• December 2, 2024

Automatic Voting Bot

How to win or cheat ANY online voting contest - Whole Whale

How to win or cheat ANY online voting contest – Whole Whale

It’s no secret that I’m not a fan of voting competitions, especially ones that are built irresponsibly. That’s why I’ve set out to create the definitive guide on breaking (/cheating) poorly designed nonprofit voting problem with voting competitions is that they pit nonprofits against each other for a prize that usually doesn’t come close to the true cost of the votes that these organizations push to get. What’s more, they run the risk of burning out the supporters of these great organizations.
In the worst case scenario, one organization decides to cheat because the system is designed with flaws by some marketing firm and they see a way to easily game the system to win money for their great cause. I am not justifying or endorsing cheating – I actually believe the only way to win these contests is by not playing. However, in an effort to scare the pants off of people creating these contests I decided to create this Whole Whale does not cheat on behalf of our clients. It is not a service WW offers nor will ever! @WholeWhale just wrote the guide on how to beat most nonprofit online voting contests. Click To Tweet
Step 1: Figure out how it is built
Online voting competitions will use a variety of ways to track votes through a website. Here are the most common building technical:
A Web Form Built with the GET method
This method (low security) means that the form will push the data into the URL and you will see it. e. g. to break: Find that URL and go ham on the refresh button. Hide the cookies and IP address if they are tracking. Post that link anywhere you can and every click will equal a vote. Honestly, no reputable contest will be built this way because it isn’t 2006, but hey, you never know…
A Web Form Built with the POST method
This method (medium security) means that the form will push the data through the body of the request and will not show in the to break: you may be able to use the back button if cookies aren’t being set. If they are being set you can hide cookies with a browser like Chrome with cookies disabled. If they built it correctly you will need a more advanced human assisted tech approach (see step 2 below).
Cookies – contests that don’t require a sign in and allow anonymous votes depend on cookies that may have timers in some cases. To break: clear your cookies, vote, repeat. Use Chrome and a cookie remover to block the cookies of the site, if it still lets you vote you’re all set to click away. The browser has very good privacy protection that will block this type of tracking. Cookie and IP on mobile – if you are using a mobile device you can try switching to airplane mode and using a wifi network to confuse the IP tracking. IP – Some use the IP to determine location voting. You can use a proxy server or a local VPN like Hotspot Account – This will require multiple accounts and a more advanced approach to get enough votes. Depending on how the account is authenticated, it may be not be possible to automate mass confirmation – This is the most common system I see, it requires an email to be confirmed from the inbox with the link to record the vote.
Step 2: Human assisted automation
The following are various tactics which can be combined to break most voting systems with a little help from third party tools. In order to not look suspicious it is important not to show suspiciously large voting counts – I can immediately tell if a distribution of votes is unnatural and violating an expected power law (20% of the contestants getting 80% of the total votes). In one case we spotted this in a contest one of our clients were considering and we advised them not to participate – later we found several articles on the cheating that had Whole Whale does not cheat on behalf of our clients. It is not a service WW offers nor will ever offer.
Computer Macros
A macro is a program that you can setup on a computer that goes through a series of clicks and keyboard strokes on a timed interval. If a voting system doesn’t require a captcha or other human test, a macro can be created to go through a voting cycle unabated. Combine these tools with a hotspot shield and cookies disabled on a computer can break most non-email verification process. Some tools:
Macro Express – downloadable software that will let you turn your computer into a bot that is timed to click and enter information as toHotkey – downloadable software that will let you click the heck out of buttons or load pages.
Email Generators
For secure voting systems that don’t have strict email confirmations, there are ways to generate emails quickly. These email hacks can also be used to create accounts for systems the require logins.
Any single Gmail, Hotmail, Yahoo or normal domain email address can be made into thousands of emails by adding a “+” or “. ” after the name and before the “@” sign. For example, can be and the email will still be delivered to your you own your own domain, you can create a bunch of aliases for one email ilinator – this is a site that will generate emails for you on demand and give you a quick inbox that the confirmation link will be sent to. Using a variety of email domains can help make this look less spammy. This is a list of temporary email domains hosted via mailinator:
Outsourced Voting
For a nominal amount of money, an organization can purchase votes or emails through ‘Vote Brokers’. These groups will do your bidding in the same way they translate audio to text or do other simple outsource tasks for companies. Technically it is against the Amazon Turk policy to pay workers to vote – which is great. However you can still hire someone on a site like UpWork to build a script that could use the above tactics.
Proxy Voting
A proxy vote traditionally means that a voter transfers their right to vote to a third party. Massive lists of proxy accounts can be managed by a single person simply logging in one by one and voting. Imagine if political staffers could collect permission to vote on behalf of voters in a district in perpetuity — not really the will or action of a crowd, but highly best way to win a nonprofit voting competition is by not entering. Click To Tweet
Finally, for the contest creators
This post is meant to ruin poorly designed voting competitions and to scare anyone thinking about building a nonprofit voting competition. I hate the idea of cheating nonprofits and I think that starts when a contest doesn’t use responsible design.
Responsible Contest Design Questions
Can your online system be quickly gamed by the exploits above? (I beg you not to use GET requests or anonymous voting)Can you use a third party authentication to stop the email hack? Is the prize pool large enough to make an expected value equation make sense for all participants?
Expected Value for Voting Contest = Prize amount * (total # winners / total # charities)
Do the nonprofits involved get to keep the voter data that relates to their org? In the case of emails, do they get them? Is there a way to build this so that every participant wins in some way? Is the time frame limited so there is only a small window of nonsense voting requests? Is there a clever way to design the voting process so that it actually produces some positive impact for the nonprofit? e. g. voters have to submit photos they take of the cause that the nonprofit can have access to later for their photo database. Or they must submit 1 idea that they think would improve their work. you use a threshold voting, where nonprofits need to get to X votes to be considered by a panel? This caps the voting nonsense while still getting a bit of the network effect you are hoping for your brand. This pairs well with a social integration.
I hope these questions will spur some more creative approaches to contest design and will add more value to the nonprofits who Whole Whale does not cheat on behalf of our clients. It is not a service WW offers nor will ever offer. Also, please don’t reach out to us to vote for your contest.
So there you have it – our guide to breaking online voting contests so your nonprofit can win. And more importantly, to bring transparency to this one-sided marketing tactic.
Even more awesome resources
To truly leverage the power of Facebook Fundraisers, you and your team need a clear and easy-to-read view of the data. Sound like a lot of work? Thankfully, Whole Whale’s already done the work for you with this Facebook Google Data Studio dashboard! Check it out!
Template
Facebook Fundraiser Dashboard Template
Plus, download this free, simple checklist to make sure you’re covering all your bases when you set up your next nonprofit campaign!
ALL Best Voting Bots: HelloInternet - Reddit

