Pages:
Author

Topic: cryptsy - page 2. (Read 32329 times)

hero member
Activity: 896
Merit: 1000
September 05, 2015, 08:40:06 AM
#46
Ill check the files and see whats up.
sr. member
Activity: 280
Merit: 250
From Russia with love
September 05, 2015, 08:21:18 AM
#45
Just went through some source code files and found this part.  Grin


you should not visit this page...,


Your IP is logged
please visit our friends here ..

http://www.fbi.gov/"> http://www.fbi.gov/




Yeah, i saw that as well lol
tyz
legendary
Activity: 3360
Merit: 1533
September 05, 2015, 08:10:52 AM
#44
Just went through some source code files and found this part.  Grin


you should not visit this page...,


Your IP is logged
please visit our friends here ..

http://www.fbi.gov/"> http://www.fbi.gov/



sr. member
Activity: 280
Merit: 250
From Russia with love
September 05, 2015, 07:40:50 AM
#43
tyz
legendary
Activity: 3360
Merit: 1533
September 05, 2015, 04:40:12 AM
#42
I would be interested. Did you get the files somewhere. I know that a few people downloaded the script. It would be nice if they could share it with others.

If anyone has the files and are willing to work with us we would be happy to fix the code a push an updates with no holes.
hero member
Activity: 616
Merit: 500
September 05, 2015, 01:55:49 AM
#41
If anyone has the files and are willing to work with us we would be happy to fix the code a push an updates with no holes.

Have you got the script and can you share for us?
hero member
Activity: 896
Merit: 1000
August 29, 2015, 06:46:46 PM
#40
If anyone has the files and are willing to work with us we would be happy to fix the code a push an updates with no holes.
tyz
legendary
Activity: 3360
Merit: 1533
August 28, 2015, 01:56:52 PM
#39
Yeap, it seems he took it offline. Maybe too much security holes and flaws in the script.

Hey OP? link to source code is broken?
sr. member
Activity: 462
Merit: 250
August 28, 2015, 01:29:13 PM
#38
Hey OP? link to source code is broken?
tyz
legendary
Activity: 3360
Merit: 1533
August 28, 2015, 01:19:18 PM
#37
I know it some time ago of you post but could you point to the files and lines where you find these vulnerabilities?

multiple SQL injection vulnerabilities.

this is not anywhere close to professional.
Pab
legendary
Activity: 1862
Merit: 1012
August 27, 2015, 08:59:56 PM
#36
Hi ,thank you
i will let know some honest people about your work,ifanybody will be intersted in to run exchange,i will let you know.You really deserve to get some money,maybe in some future will be possible to make a kind of decantrelised ,secure exchange on that base

Your link is showing not found,i sent you pm

https://github.com/crypto-maniac/Cryptsy-Clone
Pab
legendary
Activity: 1862
Merit: 1012
August 27, 2015, 08:50:24 PM
#35
 Hi ,thank you
i will let know some honest people about your work,ifanybody will be intersted in to run exchange,i will let you know.You really deserve to get some money,maybe in some future will be possible to make a kind of decantrelised ,secure exchange on that base
tyz
legendary
Activity: 3360
Merit: 1533
August 26, 2015, 12:31:36 PM
#34
Well, i would still like to know if someone installed and run the script in production?

Has someone already installed the script? Is it working the way the creator is promising?
sr. member
Activity: 434
Merit: 250
August 26, 2015, 07:31:45 AM
#33
This is not an open source entirely because someone still need to pay 0.50btc to activate it to full version which include voting and chatting stuffs but is that price negotiable and do you offer free installations?
newbie
Activity: 2
Merit: 0
August 26, 2015, 05:29:00 AM
#32
I would like to have this running on my site if there are no backdoors

I would appreciate some help from anyone to get this on a domain if all is ok Smiley
tyz
legendary
Activity: 3360
Merit: 1533
May 01, 2015, 04:56:16 PM
#31
Has someone already installed the script? Is it working the way the creator is promising?
newbie
Activity: 57
Merit: 0
April 25, 2015, 07:27:22 AM
#30
Thx you R3wt of course i will accept your your pull request Smiley



hero member
Activity: 686
Merit: 504
always the student, never the master.
April 20, 2015, 10:09:48 AM
#29
multiple SQL injection vulnerabilities.

this is not anywhere close to professional.

thx you R3wt for these words ....

its definly more easy to run  scanner from Kali ,instead code from scratch this open source exchange Smiley

you cannot sweep the work just for some basic (important also) security breach

also as i said exploit need POC so please if you can report and show it would be a good contribution at least

you wont find LFi/RFi here , maybe an xss or sql injection as u find

as other members remind it is open source and i didnt recommend to anyone here or via PM to run the site straigh like this

it flow from sense that if you like to run an exchange you must pay a DEV and security guy (a real one..)

i would recommend to also change request $GET  to $POST


Looking through your source code, i found many of the same vulnerabilities that were in the original OpenEx scripts that i cowrote(In fact, some of the code is copied directly from OpenEx source code). To put it into perspective, i had no idea what i was doing back then(first experience with programming, delusional about my abilities). I do now:

https://github.com/OpenExLLC/web   -- No Release candidate yet
https://github.com/OpenExLLC/live    --0.1 Release
https://github.com/OpenExLLC/mail  -- Release Candidate is untested


This exchange will be scalable, secure, and just generally awesome. If anyone wants to join this effort, you're more than welcome to. There are other components to the system, however these are the only ones i've made public at this time, Mostly because some are yet to be implemented or are waiting on other things to be completed so they can be tested.
legendary
Activity: 1051
Merit: 1000
https://r.honeygain.me/XEDDM2B07C
April 20, 2015, 08:12:03 AM
#28
multiple SQL injection vulnerabilities.

this is not anywhere close to professional.

thx you R3wt for these words ....

its definly more easy to run  scanner from Kali ,instead code from scratch this open source exchange Smiley

you cannot sweep the work just for some basic (important also) security breach

also as i said exploit need POC so please if you can report and show it would be a good contribution at least

you wont find LFi/RFi here , maybe an xss or sql injection as u find

as other members remind it is open source and i didnt recommend to anyone here or via PM to run the site straigh like this

it flow from sense that if you like to run an exchange you must pay a DEV and security guy (a real one..)

i would recommend to also change request $GET  to $POST






I will clean up some of the security holes and submit pull requests if you would like me to?
legendary
Activity: 1051
Merit: 1000
https://r.honeygain.me/XEDDM2B07C
April 20, 2015, 08:10:59 AM
#27
Amazing. I still have to crawl through the code to see if it truly is malware-free and not an attempt to harm, but if you honestly did release this Open source and clean to us, a lot of people could take a lesson from you as this is no small feat.

Thank you. Smiley
Pages:
Jump to: