Wow, that PM is epic. It starts with the name "Digger_Exposed".. boo hoo.. " Unfortunately, I have some very bad news for you".. damn, some serious stuff here.. Stunna must have been shocked upon reading that introduction. What happened? Did the exposer find a 0-day SSH vulnerability to obtain root access on the PD servers? Is it an employee of the datacenter where PD is hosted and did he get access to the precious server seeds? Are the developers of PD the same developers of the latest darknet market and is he ready to expose it? Did he find connections of the direct bitcoin funding of ISIS members by the PD admins? Wait.. it's about "digging" an altcoin, which whole concept is based around.. "digging" it? ... Some proper exposing here. I am afraid PD will be "busted" within 7 days
|
|
|
Yeh, option b) def not. Option a) could be, I just hope it won't make it more confusing? (making it as simple as possible is the best point of the lottery.) Does it also mean that your "commission" is 0% at start and 50% at end? (not that I really care about that, just wondering.)
|
|
|
Lol, actually the 5th on current round paid BTC0.0111, so you should make top 5 with BTC0.017. But yeh, maybe not first hehe I recommend to check last moments too, it is a bit tricky/disappointing if you end up being 6th by a few bits. In other news: prize already BTC5.77 - hope it will be a big one
|
|
|
Told you it wasn't a surprising result... cowbay always wins those high multiplier bets on all sites :XD Nice win!
|
|
|
Okay, yeh with some basic testing parseInt() indeed messes up bigger numbers.
So I guess we do have a lucky/surprising winner.
|
|
|
Yeh, it could be that I did that part wrong as I wasn't sure about it: So if we calculated the result hash, can we just do: parseInt('hash',16)%tickets) or do we need some big int special since it's a 256 bit number ? I don't know much about that I did: parseInt('6e466cdd13cc80b1137addf46362bbe3714fc9bf7faef9aba930554d3e080ba5',16)%2370006599 > 693288453 Does that make any sense? Lol.
|
|
|
Well PHP also uses OpenSSL in background and it seems to force the iterations into 'int' too ( source code) - but I seem to be running 64-bit version: > php -r 'echo PHP_INT_MAX;' > 9223372036854775807 edit: for the lulz I am now running with 2147483647 iterations might be not finished before I go to sleep though.
|
|
|
obviously my PHP one could be wrong too.. so hope I am not wasting your time lol. I mean PHP doesn't really like big integers, potentially it's messing up that function too.
|
|
|
Hm no. I used PHP. Example one is correct: echo hash_pbkdf2("sha256", "00000000000000000ef86b27c174df6a412c0ce43eab1d532034555749294137", "pevpot", 100000, 64); > 39aed3d2eff372916100106e355384495d1794320d4c3cb4c2e0e48cc36bbd06 Then with: echo hash_pbkdf2("sha256", "000000000000000009b7fb236187f120a0c86eb8785f099a8d197dd34b9d2553", "pevpot", 5000000000, 64); I got: > 6e466cdd13cc80b1137addf46362bbe3714fc9bf7faef9aba930554d3e080ba5 Anything wrong with the block hash I used or something? 5000000000, correct too right? edit: note the 64 is because PHP parameter is in hexits, not bytes.
|
|
|
Yeh, that would be the least surprising In a next round I could probably just share the result if I am first.. but I am really afraid somehow it's wrong (since it's my own script and first round) and I would make someone "happy" with the wrong result lol. So take the hint for what it is and hope Ryan has official result soon
|
|
|
Actually after 2h 40m my script is finished. But because I made my own script I am bit afraid to share the result as it might have mistakes lol :X (I only had it for verification, didn't expect to be the first.) Hint: if my result is correct, the winner would be not surprising. I would hope Ryan can run it first though, just in case I made a mistake :X edit: I actually hope I am wrong, so my small bet still has a chance lol.
|
|
|
Well.. I guess the site isn't calculating it in an automated way (yet) and I guess Ryan didn't start his "monster C4 instance" yet when the block got mined My script is running for 2.5h now and total estimated time on my laptop is around 4h (based on 100x less iterations test.) Either way, hope to see the result soon
|
|
|
Actually I just concluded that based on: PBKDF2 is defined as PBKDF2(PRF, Password, Salt, iterations, dkLen) which I'll use as PBKDF2('sha256', BLOCK_HASH, 'pevpot', 10000000000, 32)
The fastest implementation I could find was openssl, which when compiled with -O3 took about 2h47m to run. With the fastest virtual machine I could get my hands on (c4.8xlarge), I got it running in about 2h1m. Since it's 5B instead of 10B, I figured it's around 1 - 2 hours.
|
|
|
Nice.. gotta wait till block #384006 now.. then from that block hash we can calculate the result hash (calculation also takes some time.) So if we calculated the result hash, can we just do: parseInt('hash',16)%tickets) or do we need some big int special since it's a 256 bit number ? I don't know much about that edit: https://www.blocktrail.com/BTC/block/000000000000000009b7fb236187f120a0c86eb8785f099a8d197dd34b9d2553 so calculating result hash (called stretched block hash by PevPot), might take 1-2 hours from now.
|
|
|
Lol, 6 coin + 11 coin "last moment" bets Still 8 blocks ~80 mins, but cool to see the prize grow..... almost BTC24 prize for winner now! Still +0.74% = same as investors take on most crowd-funded dice sites (aka "investors" should also bet on PevPot )
|
|
|
Scam alert.1. Site hosted on free hosting. 2. Text copied from other conference: "... distributed ledgers, and the future of Bitcoin in Asia. " Lol, Asia? 3. Seems like an unlikely list of attendees and no venue details. 4. Literally only your 2 posts links to this "conference".
|
|
|
But question: how do you know, for example, what code to use for the JS script? Like how do you get this information from the site (as I'm guessing it should be similar for other sites)? Generally start is developer tools (F12) and Network tab. You can see all the scripts/socket/etc being loaded. Alternative just "view source" (CTRL+U) to easily watch source (and click to javascript files.) For direct betting by URL request: if you make a bet, you can see the actual request being made in that Network tab. So easy to make the same request with your own code. For on-site betting: I would check the scripts that are loaded and seem relevant. In this case BB loads " plinko.min.js". So in that file, I search for "placeBetPlinko" (because I know this is used in the URL request) but it's not there. BB also loads " ajax.js" so I checked that. In there you can find "placeBetPlinko" in the function placeBetPlinko(). So now you just have to look which parameters it takes and you can run it in console Ps, I actually use FF addon "Firebug" and I can even easily search through all the javascript files at once in their Network tab, so finding "placeBetPlinko" is even easier that way. Not sure if the default FF and Chrome "developer tools" offer that. Ps2, if that minimized javascript looks a bit difficult to follow, try http://jsbeautifier.org
|
|
|
What you mean? There was an AMA yesterday on that other forum. That is finished now. How does that mean they are gone here?
|
|
|
Okay, so I simplified it a bit and tested it. So this PHP code actually works to make 1 bet (you can loop it yourself to auto-bet, just don't make a infinite loop lol.) Notes: - Only those who know PHP should use this. It's not a bot for all users or whatever. - You have to get ajax key + cookies manually and put it there - The plinko "rules" are just saved on server, so change it in browser on your account and just run script would work - You could actually make 1 cURL command in terminal to make 1 bet - so that might be easier than PHP script - Etc. etc. use on own risk :p <?php
$ssl_ca = "/var/www/cacert.pem"; $url = "https://betterbets.io/ep/ajax/?func=placeBetPlinko&ajaxUserKey="; $ajax_key = "yourajaxkey"; // NOT same as API key > get manually
function make_bet() { global $url,$ajax_key,$ssl_ca;
$ch = curl_init(); curl_setopt($ch, CURLOPT_URL, $url.$ajax_key); curl_setopt($ch, CURLOPT_POST, 1); curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
// SSL stuff you can change 2 and 1 both to 0 and remove CAINFO if you don't care about verifying SSL curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 2); curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, 1); curl_setopt($ch, CURLOPT_CAINFO, $ssl_ca);
curl_setopt($ch, CURLOPT_POSTFIELDS, http_build_query(array( 'pidx' => "2", // Green=0,Yellow=1,Red=2 'r' => "3", // Green=1,Yellow=2,Red=3 'ui' => "1", 'w' => "0.00000100" // Wager amount )) );
// Change to your cookies curl_setopt($ch, CURLOPT_COOKIE,"__cfduid=1; PHPSESSID=1; BetterBetsSession=1"); curl_setopt($ch, CURLOPT_HTTPHEADER, array('X-Requested-With: XMLHttpRequest','Referer: https://betterbets.io/app/game/plinko/'));
$server_output = curl_exec($ch); if (empty($server_output)) { die('broken'); } else { $return = json_decode($server_output,true); if (empty($return['profit'])) { echo $server_output; die('broken'); } else { echo '<pre>'; print_r($return); echo '</pre>';
return $return; } } }
make_bet();
?> EDIT: Just to be clear, anyone who wants to make a autobet bot should definitely NOT do it in PHP lol. For example it's even easier to do it like this: Let's say we want to bet 10 times on Yellow for 100 sats each:1. Press F12 while plinko game is open in browser 2. Go to "Console" tab 3. Enter the following command and press enter: for(i=0;i<10;i++) { setTimeout(function(){ placeBetPlinko(1,0.00000100,2); }, 1000*i); } 4. Done. Notes: - The 0.00000100 is the amount - To change colors: change 1 and 2 parameters at the placeBetPlinko function... Green=0+1, Yellow=1+2, Red=2+3 - I put a 1 second delay (1000ms) to not DoS the site - You can change the 10 to slightly higher, but I recommend to not make it -too- high, just in case anything goes wrong - Use at own risk
|
|
|
|