ALL Best Voting Bots: HelloInternet – Reddit

Voting BotsVote here in the FINALLive tracking of votesBest Option: Browser ScriptsHow to UsePaste into the developer console in your web browser (ctrl-shift-J) run in one tab to avoid votes being ignored. See here. = function () {};
document. onkeypress = function(e) {
if(yCode === 13) //if enter pressed
{
eventFire(vote_btn, ‘click’);}};
function select() {
radio = tElementById(‘PDI_answer44811670’);
vote_btn = tElementById(‘pd-vote-button9794855’);
back_btn = document. querySelector(”);}
function eventFire(el, etype) {
if (reEvent) {
reEvent(‘on’ + etype);} else {
var evObj = eateEvent(‘Events’);
itEvent(etype, true, false);
= el;
i = i + 1;
el. dispatchEvent(evObj);}}
function sleep(miliseconds) {
var currentTime = new Date(). getTime();
while (currentTime + miliseconds >= new Date(). getTime()) {}}
i = 0;
setInterval(function () {
//if (i == 25) {
// sleep(120000);
// i = 0;
//}
//(i);
select();
try {
();
eventFire(vote_btn, ‘click’);} catch (e) {}}, 3000);
try { ();} catch (e) {}}, 6000, 500);
Second bestThis works in any web browser. Mobile voting websiteMay vote too quickly and cause votes to be to change your maximum vote rate per IP seems to be one vote every six seconds. If your ip is blocked you will need to use a vpn, tor, or proxy to get a new use with Browser Bots: A free option is the TOR browser, Install here which will use a different ip address every time you load the page. Otherwise there are several free proxy services, these should also change your ip address. Search “proxy site” or something. Theoretically you could load up a few bots on different proxies or tor browser dowsu/gnarrrrl provided this application for windows, downloadable thubHow to run: Unzip and run tPollmommy (Mac/Linux)NOT UPDATED FOR FINALTHIS REQUIRES TESTINGGithubInstall install pollmommy -gTo cast 1 vote:bash
#! /bin/bash
# pollmommy url pollid ansid
pollmommy 9794258 44807873
To cast 1 Vote every 6 script for Mac/ this script and make executeble (chmod +x). Run with. /
nvotes=0
while(true); do
nvotes=$((nvotes + 1))
printf “Votes: ${nvotes}\r”
sleep 3
done
Bash with Tor (Mac/Linux)May or may not workFirst install tor: apt-get install tor or yum install tor on be run with root/sudo. #! /bin/bash
# start tor service
service tor start
clear
hash=29062367910be49d7e16318a192305ba
pid=9794855
nurl={hash}/${pid}?
# Pass the hash, pid and unix time to obtain nonce file
time=”$(date +%s%N)”
ms=”$((${time}/1000000))”
# Get the file containing the nonce
curl -s –socks5 localhost:9050 –output ${nurl}${ms}
# extract the nonce
nonce=”$(grep ${pid}. / | cut -c 15-28)”
# Post URL
purl=
# Variables to pass
p=7524645
b=0
# Answer ID
a=44811670
o=””
va=16
cookie=0
url=%3A//
curl -s -X POST –socks5 localhost:9050 –output /dev/null “{p}&b=${b}&a=${a}&o=${o}&va=${va}&cookie=${cookie}&n=${nonce}&url=${url}”
# Clean up
#rm
#Vote counter
printf “Total times voted: ${nvotes}\r”
# Obtain new tor identity, MUST RUN AS SU
#service tor restart
pidof tor | xargs kill -HUP
sleep 1
Another at hereMain Threads will continue updating this post so that the most effective method is at the top and ready for the final the unofficial battle flag lead the Tims to victory! Edit: delay times and live tracking Edit: Final edit: ditched python edit: mobile bot
Votebot - Wikipedia

Votebot – Wikipedia

A votebot is software automation (often called a “bot, ” built to fraudulently participate in online polls, elections, and to upvote and downvote on social media.
Simple votebots are easy to code and deploy, yet they are often effective against many polls online, as the developer of the poll software must take this kind of attack into account and do extra work to defend against it.
Technique used[edit]
The WWW uses the HTTP protocol to transfer information. Votebots are designed to imitate legitimate user behaviour, such as voting in an online poll by interacting with the server hosting the poll using the HTTP protocol. The bot thus emulates the behavior of a human using a web browser, but can repeat this emulated behavior many times, thus casting many votes.
Distinguishing bots from humans[edit]
In many voting projects, developers try to distinguish bots from legitimate users. For example, some websites restrict the number of votes one IP address can make in a time period. Votebots frequently bypass this rule by using proxy or VPN IP addresses. Other web sites analyze the account created by a votebot and its history of actions in the system to identify potential votebots. Votebots in turn counter this by trying to simulate human activity such as logging in and out before voting. Other sites employ CAPTCHAs, which votebots farm out to Mechanical Turks.
Targeted sites[edit]
YouTube, Facebook, Twitter and Reddit are major target of votebots. [1] Many small, temporary voting projects are also targeted. Many people try to program or buy malicious scripts to vote for themselves in some processes, and it is hard to count the number of attacks happening every day.
See also[edit]
Chatterbot
Doodle
IRC bot
Knowbot
Spambot
References[edit]
^ Herkewitz, William (2013-08-08). “Upvotes, Downvotes, and the Science of the Reddit Hivemind”. Popular Mechanics. Retrieved 15 June 2021.

Frequently Asked Questions about automatic voting bot

Leave a Reply