He is a hacker because he withdraw 100 satoshi every second from my faucet while I give 30 satoshi per minute .
There is my faucet .
http://101freebitcoin.us
Topic: FaucetBOX.com Discussion - page 13. (Read 237001 times)
Thank You so much But How to Block this Hacker ?
Please Help me if someone know the method .
There's no proof that he is a hacker. He's probably just lying to scare you into paying. Ignore him, that's the best way to block him.
Thank You so much But How to Block this Hacker ?
Please Help me if someone know the method .
My Faucetbox Password OR Database Password ?
All of them. FaucetBOX.com password, database password, email password...
I Need Help !
Recently I Received this Message From Unknown Hacker .
" fullname: The Hacker
email: [email protected]
message: Hello , I have a bitcoin faucet script that i can use to hack your website anytime i want to, but if you will pay me 0.05 bitcoins to this address 1Nfff9b6Ao9W5HpcCUz5h8oPPfxRGSDrw i will not hack your website anymore and leave you alone. If you decide to not cooperate and follow my demands i will make you regret your choices later.
Failure to reply to this email in 48 hours will have serious consequences.
User's IP Address: 46.165.197.1 ( Maybe This is VPN ) .
===================
Please Help me , How to Block this Hacker ?
Thanks in Advance .
Recently I Received this Message From Unknown Hacker .
" fullname: The Hacker
email: [email protected]
message: Hello , I have a bitcoin faucet script that i can use to hack your website anytime i want to, but if you will pay me 0.05 bitcoins to this address 1Nfff9b6Ao9W5HpcCUz5h8oPPfxRGSDrw i will not hack your website anymore and leave you alone. If you decide to not cooperate and follow my demands i will make you regret your choices later.
Failure to reply to this email in 48 hours will have serious consequences.
User's IP Address: 46.165.197.1 ( Maybe This is VPN ) .
===================
Please Help me , How to Block this Hacker ?
Thanks in Advance .
There's nothing really you can do. My guesses are:
1. they really have found a vulnerability in your faucet and will somehow exploit it, but it doesn't stop them from doing this after you pay them
2. they'll just DDoS your faucet, but they'll just keep extorting you after you pay the first time
3. (most likely IMHO) they don't have any "script to hack your website"
So... don't pay and hope for the best.
EDIT: I do recommend though changing all your passwords, just to be sure.
I Need Help !
Recently I Received this Message From Unknown Hacker .
" fullname: The Hacker
email: [email protected]
message: Hello , I have a bitcoin faucet script that i can use to hack your website anytime i want to, but if you will pay me 0.05 bitcoins to this address 1Nfff9b6Ao9W5HpcCUz5h8oPPfxRGSDrw i will not hack your website anymore and leave you alone. If you decide to not cooperate and follow my demands i will make you regret your choices later.
Failure to reply to this email in 48 hours will have serious consequences.
User's IP Address: 46.165.197.1 ( Maybe This is VPN ) .
===================
Please Help me , How to Block this Hacker ?
Thanks in Advance .
Recently I Received this Message From Unknown Hacker .
" fullname: The Hacker
email: [email protected]
message: Hello , I have a bitcoin faucet script that i can use to hack your website anytime i want to, but if you will pay me 0.05 bitcoins to this address 1Nfff9b6Ao9W5HpcCUz5h8oPPfxRGSDrw i will not hack your website anymore and leave you alone. If you decide to not cooperate and follow my demands i will make you regret your choices later.
Failure to reply to this email in 48 hours will have serious consequences.
User's IP Address: 46.165.197.1 ( Maybe This is VPN ) .
===================
Please Help me , How to Block this Hacker ?
Thanks in Advance .
I thought, that's it now, sorted, but he says the error setting certificate verify locations is because:
Quote
"This is an error but don't get why because why its searching /etc/pki/ls/ there is no folder its /etc/pki/tls/ it's missing a t in the location, and this $error is found through cURL which has path to
$ch = curl_init("https://faucetbox.com/faucetinabox/api/v1/version-check");
so the issue must be in their version-check, if it searching wrong directory,
$ch = curl_init("https://faucetbox.com/faucetinabox/api/v1/version-check");
so the issue must be in their version-check, if it searching wrong directory,
Change your hosting. They're either incompetent or just don't care and this "explanation" is just to make you go away. CAfile path is set either during compilation of OpenSSL (I doubt they changed that, they're probably using openssl from their distribution) or in php.ini using curl.cainfo (see http://php.net/manual/en/curl.configuration.php ).
