Looking for testers with positive trust

Dorrittulx

sr. member

Activity: 336

Merit: 250

Quote from: MillionsBTCdev on February 16, 2016, 11:46:18 AM

Quote from: johny1976 on February 15, 2016, 10:58:39 AM

Quote from: Lutpin on February 15, 2016, 10:57:41 AM

Quote from: johny1976 on February 15, 2016, 10:49:06 AM

Thanks for the tips guys.

Scripts use php, js, css, mysql and html.

I don't know about his preferences, but this might be something for MillionsBTCdev (that's the only one that came to my head in the short time).
I've sent him a message regarding this topic, maybe he can help you out.

Thank you.

Hi there, i was linked here by Lutpin and asked if i could help. Your details are a bit vague. What kind of testing would you like? Will you provide the source or you just like us to check the demo site and find bugs?

Anyway, i did checked your dice demo site, and immediately found this bug. As you can see on the screenshots, i was able to 'dupe'/'repeat' my rolls using the same seed/nonce, and thus,it gives me the same result.

1st try

2nd try

3rd try

Uhm, this looks oddly similar to dicebitco.in

johny1976

legendary

Activity: 1135

Merit: 1002

Developer

Quote from: MillionsBTCdev on February 18, 2016, 07:22:02 AM

Quote from: johny1976 on February 17, 2016, 11:04:26 AM

Bug fixed. Thanks for letting us know.

Have you patched up the demo site too? coz i just checked, and its not yet fixed..

Can you provide me more information how you've accomplished that?

-- EDIT --

We had forgotten to update the demo site with a new security update. Could you please test again now?

Premgen

sr. member

Activity: 428

Merit: 250

Quote from: MillionsBTCdev on February 18, 2016, 07:22:02 AM

Quote from: johny1976 on February 17, 2016, 11:04:26 AM

Bug fixed. Thanks for letting us know.

Have you patched up the demo site too? coz i just checked, and its not yet fixed..

Yup its not fixed

MillionsBTCdev

sr. member

Activity: 353

Merit: 254

unibtc - Bitsler.com Developer

Quote from: johny1976 on February 17, 2016, 11:04:26 AM

Bug fixed. Thanks for letting us know.

Have you patched up the demo site too? coz i just checked, and its not yet fixed..

johny1976

legendary

Activity: 1135

Merit: 1002

Developer

Bug fixed. Thanks for letting us know.

Cyaren

sr. member

Activity: 294

Merit: 250

@MillionsBTCdev how did you do this? I could not find a provably fair button on their site, or even a button that allows you to change your client seed.

Premgen

sr. member

Activity: 428

Merit: 250

Quote from: MillionsBTCdev on February 17, 2016, 12:38:12 AM

If it has been known, why OP has not fixed it yet? or He doesnt know that this exist? Anyway, I do apologized if this was already known or given, its my first time to visit the demo site and just did some simple tests without the knowledge of this being known already. =)

I don't think he knows how to fix it? Its been around for like a year. Not much people know about the exploit unless you're from alphabay.

It was kept on the down low but yeah some scripts have fixings that needs to be done but its entirely up to him if he wants to acknowledge it.

MillionsBTCdev

sr. member

Activity: 353

Merit: 254

unibtc - Bitsler.com Developer

If it has been known, why OP has not fixed it yet? or He doesnt know that this exist? Anyway, I do apologized if this was already known or given, its my first time to visit the demo site and just did some simple tests without the knowledge of this being known already. =)

Premgen

sr. member

Activity: 428

Merit: 250

Quote from: MillionsBTCdev on February 16, 2016, 11:46:18 AM

Quote from: johny1976 on February 15, 2016, 10:58:39 AM

Quote from: Lutpin on February 15, 2016, 10:57:41 AM

Quote from: johny1976 on February 15, 2016, 10:49:06 AM

Thanks for the tips guys.

Scripts use php, js, css, mysql and html.

I don't know about his preferences, but this might be something for MillionsBTCdev (that's the only one that came to my head in the short time).
I've sent him a message regarding this topic, maybe he can help you out.

Thank you.

Hi there, i was linked here by Lutpin and asked if i could help. Your details are a bit vague. What kind of testing would you like? Will you provide the source or you just like us to check the demo site and find bugs?

Anyway, i did checked your dice demo site, and immediately found this bug. As you can see on the screenshots, i was able to 'dupe'/'repeat' my rolls using the same seed/nonce, and thus,it gives me the same result.

1st try

2nd try

3rd try

This has been known for about a year under a certain community but was kept secret lol

Premgen

sr. member

Activity: 428

Merit: 250

Quote from: rezilient on February 16, 2016, 06:17:20 PM

Wow, you look how buggy your stuff and this is proves that people were buying overpriced buggy scripts from you.

1BTC for this kind of work. Well done

Coins dice has been known to have many exploits but was kept a secret from people so when they host their scripts they would go in and blindly rob people. I know a certain dev who can make something like coin dice for twice as cheap and more secure but he is working on a chess project

All in all the point of this thread is because he wants people to test for exploits right?

I know a few people who have no trust or are in the red feedback that has way more programming skills than majority of positive feedback but always remember just because you have green rep or red it doesn't matter which side your on because even then that doesn't prove their skills it's just a e-penis if you ask me.

Hell there are people here who buys accounts just to plus or negative feedback here and nothing people can do to stop it

rezilient

hero member

Activity: 574

Merit: 500

Wow, you look how buggy your stuff and this is proves that people were buying overpriced buggy scripts from you.

1BTC for this kind of work. Well done

johny1976

legendary

Activity: 1135

Merit: 1002

Developer

Quote from: MillionsBTCdev on February 16, 2016, 11:46:18 AM

Quote from: johny1976 on February 15, 2016, 10:58:39 AM

Quote from: Lutpin on February 15, 2016, 10:57:41 AM

Quote from: johny1976 on February 15, 2016, 10:49:06 AM

Thanks for the tips guys.

Scripts use php, js, css, mysql and html.

I don't know about his preferences, but this might be something for MillionsBTCdev (that's the only one that came to my head in the short time).
I've sent him a message regarding this topic, maybe he can help you out.

Thank you.

Hi there, i was linked here by Lutpin and asked if i could help. Your details are a bit vague. What kind of testing would you like? Will you provide the source or you just like us to check the demo site and find bugs?

Anyway, i did checked your dice demo site, and immediately found this bug. As you can see on the screenshots, i was able to 'dupe'/'repeat' my rolls using the same seed/nonce, and thus,it gives me the same result.

1st try

2nd try

3rd try

Hello,

could you provide more info on how is it possible to use the same seed? Did you just made the bets so quick that the server didn't change nonce?

MillionsBTCdev

sr. member

Activity: 353

Merit: 254

unibtc - Bitsler.com Developer

Quote from: johny1976 on February 15, 2016, 10:58:39 AM

Quote from: Lutpin on February 15, 2016, 10:57:41 AM

Quote from: johny1976 on February 15, 2016, 10:49:06 AM

Thanks for the tips guys.

Scripts use php, js, css, mysql and html.

I don't know about his preferences, but this might be something for MillionsBTCdev (that's the only one that came to my head in the short time).
I've sent him a message regarding this topic, maybe he can help you out.

Thank you.

Hi there, i was linked here by Lutpin and asked if i could help. Your details are a bit vague. What kind of testing would you like? Will you provide the source or you just like us to check the demo site and find bugs?

Anyway, i did checked your dice demo site, and immediately found this bug. As you can see on the screenshots, i was able to 'dupe'/'repeat' my rolls using the same seed/nonce, and thus,it gives me the same result.

1st try

2nd try

3rd try

johny1976

legendary

Activity: 1135

Merit: 1002

Developer

Quote from: Lutpin on February 15, 2016, 10:57:41 AM

Quote from: johny1976 on February 15, 2016, 10:49:06 AM

Thanks for the tips guys.

Scripts use php, js, css, mysql and html.

