Basically I'm going to explain some toys on Gaia that existed and how they worked in this post. So enjoy.

Let's start out with the method to login to anybody's account. This was done with GSI using json with the GSI method 108 and setting the parameter for password to 1 to be true instead of actually entering your md5password shit. Therefore logging you into the account.

The gifting without a password method, this was done with a simple edit to the page to basically edit the confirm page to be the submit page therefore bypassing needing a password.

Hmm, let's see. The gold gen that was very well kept a secret. Only about six people could do it. Done using a GSI method that granted 500 gold, and using php to generate a random number to use as a new number when generating since it generated 500g per a single number that can't be reused.

Okay insta-morphing in rallies was easily done. Basically you send three packets which you can do with one packet using the 03 hex to end a packet and start another one to do it instantly. The three packets were easily. The ava edit, the enter room packet resent and a move packet to set up your position. Nothing hard, why you kids couldn't figure it is beyond me.

SID Grabbing, this was done using the 109 method to get the sid and using AJAX and an XSS Hole on Gaia to retrieve a users session ID, if you could gift without a password you didn't have a need for a password with this. Not the best way to steal shit, but only because you could be banned sooner or later, or well.

Comment deleting, I'm not sure if this is patched and I'm too lazy to text, basically done with cross site request forgery to add the submit parameter to be "Yes" and sending it. Not really going to go into it as I doubt you were aware to it's existence.

Posting non-global announcements, stickies and locked topics. Merely a tamper data edit to a hidden parameter you need to know which having knowledge of their forum you may of. Not going into this either for same reason as comment deleting.

I also created a method of password stealing a saved password that autofiled using XSS and a bit of CSRF. Was nothing too complicated.