Bitcoin Forum
September 27, 2024, 04:00:29 AM *
News: Latest Bitcoin Core release: 27.1 [Torrent]
 
  Home Help Search Login Register More  
  Show Posts
Pages: [1]
1  Economy / Gambling / Re: Vulnerabilities in gambling websites in past on: August 24, 2022, 01:52:13 PM
OP mentioned the race condition vulnerability which seems to be the favorite vulnerability for hackers who are into this mainly for the money as it may allow them to edit their balance and withdraw more then they actually have. It will be interesting to read how it works in details!
Another common vulnerability you can find on many websites is not setting a limit on how many times you can enter a wrong password. This makes it easier for hackers to perform a brute force attack.

Yes you are right, most website have no protection against brute force. But on our last scans, we found many of them leak real server ip behind cloudflare. Found sensitive login pages, like: cpanel ftp, ssh, admin panel, phpmyadmin, etc. Brute forcing on these can be more dangerous than users logins.
2  Economy / Gambling / Re: Vulnerabilities in gambling websites in past on: August 22, 2022, 06:56:04 PM
We made fast scans and information gathering on random sites. The most common issue is real server IP address leak. Cloudflare bypass itself is not a vulnerability, but attacker have more opportunity. Can abuse IP, brute forcing logins, etc...
Outdated applications, respositories is the other hand.
3  Economy / Gambling / Re: 🛡️🎯 Professional Vulnerability and Penetration Testing - Increase Security on: August 22, 2022, 03:35:15 PM
Looks like a new group/company of pentesters. Do you have a website? Any previous work you do? (No need to mention the websites, just the vulnerabilities you found.)

Also, your contacts(e.g. telegram) aside from bitcointalk PM. This is important since you are a newbie, to respond more faster due to newbie account restrictions.


<snip>
In my opinion, it will be better if you will include how long have you been doing this service. How many years already past since you first stepped to this kind of business... something like that. To me you may have reach more potential clients if you will move this thread to Services board as this whole thread should be there at the first place.
Welcome to bitcointalk, goodluck!

Thank you the nice welcome!

Me personally work in cyber security company since 2018 in Europe. We are not beginners but the idea of do pentesting as freelancer is new. We don't have own website yet.

Thank you for the advice, I will move the thread!
Contact email now linked on our Profil> 0radontm gmail

Step of full test
1. Gathering informations - Crawling - Scanning
2. Testing vulnerabilities

Process time can take hours or days, depends on the size of attack surface!
4  Economy / Gambling / 🛡️🎯 Professional Vulnerability and Penetration Testing - Increase Security on: August 21, 2022, 04:31:24 PM
Dear Community,


We are RadonTM a small group of white hat hackers and pentesters. Crypto exchanges and Casinos are in the crosshairs of criminals. Malicious hackers mostly try to gain access to server, database to clear hot wallets.

We do full test with professional up to date auto vulnerability scanners and manual testings!

Price: 490$ / full penetration, vulnerability test

Rewards for found critical vulnerabilities: gain access to server, database, users, cashier glitches: 5000-15000$

We never share sensitive information to 3rd party!
We never do pentest for 3rd party!
We only do pentest for site owners and admins!

Time to time we will make free auto tests on sites (not full test)! We will contact with site owner or admin if we find serious issues!

Donations Btc: bc1qjjtp8gqd2929aqw7u7asnet3fkur730zgh5dc9


100% security doesn't exist, but must do everything to decrease attack surface!


First 3 test for free (honesty box payments)!
Pages: [1]
Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!