The server (faucetbox.com) doesn't have any knowledge what's happening on client (your hosting) and doesn't have any way to set your CA file path. That would be a huge security hole...
You can try changing "https://faucetbox.com/faucetinabox/api/v1/version-check" to "https://google.com" in test.php. I wonder whether they'll try to claim Google has something wrong
I think a solution is close, one way or the other!
Guessing wildly in the dark again here, I set $verify_peer = true to false, being quite close to what you said about 'local_cafile' => true - I didn't want to try and write a whole new [statement? don't even know what they are called!] - anyway, that worked so it shows you're right about the other stuff. Setting it back to true again now cos I know it's abandoning verification altogether.
Thanks for all this, I appreciate your patience,
Andy
Guessing wildly in the dark again here, I set $verify_peer = true to false, being quite close to what you said about 'local_cafile' => true - I didn't want to try and write a whole new [statement? don't even know what they are called!] - anyway, that worked so it shows you're right about the other stuff. Setting it back to true again now cos I know it's abandoning verification altogether.
Thanks for all this, I appreciate your patience,
Andy
You should already have 'local_cafile' in your config.php file, you just have to change it from false to true
(it won't affect the test.php file though, it will only work for your faucet). As you said, don't set $verify_peer = false;. As I thought, your hosting has cURL support, but it has misconfigured, missing or old CA file, so cURL works only for HTTP. You should contact your hosting and tell them that curl_exec fails when connecting to https://faucetbox.com and curl_error() returns "error setting certificate verify locations: CAfile: /etc/pki/ls/certs/ca-bundle.crt CApath: none".
I thought, that's it now, sorted, but he says the error setting certificate verify locations is because:
Quote
"This is an error but don't get why because why its searching /etc/pki/ls/ there is no folder its /etc/pki/tls/ it's missing a t in the location, and this $error is found through cURL which has path to
$ch = curl_init("https://faucetbox.com/faucetinabox/api/v1/version-check");
so the issue must be in their version-check, if it searching wrong directory,
$ch = curl_init("https://faucetbox.com/faucetinabox/api/v1/version-check");
so the issue must be in their version-check, if it searching wrong directory,
I think a solution is close, one way or the other!
Guessing wildly in the dark again here, I set $verify_peer = true to false, being quite close to what you said about 'local_cafile' => true - I didn't want to try and write a whole new [statement? don't even know what they are called!] - anyway, that worked so it shows you're right about the other stuff. Setting it back to true again now cos I know it's abandoning verification altogether.
Thanks for all this, I appreciate your patience,
Andy
Upload this to your server and send me a link to it:
test.php
test.php
I completely disconnected cloudflare, and changed back the IP addresses a couple of days ago. Thanks, I uploaded the file to the same directory, so
http://friendsvps.org/wp-content/plugins/99bitcoins-btc-faucet/libraries/test.php
Cheers
Andy
As I thought, your hosting has cURL support, but it has misconfigured, missing or old CA file, so cURL works only for HTTP. You should contact your hosting and tell them that curl_exec fails when connecting to https://faucetbox.com and curl_error() returns "error setting certificate verify locations: CAfile: /etc/pki/ls/certs/ca-bundle.crt CApath: none". If they won't fix that, you can try setting 'local_cafile' => true, in your config.php file, but I don't recommend it. It would be much better if you can get your hosting to provide CA certificates properly.
EDIT: Also OpenSSL 1.0.1e has quite a few vulnerabilities (the latest is 1.0.1u, and there were only bug fixes between 1.0.1e and 1.0.1u as far as I know). That may not be a big problem when it's used as a client, but I'd be careful and consider changing hosting...
Upload this to your server and send me a link to it:
test.php
test.php
I completely disconnected cloudflare, and changed back the IP addresses a couple of days ago. Thanks, I uploaded the file to the same directory, so
http://friendsvps.org/wp-content/plugins/99bitcoins-btc-faucet/libraries/test.php
Cheers
Andy
And I use from your script only config.php file and faucetbox.php file.
In that case it's even less likely it has anything to do with interaction between FaucetBOX.com and CloudFlare. If you're using your own script then the only thing that I can help you is with our library and API. What response do you get when calling $faucetbox->send("..."); in your script? That should point us to the real problem here
May be I must enter some IP's of CF to "security" section of your site here https://faucetbox.com/en/dashboard/security/acl ? But I didn't see errors like "401 - Disallowed IP"...
No. And if you're asking these questions then I strongly suggest you to stop using CloudFlare. If you rely on your visitors IP addresses (for example to limit how much they can claim from your faucet) and you don't understand how CloudFlare works, you will get hacked.
But once again. If it works with CloudFlare off and doesn't work with CloudFlare on, then the only possible thing is that your faucet script somehow stops even trying to connect with FaucetBOX.com to send reward. Usually that's because people don't handle their users' IP addresses properly with CloudFlare enabled and either share a timer between all their users (because it looks like all users are using the same IP address) or are banned by some antibot solution (like NastyHosts).
I use your platform to make withdrawals for users.
I use self made faucet that uses also your script to make withdrawals.
Today I decided to use also a CF.
When CF is off I can see hte payments and links from my site to admin interface in FB here: "Hosts that used your API key".
When CF is on I can't see payments and links(((( - user's didn't receive payments (((
So I decided that is necessary to set your IP's in CF whitelist...
There's no place where your CloudFlare and FaucetBOX.com IPs interact, these are two different things.
What errors do your users see exactly CF on? Do you see any errors (especially "Banned: x.x.x.x") in your web server's error log?
I'm quite sure that you didn't configure Reverse Proxy properly in your Faucet in a BOX admin panel and no payments are made because it looks like all users are bots and aren't allowed to make payment. That has nothing to do with any whitelisting.
Users didn't see anything, they only see "Pending" status in history.
No any erors.
And I use from your script only config.php file and faucetbox.php file.
May be I must enter some IP's of CF to "security" section of your site here https://faucetbox.com/en/dashboard/security/acl ? But I didn't see errors like "401 - Disallowed IP"...
Once I switch off CF all works fine.
Advise, please, what to do.
Thank you!
I use your platform to make withdrawals for users.
I use self made faucet that uses also your script to make withdrawals.
Today I decided to use also a CF.
When CF is off I can see hte payments and links from my site to admin interface in FB here: "Hosts that used your API key".
When CF is on I can't see payments and links(((( - user's didn't receive payments (((
So I decided that is necessary to set your IP's in CF whitelist...
There's no place where your CloudFlare and FaucetBOX.com IPs interact, these are two different things.
What errors do your users see exactly CF on? Do you see any errors (especially "Banned: x.x.x.x") in your web server's error log?
I'm quite sure that you didn't configure Reverse Proxy properly in your Faucet in a BOX admin panel and no payments are made because it looks like all users are bots and aren't allowed to make payment. That has nothing to do with any whitelisting.
Hello!
How to add faucetbox IP's to whitelist in CloudFlare?
Which IP's I need to add?
Now when CloudFlare is active it blocks payments to users.
Thanks!
How to add faucetbox IP's to whitelist in CloudFlare?
Which IP's I need to add?
Now when CloudFlare is active it blocks payments to users.
Thanks!
What you said doesn't make sense. If you started using CloudFlare for your faucet and payments to users stopped working then it's not related to FaucetBOX.com IPs in any way. How exactly are payments "blocked"? Do all users see a timer? Or maybe you're using NastyHosts and everyone is reported as "Banned" in your error log?
I use your platform to make withdrawals for users.
I use self made faucet that uses also your script to make withdrawals.
Today I decided to use also a CF.
When CF is off I can see hte payments and links from my site to admin interface in FB here: "Hosts that used your API key".
When CF is on I can't see payments and links(((( - user's didn't receive payments (((
So I decided that is necessary to set your IP's in CF whitelist...
Hello!
How to add faucetbox IP's to whitelist in CloudFlare?
Which IP's I need to add?
Now when CloudFlare is active it blocks payments to users.
Thanks!
How to add faucetbox IP's to whitelist in CloudFlare?
Which IP's I need to add?
Now when CloudFlare is active it blocks payments to users.
Thanks!
What you said doesn't make sense. If you started using CloudFlare for your faucet and payments to users stopped working then it's not related to FaucetBOX.com IPs in any way. How exactly are payments "blocked"? Do all users see a timer? Or maybe you're using NastyHosts and everyone is reported as "Banned" in your error log?
Hello!
How to add faucetbox IP's to whitelist in CloudFlare?
Which IP's I need to add?
Now when CloudFlare is active it blocks payments to users.
Thanks!
How to add faucetbox IP's to whitelist in CloudFlare?
Which IP's I need to add?
Now when CloudFlare is active it blocks payments to users.
Thanks!
Is this any use? They are insisting cURL is working fine.
I'm using the solvemedia api and that's working ok,
and I installed the faucetinabox as a test, outside of WP and that didn't work.
Thanks
Andy
I'm using the solvemedia api and that's working ok,
and I installed the faucetinabox as a test, outside of WP and that didn't work.
Thanks
Andy
I would guess that they have really old OpenSSL, misconfigured CA certificates or CloudFlare doesn't like your hosting. Upload this to your server and send me a link to it: https://faucetinabox.com/static/download/tools/test.php
It uses cURL by default, if you have 'disable_curl' => false, in your config.php file. It only fall backs to fopen if cURL fails.
Hi, I got a detailed response from level 3 support (wonder how many levels there are) which I hope will make more sense to you than to me:
Quote
Hello,
...
What you sent us is just the class sheet, not what is actually fired first, he says cURL so that would be this functions
public function __execCURL($method, $params = array()) {
$params = array_merge($params, array("api_key" => $this->api_key, "currency" => $this->currency));
$ch = curl_init($this->api_base . $method);
curl_setopt($ch, CURLOPT_POST, true);
curl_setopt($ch, CURLOPT_POSTFIELDS, $params);
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, $this->verify_peer);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
$response = curl_exec($ch);
if(!$response) {
$response = $this->__execPHP($method, $params);
}
curl_close($ch);
return $response;
}
I can confirm this would work, but the other one "fopen fclose" it will not. cURL should work, if it fails it would give you a point of failure, see $response variable, it would give you a response, if we check your error_log in your public_html it yields this
[05-Oct-2016 19:46:08 UTC] PHP Parse error: syntax error, unexpected 'https' (T_STRING), expecting function (T_FUNCTION) in /home/friendsv/public_html/wp-content/plugins/99bitcoins-btc-faucet/libraries/faucetbox.php on line 16
It does show this because when you disabled cURL it returned the fopen is blocked message, but with cURL enabled it doesn't udnerstand the https t_string, ask them about this I can't see anything on line 16 that is abnormal myself. I would assume this would be why the cURL is not working.
...
What you sent us is just the class sheet, not what is actually fired first, he says cURL so that would be this functions
public function __execCURL($method, $params = array()) {
$params = array_merge($params, array("api_key" => $this->api_key, "currency" => $this->currency));
$ch = curl_init($this->api_base . $method);
curl_setopt($ch, CURLOPT_POST, true);
curl_setopt($ch, CURLOPT_POSTFIELDS, $params);
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, $this->verify_peer);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
$response = curl_exec($ch);
if(!$response) {
$response = $this->__execPHP($method, $params);
}
curl_close($ch);
return $response;
}
I can confirm this would work, but the other one "fopen fclose" it will not. cURL should work, if it fails it would give you a point of failure, see $response variable, it would give you a response, if we check your error_log in your public_html it yields this
[05-Oct-2016 19:46:08 UTC] PHP Parse error: syntax error, unexpected 'https' (T_STRING), expecting function (T_FUNCTION) in /home/friendsv/public_html/wp-content/plugins/99bitcoins-btc-faucet/libraries/faucetbox.php on line 16
It does show this because when you disabled cURL it returned the fopen is blocked message, but with cURL enabled it doesn't udnerstand the https t_string, ask them about this I can't see anything on line 16 that is abnormal myself. I would assume this would be why the cURL is not working.
Is this any use? They are insisting cURL is working fine.
I'm using the solvemedia api and that's working ok,
and I installed the faucetinabox as a test, outside of WP and that didn't work.
Thanks
Andy
Thanks for your support on this. Do you know of an uncomplicated way I can test cURL on shared hosting, like "hello world" for cURL? Just to make sure? I've written to the host again.
Providing that $disable_curl is equal to false in your config.php file, you could use a simple file like this in your main directory to call the FaucetBOX API and get the Balance.Code:
require('config.php');
require('libs/faucetbox.php');
$apiKey = 'APIKEYHERE';
$faucetbox = new FaucetBOX($apiKey, 'BTC');
$balance = getBalance();
var_dump($balance);
?>
Code:
{"status":200, "balance":77519999889, "balance_bitcoin":"775.19999889"}Jump to: