i like .magicaldice
Topic: MagicalDice - Need beta testing [Bounty for bugs] - page 4. (Read 2971 times)
name magicaldice :yolanda
i like .magicaldice
i like .magicaldice
hi.. i want to try the free btcs.
username :tetay14
username :tetay14
username:Jamest
This new shit, I'll play here, hopefully this can form the best place
This new shit, I'll play here, hopefully this can form the best place
Hi Stars !! There are lots of security Vulnerability in your site a Rouge Coder can ******** Your site as they did with Luckybit earlier (No hard feeling).
Just Found Two Run Time Errors taht can be fatal from Point of view of your business.
#Bug 0:(noobs Bug)
Bet can be placed even the bet amount is zero
#Bug 1:
I would like you to take you back to few months back may be much more , i guess all guys reading this may remember that once the blockchain.info "latest Transaction" were filled with transactions of Luckybit Blue or red or green...
They were all because before luckybit coders used Instance variable rather than class variables to make a Bet and stored them in Tables(DB) as a instance variables , Instance variables are easy to inject and can be spoof the database for ,say 1-2 seconds to even 3-4 hours until the database refresh(If another guy make a bet after me in "t" time then the database will refresh in "t" time) , assume if it is night and no one is playing on your site means the database is not refreshing and someone rouge comes to your site and played that trick then he has a lot of time to withdraw as no one is playing n your site and the withdraw(if auto) then you can loose a big amount , i remember that some one withdrew 65 btc from Luckybit with this method and im sure he might be reading this.
How i found this in your site with that method:
#Bug 2:
I had initially 0.000005 Btc from Faucet , I played Two bets but Your database is showing Just 1 bet placed and it is showing my balance 0.000003 , How it can be Posiible , if i played only one bet that was default worth 0.000001BTC , then my balance must be 0.000004 btc not 0.000003 btc , i Guess this error is due to
1. I went to your site and got registered.
2.I went to faucet and claimed 0.000005 btc
3.I payed two times but your database is showing only one time , in which runtime error occured and it deduced the balance but didn't put the bet in bet history table and deduced the 0.000001 btc x2 , The current bet section showed i won but the roll under/above showed that i lost , How two things are possible but as soon as the other guys placed the bet the database was refreshed and i was again showed lost.
direct image link: http://postimg.org/image/vpcxpfqnb/
See bet 12206 roll was under but it stated i won , after some time it was corrected as others put their betting after me.
My balance shows 0.000003 btc but i played only one bet according to your bet history table(of 0.000001), then where is the another 0.000001 btc ,this is because of enableviewstate i already mentioned it in above.
I guess if user Ecuamobi can Put some light here then it will be much appreciated, as he same from the coding background.
I guess i have said and given two bug reports:
Let me know if You are on your words.
Just Found Two Run Time Errors taht can be fatal from Point of view of your business.
#Bug 0:(noobs Bug)
Bet can be placed even the bet amount is zero
#Bug 1:
I would like you to take you back to few months back may be much more , i guess all guys reading this may remember that once the blockchain.info "latest Transaction" were filled with transactions of Luckybit Blue or red or green...
They were all because before luckybit coders used Instance variable rather than class variables to make a Bet and stored them in Tables(DB) as a instance variables , Instance variables are easy to inject and can be spoof the database for ,say 1-2 seconds to even 3-4 hours until the database refresh(If another guy make a bet after me in "t" time then the database will refresh in "t" time) , assume if it is night and no one is playing on your site means the database is not refreshing and someone rouge comes to your site and played that trick then he has a lot of time to withdraw as no one is playing n your site and the withdraw(if auto) then you can loose a big amount , i remember that some one withdrew 65 btc from Luckybit with this method and im sure he might be reading this.
How i found this in your site with that method:
#Bug 2:
I had initially 0.000005 Btc from Faucet , I played Two bets but Your database is showing Just 1 bet placed and it is showing my balance 0.000003 , How it can be Posiible , if i played only one bet that was default worth 0.000001BTC , then my balance must be 0.000004 btc not 0.000003 btc , i Guess this error is due to
Code:
Enableviewstate="True"
1. I went to your site and got registered.
2.I went to faucet and claimed 0.000005 btc
3.I payed two times but your database is showing only one time , in which runtime error occured and it deduced the balance but didn't put the bet in bet history table and deduced the 0.000001 btc x2 , The current bet section showed i won but the roll under/above showed that i lost , How two things are possible but as soon as the other guys placed the bet the database was refreshed and i was again showed lost.
direct image link: http://postimg.org/image/vpcxpfqnb/
See bet 12206 roll was under but it stated i won , after some time it was corrected as others put their betting after me.
My balance shows 0.000003 btc but i played only one bet according to your bet history table(of 0.000001), then where is the another 0.000001 btc ,this is because of enableviewstate i already mentioned it in above.
I guess if user Ecuamobi can Put some light here then it will be much appreciated, as he same from the coding background.
I guess i have said and given two bug reports:
Let me know if You are on your words.
Probably found a serious security vulnerability, will PM.
at bottom of your site there is bitcointalk button witch should lead to your thread i think.
and it lead only to gambling section...
regards.
-Katerniko1
and it lead only to gambling section...
regards.
-Katerniko1
Yeah that will be changed when we officially launch which will hopefully be 1st of September if we don't run into any problems during this beta test
at bottom of your site there is bitcointalk button witch should lead to your thread i think.
and it lead only to gambling section...
regards.
-Katerniko1
and it lead only to gambling section...
regards.
-Katerniko1
sure i want some free btc 
katerniko1
regards.
-Katerniko1
katerniko1
regards.
-Katerniko1
Quote
Haha that's because I set your balance to 1 BTC :
My bet is always to win , what this part of the promotion
Balace error ,
I claim 500 satoshi and bet 500 sat , balance becomes 1 BTC
I claim 500 satoshi and bet 500 sat , balance becomes 1 BTC
Haha that's because I set your balance to 1 BTC
Balace error ,
I claim 500 satoshi and bet 500 sat , balance becomes 1 BTC
I claim 500 satoshi and bet 500 sat , balance becomes 1 BTC
Hey guys,
After many months of www.magicaldice.com being in development we are finally excited to announce we're close to the finish line and expecting to launch on the 1st of September! We plan to be doing A LOT of giveaways and crazy signature campaigns so make sure you keep a look out!
Firstly before we can do any of that, we need your guys help. We'll be opening up our website for beta-testing for 2-3 days. This will be the time-frame we have to fix any issues and make improvements. So go on over and take a look at our website. If you can find any bugs/improvements that we like then shoot me a pm and we'll be sure to send you some BTC.
There isn't a set bounty for each bug you find. Depending on how severe the bug is we will accommodate you accordingly. Same applies to how good your improvement idea is
If you want some fake bitcoins to play around with then post your MD username below (You can't withdraw these coins)
Our website - Www.magicaldice.com
Bounties paid so far -
-NLNico
-Monoko
-Everaja
-Discovercebu
-
After many months of www.magicaldice.com being in development we are finally excited to announce we're close to the finish line and expecting to launch on the 1st of September! We plan to be doing A LOT of giveaways and crazy signature campaigns so make sure you keep a look out!
Firstly before we can do any of that, we need your guys help. We'll be opening up our website for beta-testing for 2-3 days. This will be the time-frame we have to fix any issues and make improvements. So go on over and take a look at our website. If you can find any bugs/improvements that we like then shoot me a pm and we'll be sure to send you some BTC.
There isn't a set bounty for each bug you find. Depending on how severe the bug is we will accommodate you accordingly. Same applies to how good your improvement idea is
If you want some fake bitcoins to play around with then post your MD username below (You can't withdraw these coins)
Our website - Www.magicaldice.com
Bounties paid so far -
-NLNico
-Monoko
-Everaja
-Discovercebu
-
Jump to: