Pages:
Author

Topic: Finding a Bug - page 2. (Read 652 times)

hero member
Activity: 2548
Merit: 769
January 06, 2024, 06:05:34 AM
#96
UPDATE.

So to date no reply from any staff at BC Game on the reported bug and support has no information on my reporting it or the help on showing them the bug on their test server. So if a bounty isn't listed on the site I would recommend not reporting it if you would expect a  thank you. NOW FOR THE BUG:
I don't ever play crash because I always lose and imo it's a high roller game but for the hell of it played anyway. Some how and still don't know how I was able to get crash to attach to me device allowing me to crash the game whenever I hit the cashout button. This also allowed me to send the game to the moon believe it or not. (I have screen recording so please not interested in arguing). At 1st I thought it was a fluke and the game was crashing at the very same time I would hit the button and it wasn't a fluke. The errors would come across my screen script fail, etc, etc won't list them all. Had I been a hacker or less of a human being I would have exploited this for major profit but instead I immediately reported it. The next question I would have now is how provable fair are these games if I was able to control the outcome from my device? Thoughts?
Only one thing i can say about this situation. Of course, they can fix the bug without any bounty rewards. Even if they have bounty program and you have no proves. But i don`t think, that $100-$500 is a big sum for the casino. It would be nice to pay for bug and make some post about it. So, the next time it would be better to fix everything with screenshots. I don`t think that it will help to get some bonus for bug, but it will show that there is no gratitude for help.
full member
Activity: 2170
Merit: 182
“FRX: Ferocious Alpha”
January 06, 2024, 02:48:02 AM
#95
Wait a little bit OP, are you doing this just to get your reward or you're being passionate about seeing a bug being reported, another thing I would have suggested is for you to go through their own announcement thread to make such report there or directly to their representative, this is one of the advantage of having their announcement thread here for discussion on their service, let's see maybe you could get some attention either, but I will employ that you remain less desperate about receiving a reward on it.
Just an update on the whole thing. Never requested or demanded a bounty but I did expect a reply which never happened. So just updating my original post so nobody needs to guess anymore on it. But truly I do wonder the provable fair aspect of any of the crash games because of the script being controlled by a basic users device. Whats the odds of crash crashing three times in a row at 0.00? What are the odds of it crashing at the very same time a user hits "cashout" ten times in a row? How many times have you logged the game showing 0 of 2200 people when crash reaches 100? I'm not blasting BC Game at all even though I am disappointed that a simple thanks never happened after they fixed the problem.
It is normal that you feel that way  because you have given them service thought hey did not asks , and that service will save their business for abusing in the future and for sure it will save them some good amount for fixing that bug so yeah you should at least be given even a simple dedications.

maybe the team is facing so much difficulties nowadays that is why they did not pay attention to your case here but maybe sooner it will be answered and at least be rewarded?
sr. member
Activity: 2828
Merit: 357
Eloncoin.org - Mars, here we come!
January 06, 2024, 01:51:46 AM
#94
usually you may report a bug and hope to get some short of reward for your white hat action on the matter. However that is strictly voluntary for the site, so no guarantee. Another way to go about it is try to reach a deal with the site, still risky unless you get a third party escrow into the matter. Ideally casinos should have a permanent bug-hunting programme altogether, but... no easy way for this despite looking quite obvious they should.
That is exactly what have been said by many mate that he should not expect payment instead it will be awarded voluntarily and since OP have not been online for 2 days now does it means he already accepted His faith here and forget about reporting ? or he had already have a deal and now keep the silence as he already received the payment.
but better for him to return and share his thoughts and experience and then lock this thread to prevent from being spammed in long time as this will never end until he locked Him up.
I believe the bug is now fixed since I can no longer repeat the issue. I haven't heard anything back from the casino since first reporting it and re-creating on their test server. I did hope that they would throw something my way given the severity of said bug because it was SEVERE and probably did cause major loss for them imo. I'll give it a few days and make sure they have it corrected and at that time if no reply I'll open it up to the community for evaluation and discussion. The bug already has me questioning other things that don't make any sense.
Oh , sorry to hear that mate , I thought that you have posted this thread without action first about the bug or reporting it , I thought that you are first waiting for their reply if you need to continue the report or keep it yourself , anyway just have it thinking that you did a good deeds for others though it is a big gambling site that truly earns a lot and throwing a small gesture will not hurt them in anyway, but like what you said its all been said and done so its up to the team if by any chance they will get back to you and even just to say "THANK YOU" .
you are a good man in this situation mate and you have also did a good job so Heads Up , be that all your life   and your kids will be proud of you.
hero member
Activity: 1302
Merit: 503
Leading Crypto Sports Betting & Casino Platform
January 05, 2024, 11:43:21 PM
#93
How does someone go about reporting a bug to a casino a still hold casino accountable to pay a bounty?
You should be ready to write to the team about something you have to tell them. First of all, you don't have to disclose the bug to the team immediately but just have to inform them that you have something that could lead to them losing big money as a result of the bug.
They will be the one to ask you if what the big could be explaining in details. They might want to add bounty for you if your claim is genuine and could pose a big threat to them.

Gambling sites are used by many gamblers and of course when problems such as bugs occur, not only one or two people know about them, so if you just want to get reward for reporting bug, it not an easy thing.
Unless we are the first users to know about the bug problem, maybe there will be little appreciation given by them, such as some bonuses that we can get, but I sure there will be other gamblers who know better from the start and report it to the team.

But some people take advantage of bugs to win more easily, it shame that this happens because when the team finds out about it, there will be difficulties that the gamblers have to face.

Being good gambler is wise attitude that we rarely find, the average gambler doesn't want to do something like that because they prefer to use it for personal gain.
hero member
Activity: 2254
Merit: 680
Signature designer - start @$10 - PM me!
January 05, 2024, 11:38:28 PM
#92
NOW FOR THE BUG:
Asked @icopress (as their current marketing manager) for help, I think he has connections to important BCgame people. But you hope it's a bug, why would you let someone else try to exploit it? It seems like the chances of you getting a bounty from this discovery are getting smaller.
hero member
Activity: 2996
Merit: 609
January 05, 2024, 06:12:11 PM
#91

It should be beneficial for the casino to try to identify errors/problems in the operation of the website or casino software. Because the financial security and profit of the casino directly depend on this. Any sane casino will offer rewards for finding bugs for white-hat hackers and ordinary users, or even organize hackathons.
For sure before a casino is launched, there is what operators always do and that is make sure to test all the system of the casino systems to make sure they are bug-free because any casino that has a bug problem will likely not succeed in terms of revenue generations which is an integral part of the casino operation.
Some casinos even give incentives to expect bug hunters to run several private hunts on their systems before the site goes live, The majority of the casinos that crashed along the way are all doing so because of a lack of proper bug tests and exploitation of the system via the bug or other system failures.
In my opinion, it is impossible to identify 100% of mistakes/bugs in the operation of such a complex site as an online casino. On the testnet, of course, you can simulate certain situations that are close to real ones. But the tester primarily bases his work on previously gained experience (he knows what to look for first, what situations to simulate), but a large number of ordinary casino users can unintentionally create a situation that will lead to a new unidentified mistake. Therefore, bug-bounty campaigns are necessary and important after the launch of an online casino.
If you are some sort of a programmer or having that coding experience and bug expert for you to find out those exploits and holes then it would be that easy but there were people who do able to find out bugs naturally specially to those who are really that making some gambling on the site itself on which they would really be expecting for some bug bounty or rewards on which it would really be that depending on a certain site whether they would really be considering those finds or wouldnt really be giving at all. It would really just vary on a certain individual on which
not all people would really expecting somehow into those finds not unless if its really that a crucial find or exploit or bug then they might be expecting something.
sr. member
Activity: 1414
Merit: 270
Undeads.com - P2E Runner Game
January 05, 2024, 02:37:21 PM
#90

It should be beneficial for the casino to try to identify errors/problems in the operation of the website or casino software. Because the financial security and profit of the casino directly depend on this. Any sane casino will offer rewards for finding bugs for white-hat hackers and ordinary users, or even organize hackathons.
For sure before a casino is launched, there is what operators always do and that is make sure to test all the system of the casino systems to make sure they are bug-free because any casino that has a bug problem will likely not succeed in terms of revenue generations which is an integral part of the casino operation.
Some casinos even give incentives to expect bug hunters to run several private hunts on their systems before the site goes live, The majority of the casinos that crashed along the way are all doing so because of a lack of proper bug tests and exploitation of the system via the bug or other system failures.
In my opinion, it is impossible to identify 100% of mistakes/bugs in the operation of such a complex site as an online casino. On the testnet, of course, you can simulate certain situations that are close to real ones. But the tester primarily bases his work on previously gained experience (he knows what to look for first, what situations to simulate), but a large number of ordinary casino users can unintentionally create a situation that will lead to a new unidentified mistake. Therefore, bug-bounty campaigns are necessary and important after the launch of an online casino.
hero member
Activity: 3038
Merit: 634
January 05, 2024, 02:10:35 PM
#89
UPDATE.

So to date no reply from any staff at BC Game on the reported bug and support has no information on my reporting it or the help on showing them the bug on their test server. So if a bounty isn't listed on the site I would recommend not reporting it if you would expect a  thank you. NOW FOR THE BUG:
I don't ever play crash because I always lose and imo it's a high roller game but for the hell of it played anyway. Some how and still don't know how I was able to get crash to attach to me device allowing me to crash the game whenever I hit the cashout button. This also allowed me to send the game to the moon believe it or not. (I have screen recording so please not interested in arguing). At 1st I thought it was a fluke and the game was crashing at the very same time I would hit the button and it wasn't a fluke. The errors would come across my screen script fail, etc, etc won't list them all. Had I been a hacker or less of a human being I would have exploited this for major profit but instead I immediately reported it. The next question I would have now is how provable fair are these games if I was able to control the outcome from my device? Thoughts?
That's actually sad if they don't ever give you a reply with what you've reported. Maybe they're still analyzing it and verifying your report but I understand you to have at least that reply to you on what's their take on this.

IMO, it's a serious bug that someone can exploit if ever it is for real. But then, I think that they'll be able to detect it as well if ever someone abuses it and can see that back logs from those accounts that will exploit.

Try posting it on their official thread, maybe you'll get some attention there and they'll be able to reply to you from there.
sr. member
Activity: 2030
Merit: 323
January 05, 2024, 02:04:33 PM
#88
It should be beneficial for the casino to try to identify errors/problems in the operation of the website or casino software. Because the financial security and profit of the casino directly depend on this. Any sane casino will offer rewards for finding bugs for white-hat hackers and ordinary users, or even organize hackathons.
For sure before a casino is launched, there is what operators always do and that is make sure to test all the system of the casino systems to make sure they are bug-free because any casino that has a bug problem will likely not succeed in terms of revenue generations which is an integral part of the casino operation.
Some casinos even give incentives to expect bug hunters to run several private hunts on their systems before the site goes live, The majority of the casinos that crashed along the way are all doing so because of a lack of proper bug tests and exploitation of the system via the bug or other system failures.
Generally, it's not only before the launch, but some platforms would have a bug bounty for a pretty long time when they start their platform so that users that find the bugs report it to them to get the reward instead of trying to exploit the bugs and steal from the casino. I believe some people might try to do that instead of reporting the bugs because a lot of people think it's easy to use a bug or something in a platform and then steal from the system.

If a platform, whether it's a casino, a new cryptocurrency project, or anything in general, doesn't have a specific bug bounty, you will barely get anything from them if you report a bug because they will say that unfortunately they don't have a bug bounty right now and they might compensate you later for it but you won't get anything later.
sr. member
Activity: 1008
Merit: 262
20BET - Premium Casino & Sportsbook
January 05, 2024, 11:09:57 AM
#87
How does someone go about reporting a bug to a casino a still hold casino accountable to pay a bounty?
You should be ready to write to the team about something you have to tell them. First of all, you don't have to disclose the bug to the team immediately but just have to inform them that you have something that could lead to them losing big money as a result of the bug.
They will be the one to ask you if what the big could be explaining in details. They might want to add bounty for you if your claim is genuine and could pose a big threat to them.
legendary
Activity: 2436
Merit: 1189
Need Campaign Manager?PM on telegram @sujonali1819
January 05, 2024, 11:02:45 AM
#86
Some how and still don't know how I was able to get crash to attach to me device allowing me to crash the game whenever I hit the cashout button. This also allowed me to send the game to the moon believe it or not.

This is insane and a very critical bug for sure. You deserve a reward from the platform end if it's legit. But yes if the casino does not have a bug bounty listed somewhere in the platform or an announcement from the official channel, you can not force them to pay. (I am not saying you are forcing)

