Stunna (OP)
Legendary
Offline
Activity: 3192
Merit: 1278
Primedice.com, Stake.com
|
|
August 03, 2014, 07:01:22 PM Last edit: August 03, 2014, 09:36:01 PM by Stunna |
|
Looking to grab a few additional pentesters to try and break/glitch primedice 3 prior to launch. If you have pentesting experience please post here instead of PMing and I will contact you if I feel you are suitable. If you aren't selected you will still have the chance to test when the site goes public and the bounties will increase substantially after that point. Bounties will be paid for new unreported issues and rewards will be based off severity.
Thanks
Note: I'm not looking for a normal user to test out the site, I'm looking for hackers with code experience and knowledge on how to find/abuse bugs like XSS/CSRF. Will be back later today to PM details
|
|
|
|
|
|
|
Bitcoin mining is now a specialized and very risky industry, just like gold mining. Amateur miners are unlikely to make much money, and may even lose money. Bitcoin is much more than just mining, though!
|
|
|
Advertised sites are not endorsed by the Bitcoin Forum. They may be unsafe, untrustworthy, or illegal in your jurisdiction.
|
marcotheminer
Legendary
Offline
Activity: 2072
Merit: 1049
┴puoʎǝq ʞool┴
|
|
August 03, 2014, 07:21:03 PM |
|
Im interested and willing to try it out. Up to you Stunna.
|
|
|
|
nahtnam
Legendary
Offline
Activity: 1092
Merit: 1000
nahtnam.com
|
|
August 03, 2014, 09:22:00 PM Last edit: August 03, 2014, 09:38:24 PM by nahtnam |
|
Im interested! EDIT: Although I cant really try to "hack" pd3, I can test for speed and efficiency, as well as js problems. Let me know if you are interested!
|
|
|
|
edmundduke
Legendary
Offline
Activity: 1624
Merit: 1007
|
|
August 03, 2014, 09:23:27 PM |
|
I am interested. I might be a Jr. Member here but i have plenty of experience in testing.
|
|
|
|
Prez
|
|
August 03, 2014, 10:02:28 PM Last edit: August 03, 2014, 10:34:45 PM by Prez |
|
I'm interested in testing/breaking PD. I can PM you my resume of the sites I have worked on if needed.
I'm confident in my abilities and won't waste your time. Let me know what you would like to see from me.
|
|
|
|
account4btc
Newbie
Offline
Activity: 3
Merit: 0
|
|
August 03, 2014, 10:17:32 PM |
|
I can test with 90gbps, let me know
|
|
|
|
factor280
|
|
August 03, 2014, 10:26:04 PM |
|
Hi Stunna,
I'm interested and can help. I code in JS and dice quite frequently. Please let me know if I can be of help.
|
Sig Space for Rent! PM Me.
|
|
|
MICRO
Legendary
Offline
Activity: 2464
Merit: 1037
CEO @ Stake.com and Primedice.com
|
|
August 03, 2014, 10:30:35 PM |
|
He needs some blackhat hackers not testers . U guys don't need to test pd u need to try to break it , abuse it , and exploit it .
|
|
|
|
factor280
|
|
August 03, 2014, 11:27:51 PM |
|
He needs some blackhat hackers not testers . U guys don't need to test pd u need to try to break it , abuse it , and exploit it . Absolutely agree with you. But he still needs to find if there are any exploits, including in javascript. If there are, you could manipulate the code or, for example, if the code is poorly written, a few users with bots would overload the server and slow things down considerably. Simple things that shouldn't be overlooked
|
Sig Space for Rent! PM Me.
|
|
|
Prez
|
|
August 03, 2014, 11:40:22 PM |
|
He needs some blackhat hackers not testers . U guys don't need to test pd u need to try to break it , abuse it , and exploit it . Don't you mean whitehat?
|
|
|
|
serje
Legendary
Offline
Activity: 1232
Merit: 1002
|
|
August 03, 2014, 11:41:03 PM |
|
I'm an abuser! I like to abuse things! Pick me!
|
Space for rent if its still trending
|
|
|
franckuestein
Legendary
Offline
Activity: 1960
Merit: 1130
Truth will out!
|
|
August 03, 2014, 11:46:43 PM |
|
Hi @Stunna! I'm one of the members of your Primedice Bitcointalk campaigns. Yes, I can help you with Primedice tests as a hacker. As well, I think that I have some previous posts on my 'post history' solving problems to some coins on the Spanish sub-forum. If you need help, just contact with me and we're going to secure PD3!!