I don't know about his preferences, but this might be something for MillionsBTCdev (that's the only one that came to my head in the short time).
I've sent him a message regarding this topic, maybe he can help you out.

Thank you.

Lutpin

copper member

Activity: 1904

Merit: 1874

Goodbye, Z.

Quote from: johny1976 on February 15, 2016, 10:49:06 AM

Thanks for the tips guys.

Scripts use php, js, css, mysql and html.

I don't know about his preferences, but this might be something for MillionsBTCdev (that's the only one that came to my head in the short time).
I've sent him a message regarding this topic, maybe he can help you out.

Edit:
He also got a thread about his programming here.

Quote from: MillionsBTCdev on December 16, 2015, 08:00:49 AM

Services Offered:
✧ Web programming ( php, html5, js, nodejs, etc )
✧ Security check ( I will give you a report regarding your site's security: sqli attack, xss attack, clickjacking, etc.)

MRKLYE

legendary

Activity: 1358

Merit: 1003

Designer - Developer

Quote from: johny1976 on February 15, 2016, 10:55:10 AM

Quote from: MRKLYE on February 15, 2016, 10:52:40 AM

What scripts are these John?

I had run a number of your scripts in the past and set them up for clients but found security less than perfect.
Many injection attacks were apparently doable in both the blackjack and the dice script I saw.

I'd be interested to see if the holes I found were fixed or not.

CoinWheel, CoinDice, CoinJack and CoinSlots.

You can check demos at:
wheel.coindemo.tk
dice.coindemo.tk
jack.coindemo.tk
slots.coindemo.tk

Let me know about your findings.

Thanks for the links sir. I'll have a whack at breaking the scripts later. Will report back here.

johny1976

legendary

Activity: 1135

Merit: 1002

Developer

Quote from: MRKLYE on February 15, 2016, 10:52:40 AM

What scripts are these John?

I had run a number of your scripts in the past and set them up for clients but found security less than perfect.
Many injection attacks were apparently doable in both the blackjack and the dice script I saw.

I'd be interested to see if the holes I found were fixed or not.

CoinWheel, CoinDice, CoinJack and CoinSlots.

You can check demos at:
wheel.coindemo.tk
dice.coindemo.tk
jack.coindemo.tk
slots.coindemo.tk

Let me know about your findings.

MRKLYE

legendary

Activity: 1358

Merit: 1003

Designer - Developer

What scripts are these John?

I had run a number of your scripts in the past and set them up for clients but found security less than perfect.
Many injection attacks were apparently doable in both the blackjack and the dice script I saw.

I'd be interested to see if the holes I found were fixed or not.

johny1976

legendary

Activity: 1135

Merit: 1002

Developer

Quote from: shorena on February 15, 2016, 05:55:52 AM

Quote from: Lutpin on February 14, 2016, 05:29:31 PM

Quote from: johny1976 on February 14, 2016, 05:25:58 PM

We have casino scripts and we would like to make clear that our script our safe. I think positive trust is kind of moving this forum.

So you're looking for someone to check and verify your code, right?
Having positive trust doesn't mean someone has the necessary coding skills to perform that task.
You should probably look for a (trusted) developer instead of some "tester with positive trust".

I agree with Lutpin, what language are the scripts written in? You might get someone to respond if they know what they will be looking at.

Thanks for the tips guys.

Scripts use php, js, css, mysql and html.

shorena

copper member

Activity: 1498

Merit: 1528

No I dont escrow anymore.

Quote from: Lutpin on February 14, 2016, 05:29:31 PM

Quote from: johny1976 on February 14, 2016, 05:25:58 PM

We have casino scripts and we would like to make clear that our script our safe. I think positive trust is kind of moving this forum.

So you're looking for someone to check and verify your code, right?
Having positive trust doesn't mean someone has the necessary coding skills to perform that task.
You should probably look for a (trusted) developer instead of some "tester with positive trust".

I agree with Lutpin, what language are the scripts written in? You might get someone to respond if they know what they will be looking at.

Topic: Looking for testers with positive trust (Read 2012 times)