Rigging PollDaddy

One of my best friends siblings was in a poll competition on a popular blog. He was doing okay, but he wasn't close to the lead. I thought I'd see if it was possible to boost his numbers a bit.

The poll in question was administered by PollDaddy. I blurred out the data, but this is what the embedded poll form looks like:

Form Image

The first step was to find the URL that it was embedding from. That way it removes all of the other loading factors of the blog page. Luckily, in the HTML right after the div containing the form was a <noscript> element.

    <a href="http://polldaddy.com/poll/(poll_#)/">Poll question?</a> 

I noted down the poll #, and went to that URL. The next step was to submit the form, and look at the data in Fiddler (a great tool for viewing web interactions). I noticed that it was requesting a URL, of this form:

/vote.php?va=30&pt=0&r=0&p=(poll #)&a=(answer #)%2C&o=&t=(random)&token=(random token)&pz=(random code)

The "answer #" was easily extracted by looking at the value for that checkbox. The rest of the information I noticed was stored in the "Vote" button under the "data-vote" information...except for "pz", which was weirdly in a hidden input field. The next step was to start up a Python script to spam the hell out of it. I set up a Python script to use requests to request the original page, scrape the "data-vote" information into an array, scrape the "pz" value from the hidden input, and construct the URL. Then, I had it request that URL. It immediately ran into a problem.

When you submit the form normally, you're redirected to /poll/(poll #)/?view=results&msg=voted. With the script, however, it was redirecting to /poll/(poll #)/?view=results&msg=revoted&stokenFound. So something was wrong. I extracted all of the headers from the valid request, and forced Python to use that header. Now it went through! I was getting somewhere.

Unfortunately, after ~20 requests, it would stop working again. The 'revoted' message would show up, and no further votes would be made. I figured that it was probably stopping my IP because of the speed of requests, and looked into getting Python's 'requests' module to fake its IP address. After ~30 mins of no success, on a whim I tried running the script again, and it was working! So that meant that the server was just blocking for a while before allowing more votes. After some trial and error, I found that making it sleep for 3 seconds after every request, and then sleeping for 60 seconds once it was blocked was a good point. I didn't want to harass their servers, and 60 seconds seemed like the time to allow it back in. That averages out to 1 vote every 5.4 seconds.

If you want to look at the script, or use it yourself, it is up here on my GitHub.

Over 4.5 hours, he rose 3000 votes, and went on to win. PollDaddy's a great solution for casual polls, but don't use it if you don't want scripts to vote easily and quickly.


  • Anonymous

    I'm confused as to what exactly I should be replacing in the script

  • Alex

    In the vote.py script, set the poll_id, answer_id, and number_of_votes variables, and then run it. The poll_id is the number in the URL (in your case, 9146634), the answer_id can be found by inspecting element on the checkbox for the person you want to vote for, and looking at the value.

  • Anon

    Hi. How many votes did you put on number_of_votes variable?

  • Amara

    Is this working? Please someone answer me.

  • Shannah

    wow. cool, wanna give it a try. thanks!

  • Shannah

    Hi there. I tried you're code but seems not working on mine, or I'm just really not familiar on how to use python. Would you mind helping me please?

  • Marcos

    Do you have a tutorial to see the variables with fiddler ?

  • Tes

    I am always getting the response Locked. Sleeping for 60 seconds., any way to solve this problem

  • Maria

    Same as Tes, it always says it's locked..

  • Ey

    Traceback (most recent call last): File "C:\Python27\vote.py", line 1, in <module> import requests, re, json, time ImportError: No module named requests ....i dont get this. please help..

  • Alex

    @Marcos: You shouldn't need Fiddler. You should be able to get the information from the site by just inspecting the HTML. TruthSeeker's comment should be sufficient to find it if my article was not. @Ey, you need to add the requests module. Run 'pip install requests', or look up online how to add the 'requests' module.

  • Mark

    It always says "Locked"

  • Mark

    Any solution for "Locked" message?? It don't vote

  • Tim doerr

    anyone interested in assisting me on poly vote. worth 50.00 via PayPal

  • Marcos

    The code works but does not increase the votes in the poll.

  • shibabz

    thank you.. its working...

  • S.

    awesome ! Thank you !!! Anyway we could set this to remove a vote for a specified entry ? lol

  • B

    I'm getting this error... I'm a complete noob ... trying to learn... hope someone can help. I followed truthseeker & kaliboy instructions. I'm not positive I installed PIP & requests package correctly. I just copied pasted it in the spot they said to? any help would be greatly appreciated. Python 2.7.6 (default, Nov 10 2013, 19:24:24) [MSC v.1500 64 bit (AMD64)] on win32 Type "copyright", "credits" or "license()" for more information. >>> ================================ RESTART ================================ >>> Traceback (most recent call last): File "C:\Users\msusprtn\Desktop\vote1.py", line 100, in <module> get_all_proxies() File "C:\Users\msusprtn\Desktop\vote1.py", line 31, in get_all_proxies f = open("proxy.txt", "r") IOError: [Errno 2] No such file or directory: 'proxy.txt' >>>

  • dude

    I think people are getting the locked message because their ip address has already been used once and PollDaddy is blocking it on the second usage of that IP. Try using a VPN to get a new IP and try running the code again. It will vote once and lock thereafter. I thought the the proxy.txt file would get around this blockage but it looks like PollDaddy is ignoring the proxy ip's in the text file.

  • A friend

    hello, i'm getting this error message: "Locked. Sleeping for 60 seconds." after 60 seconds, the same thing happens. i'm not too sure why it's doing this... any ideas? I wondered if it was to do with cookies, so i deleted all of those, but the problem persists. i appreciate all the work you've done already, but if you had the time to help an idiot that would be very much appreciated.

  • A friend

    hello again. i spent some more time looking at this today. i noticed that the proxy.txt and useragent.txt files on my computer didn't match the ones on github (in fact, they were the same). i had right-clicked and saved-as, but this wasn't a good idea. i went into the 'raw' tab for each txt file on github and copy and pasted those values into the txt files on my computer, expecting to be triumphant. i still get the same problem.

  • shibabz

    im getting locked for 60 seconds after successfully voted (time 1).. is there a way to make this work?

  • The Doctor

    Syntax error invalid syntax line 5 <!DOCTYPE html>

  • Destiny

    Thanks a lot for the script. To make it work in python3, we need to change xrange to range. We also need to modify the lines involving print. e.g. print"ABCDEFG" need to be changed to print("ABCDEFG")


    how to bypass the timing if poll daddy has lapse time before you can revote?

  • Jimmy Jack

    Thanks! Works well using your instructions combined with TruthSeeker's post. Does the script by default cycle through the proxies and useragents? Can I add proxies to the TXT file? Also noticed I can only vote 25 times and then it locks it out for about 180 seconds.

  • pootttt

    i cant get the poll url because the web use pluggins what should i do?

  • Joness#g11ennick[Yjnylobhowvokiho,2,5]

    Thanks so much