|
[ AVAILABLE SIGNATURE SPACE ]
|
|
|
Watoshi-Dimobuto
|
|
August 04, 2014, 02:06:39 AM |
|
This job is to find vulnerabilities. If you don't know how to find vulnerabilities jobs like this is not for you.
|
|
|
|
Stunna (OP)
Legendary
Offline
Activity: 3192
Merit: 1278
Primedice.com, Stake.com
|
|
August 04, 2014, 02:34:49 AM |
|
Our main developer is asleep at the moment, when he's online I'll send some of the people here site/api details.
|
|
|
|
wang_yan
|
|
August 04, 2014, 07:40:44 AM |
|
I'm interested in doing this, please let me know if I can help.
|
|
|
|
ranochigo
Legendary
Offline
Activity: 2954
Merit: 4165
|
|
August 04, 2014, 10:23:54 AM |
|
I can test with 90gbps, let me know
Stunna don't need stressers. He can stress test it himself if he wants to. He is finding people who can exploit the website to gain access to admin panel for example. He would probably be using cloudflare so your ddos won't hurt him a lot too.
|
. .HUGE. | | | | | | █▀▀▀▀ █ █ █ █ █ █ █ █ █ █ █ █▄▄▄▄ | ▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀ . CASINO & SPORTSBOOK ▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄ | ▀▀▀▀█ █ █ █ █ █ █ █ █ █ █ █ ▄▄▄▄█ | | |
|
|
|
gelross2014
Newbie
Offline
Activity: 53
Merit: 0
|
|
August 04, 2014, 10:27:40 AM |
|
Hi, I can do XSS . Its up to you Stunna if you will hire me
|
|
|
|
Joca97
Legendary
Offline
Activity: 3626
Merit: 1023
Cashback 15%
|
|
August 04, 2014, 11:00:33 AM |
|
hello stunna im intrested
you can check with micro he knows im trusted!!!
|
. .HUGE. | | | | | | █▀▀▀▀ █ █ █ █ █ █ █ █ █ █ █ █▄▄▄▄ | ▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀ . CASINO & SPORTSBOOK ▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄ | ▀▀▀▀█ █ █ █ █ █ █ █ █ █ █ █ ▄▄▄▄█ | | |
|
|
|
Kluge
Donator
Legendary
Offline
Activity: 1218
Merit: 1015
|
|
August 04, 2014, 11:09:18 AM |
|
I'm always up for trying to force data to execute, though IMO, forcing a 100BTC credit to myself is a feature, not a bug. To date, I've only been able to force a small site to accept LTC as BTC, though. Then it was fixed and he never paid the bounty.
|
|
|
|
Rora
|
|
August 04, 2014, 03:15:42 PM |
|
Id love to test it out!
|
|
|
|
DeboraMeeks
|
|
August 04, 2014, 06:04:23 PM |
|
Me too! Would be interested
|
|
|
|
BitCoinDream
Legendary
Offline
Activity: 2324
Merit: 1204
The revolution will be digital
|
|
August 04, 2014, 07:29:41 PM |
|
Our main developer is asleep at the moment, when he's online I'll send some of the people here site/api details.
I might be interested in checking SQL injection. I'm always up for trying to force data to execute, though IMO, forcing a 100BTC credit to myself is a feature, not a bug. To date, I've only been able to force a small site to accept LTC as BTC, though. Then it was fixed and he never paid the bounty. How come a site accept LTC as BTC ? The Bitcoin daemon is different from the Litecoin daemon. If they check balance to their Bitcoin address that can never be filled with Litecoin !!! I'd like to know what flaw they made... if u please share.
|
|
|
|
devthedev
Legendary
Offline
Activity: 1050
Merit: 1004
|
|
August 04, 2014, 10:13:40 PM |
|
Our main developer is asleep at the moment, when he's online I'll send some of the people here site/api details.
I might be interested in checking SQL injection. It's pretty solid, I don't think you'll find anything in that realm. Stunna, I've shot you a PM with the results of the pentest.
|
|
|
|
MICRO
Legendary
Offline
Activity: 2464
Merit: 1037
CEO @ Stake.com and Primedice.com
|
|
August 04, 2014, 10:28:55 PM |
|
Our main developer is asleep at the moment, when he's online I'll send some of the people here site/api details.
I might be interested in checking SQL injection. It's pretty solid, I don't think you'll find anything in that realm. Stunna, I've shot you a PM with the results of the pentest. Are u tester123 ? Come on pd3 to play around PvP with me.
|
|
|
|
atinski
Full Member
Offline
Activity: 224
Merit: 100
To dare is the price of progress
|
|
August 04, 2014, 10:36:21 PM |
|
me too
|
▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄ PRIMEDICE The Premier Bitcoin Gambling Experience - PRIMEDICE 3 COMING 9TH AUGUST @PrimeDice ▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀
|
|
|
Kluge
Donator
Legendary
Offline
Activity: 1218
Merit: 1015
|
|
August 05, 2014, 03:20:18 AM |
|
Our main developer is asleep at the moment, when he's online I'll send some of the people here site/api details.
I might be interested in checking SQL injection. I'm always up for trying to force data to execute, though IMO, forcing a 100BTC credit to myself is a feature, not a bug. To date, I've only been able to force a small site to accept LTC as BTC, though. Then it was fixed and he never paid the bounty. How come a site accept LTC as BTC ? The Bitcoin daemon is different from the Litecoin daemon. If they check balance to their Bitcoin address that can never be filled with Litecoin !!! I'd like to know what flaw they made... if u please share. They used deposit accounts which you spent from, which they didn't use a daemon for, just internal accounting. Basically, they accepted everything from their forms as true without checking, but allowed a user to specify "LTC" on a "BTC" form by dinking around with the source html (and they literally used those really obvious currency flags). I had LTC in my account there, so I changed the currency flag from BTC to LTC and was able to spend LTC as if it were valued like BTC. Unfortunately, it was only to buy ads.
|
|
|
|
2double0
Legendary
Offline
Activity: 2618
Merit: 1105
|
|
August 05, 2014, 08:37:46 AM |
|
Me 3 interested.
|
|
|
|
eden1
Member
Offline
Activity: 78
Merit: 10
★Bitin.io★ - Instant Exchange
|
|
August 05, 2014, 05:07:40 PM |
|
I am interested, u will need someone who is new to Prime-Dice to test the atmosphere of the site
|
|
|
|
MCM-Mike
Member
Offline
Activity: 87
Merit: 10
|
|
August 07, 2014, 07:45:08 AM |
|
Do you provide a test/dev-environment in order to pentest it and don't break the production system? If so I would give it a shot if its worth the try. some facts about me: http://bitcloudproject.org/w/User:MCM-Mike
|
|
|
|
BitCoinDream
Legendary
Offline
Activity: 2324
Merit: 1204
The revolution will be digital
|
|
August 10, 2014, 06:06:38 PM |
|
Hi Stunna... though i was not among the testers, I have found a small UI bug hat u may consider fixing. When I click on the language drop-down, it does not work. It is only showing English as a fixed option.
|
|
|
|
cookiemonsterwhat
|
|
August 11, 2014, 02:42:32 AM |
|
can we still get rewarded if we found bugs?
|
|
|
|
nahtnam
Legendary
Offline
Activity: 1092
Merit: 1000
nahtnam.com
|
|
August 11, 2014, 02:45:29 AM |
|
can we still get rewarded if we found bugs?
Yep. Just email support@primedice.comIf your bug is unique and can be reproduced, you will get a reward!
|
|
|
|
BitCoinDream
Legendary
Offline
Activity: 2324
Merit: 1204
The revolution will be digital
|
|
August 11, 2014, 03:48:38 PM |
|
can we still get rewarded if we found bugs?
Yep. Just email support@primedice.comIf your bug is unique and can be reproduced, you will get a reward! I posted above. The bug has neither been addressed nor I have heard from Stunna. May be he's not checking this thread anymore Hi Stunna... though i was not among the testers, I have found a small UI bug hat u may consider fixing. When I click on the language drop-down, it does not work. It is only showing English as a fixed option.
|
|
|
|
nahtnam
Legendary
Offline
Activity: 1092
Merit: 1000
nahtnam.com
|
|
August 11, 2014, 03:49:38 PM |
|
can we still get rewarded if we found bugs?
Yep. Just email support@primedice.comIf your bug is unique and can be reproduced, you will get a reward! I posted above. The bug has neither been addressed nor I have heard from Stunna. May be he's not checking this thread anymore Hi Stunna... though i was not among the testers, I have found a small UI bug hat u may consider fixing. When I click on the language drop-down, it does not work. It is only showing English as a fixed option.
How is that a bug? I dont think PD has been translated to any other language yet.
|
|
|
|
BitCoinDream
Legendary
Offline
Activity: 2324
Merit: 1204
The revolution will be digital
|
|
August 11, 2014, 05:40:23 PM |
|
can we still get rewarded if we found bugs?
Yep. Just email support@primedice.comIf your bug is unique and can be reproduced, you will get a reward! I posted above. The bug has neither been addressed nor I have heard from Stunna. May be he's not checking this thread anymore Hi Stunna... though i was not among the testers, I have found a small UI bug hat u may consider fixing. When I click on the language drop-down, it does not work. It is only showing English as a fixed option.
How is that a bug?I dont think PD has been translated to any other language yet. When a drop down is not dropping down but showing the down arrow is not a bug ?
|
|
|
|
0xAli
Member
Offline
Activity: 72
Merit: 10
42
|
|
August 11, 2014, 09:09:10 PM |
|
I am interested.
|
Only god can judge me.
|
|
|
cookiemonsterwhat
|
|
August 11, 2014, 10:39:53 PM |
|
whats considered as a bug? cause the withdraw gave me 10,000 satoshi is that one?
|
|
|
|
rz20
Legendary
Offline
Activity: 1330
Merit: 1001
|
|
August 11, 2014, 10:51:35 PM |
|
I sent and talk to edward about the nonce repeat bug when you make a flood query. It gives to all the bets of the same timestamp the same result. In one run I could get 10 bets with the same result.
|
|
|
|
MasterOwel
Member
Offline
Activity: 98
Merit: 10
Life is my dream, what is yours?
|
|
August 14, 2014, 12:02:25 AM |
|
I'm good with patterns and logic errors, meaning if there's an issue with the script that runs the site I could root around it figuring out ways to break the odds.
|
|
|
|
MICRO
Legendary
Offline
Activity: 2464
Merit: 1037
CEO @ Stake.com and Primedice.com
|
|
August 14, 2014, 12:04:51 AM |
|
I'm good with patterns and logic errors, meaning if there's an issue with the script that runs the site I could root around it figuring out ways to break the odds.
Site is now live , everybody can pentest it . And if u find any bugs email support@primedice.com , if u are first to report it , u will get bounty .
|
|
|
|
MasterOwel
Member
Offline
Activity: 98
Merit: 10
Life is my dream, what is yours?
|
|
August 14, 2014, 12:19:45 AM |
|
I'm good with patterns and logic errors, meaning if there's an issue with the script that runs the site I could root around it figuring out ways to break the odds.
Site is now live , everybody can pentest it . And if u find any bugs email support@primedice.com , if u are first to report it , u will get bounty . It's the same site isn't it? I haven't been able to connect the last few time I've tried.
|
|
|
|
MICRO
Legendary
Offline
Activity: 2464
Merit: 1037
CEO @ Stake.com and Primedice.com
|
|
August 14, 2014, 12:27:00 AM |
|
I'm good with patterns and logic errors, meaning if there's an issue with the script that runs the site I could root around it figuring out ways to break the odds.
Site is now live , everybody can pentest it . And if u find any bugs email support@primedice.com , if u are first to report it , u will get bounty . It's the same site isn't it? I haven't been able to connect the last few time I've tried. Yeah on primedice.com . U should try using latest version of chrome , there is some issue with ff, should be sorted out rly soon thou .
|
|
|
|
MasterOwel
Member
Offline
Activity: 98
Merit: 10
Life is my dream, what is yours?
|
|
August 14, 2014, 01:11:07 AM |
|
I only use chrome, and all I get is an error message for that site. Nothing is wrong with my internet or anything, the page loads quick and smooth,,,, but to the error.
|
|
|
|
rz20
Legendary
Offline
Activity: 1330
Merit: 1001
|
|
August 15, 2014, 02:36:39 AM |
|
I only use chrome, and all I get is an error message for that site. Nothing is wrong with my internet or anything, the page loads quick and smooth,,,, but to the error.
It works in firefox and opera aswell.
|
|
|
|
Kluge
Donator
Legendary
Offline
Activity: 1218
Merit: 1015
|
|
August 30, 2014, 01:07:52 PM |
|
Are all URL arguments disabled? Every time I try to enable poop function (in chat, they confirm it is /?poop=enabled), it hangs on loading screen (or does that happen if IP address is already connected to websocket?).
|
|
|
|
|