Thread: Fake speedtest.net?

Hard !! Not impossible ;-)



this tutorial for Linux advanced user which mean that I didn't understand anything.

I can't see the video in your post, but if it's that trick to install a Speedtest server in your own PC, then it's already been posted.

Originally Posted by oscariano

weird, its my first time here... and I had already posted this (but either I used the wrong button, or it got silently deleted)

But just wanted to say that its really easy to fake the results, by just "POSTing" em directly to the speedtest server, theres just a simple MD5 hash "protecting" em

A pic of my speed :)
http://www.speedtest.net/result/1085052235.png

and just another lil 1....
http://www.speedtest.net/result/1085918676.png

I don't plan to stay around!, just wanted to say that its really possible!

Hi Five !!!



Repped...

Why don't you plan on staying around?

I might work on a more detailed guide, but here's a little treat...

*NOTE* The data sent is "protected" by the "hash", thus you won't be able to change the values so easily. I've already computed the MD5 hash for this example, so thats why it works with the given values (which are a little bit evil )
Again, my only intention is to show ya all, that its possible, and that its very simple.

1. Run at least once the original speedtest, so that all the necessary cookies are set.
2. Open notepad, and copy the following html code:

HTML Code:

<form method="post" action="http://www.speedtest.net/api/api.php">
<input type="hidden" name="hash" value="62137f792d87ad6a22cd87d13b3953c5" />
<input type="hidden" name="serverid" value="612" />
<input type="hidden" name="download" value="666000" />
<input type="hidden" name="upload" value="666000" />
<input type="hidden" name="ping" value="666" />
<input type="submit" value="Generate" />
</form>

3. Save it as something.html (if you have problems with notepad adding the .txt extension, use quotation marks around the name, like "name.html")
4. Open that file with your web browser
5. Click the generate button
6. It will open up a new page, now look for the "resultid" value (which is a number...) and copy it (it is between "resultid=" and "&date")
As you may have guessed, this is your "image" number... now just replace the "number" on a normal speedtest link (http://www.speedtest.net/result/1086954930.png)

Enjoy it

How did you get the server id?

BTW dude,you DO realise all this is pretty sensitive data right?Should you be posting it in the open ?

@Resurrection you can get the server id with very basic "packet sniffing". My favorite program to do so is Wireshark ... Btw, the server id isn't part of the hash, thus you can easily change it, without "ruining" it.

@electromoe I'm not planning to reveal how the hash is calculated, it would do more harm than good. But I'm encouraging people to try to figure it out! its not that hard

@combine I can't answer to your PM, as I need 10 posts ... but heres your hash: ******** . (http://www.speedtest.net/result/1093299867.png) Enjoy it!

I'm planning to calculate 3 hashs more for anyone (probably for the first 3 petitions), as a present for the great new year thats starting!

Happy new year every1!

Join Date: 03.01.11

Looks like this thread's already rocking a little

Originally Posted by guitar111

@oscariano Pls tell the string you used for computing the hash and how dd you triggered http://www.speedtest.net/api/api.php. Thanks

@oscariano
yea, finding a hash encoder is not the problem ...i searched a decoder to see your string ...to know the format