Developer Toolbar. By going to "Cookies", then "Disable All Cookies". The website will not be able to store its "you already voted" cookie and therefore when you refresh the poll and come back, you can vote again! However, this vote, refresh, vote process is too slow and too boring for me. To truly dominate the poll, I need to create a program that could keep submitting the data for me automatically!
This can be achieved using PHP and the built-in cURL library. The cURL library is a very powerful library of codes that help the server running your PHP script communicate with another server (in our case, the PollDaddy server). So, all the code needs to do is just keep sending this data to server over and over again. The code I used to accomplish this is below.
This code begins by calling "set_time_limit(0)". This tells the PHP script to ignore the built-in time limit and to run forever. The next part begins a while loop which is deliberately written to loop forever. The next 3 lines set some of the data to be sent including the random number, the poll id and the id of my entry. The next line is used in a attempt to foll PollDaddy into thinking that it's a browser sending this data and not the truth, which is a server PHP script. Then the code sets up a connection to PollDaddy, sends out the data to be tallied and takes a quick 6 second "sleep" break before looping and sending the data again.
Poll Daddy Results
Now, PollDaddy has a system in place to prevent this type of "poll spamming". It tracks all incoming votes based on the unique IP address. And if alot of votes are coming from one IP address all at once, a temporary ban is placed on that IP address and all the questionable votes are deleted. This is why the script is told to sleep for 6 seconds because if you have run in a constantly loop, it will run multiple times every second and in about a minute, you could easily have over a 1,000 votes. This will get you banned very quickly as I soon discovered. When I ran this on the server, the whole office was blocked from voting on the poll since all the computers share an IP address. Through trial and error, I found that a 6 second sleep was perfect for getting a maximum amount of votes without being banned. Through the help of Wesley and other friends who had access to servers, we were able to spread the script around and run them all simultaneously. This is what allowed almost every body to rack up 1,000s of votes in less than an hour.
So, there you have it! With a little bit of ingenuity, a lot of technical skill and some luck, it can be quite easy and fun to do some low-grade "hacking". In my case, it can even be profitable!!
Will Etisalat accept this fake votes, TIME will tell.
SCAM SCAM SCAM SCAM (Waiting to throw my Etisalat Sim away if the vote above counts)
Well, the poll was run by PollDaddy, a popular online poll service. The widget on the blog is a bit confusing because it's coded a bit funny to make up for the fact that it's not running off it's "home" website. Because of this fact, it's compressed and weird. So, instead of delving into the code on the blog, I figured there has to be an original version on "homepage" of the code back at the PollDaddy page. I used Firebug, a Firefox extension to look through the source revealed a NOSCRIPT tag used to provide a link for users without Javascript enabled.
Finding the URL of Polldaddy
Voila! We can now go straight to the PollDaddy poll here! OK, so we see a big form with all the entries. To vote, you click on the radio button and then click the big green vote button. Time to crack this baby open and see how she runs. Back to Firebug to inspect the radio button next to my name. The radio button appears to have a "name" of PDI_answer, an "id" of PDI_answer10761055 and a "value" of 10761055. So, based on this information, I am going to make the assumption that 10761055 is my unique identifier. This means that when you submit the form with me selected, it takes the value 10761055 and sends it to the code that processes the vote. Sure enough, all the other entries had values increasing incrementally. (Meaning that the next entry down [Gbenga] had a value of 33167422, Peter had a value of 33167423 and Habib had a value of 33167424 and so on.)
Grabbing Polldaddy Ids
Cool, now it's time to try and see if we can figure out what other data is passed to the code processor to create a "vote". The next step I did was look for the FORM tag to see if I could find secret variables sent to the code processor passed as hidden INPUT's. Instead of looking through the code, I used the powerful Firefox extension Web Developer Toolbar and ran the "Display Form Details" tool. This displayed all the details of every FORM on the page. The first FORM was the little Search form on the top right. The second FORM was the important voting form. Darn! It only shows the 5 radio buttons... even the action is blank. [The FORM action is the location of the code of the code processor... where the information is sent after you click "vote"]. And our report from Web Developer Toolbar has just given us what we already know...
Polldaddy Form Analysis
OK, not all is lost yet, we can still get a clue by looking at the "Vote" button which submits the form. Aha! The vote "button" isn't even a button at all! It's an image that calls a Javascript function when it's clicked. The function it calls is called "vote" and it passes 5 variables to the vote function. The data it's passing here appears to be 5 numbers. 2189218, 0, 1, 0 and 10.
Now, looking at the URL of the poll page, I can tell that the first number is the ID for the poll itself. This is sent so that when the vote is tallied, it'll know which poll to tally it to. OK, now we have to look for the javascript function called "vote". Hopefully, it will help clue us into what the other 4 numbers being passed are all about. Viewing the page source shows that the Javascript function isn't right on the page; it has to be in one of the included Javascript files. Again, the developer toolbar can help us out by going to "Information", then "View Javascrip"t. This features grabs the source of all the included Javascript files. Toolbar shows us that, not only are they non-obfuscated, the function we need to analyze is right in the first included Javascript file, "common.js"!
With the actual function, we can see the variable names being passed. They are id, poll_other, rand, poll_type and u. ID links with the poll and I assume rand is just a random number to prevent spamming. The other ones probably just identify the type of poll (e.g. non-multiple choice, etc.) Looking at the code of the function, we can see how the for
Voting is over and we have our winner... GBENGA all the way
Thank God, its Lifted "Gbenga" all d way. Dancing mukulumuke
Heavy weight shampion... GBENGA on POINT
above P and H.. iam LIFTED UP ABOVE.... as in lifted liftd
in this trio contest.... The man is GBENGA...
in the words of WIZKID"Efiile fun , Ohun loni" .... Dbanj will say "File" dont toush it>>>heheheh
the Akpako master will shout it loud... FREE ME NOWWWW>>>
Endo of Discussion as an automobile pus it....
It goes to GBENGA....
Go GBENGA GO GBNEGA GO GBENGA---------------------------and all we are saying .... GBENGA has WOOOOOOOOOONNNNNNNNNN... yeah!
With the time remaining, it is advisable for all teams to rally round and PORT to ETISALAT TEAM GBENGA...
THE IDEAL GEEK AMBASSADOR GBENGA-----abi wetin you talk say i talk???? TEAM GBENGA
Gbenga you're indeed lifted. oruko omo lon ro omo. you deserve this dear
#teamPeter.we have the backing of the angels
Its Gbengas show now....
Brightrn up guys&
Stand up for the champion.... And all say::::: GBENGA
Habid on point lets make it work.
Let's give τ̅☺ habib
when it comes to being a geek only one name i know and thats'... PETER... oya na lets go there
Buteh yyyyyy
.......... Baaa controversy...... GBENGA noni
Yes we are gettin there at team peter
Peter, Peter and Peter
peter peter peter ol d way
Peter is the geek........... Even the host of heaven bear witness to that...... Go team Peter
Our GBENGA.
Yes our GBENGA
LIFTED GBENGA the man to beat
Lifted aka Gbenga... U r da main man... U r d GEEK. Let's keep voting
Hello! I am a troll. My mission is to be mean. So here goes: Hope those radio ads were free..............MMMMMMuhahahahahahahahahaha! Ok! Ok! Just kidding........I know they were. But seriously, i smell discrimination in the air. How is it that the skinniest geeks are up for eviction this week? Gives a new meaning to 'thinning out the herd'.......Hahahahahahahahahahahahahahaha!
@ Aieshat, we see with d eyes of d spirit, its not obvious to you that Habib is the man?
Peter got my respect! He is the guy.
Na only peter
peter.......is da Geek.vote for peter
Peter,Ɠ♡D Ȋ̝̊̅§ surely by your side he will take you to your final step,be strong and put in your best,success.
Gentlemen Peter Or Nothing ,, ure dia Bruv ,, d Geek of all tym
Gbenga @ d top...........guys kip voting for Gbenga.....am very sure he's gonna make us proud........let's do ds togeda...............Gbenga is da real GEEK..........
Nigerian mentality habib is d least on d vote oOoOo they still calling him d geek"they have eyes but they are too blind to see d vote rate.peter stay focus u will win by God Grace
Peter u r d man,d true Geek.....Make us proud dear
Peter u r d man,d true Geek.....Make us proud dear
Peter I hail u kip d going Almighty Allah will lead u through nd dnt gt discouraged by d praising of habib habib u are a hero peter u different to cut the long SToRy sHoRt PETER U ARE THE GEEK
Tnx guys 4 supporting my bro uve really shown U̶̲̥̅̊ r friends in deed @leah n Aisha let's go team peter
Go baby,we r proud of u......Missin u bck @ home,God s ur straight dear.
I know a lot support Habib, but he is the least in this online poll. How are you sure he is winning overall?
bro habib,may God perfect your life for his glory¬ d world because you have overcome d world.I luv you but God love you best&has d best wish 4 you
I vote habib.............#Chikena
Gbenga is the man, he is the geek he remains the geek for ever..
Habib Lawal is the man oooooo.
Habib all the way
Gbenga fits in properly..
Gbenga has my vote..
Gbenga twa ga gan,we are for you o
never seen campaign like this before , but by the grace of God, we shall make it. lets make it happen. TEAMHABIBSALAT on point. LEEEEEGGGOOOO!!!!!>
@tejubabyface. Oga I hail o!!!! Thank you for the vote of confidence! I won't let you down.
@ Olayimika; It will be clear to all very soon.It is just a matter of time.
Gbenga, you really deserve our vote. Ride on cos you are gonna make it to the final. God is behind you= Majority!
Thanks guys for taking me to the top.......i wish i can mention all your names ...but you know i love you all......iREP you all......
peter is da 1
Hello guys! I just want to say I feel privileged to have the support of all of you on this mission. Thank you so much for believing in me. I love you guys! Go TeamHabib!
We gats yarn ds one 4 pidgin because ds man done go beyond borders! Habib all d way! If u no dey vote ds guy, mehn na loss ur money dey loss o
D LAST SHALL B D FIRST, NA ME DEY YAN!!!
Yes peter.
While i may not have any fancy, exaggerated epithets to bestow (RME @ some folks in the comment section), I'm just going to be honest and say that GBENGA deserves to remain in the contest IMHO, on the bases of consistency and sheer talent. We are solidly behind you, our very own NFC guru. Shout out to Elect./Telecomms PG class 2012......I see you, Dave n co..........Zainipe has left the building......
i vote for habib. he inspires the next generation youth. so vote for him
You are Right Demola, GBENga is the Man
Gbenga.. YES. GBENGA
Habib is one in a mllion! You need to read his acknowledgememt n see a man that value people. This is one of the characteristic of a man full of Wisdom(Geek). And if you don't have it, you can't give it. But if you're looking for one; Habib is the right one! No mistake. One LOVE!!!
Habib all d way. A champion is who u re
vote gbeeeeeenguze,he's d real deal.He neva stops wowing me since school days.......Gbenga d real deal.
habib you re going to fly so high, 1o times ahead of your equals
habib be straightened its in your DNA, success oriented, born to win! habib my geek
Habib th animatum u re the best man!!
WE DON'T NEED NO WINGS TO FLY, .....JUST TAKE UR LAPTOP- http://polldaddy.com/poll/7307197 OR UR PHONE - Text 402 to 33637, HE DESERVES IT!! YES NA, NA HABIB LAWAL I DEY TALK ABOUT NA>>>> REALLLLY??? BEFORE!!!
Habib is the right man to stay
HABIB AS LONG AS WE'RE OUT HERE 4 U, U WILL NEVER STARVE 4 VOTES, COS U'RE OUR PLATINUM, OUR SILVER, & OUR GOLD!!!
Habibsalat tins. winning is our lifestyle
habib is a champion, he was born this way. Go habiiiiiiiiiiiib, you are the geek for life
LAWAL HABIB is a champion!!! He was born this way....he has to fly so high cos it his DNA!
Who is this guy, he's on cool FM, his pic is going viral on facebook, everybody talking about him, common you must be a real geek sha, well you ve got my vote. GEKK FOR LIFE man.
you are the man
If u r not with Team Habib...u r lost! Habib all d way people! Lets make this happen!!!
CORRECT GUY!! LEGIT GUY!! EVER BLAZING GURU!! GALLANT NIGGER!! PKOKISH IDEALIST!! MAKE DEM GBAINGBE 4 U!! ASK ME WHO B D GUY? NA HABIB Ooo, D MAN WAY SABI THINGS>>>>> I DEY TELL U PEOPLE
HABIB LAWAL HABIB....The Geekiest ever
Hello Hlawal,
WOW!!! You are too much.