But yeah since you came up with this topic here in the forum and you know it's Bcgame, It will be better if you keep discussing this on their ANN thread.
newbie
Activity: 12
Merit: 0
January 05, 2024, 10:19:19 AM
#85
Wait a little bit OP, are you doing this just to get your reward or you're being passionate about seeing a bug being reported, another thing I would have suggested is for you to go through their own announcement thread to make such report there or directly to their representative, this is one of the advantage of having their announcement thread here for discussion on their service, let's see maybe you could get some attention either, but I will employ that you remain less desperate about receiving a reward on it.
Just an update on the whole thing. Never requested or demanded a bounty but I did expect a reply which never happened. So just updating my original post so nobody needs to guess anymore on it. But truly I do wonder the provable fair aspect of any of the crash games because of the script being controlled by a basic users device. Whats the odds of crash crashing three times in a row at 0.00? What are the odds of it crashing at the very same time a user hits "cashout" ten times in a row? How many times have you logged the game showing 0 of 2200 people when crash reaches 100? I'm not blasting BC Game at all even though I am disappointed that a simple thanks never happened after they fixed the problem.
hero member
Activity: 1106
Merit: 526
Leading Crypto Sports Betting & Casino Platform
January 05, 2024, 09:49:37 AM
#84
usually you may report a bug and hope to get some short of reward for your white hat action on the matter. However that is strictly voluntary for the site, so no guarantee. Another way to go about it is try to reach a deal with the site, still risky unless you get a third party escrow into the matter. Ideally casinos should have a permanent bug-hunting programme altogether, but... no easy way for this despite looking quite obvious they should.
Subsequently, on that basis, it is good to note that bugs have varieties and what they hold on the site, if it has to do with a less technical aspect,  the site may decide not to pay anything for them since it believes at that stage the it based on features that do not have direct implications and application on games that are listed on the casino.
Aside from that, other bugs have to do with the game system which if left intended could lead to a high degree of impact on the game realities and results,  this level of bug is treated with high attention and casinos will easily pay bounty or compensation for those who will report them.
hero member
Activity: 952
Merit: 555
20BET - Premium Casino & Sportsbook
January 05, 2024, 09:48:33 AM
#83
Wait a little bit OP, are you doing this just to get your reward or you're being passionate about seeing a bug being reported, another thing I would have suggested is for you to go through their own announcement thread to make such report there or directly to their representative, this is one of the advantage of having their announcement thread here for discussion on their service, let's see maybe you could get some attention either, but I will employ that you remain less desperate about receiving a reward on it.
newbie
Activity: 12
Merit: 0
January 05, 2024, 09:22:56 AM
#82
UPDATE.

So to date no reply from any staff at BC Game on the reported bug and support has no information on my reporting it or the help on showing them the bug on their test server. So if a bounty isn't listed on the site I would recommend not reporting it if you would expect a  thank you. NOW FOR THE BUG:
I don't ever play crash because I always lose and imo it's a high roller game but for the hell of it played anyway. Some how and still don't know how I was able to get crash to attach to me device allowing me to crash the game whenever I hit the cashout button. This also allowed me to send the game to the moon believe it or not. (I have screen recording so please not interested in arguing). At 1st I thought it was a fluke and the game was crashing at the very same time I would hit the button and it wasn't a fluke. The errors would come across my screen script fail, etc, etc won't list them all. Had I been a hacker or less of a human being I would have exploited this for major profit but instead I immediately reported it. The next question I would have now is how provable fair are these games if I was able to control the outcome from my device? Thoughts?
legendary
Activity: 2688
Merit: 1065
Undeads.com - P2E Runner Game
January 04, 2024, 06:24:04 PM
#81
How does someone go about reporting a bug to a casino a still hold casino accountable to pay a bounty?

Usually, when someone finds a bug, the casino will give a token of gratitude regardless if the site offers a bounty for reporting a bug.

Also depends on what kind of bug you discover e.g. technical bug, glitch, unresponsive script, unpaid legit lines, etc.

To report it, obviously, you have to reach the site thru their available channels, not unless there's a specific instruction posted on the site about how to report bugs. Do you find a bug? If that can be a caused of chances of being abuse, I hope you reach the site immediately.
hero member
Activity: 2702
Merit: 540
DGbet.fun - Crypto Sportsbook
January 04, 2024, 05:39:18 PM
#80

