Bitcoin Forum
October 31, 2024, 10:49:00 PM *
News: Bitcoin Pumpkin Carving Contest
 
   Home   Help Search Login Register More  
Pages: « 1 2 3 4 5 6 7 8 [9] 10 »  All
  Print  
Author Topic: Hack Into BitDice And Get 1BTC!  (Read 6825 times)
UGMZ
Newbie
*
Offline Offline

Activity: 14
Merit: 0


View Profile WWW
December 27, 2016, 09:51:02 PM
 #161

Now a days i am much afraid to try the new websites like this with such offer as recently i have joined the site like this which was seems good but after joining all of my accounts data was stolen and the all money in my accounts have been gone. So i want to see users review regarding this to clear my mind.

Do you mean on some OTHER site your money was stolen or on this particular site? Can't seem to understand what you mean there. Please clarify it a bit Smiley
From his post I understood that he is telling about any other site where he joined but lost his account due to hack attack. By the way from this thread everyone know that bitdice is more secure even if you give access to your account to anyone he will not be able to login from his device.
But after login attempt the site send the details for to get access to the site through the email so it means that if a person get access to the email address on which the owner is registered then the hacker will be able to hack the account easily. Can you tell who will be responsible for that?

Like I said in my mini report. Social engineering is about the only way you will get round this.

And if someone loses there email account then that is no fault of the site.

They do have good security on the site. And they have "decentralized" the site the users see from the back end of the running of the site.
carmenullery
Newbie
*
Offline Offline

Activity: 3
Merit: 0


View Profile
December 28, 2016, 12:58:35 AM
 #162

Now a days i am much afraid to try the new websites like this with such offer as recently i have joined the site like this which was seems good but after joining all of my accounts data was stolen and the all money in my accounts have been gone. So i want to see users review regarding this to clear my mind.

Do you mean on some OTHER site your money was stolen or on this particular site? Can't seem to understand what you mean there. Please clarify it a bit Smiley
From his post I understood that he is telling about any other site where he joined but lost his account due to hack attack. By the way from this thread everyone know that bitdice is more secure even if you give access to your account to anyone he will not be able to login from his device.
But after login attempt the site send the details for to get access to the site through the email so it means that if a person get access to the email address on which the owner is registered then the hacker will be able to hack the account easily. Can you tell who will be responsible for that?

Like I said in my mini report. Social engineering is about the only way you will get round this.

And if someone loses there email account then that is no fault of the site.

They do have good security on the site. And they have "decentralized" the site the users see from the back end of the running of the site.


everyone laughing at you
i have a bypass like i said, put 10 btc in the account and watch it disappear.  Grin
UGMZ
Newbie
*
Offline Offline

Activity: 14
Merit: 0


View Profile WWW
December 28, 2016, 01:34:29 AM
 #163

You have a bypasss? I highly doubt this!

But good luck anyway.. I don't suppose you have any proof?
Shiroslullaby
Sr. Member
****
Offline Offline

Activity: 434
Merit: 250



View Profile
December 28, 2016, 01:45:34 AM
 #164

If anyone had a way to get into this account, the real question is,
would they just take the 1 Bitcoin, or would they use the exploit to compromise other accounts?
I guess it depends on what color hat they wear.  Wink

kolloh
Legendary
*
Offline Offline

Activity: 1736
Merit: 1023


View Profile
December 28, 2016, 04:04:18 AM
 #165

If anyone had a way to get into this account, the real question is,
would they just take the 1 Bitcoin, or would they use the exploit to compromise other accounts?
I guess it depends on what color hat they wear.  Wink

Well, you'd still need the account passwords for other accounts in order to compromise them even if you could bypass it. I would think the 1 BTC would be taken if someone was able to.
mixan
Legendary
*
Offline Offline

Activity: 966
Merit: 1000


TRUMP IS DOING THE BEST! MAKE AMERICA GREAT AGAIN!


View Profile
December 29, 2016, 01:03:14 PM
 #166

If anyone had a way to get into this account, the real question is,
would they just take the 1 Bitcoin, or would they use the exploit to compromise other accounts?
I guess it depends on what color hat they wear.  Wink

Well, you'd still need the account passwords for other accounts in order to compromise them even if you could bypass it. I would think the 1 BTC would be taken if someone was able to.
Yes the request from this site is to try to get into one account that is holding these funds. Not hack the whole site to get everyone's account passwords. That would take along time to do just look at what happened to yahoo email service.
It is possible. If an email leak of a presidential candidate while running for the white house is possible so is doing it to this site. They don't have such security as the most defended nation in the world no matter how much your dice site holds. Wink

The parasite hates three things: free markets, free will, and free men.
carlfebz2
Hero Member
*****
Offline Offline

Activity: 3122
Merit: 739


DGbet.fun - Crypto Sportsbook


View Profile
December 29, 2016, 02:16:03 PM
 #167

If anyone had a way to get into this account, the real question is,
would they just take the 1 Bitcoin, or would they use the exploit to compromise other accounts?
I guess it depends on what color hat they wear.  Wink

Well, you'd still need the account passwords for other accounts in order to compromise them even if you could bypass it. I would think the 1 BTC would be taken if someone was able to.
Yes the request from this site is to try to get into one account that is holding these funds. Not hack the whole site to get everyone's account passwords. That would take along time to do just look at what happened to yahoo email service.
It is possible. If an email leak of a presidential candidate while running for the white house is possible so is doing it to this site. They don't have such security as the most defended nation in the world no matter how much your dice site holds. Wink
Nothing on this world cant be hacked because human do create those inventions and securities in any services here in online world. We should not derailed on the topic and we are just talking here about the 1 btc which is inside on that account.Leaking emails is possible but I don't think it would happen nowadays but well no one knows.Im still following this thread if someone could able to access.

UGMZ
Newbie
*
Offline Offline

Activity: 14
Merit: 0


View Profile WWW
December 30, 2016, 03:52:05 PM
 #168

I gave up on it after doing a full scan and lots of poking about on the site here is my conclusion.


1. They have a strong server setup that is well defended and there don't seem to be any "known" issues with the site at present.
2. The account security is tight with 2FA and also some kind of IP / Browser agent connection for additional "device" security.

I think they show good technical ability and good operation of the site..  I doubt for now anone is getting into that account, Unless they hack the admin.

erwin45hacked
Legendary
*
Offline Offline

Activity: 1064
Merit: 1000



View Profile
December 31, 2016, 01:45:45 AM
 #169

I gave up on it after doing a full scan and lots of poking about on the site here is my conclusion.


1. They have a strong server setup that is well defended and there don't seem to be any "known" issues with the site at present.
2. The account security is tight with 2FA and also some kind of IP / Browser agent connection for additional "device" security.

I think they show good technical ability and good operation of the site..  I doubt for now anone is getting into that account, Unless they hack the admin.


If they could hack the "admin" then they could get anyone's funds on the site and not even just the 1 btc. Then it is safe to say that this site probably has the best security features among the others? Combined with 2FA then it is almost unpenetrable unless someone with some skills actually could get into it
UGMZ
Newbie
*
Offline Offline

Activity: 14
Merit: 0


View Profile WWW
December 31, 2016, 02:08:14 AM
 #170

Well 2fa can be bypassed by doing whats called a "Sim Swap" But you would need to know the number registered and the details of the mobile phone account (social engineering) contact the network tell them you have lost your phone but you have a new simcard for there network could they port the number over to the new sim (Not as hard as it sounds... 10 min later you have targets phone number ready for the 2FA code..

Yes hacking the admin would be a fairly easy way to go after the site as a whole

With the bitcoin price soaring for 2017 sites like this are going to need to keep a keen eye on security.. Look what happens to gox and others when the price went high. the attackers came out the wood work and hit hard.. with the massive explosion in casino's and dice games. it could be a nightmare waiting to happen for gamblers and exchange users.
KryptoGuru
Newbie
*
Offline Offline

Activity: 3
Merit: 0


View Profile
December 31, 2016, 02:33:48 AM
 #171

Well 2fa can be bypassed by doing whats called a "Sim Swap" But you would need to know the number registered and the details of the mobile phone account (social engineering) contact the network tell them you have lost your phone but you have a new simcard for there network could they port the number over to the new sim (Not as hard as it sounds... 10 min later you have targets phone number ready for the 2FA code..

Yes hacking the admin would be a fairly easy way to go after the site as a whole

With the bitcoin price soaring for 2017 sites like this are going to need to keep a keen eye on security.. Look what happens to gox and others when the price went high. the attackers came out the wood work and hit hard.. with the massive explosion in casino's and dice games. it could be a nightmare waiting to happen for gamblers and exchange users.

Thanks for the wonderful participation in this UGMZ. I'm one of your follower since i read your replies here in hacking thing. But unfortunately their server is tight and got some really good security. I thought you were so close on hacking it, but I'm wrong on that.
UGMZ
Newbie
*
Offline Offline

Activity: 14
Merit: 0


View Profile WWW
December 31, 2016, 02:44:49 AM
 #172

I just don't have the free time to keep going I only did a standard testing for things like XSS vulns and Unicorn scan, Vega scan's + a few other of my own tests. and after speaking with the admin and "squeezing" some server info from him It became clear that they are taking customer security very seriously.

But from what I did try and test there "most what your average hacker" would try or have access too without trying to damage the site in anyway it was very secure.

So they get a thumbs up from me.



Arcteryx
Hero Member
*****
Offline Offline

Activity: 728
Merit: 500


EtherSphere - Social Games


View Profile
March 21, 2017, 06:42:14 PM
 #173

If anyone had a way to get into this account, the real question is,
would they just take the 1 Bitcoin, or would they use the exploit to compromise other accounts?
I guess it depends on what color hat they wear.  Wink

Well, you'd still need the account passwords for other accounts in order to compromise them even if you could bypass it. I would think the 1 BTC would be taken if someone was able to.
But did it not get hacked into and that guy stole 38 BTC from the site's wallet?
But that was using the bct talk account password to retrieve access to the casino bank wallet.
So that attempt didn't count am I correct? Or is that totally something different all together with doing something completely illegal?
I think it ended up with the owner paying out those funds out to people who's funds were lost in the hack.
It was all very confusing because it spilled over from an accusation thread against that use and into the campaign thread going back and forth. Embarrassed

........EtherSphere........
.....ICO Starts on 5th August, 4:00 PM UTC.....
.......High ROI Social Ethereum Games
........BENEFITS WHITEPAPER ANN THREAD GITHUB REDDIT TWITTER........

░░░░░░░░░░░▄██████████████▀░░░░░
░░░░░░░░▄█████████████▀▀░░░░░░░░
░░░░░░▄██████▀░░░░░░░░░░░░░░░░░░
░░░░░██████▀░░░░░░░░░░░░░░░░░░░░
░░░░░██████░░░░░░░░░░░░░░░░░░░░░
░░░░░░██████▄░░░░░░░░░░░░░░░░░░
░░░░░░░▀███████████████████▄░░░░
░░░░░░░░░▀▀██████████████████▄░░
░░░░░░░░░░░░░░░░░░░░░░░███████░░
░░░░░░░░░░░░░░░░░░░░▄▄██████▀░░░
░░░░░░░▄█████████████████▀▀░░░░░
░░░░░▄████████████████▀▀░░░░░░░░......................
kolloh
Legendary
*
Offline Offline

Activity: 1736
Merit: 1023


View Profile
March 22, 2017, 05:04:51 AM
 #174

If anyone had a way to get into this account, the real question is,
would they just take the 1 Bitcoin, or would they use the exploit to compromise other accounts?
I guess it depends on what color hat they wear.  Wink

Well, you'd still need the account passwords for other accounts in order to compromise them even if you could bypass it. I would think the 1 BTC would be taken if someone was able to.
But did it not get hacked into and that guy stole 38 BTC from the site's wallet?
But that was using the bct talk account password to retrieve access to the casino bank wallet.
So that attempt didn't count am I correct? Or is that totally something different all together with doing something completely illegal?
I think it ended up with the owner paying out those funds out to people who's funds were lost in the hack.
It was all very confusing because it spilled over from an accusation thread against that use and into the campaign thread going back and forth. Embarrassed

That isn't accurate. 38 btc was not stolen from the site's wallet in any hack. You'll need to re-read that accusation thread for more information regarding that but nothing was stolen from the site's wallet.
josephdd1
Hero Member
*****
Offline Offline

Activity: 1358
Merit: 513


View Profile
March 22, 2017, 10:37:12 AM
 #175

If anyone had a way to get into this account, the real question is,
would they just take the 1 Bitcoin, or would they use the exploit to compromise other accounts?
I guess it depends on what color hat they wear.  Wink

Well, you'd still need the account passwords for other accounts in order to compromise them even if you could bypass it. I would think the 1 BTC would be taken if someone was able to.
But did it not get hacked into and that guy stole 38 BTC from the site's wallet?
But that was using the bct talk account password to retrieve access to the casino bank wallet.
So that attempt didn't count am I correct? Or is that totally something different all together with doing something completely illegal?
I think it ended up with the owner paying out those funds out to people who's funds were lost in the hack.
It was all very confusing because it spilled over from an accusation thread against that use and into the campaign thread going back and forth. Embarrassed

That isn't accurate. 38 btc was not stolen from the site's wallet in any hack. You'll need to re-read that accusation thread for more information regarding that but nothing was stolen from the site's wallet.

Ofc it's not accurate! This...HYIP-Ponzi admin/owner that want's back (?) 38BTC, hack somehing but this is not the BitDice account with the 1BTC on it.
He hacked the forum account of the owner of BitDice and still want back money that don't belong to him from the start of his "great" career as a scammer... Roll Eyes
Oilacris
Hero Member
*****
Offline Offline

Activity: 3192
Merit: 621



View Profile
March 22, 2017, 10:45:11 AM
 #176

If anyone had a way to get into this account, the real question is,
would they just take the 1 Bitcoin, or would they use the exploit to compromise other accounts?
I guess it depends on what color hat they wear.  Wink

Well, you'd still need the account passwords for other accounts in order to compromise them even if you could bypass it. I would think the 1 BTC would be taken if someone was able to.
But did it not get hacked into and that guy stole 38 BTC from the site's wallet?
But that was using the bct talk account password to retrieve access to the casino bank wallet.
So that attempt didn't count am I correct? Or is that totally something different all together with doing something completely illegal?
I think it ended up with the owner paying out those funds out to people who's funds were lost in the hack.
It was all very confusing because it spilled over from an accusation thread against that use and into the campaign thread going back and forth. Embarrassed

That isn't accurate. 38 btc was not stolen from the site's wallet in any hack. You'll need to re-read that accusation thread for more information regarding that but nothing was stolen from the site's wallet.

Ofc it's not accurate! This...HYIP-Ponzi admin/owner that want's back (?) 38BTC, hack somehing but this is not the BitDice account with the 1BTC on it.
He hacked the forum account of the owner of BitDice and still want back money that don't belong to him from the start of his "great" career as a scammer... Roll Eyes
Theres no connection between this challenge and those situation which happen on the past and also theres no need to bump this thread since its already 3 months passed and no one could able to do this challenge on hacking the site. If until now theres no one could able to get on the 1 btc on the account given then im sure security of this website is good enough and could increase more trust regarding on handling funds.

Dobrii
Sr. Member
****
Offline Offline

Activity: 864
Merit: 260


View Profile WWW
December 19, 2017, 07:24:36 AM
 #177


To prove our security, we run a HackMe event. I've tipped user hack_me with 1BTC.

Here's registration email: contact@bitdice.me
And password: Jy45kFbGJX9n5q8

Yes! We've posted password from an account with 1BTC on it. Simply sign-in and take it Smiley

Couldn't? Well, that's because our security is so safe that even leaking your password can't do anything bad. We are safer than Bitfinex  Grin

User hack_me was registered with default settings, nothing has been changed under his profile.

Join to one of the safest casino worldwide.

In BitDice We Trust!



Great news. I believe that BitDice will be the best casino in the sphere of gambling.
adaseb
Legendary
*
Offline Offline

Activity: 3878
Merit: 1733


View Profile
December 19, 2017, 07:44:14 AM
 #178


To prove our security, we run a HackMe event. I've tipped user hack_me with 1BTC.

Here's registration email: contact@bitdice.me
And password: Jy45kFbGJX9n5q8

Yes! We've posted password from an account with 1BTC on it. Simply sign-in and take it Smiley

Couldn't? Well, that's because our security is so safe that even leaking your password can't do anything bad. We are safer than Bitfinex  Grin

User hack_me was registered with default settings, nothing has been changed under his profile.

Join to one of the safest casino worldwide.

In BitDice We Trust!



Great news. I believe that BitDice will be the best casino in the sphere of gambling.

You know what.

If you really want to spam your sig in the least amount of work possible. Due some work and try to avoid bumping a thread that was created over a year ago and its irrelevent.

Doing so mods will either remove your posts or contact your affiliate manager and have yourself get booted from the signature campaign.

This thread should be locked right now.
Theb
Hero Member
*****
Offline Offline

Activity: 1680
Merit: 655


View Profile
December 19, 2017, 10:17:22 AM
 #179

That is the best thing about 2FA security as it is an added layer of security for the user. I have done it in the past as passwords simply couldn't make me comfortable to sleep at night. However 2 factor authentication are kinda annoying sometimes as there are days that you just want to log-in into your account and play having 2fa always on will make you soend a few extra seconds in order to proceed to the site.

..bustadice..         ▄▄████████████▄▄
     ▄▄████████▀▀▀▀████████▄▄
   ▄███████████    ███████████▄
  █████    ████▄▄▄▄████    █████
 ██████    ████████▀▀██    ██████
██████████████████   █████████████
█████████████████▌  ▐█████████████
███    ██████████   ███████    ███
███    ████████▀   ▐███████    ███
██████████████      ██████████████
██████████████      ██████████████
 ██████████████▄▄▄▄██████████████
  ▀████████████████████████████▀
                     ▄▄███████▄▄
                  ▄███████████████▄
   ███████████  ▄████▀▀       ▀▀████▄
               ████▀      ██     ▀████
 ███████████  ████        ██       ████
             ████         ██        ████
███████████  ████     ▄▄▄▄██        ████
             ████     ▀▀▀▀▀▀        ████
 ███████████  ████                 ████
               ████▄             ▄████
   ███████████  ▀████▄▄       ▄▄████▀
                  ▀███████████████▀
                     ▀▀███████▀▀
           ▄██▄
           ████
            ██
            ▀▀
 ▄██████████████████████▄
██████▀▀██████████▀▀██████
█████    ████████    █████
█████▄  ▄████████▄  ▄█████
██████████████████████████
██████████████████████████
    ▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄
    ▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀
       ████████████
......Play......
billy M.
Newbie
*
Offline Offline

Activity: 21
Merit: 0


View Profile
December 20, 2017, 12:17:23 PM
 #180

Nice additional security feature now everyone is curious how to hack the mail address provided then if 2fa is installed on email another work.
Pages: « 1 2 3 4 5 6 7 8 [9] 10 »  All
  Print  
 
Jump to:  

Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!