Show Posts
|
Pages: [1] 2 3 »
|
I can provide Web-Design and Development services, specifically I'm talented at creating bitcoin-gambling sites.
If anyone is interested in my purchasing my services, feel free to PM me.
|
|
|
And no, you can't do that unless you have their log-in. In which case they'd simply be 'hacked'
Are you not aware of CSRF? I don't need someone's login. I just need to know someone's bitcoin address and I can silently update it. You're both idiots. First of all, I could easily check where the requests are coming from, second of all, the user sees their cashout address prior to clicking cashout. They could easily change it back to their address. Lol. Please point out these 'other vulnerabilites.'
|
|
|
I'm sorry but your site is horribly insecure. If I know a user's Bitcoin address, I can change their cashout address to mine. Silently. Proof of concept: http://ca3.cc/poc.phplrn2security. Anyone who buys broken scripts is an idiot and will get hacked, because there's quite a few other vulnerabilities too. Just ignore Loker... Just ignore me? My source has no vulns. Lol.
|
|
|
I'm sorry but your site is horribly insecure. If I know a user's Bitcoin address, I can change their cashout address to mine. Silently. Proof of concept: http://ca3.cc/poc.phplrn2security. Anyone who buys broken scripts is an idiot and will get hacked, because there's quite a few other vulnerabilities too. Lol. This does the same exact thing as what my script that changes people's address' does. Their address can't be changed unless they enter theirs... And no, you can't do that unless you have their log-in. In which case they'd simply be 'hacked' I usually don't express myself as such, but frankly: you're a fucking moron. Not even going to bother verifying where the HTTP request is coming from because your script is 100% useless and most users here won't be able to realize that. Regardless, feel free to point out any vulns. I'd LOVE to see 'em.
|
|
|
Anyone that may be interested, feel free to shoot me a Pm.
|
|
|
Anyone that may be interested, feel free to shoot me a Pm.
|
|
|
Waiting this long for something that should be instant makes me want to shoot a bullet through a laptop.
|
|
|
...Give it some time? It's been 20 hours.
|
|
|
E-mailed three (3) times, tweeted the CEO, tweeted the company, posted a topic on their 'help' forum, no response(s)... Payment has undergone 128 confirmations and my balance is still not updated. They have the WORST support I've ever come across. It's been 20 hours just to transfer BTC from my desktop wallet to my coinbase account. What's up with that? Is it just me..? I wish I could call them.. Sent .0001 to see if it'd go through -
|
|
|
Has anyone else had this issue?
|
|
|
Fixed. Forgot to parameterize my prepared statement that handled the updating of balance.
|
|
|
Aside from little bugs like that that are fixable, it's actually really secure.
Sorry, I don't trust a developer anymore that tries to sell a gambling site that in its current form allows anyone to cheat the house and then claim "yeah it's fixable". I bet you would've done nothing about it if I didn't point it out in this thread to you and you would just let the first sucker buying this PoS walk away without the notice that it's seriously fubar. Wrong. Reread my response..
|
|
|
I do not suggest anyone to buy this. The site is insanely insecure and I currently own more fake gambling coins that there will ever be bitcoins (on his demo site).
Lol. 1. It's not complete and hasn't been bug-tested, 2. I have written up a file that will be a cron-job constantly checking for malicious bettors and 3. It's a sample and I never said in anyw way, shape, or form that it's 100% secure. If it was EVER to go live it would be, however. Not to mention, you or anyone that maliciously gained balance would never be able to cash them out. Aside from little bugs like that that are fixable, it's actually really secure. It makes use of prepared statements disallowing any type of database injection or manipulation.
|
|
|
You could propably post a demo that uses play money, and would be easier to get a feel for your software then the video.
Added a demo-site. Balance is auto-added to users that register so you can toy around with it.
|
|
|
Yes I can. For any serious add-ons I'll obviously charge extra but I'd do that for free.
|
|
|
Thanks for your support, if you have any further questions or concerns feel free to email me at blobsrs@gmail.com
|
|
|
Live Demo: http://gigadice.com/simple/All users that register are given 1 (one) balance to play around with. Cashout & Deposit aren't working because I don't have a coinbase account hooked up, although they work perfectly. Video of what I'm selling: https://vimeo.com/71077590Picture (updated it with recent bets, updated in real-time like just-dice): http://puu.sh/3Mugj.pngPrice isn't set in stone and I'm taking offers. I've developed bitcoin-gambling sites for multiple users here. In addition, I can show the source over TeamViewer or Skype, I will soon have a demo uploaded. It's developed in PHP/jQuery/JavaScript/HTML/CSS. Thanks.
|
|
|
open for bets
Are you "Open @ Insanity [Insanity FC]"?
|
|
|
|