Topic: [NEW] FreeDice - Pre-Launch Bonus 0.005 BTC for free [only for 100 first users] (Read 2417 times)
August 14, 2015, 01:32:34 AM
are you serious or no, for make a site dice ?
August 11, 2015, 09:03:13 PM
I just try to visit a website and it turns hostinger error http://prntscr.com/83m9l7 . it looks like you are not really ready for launching
August 11, 2015, 05:37:27 PM
username : btcfinans, let me try this
August 11, 2015, 04:30:15 PM
I checked it out and was eventually able to get it to work using the tab button. But on firefox the headline "freedice signup" is written on top of the box where you submit a username so it's kinda broken.
Might wanna fix this!
Might wanna fix this!
August 11, 2015, 04:27:20 PM
Coder is really funny person and OP still calling him Coder 
what a joke 
what a joke 
August 11, 2015, 04:24:46 PM
Hmm, anyone here is a good coder and can help me fixing this security issues? (my coder said he can't do it well)
Pm me with your price
Pm me with your price
what is that? Change your coder.
Yeah, sure "coder".. lol
Seems like a kid coded that website and not a real coder or he got that "coder" from a freelancer website.
Either way it is a waste of everyones time and a can be a danger to some of you guys that just love re-using passwords lol
OP should name and shame the so called "coder"
Well, maybe he is the so called "coder"
I want to say sorry for all about this security problems
We'll delay a little our official launch, we are trying to fix this security problems first, as soon we fix it i'll back
if you don't change "coder" the website will be available when mining BTC end We'll delay a little our official launch, we are trying to fix this security problems first, as soon we fix it i'll back
Hahaha made my day!
August 11, 2015, 04:17:13 PM
I want to say sorry for all about this security problems
We'll delay a little our official launch, we are trying to fix this security problems first, as soon we fix it i'll back
if you don't change "coder" the website will be available when mining BTC end We'll delay a little our official launch, we are trying to fix this security problems first, as soon we fix it i'll back
August 11, 2015, 04:11:22 PM
Hmm, anyone here is a good coder and can help me fixing this security issues? (my coder said he can't do it well)
Pm me with your price
Pm me with your price
what is that? Change your coder.
Yeah, sure "coder".. lol
Seems like a kid coded that website and not a real coder or he got that "coder" from a freelancer website.
Either way it is a waste of everyones time and a can be a danger to some of you guys that just love re-using passwords lol
OP should name and shame the so called "coder"
August 11, 2015, 04:07:01 PM
Hmm, anyone here is a good coder and can help me fixing this security issues? (my coder said he can't do it well)
Pm me with your price
Pm me with your price
what is that? Change your coder.
Yeah, sure "coder".. lol
Seems like a kid coded that website and not a real coder or he got that "coder" from a freelancer website.
August 11, 2015, 03:59:22 PM
Hmm, anyone here is a good coder and can help me fixing this security issues? (my coder said he can't do it well)
Pm me with your price
Pm me with your price
what is that? Change your coder.
August 11, 2015, 03:35:36 PM
BEWARE ITS A PHISHING PAGE
There are no password/email checking and confirmation
No database double information checking
No vulernabilities protection
Note: I sended a Pm to OP to fix all his page issues he is online and he didn't reply,you know what does mean that ....
There are no password/email checking and confirmation
No database double information checking
No vulernabilities protection
Note: I sended a Pm to OP to fix all his page issues he is online and he didn't reply,you know what does mean that ....
August 11, 2015, 02:33:07 PM
Beware!
Newbie account with a suspicious login form asking for username, pw and email. Then nothing happens after registering. This has all the makings of a phishing page. "submit query" is the default name of a form submit button without a name and the page code is abysmal.
If you entered your info, and you re-use passwords across multiple sites, I'd suggest you change them now.
Password:
Email:
It certainly is a phishing site.Newbie account with a suspicious login form asking for username, pw and email. Then nothing happens after registering. This has all the makings of a phishing page. "submit query" is the default name of a form submit button without a name and the page code is abysmal.
If you entered your info, and you re-use passwords across multiple sites, I'd suggest you change them now.
Code:
Password:
Email:
Try to send the form over and over with the same values; even using "foobar" in user, password and email doesn't a) cause an error saying email has wrong format and b) at the second time using those values, there's no complaint about those values already being used.
.edit:
Just thought about writing a script spamming his database with nonsense values. ^^
.edit 2:
To kind of prove that this is a malicious site: I just checked the SQL injection, and the error (shown above) shows that the database only has username, password and email fields. There is no way around a user table of a serious dice game having more fields than just those three.
August 11, 2015, 01:35:02 PM
I can help fixing all security issues you have in your website,PM me
August 11, 2015, 12:04:09 PM
I want to say sorry for all about this security problems
We'll delay a little our official launch, we are trying to fix this security problems first, as soon we fix it i'll back
We'll delay a little our official launch, we are trying to fix this security problems first, as soon we fix it i'll back
August 11, 2015, 11:55:07 AM
Sucessful. Wait for official launch soon. Thanks!
August 11, 2015, 11:50:14 AM
After get fixed this security issue will try this dice site.
August 11, 2015, 11:35:23 AM
Hmm, anyone here is a good coder and can help me fixing this security issues? (my coder said he can't do it well)
Pm me with your price
Pm me with your price
August 11, 2015, 11:08:44 AM
For who sent registrations details, pay attention.. your credentials are available to all 
Who used as password, the same for the email address, CHANGE immediately the mail password!
Who used as password, the same for the email address, CHANGE immediately the mail password!
August 11, 2015, 10:27:44 AM
This site seriously sucks 
Firstly the sql error:
Secondly.. Just type in in any of the registering field like Username...An popup appears saying "XSS"!
Also vulnerable to XSS! Website security = 0
Firstly the sql error:
Code:
Error: INSERT INTO Login(Username, Password, Email) VALUES ('admin' OR 1=1', 'admin' OR 1=1', ' admin' OR 1=1')
You have an error in your SQL syntax; check the manual that corresponds to your MariaDB server version for the right syntax to use near '', 'admin' OR 1=1', ' admin' OR 1=1')' at line 2
You have an error in your SQL syntax; check the manual that corresponds to your MariaDB server version for the right syntax to use near '', 'admin' OR 1=1', ' admin' OR 1=1')' at line 2
Secondly.. Just type in in any of the registering field like Username...An popup appears saying "XSS"!
Also vulnerable to XSS! Website security = 0
August 11, 2015, 09:55:38 AM
Will see how this dice site works just submitted some info there.
Jump to: