incrase karma

If it doesn't fit anywhere else, it will fit here.

cheatengine

Postby bronywarlord » Mon Mar 21, 2016 12:51 pm

How do you increase karma on teenchat.com so u it will appear to everyone else that you have karma? I increase it to 1000 but it only appears like this on my screen not everyone else's
Attachments
cheatengine.jpg
cheatengine.jpg (264.06 KiB) Viewed 20138 times
bronywarlord
n00b
 
Posts: 2
Joined: Mon Mar 21, 2016 12:39 pm

incrase karma

Postby bronywarlord » Mon Mar 21, 2016 2:01 pm

how do increase karma on teenchat or zobe?
bronywarlord
n00b
 
Posts: 2
Joined: Mon Mar 21, 2016 12:39 pm

Re: incrase karma

Postby Cool_Fire » Sun Apr 03, 2016 2:48 am

Disclaimer: I know nothing about either of these systems, so I'm going to be making a few broad assumptions and my answers will be generally applicable to most such systems rather than specific to the two you asked about.


Ok, so first off let's address the cheatengine issue. The problem here is that cheatengine is a program that modifies local memory on your computer and you're expecting that to affect a remote system. The karma points are stored on the chat servers, they're sending you a copy of that value to display on screen. It is that local copy cheatengine can modify, not the original. (Analogy: You're drawing a mustache on a photo and expecting the mustache to appear on the real person too.)

Now let's move on to something that probably would work. You have a few options here. The easiest would probably be to make a whole bunch of fake accounts and karma up your main account. (Working under the assumption that karma is given by other users. If this isn't the case on those chat services, obviously this won't be an option.)

Now for a more technical approach. (Still working under the assumption karma comes from other users.) You start looking for a XSS bug in their site. Being able to do stored XSS or CSRF should allow you to craft a payload that makes everyone click your karma + button or whatever they do to give you karma.

Note: Both making many accounts and stored XSS is pretty noticeable for the service admins and there's a good chance your account will be banned when they do find out. CSRF is a little more stealthy, but most likely will still show up in their server logs.

Lastly you can look for something like SQLi and try to manipulate the database directly. Either to give yourself more karma, grab user account to give yourself karma with or get/become an admin. How stealthy this is really depends on your actions. This is also probably the hardest thing to do of the three.


Reference material:
XSS
CSRF
SQLi
If we're breaking the rules, then how come you can't catch us? You can't find us? I know why. Cause, it's ... MAGIC!
Hackerthreads chat, where the party is going 24/7.
User avatar
Cool_Fire
Not a sandwich
 
Posts: 1874
Joined: Fri May 09, 2003 1:20 pm
Location: 41 6d 73 74 65 72 64 61 6d


Return to General

Who is online

Users browsing this forum: No registered users and 2 guests