Page 9 of 23 FirstFirst ... 789101119 ... LastLast
Results 121 to 135 of 344

Thread: Fake speedtest.net?

  1. #121
    Member illusive's Avatar
    Join Date
    24.10.10
    P2P Client
    What ?! That's Private!
    Posts
    240
    Activity Longevity
    1/20 11/20
    Today Posts
    5/5 ssssss240
    Hard !! Not impossible ;-)



    this tutorial for Linux advanced user which mean that I didn't understand anything.
    Last edited by illusive; 22.12.10 at 16:22.
    Reply With QuoteReply With Quote
    Thanks

  2. Who Said Thanks:

    Gapo (22.12.10)

  3. #122
    Moderator anon's Avatar
    Join Date
    01.02.08
    Posts
    30,205
    Activity Longevity
    8/20 18/20
    Today Posts
    2/5 ssss30205
    I can't see the video in your post, but if it's that trick to install a Speedtest server in your own PC, then it's already been posted.
    "That door is open. What do you want to do with your key?" -- ADOM 1.1.1
    Reply With QuoteReply With Quote
    Thanks

  4. Who Said Thanks:

    illusive (22.12.10)

  5. #123

    Join Date
    27.12.10
    Location
    @_osc, Twitter Nation
    Posts
    7
    Activity Longevity
    0/20 11/20
    Today Posts
    0/5 ssssssss7
    weird, its my first time here... and I had already posted this (but either I used the wrong button, or it got silently deleted)

    But just wanted to say that its really easy to fake the results, by just "POSTing" em directly to the speedtest server, theres just a simple MD5 hash "protecting" em

    A pic of my speed :)
    http://www.speedtest.net/result/1085052235.png

    and just another lil 1....
    http://www.speedtest.net/result/1085918676.png

    I don't plan to stay around!, just wanted to say that its really possible!
    Reply With QuoteReply With Quote
    Thanks

  6. Who Said Thanks:

    guitar111 (04.01.11) , Nobody (02.01.11) , Pliplo (27.12.10) , Gapo (27.12.10) , Resurrection (27.12.10)

  7. #124
    Advanced User Resurrection's Avatar
    Join Date
    24.07.10
    Posts
    997
    Activity Longevity
    1/20 12/20
    Today Posts
    0/5 ssssss997
    Quote Originally Posted by oscariano View Post
    weird, its my first time here... and I had already posted this (but either I used the wrong button, or it got silently deleted)

    But just wanted to say that its really easy to fake the results, by just "POSTing" em directly to the speedtest server, theres just a simple MD5 hash "protecting" em

    A pic of my speed :)
    http://www.speedtest.net/result/1085052235.png

    and just another lil 1....
    http://www.speedtest.net/result/1085918676.png

    I don't plan to stay around!, just wanted to say that its really possible!
    Hi Five !!!



    Repped...

    Why don't you plan on staying around?
    Last edited by Resurrection; 27.12.10 at 05:48.
    Reply With QuoteReply With Quote
    Thanks

  8. #125
    Advanced User C3PO's Avatar
    Join Date
    07.05.10
    Posts
    759
    Activity Longevity
    4/20 12/20
    Today Posts
    1/5 ssssss759
    And what means posting them?
    Reply With QuoteReply With Quote
    Thanks

  9. #126

    Join Date
    27.12.10
    Location
    @_osc, Twitter Nation
    Posts
    7
    Activity Longevity
    0/20 11/20
    Today Posts
    0/5 ssssssss7
    I might work on a more detailed guide, but here's a little treat...

    *NOTE* The data sent is "protected" by the "hash", thus you won't be able to change the values so easily. I've already computed the MD5 hash for this example, so thats why it works with the given values (which are a little bit evil )
    Again, my only intention is to show ya all, that its possible, and that its very simple.

    1. Run at least once the original speedtest, so that all the necessary cookies are set.
    2. Open notepad, and copy the following html code:

    HTML Code:
    <form method="post" action="http://www.speedtest.net/api/api.php">
    <input type="hidden" name="hash" value="62137f792d87ad6a22cd87d13b3953c5" />
    <input type="hidden" name="serverid" value="612" />
    <input type="hidden" name="download" value="666000" />
    <input type="hidden" name="upload" value="666000" />
    <input type="hidden" name="ping" value="666" />
    <input type="submit" value="Generate" />
    </form>
    3. Save it as something.html (if you have problems with notepad adding the .txt extension, use quotation marks around the name, like "name.html")
    4. Open that file with your web browser
    5. Click the generate button
    6. It will open up a new page, now look for the "resultid" value (which is a number...) and copy it (it is between "resultid=" and "&date")
    As you may have guessed, this is your "image" number... now just replace the "number" on a normal speedtest link (http://www.speedtest.net/result/1086954930.png)

    Enjoy it
    Last edited by oscariano; 27.12.10 at 22:39.
    Reply With QuoteReply With Quote
    Thanks

  10. Who Said Thanks:

    guitar111 (04.01.11) , Nobody (02.01.11) , Pliplo (28.12.10) , seldom (28.12.10) , Gapo (28.12.10) , Resurrection (28.12.10)

  11. #127
    Advanced User Resurrection's Avatar
    Join Date
    24.07.10
    Posts
    997
    Activity Longevity
    1/20 12/20
    Today Posts
    0/5 ssssss997
    How did you get the server id?

    BTW dude,you DO realise all this is pretty sensitive data right?Should you be posting it in the open ?
    Reply With QuoteReply With Quote
    Thanks

  12. #128
    Unschuldig's Avatar
    Join Date
    24.07.09
    Posts
    68
    Activity Longevity
    0/20 14/20
    Today Posts
    0/5 sssssss68
    more important for me is: how u hash the values?
    Reply With QuoteReply With Quote
    Thanks

  13. #129

    Join Date
    27.12.10
    Location
    @_osc, Twitter Nation
    Posts
    7
    Activity Longevity
    0/20 11/20
    Today Posts
    0/5 ssssssss7
    @Resurrection you can get the server id with very basic "packet sniffing". My favorite program to do so is Wireshark ... Btw, the server id isn't part of the hash, thus you can easily change it, without "ruining" it.

    @electromoe I'm not planning to reveal how the hash is calculated, it would do more harm than good. But I'm encouraging people to try to figure it out! its not that hard

    @combine I can't answer to your PM, as I need 10 posts ... but heres your hash: ******** . (http://www.speedtest.net/result/1093299867.png) Enjoy it!

    I'm planning to calculate 3 hashs more for anyone (probably for the first 3 petitions), as a present for the great new year thats starting!

    Happy new year every1!
    Last edited by SealLion; 02.01.11 at 05:33. Reason: Please don't post this kind of personal information.
    Reply With QuoteReply With Quote
    Thanks

  14. #130
    Unschuldig's Avatar
    Join Date
    24.07.09
    Posts
    68
    Activity Longevity
    0/20 14/20
    Today Posts
    0/5 sssssss68
    just tell me the tool
    Reply With QuoteReply With Quote
    Thanks

  15. #131

    Join Date
    27.12.10
    Location
    @_osc, Twitter Nation
    Posts
    7
    Activity Longevity
    0/20 11/20
    Today Posts
    0/5 ssssssss7
    @SealLion how come the calculated hash is "personal information"?

    @electromoe google for "md5 online generator" and any result from the first page should do the job :)
    Reply With QuoteReply With Quote
    Thanks

  16. #132

    Join Date
    03.01.11
    Location
    inda
    P2P Client
    utorrent
    Posts
    6
    Activity Longevity
    0/20 11/20
    Today Posts
    0/5 ssssssss6
    @oscariano Pls tell the string you used for computing the hash and how dd you triggered http://www.speedtest.net/api/api.php. Thanks
    Reply With QuoteReply With Quote
    Thanks

  17. #133
    Moderator anon's Avatar
    Join Date
    01.02.08
    Posts
    30,205
    Activity Longevity
    8/20 18/20
    Today Posts
    2/5 ssss30205
    Join Date: 03.01.11
    Looks like this thread's already rocking a little
    "That door is open. What do you want to do with your key?" -- ADOM 1.1.1
    Reply With QuoteReply With Quote
    Thanks

  18. #134
    Unschuldig's Avatar
    Join Date
    24.07.09
    Posts
    68
    Activity Longevity
    0/20 14/20
    Today Posts
    0/5 sssssss68
    Quote Originally Posted by guitar111 View Post
    @oscariano Pls tell the string you used for computing the hash and how dd you triggered http://www.speedtest.net/api/api.php. Thanks

    @oscariano
    yea, finding a hash encoder is not the problem ...i searched a decoder to see your string ...to know the format
    Last edited by Unschuldig; 03.01.11 at 21:18.
    Reply With QuoteReply With Quote
    Thanks

  19. #135
    Reply With QuoteReply With Quote
    Thanks

  20. Who Said Thanks:

    Lucius (16.04.12) , Unschuldig (04.01.11)

Page 9 of 23 FirstFirst ... 789101119 ... LastLast

Tags for this Thread

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121