[Hack] 4 Pieces Original Chicken (or Hot & Spicy Where Available) $7.45 @ KFC (Desktop Browser Required)

1290
[Hack] 4 Pieces Original Chicken (or Hot & Spicy Where Available) $7.45 @ KFC (Desktop Browser Required)
Go to Deal
AwesomeAndrew on 01/07/2024 - 16:37 kfc.com.au (418 clicks)
Last edited 01/07/2024 - 19:56 by 1 other user

Since the previous hacks stopped working, I started looking into new methods of getting cheap chicken. I noticed that the KFC app seems to only perform client side validation of whether your cart is valid (very bad cybersecurity), so I found a new method of getting the hack which works on the KFC website ordering. The method involves performing a replay attack on the add to cart request sent to the server. Unfortunately this method only works on PC, so it is not very convenient to use, but I believe that it might still be possible on the app due to lack of server side cart validation.

Steps:

  1. Open KFC website (https://www.kfc.com.au/menu/shared-meals/burger-feast)
  2. Add burger feast to cart (Other feasts might also work)
  3. Open browser developer tools (Ctrl + Shift + I), then go to the network tab
  4. Add the add on you want to cart
  5. In the developer tools, identify the network request that corresponds to adding the add on to cart (POST request, URL ends with /line-items)
  6. Go to cart and remove the feast, it will remove the add on as well. (Hint: do this in another tab so the developer tools does not get cluttered with extra network requests).
  7. Go back to browser developer tools and replay the request identified in step 5. (right click, then Resend in Firefox or Replay XHR in Chrome)
  8. Refresh the cart page and the add on should be in there.

See also alternative hack by ThristyCow, which does not use developer tools and can be performed on mobile:

  1. Open 2 tabs of the KFC site.
  2. On tab #1, add the Burger Feast to the cart and do not press anything when Add-ons menu appears.
  3. Switch to tab #2 and navigate to cart and remove the feast
  4. Switch to tab #1 and click Add to Order on the add-on you want.
Dining & Takeaway Fast Food Fried Chicken

Related Stores

KFC Australia
KFC Australia

Comments

    • AwesomeAndrew on 01/07/2024 - 16:39
      +3

      Previous one is not working anymore

      • m9 on 01/07/2024 - 16:48

        👍

      • YasimKudomi Pape on 01/07/2024 - 18:41
        +2

        Why need this when you have 15 wings for only $10 dollars!

  • CyberMurning on 01/07/2024 - 16:43
    +4

    wow, awesome, Andrew!

  • boretentsu on 01/07/2024 - 16:45
    +12

    Open browser developer tools

    Does it come with 30TB of free storage for 67 years as well? https://www.ozbargain.com.au/node/802407

  • sunaus on 01/07/2024 - 16:47

    Thanks

  • djmm on 01/07/2024 - 16:48
    +3

    Do you think they'll spit on the chicken?

    • vengeance88 on 01/07/2024 - 17:23
      +7

      Does Hawk Tuah work there?

  • Skatez on 01/07/2024 - 16:51
    +3

    LMAO

  • freekay on 01/07/2024 - 16:59
    +11

    I've gone so far as to stop the KFC app from updating on my phone. So the last hack still works for me. Yes, I now have to manually update each one of my apps, but the love of the chicken keeps me going.

    • citybargainhunter on 01/07/2024 - 18:36
      +10

      Get a second phone and use this as the dedicated chicken phone.

    • askvictor on 01/07/2024 - 19:05
      +1

      Which version are you using?

    • noshopping on 01/07/2024 - 19:16
      +5

      share KFC APK file lol

    • CodeXD on 01/07/2024 - 19:55

      What version are you in?

    • flywing on 01/07/2024 - 21:36

      If you are on android:
      You can extract or download the old APK, clone it(many app or website can do that), then install the cloned APK.

  • HolyCr4p on 01/07/2024 - 17:03
    +4

    Red roster's crispy chicken is still better than kfc soggy chicken

  • vorsprung on 01/07/2024 - 17:04
    +6

    I wouldn't do this, especially after giving detailed instructions on a public forum. When their app has a bug or glitch that you exploit, you could play dumb. When you're intentionally bypassing client side validation and replaying HTTP messages it's a bit more deliberate.

    I agree they shouldn't rely on client-side validation but that's beside the point.

    I'll probably get downvoted like the other nay-sayer…

    • askbargain on 01/07/2024 - 17:15
      +1

      Keep playing dumb?

      The people in store are teenagers who don’t have a CS degree.

    • Ghost47 on 01/07/2024 - 17:31
      +3

      If anything this is a good thing and will force KFC to implement better cybersecurity practices, something that is sorely needed in a lot of Australian organisations.

    • Binchicken22 on 01/07/2024 - 18:04
      +1

      Honestly what are they Gunna do… Yeah they'll probably shut it down and close the loophole now it's public, but ultimately they aren't going to take him to court over him getting slightly cheaper dirty bird.

    • cooni on 01/07/2024 - 18:57
      +2

      Yeah watch out they might throw you in jail for replaying a http request to add some chicken to your cart.

    • zubzub on 01/07/2024 - 18:59

      Lucky we no longer do capital punishment.

    • samuelalexmclean on 01/07/2024 - 21:39

      What's the charge, officer? Enjoying a meal?

      • freekay on 01/07/2024 - 22:17

        A succulent American meal..

  • Ghost47 on 01/07/2024 - 17:07

    Nice work OP LOL. Now can you figure out a way to change the add on to be whatever you want it to be? Time to stick it to the Colonel.

  • ttkc on 01/07/2024 - 17:11

    Buy now regret later.

  • cyrax83 on 01/07/2024 - 17:17
    -1

    Lol nice

  • CodeXD on 01/07/2024 - 17:22
    +2

    Nice got it to work.

    A tip for those on MS Edge

    Go to network tab first and 'stop' recording network log so it doesn't spam the log with data you do not want. Start recording just before you add the add-on then stop it afterwards.

  • dust on 01/07/2024 - 17:23
    +12

    Gerry was right. We really are professionals.

  • alvian on 01/07/2024 - 17:24

    Step 4. Add the add on you want to cart.

    How do you add 4 pieces of original chicken to the cart? The add-ons menu allows only burgers and twisters to be added.

  • Gdsamp on 01/07/2024 - 17:32
    -2

    Incredible

  • IBendTrolls on 01/07/2024 - 17:34
    -1

    6 pieces are $4 at Woollies, no bones my dog likes them.

    • UncleRico on 01/07/2024 - 21:21

      Stop eating dogfood, Bendy!

  • yuisakas on 01/07/2024 - 17:55
    -2

    Coles has lowered the Steggles Chicken Wings for $9.9,they are more juicy than KFC pieces and thats the best case if the kids not overcooked your chicken,only if you dont have microwave or air fryer,this "hack"might be ok,by the way KFC chicken are made and marinated by Baiada(Steggles) anyway

  • Zitane on 01/07/2024 - 18:17

    this is awesome, andrew.

  • ThirstyCow on 01/07/2024 - 18:18
    +30

    There is a alternative method to do this also in web browsers which doesnt involve the developer tools and it works on phone as well.
    1. Open 2 tabs of the KFC site.
    2. On tab #1, add the Burger Feast to the cart and do not press anything when Add-ons menu appears.
    3. Switch to tab #2 and navigate to cart and remove the feast
    4. Switch to tab #1 and click Add to Order on the add-on you want.

    You should then have the addon only in the cart and can checkout as usual.

    Nice to see people innovating for a bargain.

  • Homr on 01/07/2024 - 18:49

    wait what? so the app hack doesn't work anymore??

  • Homr on 01/07/2024 - 18:52
    -2

    I noticed that the KFC app seems to only perform client side validation of whether your cart is valid (very bad cybersecurity), so I found a new method of getting the hack which works on the KFC website ordering.

    How does one get to learn this? Did you like a Computer Science or Web Developer degree or something??

    • AwesomeAndrew on 01/07/2024 - 19:53

      Self taught. Learned web development (front end and back end) from w3schools.

  • ipiok on 01/07/2024 - 19:04
    -3

    Will KFC ever get with the times and allow you to use the app in the drive through. I don’t want to order to then have to get out and go in the shop

    • ausmisc on 01/07/2024 - 19:14
      +1

      I've been using the app to order drive though for years

    • askvictor on 01/07/2024 - 19:53

      Wat? I pick up app orders at the drive through all the time

    • CodeXD on 01/07/2024 - 19:57

      When you order on the app, you can literally pick 'in store' or 'drive thru'

    • brianmau on 01/07/2024 - 20:18

      If you happen to have one of the online feedback voucher code for a 600ml soft drink (now it's an email with a code), choose pickup at drive thru. When you're at the speakerphone, tell them your order number, also tell them you want to redeem a free drink from the feedback page. Show them your phone screen with the email on it (they don't really read it anyway) and you can reuse the same voucher again again and again. Been working since they have this online voucher code thing earlier this year. YMMV.

  • MeagerDollarBucks on 01/07/2024 - 19:33

    I just want some cheap chicken, not learn how to code the Mars Rover! /s

  • ilovefullprice on 01/07/2024 - 19:42

    Thanks OP

  • montorola on 01/07/2024 - 19:54
    -1

    Lol this one is literally a hack! Nice

  • gregorian on 01/07/2024 - 20:04

    Can I schedule the order for pick up to be tomorrow?

    • CodeXD on 01/07/2024 - 20:20

      why not just order it tomorrow?

  • Bii on 01/07/2024 - 20:04

    Next level OzBers…. One-step closer to scammers (but who mind birds back)

  • puppetmaster on 01/07/2024 - 21:16

    Shut up and take my upvote!

  • MrMaestro on 01/07/2024 - 21:29

    KFC Australia trying to respond to thousands of OzBargainers skimming discount chicken:
    https://youtu.be/msX4oAXpvUE?si=gMmUOF20kwJdGxwc

  • AkuroPlays on 01/07/2024 - 22:13

    LOL good find

  • AkuroPlays on 01/07/2024 - 22:16

    Time to bring a laptop with me when i go through drive-thru…

Login or Join to leave a comment
Login Join