How to wind up votes in voting yourself

Have you wondered how to wind up the votes in the voting yourself? For obvious reasons, voting is always tracked IP- the address of each request. However, there are quite a few ways to get fresh proxies. Technically, changing the proxy to execute a new request is solved in one line with Url:

curl_setopt($c, CURLOPT_PROXY, $proxy_address);

But any cheating should always start with preliminary intelligence. You can run your sniffer before voting starts. When identifying us as a unique visitor, the site sets a banal session in cookies, then, due to the category of films in the survey, the resource prompts us to indicate the age to confirm the age of majority. From the point of view of cheating, this works quite simply: the script checks the date of birth for each request, so cheat votes IP-addresses with the same date of birth would be very stupid. That is why, first of all, we must provide for grabbing a session with a random generation of a date of birth in cookie. To do this, it is enough at the very beginning of the script to put a global variable with the generated date in cookie:

$cookie_session = array(
'BIRTHDAY='.rand(1, 29).'-'.rand(1, 12).'-'.rand(1960, 1985),
'IS_18OLDER=1',
'LANG=en'
);

After confirming your age, you should register. To do this, just go to the registration page and enter personal data: first name, last name, e—mail to receive an activation code, as well as text with captcha. Here, a problem similar to indicating the date of birth arises: with each new request, we must generate new names and surnames, since thousands of votes from Ivan Ivanov will alert the administrator. These variable personal data are easy to get on the Internet, for example, you can parse yourself from the site of names and surnames.

The activation code will bring much more difficulties and captcha. So, after filling out the form, click on "register" and check the email, where we are already waiting for a letter with a link to go to confirm registration. Immediately after activating your account, you should log in, that is, go to the authorization page using your username and password. At the same time, in cookie you get a second session, which is responsible for accessing the account.

Next, you need to go to the page of the video for which you want to wind up votes, and click on "vote". Ajax, through which the request is transmitted, will speed up the cheating process. In fact, that's all. However, you need to take into account all the details and trifles so that the cheating cannot be noticed, because a whole million rubles is at stake!

Any cheater is designed in such a way that you immediately want to add multithreading to it. However, this example is rather an exception to the rule, since multithreading will only hinder us. After all, if we organize the voting so that all the votes come in one minute, and then during the day there are none at all, then this will look very suspicious. Therefore, the best solution would be alternate voting with pauses. How to wind up votes in voting with pauses? More on this…

Also, the browser (header user—agent) should also be generated randomly for greater reliability, since “different” users, even theoretically, cannot use the same browser. For this purpose, I prepared a script with a lot of user—agent. It is enough to add these two lines to it, which make it possible to randomly obtain a browser:

include('./useragents.lib.php');
$chosen_useragent = chooseBrowser();

We move on. Usually the site sets up the session immediately, and then it is transmitted in each request via cookie. That's why the first step is to figure out which browser we're going to masquerade as, then get the session and insert it into every request. Ability to manipulate records cookie eat in cUrl, but I'm not a fan of this method, so I just save cookie in a global variable that is accessible from all functions. To do this, it is enough to make a request with a preset user—agent to the main page of the site, then get cookiereturned by the server and save them for later use.

Do not ignore the moment, which, at first glance, may seem redundant. We are talking about the execution of absolutely all requests that the browser makes. The temptation to send a minimum of requests with data is great, but this is where the big mistake lies. Firstly, the site may have such a method of detecting cheating as counting hits by image. In this case, the number of downloads, for example, of a picture of a video clip, should be equal to the number of views of this video with a small error. Therefore, the number of visits must always exceed the number of votes. How to wind up votes in voting with uniques? We will talk about this in more detail below ... This is how not only cheating from left accounts is achieved, but also emulation of bots. I chose a ratio of 1:3, that is, one vote for every three views. At the same time, if you load only the video viewing page, increasing the number of views, then you need to load the rest of the visual content: JavaScript files, style sheets, and everything else up to the site icon. No other way. Indeed, for a hundred votes, a thousand visits are needed, and if a video clip image is downloaded only twenty times about a thousand visits, this will cause obvious suspicions.

You can emulate absolutely the entire download in the following way. It is enough to use the special LiveHTTPHeaders plugin in the Mozilla Firefox browser (another option is Opera Dragonfly in the Opera browser), and then open the page with it. As a result, we will get a very long log of all accesses to all files that have been downloaded by this browser. This log needs to be saved in a file and two functions should be written to it. The first function will parse this log file and return an array of values, where the address of the file to be downloaded will be the key, and the value will be the header of the current download, and with a pre-set cookie and browser, since it is important to change the cookie and browser with each vote. This is because the volume of the log is extremely limited, so it is better to find the corresponding function and study it. After saving the log in a file and calling the above function in the following form, we get an array of all the requests that the browser made when loading the page.

$list = parseRequests(file_get_contents('./index_map.txt'),$chosen_useragent, $cookie);

The second function is responsible for executing all requests - this is curlMulti (). In this case, it is just appropriate to use multithreading, since the browser can download files multithreaded. This function accepts arrays of links and headers for further multi-threaded loading and speeding up the process. Enabling/disabling the download of the files themselves is optional: you can leave only the download of headers, or you can send requests without downloading. This option allows you to download certain elements, which is very convenient when the rest are not needed. I'll tell you a secret that this will come in handy when loading the registration page, to be more precise - when loading the captcha file.

