We spin vote in WordPress
So, there is a WordPress blog with a voting form, which is implemented using the WP-Polls plugin. There was a desire to test the plugin for cheating before use.
Below are the results of my experiments on the unfortunate WP and at least the unfortunate WP-Polls.
Dan WordPress blog with a vote on WP-Polls. Voting is available to all visitors. Protection against re-voting by blocking by IP. In the survey, you can select only one option.
You need to write a script that can affect the voting results.
When adding a vote, the following form is inserted on the page:
After selecting the option, a request of the following type is sent to the server by ajax:
where poll_id is the poll id, and poll_1 are the response options (after the underscore in the variable name, the poll id is followed).
Implementing Re-Voting Protection
We use the fact that WP is an open source project and examine the source code of the plugin.
Obviously, we need a function
')
In the check_voted_ip ($ poll_id) function, a query is made to the database for the presence of a record with the given poll id and user ip. The IP address is returned by the
From this function, it follows that we peacefully set the pens to the title " X_FORWARDED_FOR ", which will be used by the plugin to verify the re-vote.
I will not give the listing script for cheating the survey due to its triviality. It is enough to write a script / program in your most favorite programming language that will send a POST request to the address of the plug-in with the required parameters; moreover, each request must have a unique “X_FORWARDED_FOR” header.
This article provides a way to bypass the protection from re-voting in the WP-Polls plugin for WordPress. The presented material does not consider the option of using proxy-servers due to the greater labor intensity compared to the presented method.
Naturally, the results of the script are easily corrected through the administrative panel WP. This information is presented for informational purposes only.
In the process of analyzing the source code of the plugin, another method of cheating was discovered, which does not work out quite correctly.
This method is associated with the ability of the plugin to implement surveys in which the user can select several answer options. They are transmitted to the server separated by commas:
When processing by a script, this parameter beats comma to the array on which the loop is executed:
Therefore, to wrap one of the options, it is enough to pass a string like:
to increase the number of votes for this answer N times.
The disadvantage is that the number of voters will still increase by only 1 and the display of the voting results will crawl
Below are the results of my experiments on the unfortunate WP and at least the unfortunate WP-Polls.
Initial data
Dan WordPress blog with a vote on WP-Polls. Voting is available to all visitors. Protection against re-voting by blocking by IP. In the survey, you can select only one option.
You need to write a script that can affect the voting results.
We study the subject area
When adding a vote, the following form is inserted on the page:
After selecting the option, a request of the following type is sent to the server by ajax:
POST http://test.ru/wp-content/plugins/wp-polls/wp-polls.php
poll_1: 1
poll_id: 1
rndval: 1221566428538
vote: true
where poll_id is the poll id, and poll_1 are the response options (after the underscore in the variable name, the poll id is followed).
Implementing Re-Voting Protection
We use the fact that WP is an open source project and examine the source code of the plugin.
Obviously, we need a function
check_voted($poll_id) in which check_voted_ip($poll_id) called.')
Getting naughty
In the check_voted_ip ($ poll_id) function, a query is made to the database for the presence of a record with the given poll id and user ip. The IP address is returned by the
get_ipaddress() function: function get_ipaddress () {
if (empty ($ _ SERVER ["HTTP_X_FORWARDED_FOR"])) {
$ ip_address = $ _SERVER ["REMOTE_ADDR"];
} else {
$ ip_address = $ _SERVER ["HTTP_X_FORWARDED_FOR"];
}
if (strpos ($ ip_address, ',')! == false) {
$ ip_address = explode (',', $ ip_address);
$ ip_address = $ ip_address [0];
}
return $ ip_address;
}
From this function, it follows that we peacefully set the pens to the title " X_FORWARDED_FOR ", which will be used by the plugin to verify the re-vote.
Implementation
I will not give the listing script for cheating the survey due to its triviality. It is enough to write a script / program in your most favorite programming language that will send a POST request to the address of the plug-in with the required parameters; moreover, each request must have a unique “X_FORWARDED_FOR” header.
Conclusion
This article provides a way to bypass the protection from re-voting in the WP-Polls plugin for WordPress. The presented material does not consider the option of using proxy-servers due to the greater labor intensity compared to the presented method.
Naturally, the results of the script are easily corrected through the administrative panel WP. This information is presented for informational purposes only.
PS
In the process of analyzing the source code of the plugin, another method of cheating was discovered, which does not work out quite correctly.
This method is associated with the ability of the plugin to implement surveys in which the user can select several answer options. They are transmitted to the server separated by commas:
poll_1: 1,2,3,4
When processing by a script, this parameter beats comma to the array on which the loop is executed:
foreach ($ poll_aid_array as $ polla_aid) {
$ wpdb-> query ("
UPDATE $ wpdb-> pollsa
SET polla_votes = (polla_votes + 1)
WHERE polla_qid = $ poll_id AND polla_aid = $ polla_aid
");
} Therefore, to wrap one of the options, it is enough to pass a string like:
poll_1: 1,1,1, ..., 1
to increase the number of votes for this answer N times.
The disadvantage is that the number of voters will still increase by only 1 and the display of the voting results will crawl
Source: https://habr.com/ru/post/39578/
All Articles