We are solidly behind you.
The geek force
I CAN SEE THE "GEEK FORCE" IN HABIB. YOU ARE THE VERY BEST AND OUR NUMBER ONE.
ALL OF US IN "TERRY GEES' HOUSE OF GINGER LOVE AND SUPPORT YOU.
INFACT NO SHAKING MAN, FROM NOW ON YOU DON BECOME OUR MAN
Porting to HABIB LAWAL is the best thing that can happen to you this season!
HHHHHAAAAABBBBBIIIIIIIIBBBBBBBB!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! ON POINT. SUCCESS ALL THE WAY GUY. GOD IS SOLIDLY AND WE ARE SOLIDLY BEHIND YOU. all the joyful mothers are behind you. Bite bell people na u get ur mouth.
peter nd gbengz- elemeyoyoyo...habib yoyoyo-yo...
This HABIB Geek fever don dey geek Nigerians o... Imagine my 4 months old child just said "GEEK HABIB"... This truly a sign o... I believe this guy is God ordained Geek and highly favoured... All the best habib
WOW WOW WOW........HIP HIP HIP HURRAY.
AM BEGINNING TO LOVE THIS HABIB GUY OOOOO.
I JUST HEARD YOUR NAME ON COOL FM.
GUY FROM NOW ONWARD YOU GOT MY FULL AND ATTENTION.
JESUS AND ALL ANGELS GOT UR FRONT AND BACK
ITS NOT BY POWER NOR BY MIGHT BUT BY THE SPIRIT OF GOD
GO AND SUCCEED FRIEND
HABIB of d most high, U na bado, I pray mai no vote 4 u oo, na today, e don taay wa yansh get parting & e don taay we friendship. ICE 4 D MATTER.
Habib Lawal, u surely are a geek.. I just loaded my Etisalat line now. I must vote for you. Congratulation in advance. with all i've seen, (ur presentation), and heard (from cool FM) you surely are the geek etilate needs. Kudos!
Listen to another round of Announcement on Cool FM 96.9...Vote Habib as the ETISALAT GEEK http://polldaddy.com/poll/7307197...or Send 402 to 33637 with and Etisalat Line.
Listen to another round of Announcement on Cool FM 96.9...Vote Habib as the ETISALAT GEEK http://polldaddy.com/poll/7307197...or Send 402 to 33637 with and Etisalat Line.
https://www.facebook.com/photo.php?fbid=644423065577692&set=a.351578234862178.94729.100000300142418&type=1&ref=nf
You go Habib! DNA of a champion!!
hey habib, I don't you but you seem to be every where on this matter, well, I've got no choice than to give you my vote. YOU are the real geek. VOTE HABIB for "geek"
we got ur back nd @peter nd gbengzy we got d exit door for u. hehehhehehe habibibibiibibibibiibibibiibibibiibibibibibiibibibiibibibibiibibibi...............everybody i don port to habib-salat.krikatakrikata!
@Rufai, @Loadedamos, @sheila, @Ade Femi, @rymes, @Futa Alumi, @Emiejagz, @patience, @Steven, @Alwaysphunky, @Bunmi,@D'prince.....YOU GUYS ROCKKKK!!!!!!! I LOVE YÁLL! Merci beaucoup! Gracias!! Thank you!!!
We are at you back Habib Lawal... You are the true geek !!!! Success
This Habib guy is really the geek. Love from everywhere. Tanx cool FM. wink@GeekHabib
Team Habibibibibibi send 402 to 33637 now!
Where is Linda Ikeji on this matter...She should be putting this up on her blog right now...is she a learner? By the way keep the votes up for Habib!!!! A geek with the Geeky attitude...he will Geek you all...YOU ARE GEEKED by HABIB lolz!
Habib is the man.... I heard your name on cool fm now.. I dey your back men l.. nothing dey happen !!
Jesus eee... I never see campaign like this before o... Dem no campaign for Mr president like this sef... This HABIB guy na real geek o.. You have my vote jorrr.. I dey follow successful people jare.... see facebook, twitter, radio station, television sef(no be me talk am o)... But this guy na geek true true...