To emulate a user action, you should first go to the main page. You can do this with the following code:

function loadIndex()
{
global $chosen_useragent, $cookie_session;
$list = parseRequests(file_get_contents('./index_map.txt'),
$chosen_useragent, 'Cookie: ' . implode('; ', $cookie_session));
$links = array(); $heads = array();
foreach ($list as $link => $head){$links[] = $link; $heads[] = $head;}
$paged = cM($links, $heads, 1, 1);
}

By the form of the above function, it can be seen that the file index_map.txt is the same log created when loading the entire page using the addon to Firefox. In this case, the log itself should be processed manually, since loading ads Google or files posted on other pages is not included in our plans. After going to the registration page from the main page, you need to prepare another log file using LiveHTTPHeaders and fix it by replacing one line:

$paged = cM($links, $heads, 1, 1);

on the

$paged = cM($links, $heads, 1, 1, 'captcha.php');
list($c_url, $sid) = explode('captcha_sid=', $links[11]);
return array('sid' => $sid, 'image' => base64_encode($paged[11]));

In this case, emulation of the loading of all elements will succeed, and the picture captcha will even come back.

$links[11] and $paged[11] is the link and query value for the twelfth download element, respectively, calculated in the order of the files in the sniffer log. At the same time, it is pulled out of the link sid, to which the value of the text with captchathat needs to be unraveled. The well-known service perfectly copes with this. antigate.com, which offers a solution to the problem for just one dollar per thousand images.

In this case, I slightly modified API-recognition function, indicating in it the path to the saved file captcha and access key:

$captcha = loadReg();
$local = md5($captcha['image']);
$write_c = fopen('./captchas/'.$local.'.jpg', 'wb');
fputs($write_c, base64_decode($captcha['image']));
fclose($write_c);
$cresult = recognize('./captchas/'.$local.'.jpg', 'e12dc4858bac1f4ee338c577f9d300');

So we got the answer captcha in variable $result.

The next important point that we are faced with is the need to register mail to activate an account. So how to wind up votes in voting with mail confirmation? Everything below! Do not worry!

It is clear that each time it should be a different address. There are three ways to solve this problem:

1. You can register accounts on free mail services, such as Rambler or Yandex. But if you need too many emails, then it's easier to use an autoregister or buy already registered accounts by someone.
2. Buy a domain that is similar in name to well-known mail services, and then set up a script to collect mail sent to all addresses. Thus, directed to addresses abcgde@domain.ru and eprst@domen.ru mail will go into one box, and there can be thousands of such addresses.
3. Use the script I prepared. This method does not require time or money, but is very effective for solving the problem. The script is suitable for checking any address that is already registered in the system and uses a free service mailinator.net. It is enough to specify an arbitrary address on the domains of this service, and then log into the corresponding account through the web interface and check your mail. Moreover, this can be done without authorization, and the script itself implies access to eleven domains.

The method chosen depends on the situation. In a particular case, we will have to spend money on the first option, since the importance of the moment requires certain concessions. At the same time, we will not write an autoregister on our own, but simply find it on any of the hacker forums. This can be done through the account seller, from whom you can buy mailing addresses that are suitable for verification through PHP IMAP extension.

Since access to the servers of mail services is carried out in different ways, you should find out in advance which one is right for us, and only then buy accounts. Personally, I like the account on Rambler: in my experience, I have never experienced problems with checking mail on it.

Now we need to write the following function to get the body of the last letter:

function getMessage($login, $password)
{
$imap = imap_open('{mail.rambler.ru:110/pop3/notls}INBOX',
$login, $password);
if ($imap){$body = imap_qprint(imap_body($imap,
(imap_num_msg($imap) - 1)));}
else{return false;}
return $body;
}

The written function returns the text of the last letter that comes to the mailbox, so let's prepare all the necessary data for it: postal address, personal data and password for the corresponding variables. I already talked about the way to get addresses above, as well as about personal data. You can generate a password in the following way:

$password = substr(md5(time()), 0, rand(6, 10)).rand(10,99);

After preparation, you can move on to writing the registration function itself. And immediately the question arises how to wind up votes in voting by filling out a questionnaire? Everything is easier than it seems! To do this, you need to use the plugin liveHTTPHeaders. So we have POST-data in the form multipart/form—data. Now just substitute your values in the log from the sniffer, and then send them to POST-request - CURLOPT_POST, CURLOPT_POSTFIELDS. At the same time, do not forget about the changing meaning of the title content—type and that when requested via multipart/form—data need to generate boundaries.

It is advisable to save all sent packages for further use in the database MySQL. It is necessary to save the mail data, the password from the account when registering on the site, user—agent, cookie. But first you need to wait for the letter that will come to the mail to activate your account, while simultaneously registering other accounts, so as not to waste time. It turns out that the whole process of work should be divided into two stages - registration of accounts and their promotion, respectively. Having opened the saved data after a while, we just have to find the login and password from the mail in them, and then check if there is a corresponding letter in the box:

$activation = getMessage($email_login, $email_passw);

If there is a letter, then we select the activation link using a simple regular function. There should not be any particular problems with this, since the formation of the request goes to confirm registration, and for this it is necessary to insert referrer, add cookie and user—agentthat were previously selected. Do not forget about loading all elements: for this we create a log file with all requests, parse it and repeat the actions of the browser.

After receiving all the necessary data and confirming the registration, we only need to log in. To do this, just make a request again, emulate a browser and save the received cookie in a global variable. Similarly, we go to the page of the video, the votes for which are supposed to be cheated, and look where Ajax sends a request after clicking on the button to vote to send this request via cURL. The time between requests is 3-5 seconds.

The automation process of wrapping is as follows. Someone uses cycles sleep() and other time-consuming things, but I did it easier and made it so that after the script passed (based on one vote per script run), the code was automatically thrown into the browser JavaScript, which refreshes the page after one or two minutes. Automation can be done with cron on any paid hosting.