It should be beneficial for the casino to try to identify errors/problems in the operation of the website or casino software. Because the financial security and profit of the casino directly depend on this. Any sane casino will offer rewards for finding bugs for white-hat hackers and ordinary users, or even organize hackathons.
For sure before a casino is launched, there is what operators always do and that is make sure to test all the system of the casino systems to make sure they are bug-free because any casino that has a bug problem will likely not succeed in terms of revenue generations which is an integral part of the casino operation.
Some casinos even give incentives to expect bug hunters to run several private hunts on their systems before the site goes live, The majority of the casinos that crashed along the way are all doing so because of a lack of proper bug tests and exploitation of the system via the bug or other system failures.
Yes, most of the time on which these platforms are completely ready on the time that they do launch, only a few will really be having that kind of bounty program into those the public
if ever they would really be running one but its not really that something common on which they would really be making announcement if ever they would really be giving some rewards
but somehow people or users could really be able to experience some possible problems on which they might be able to encounter. So the best way to do is to report it to
support and tell them but never expect about bounty or reward not unless if it is really that a serious bug that had been found.
legendary
Activity: 2394
Merit: 1632
Do not die for Putin
January 04, 2024, 05:17:26 PM
#79
If it is a user interface bug, expect no more than a pat in the back. If it is a non-exploitable/non-vital platform bug, don't expect a reward but it should be more likely to get one as it may help patch a hole in leaking/lost business as a result of the bug. If it is an exploitable bug, it should definitely be rewarded.

That's my 2 cents generally...however...

In my opinion it's a substantial bug but again I'm not qualified or educated enough on it. But if I can exploit it then others would have fun. Very reputable casino with a large reach. I've contacted support and waiting. No bounty page on their site but for sure reputable so I hope they would compensate given the bug.
looking forward to what they have to say when you show them what bug you found, I am also curious about which casino you found this bug on and what issue/exploit the bug is causing(would you mind sharing what casino it is? you don't have to if you don't want to share the name of the casino).

BC Game. I messaged them on here yesterday but no response

...I wouldn't count it from this casino. They've been known to hold balanced and freeze funds for extended periods of time, until they suddenly had someone come and solve all problems months later. If you didn't message that account handling their "PR 2.0" (so to speak) then you can do so here:
https://bitcointalksearch.org/user/bcgame-support-3592321 - This profile is the support account. The OP of their thread is (apparently) for some other purpose.

Yes that seems like a very long shot to get anything from them since it seems they are not even treating some of their customers like they are supposed to. Try anyway to send a letter about the bug, but it may only be interesting to them if it is something that can actually be exploited and cause serious problems. Service problems or user experience bugs... do not bother.
legendary
Activity: 2422
Merit: 1083
Leading Crypto Sports Betting & Casino Platform
January 04, 2024, 02:04:13 PM
#78
Yes I have reported it to the casino....Snip....
Still waiting for them to update me and also receive a thank you$? 🙄
You have done a great job by reporting the bug to the support team of the casino. If they find the bug as harmful then surely they'll compensate you for it and even if they don't that's still okay because you have done a great job anyway. I would recommend you to wait for their response if they're a reputed casino then you'll surely get some reward for reporting of that bug. It's not always necessary for a casino to run a bug bounty program but if someone finds a bug and reports it to a casino then in most cases casino appreciate that favor and reward such person with some money.


It's always something good to find a bug a d report such as appropriately needed, if we are to consider the gambling sector for now, we are not having more of the people interested in this and it's all because they have experience low rate from how this is actually happening, you may hardly get to find one, gamblers will be so focused on having their fun in using the casino than looking for bugs around when majority are even after winning their bets, we can therefore see this that it's not common and that rampart as before that they were being discovered, however, we shouldn't still relent from finding more because they still exist.
Well, I think you are wrong, except I don't clearly understand what you mean, which I will apologize if that be case.

Gamblers aren't the ones who go bug hunting bud, developers are mostly the ones who do, what or how will a gambler without a developer experience possibly recognize a bug in a line of codes? Practically impossible.
So, while  gamblers are busy hunting for the next big winnings, developers are busy hunting for their next pay through finding bugs on already developed products.

And you are right with what you said that bug still do exist, they do, but not like before. Understand that technology have greatly improved the way websites are built this days, alot of things are now automated and not analogly done any more, this has greatly reduced the chances of human errors in codes, which is the bug we are talking about.
hero member
Activity: 1106
Merit: 526
Leading Crypto Sports Betting & Casino Platform
January 04, 2024, 02:01:04 PM
#77

It should be beneficial for the casino to try to identify errors/problems in the operation of the website or casino software. Because the financial security and profit of the casino directly depend on this. Any sane casino will offer rewards for finding bugs for white-hat hackers and ordinary users, or even organize hackathons.
For sure before a casino is launched, there is what operators always do and that is make sure to test all the system of the casino systems to make sure they are bug-free because any casino that has a bug problem will likely not succeed in terms of revenue generations which is an integral part of the casino operation.
Some casinos even give incentives to expect bug hunters to run several private hunts on their systems before the site goes live, The majority of the casinos that crashed along the way are all doing so because of a lack of proper bug tests and exploitation of the system via the bug or other system failures.
Pages:
Jump to: