Bitcoin Forum>Alternate cryptocurrencies>Altcoin Discussion
Author

Topic: Stasyq ( Sql Injection ) ( Bug Bounty Fraud ) (Read 103 times)

Sam$oN
newbie
Activity: 238
Merit: 0
Stasyq ( Sql Injection ) ( Bug Bounty Fraud )
April 02, 2018, 04:48:56 AM
#2
Quote from: Anox_1337x on April 02, 2018, 04:29:00 AM
Stasyq ( Sql Injection ) ( Bug Bounty Fraud )

stasyq - https://www.stasyq.com/

stasyq ICO - https://stasyq.io/

Hello Bitcointalk Member How Are You All I Hope Everything Is Alright ? This Time Something Strange Thing Happened To Me I Want To Share With You And Please Comment Below And Tell Me What Do You Think Members.

I Was Just Generally Check One ICO Company Name stasyq The Website Look Normal When I Enter But The Contents Of Website It's Adult So I Was Just Thinking If They Are In Porn Industry Than They Have Alot Of Money They Can Hired Best Security Team If They Want So I Start My Testing To stasyq Website After Sometime I Realized They Are Not Using Parameter Encryption Than This Thing Lead To Perform Sql Injection Attack I Was Doubt In My Mind Than I Assume Lets Test Injection Attack I Create A Fake Parameter And Combine My Parameter To Server Parameter And I Use Injection Quarry And Suddenly The Sql Error Come Yes They Have Sql Injection I Can See That I Can Do Whatever I Want Fetch Up All Database Table Hijacked Whole Database But I Am Whitehat Security Expert I Can't Do This To Anyone Like I Said Before In My 1st Post Now I Need To Find Out Who Is The CEO And I Need To Contact Him/Her ASAP. The Ceo Is Romanas S You Can Find The CEO Name In ICO Website Than I Telegram Message it Here Is The Whole Conversation.

http://i64.tinypic.com/2e50h2a.jpg

http://i66.tinypic.com/330qnts.jpg

 After I Talk CEO They Said We Will Pay You Show Me What You Have Than I Trust This Guy It's Not Look Like Fake Or Scammer Like That After All He Is Running Big Company And Of Course They Have Money So I Decide To Tell Romanas S About My Security Vulnerability I Will Show Him Sql Injection But i Hide The URL Cause When I Ask Him About Reward ( Bounty ) They Denied And Tell Me It Was Not In My Hand I Will Talk To Our Developer And They Will Contact You Regarding This And I Will Send This Information To My Devloiper Regarding Your Sql Injection Attack And He Told Me To Wait Next Morning We Will Update You .

When I Wake Up Today The Message Come To My Telegram And I Am Completely Shocked What I See Here Take A Look Guys ?

http://i68.tinypic.com/xnrih1.jpg

The Guy Kicker From stasyq Team Said We Won't Pay You Than I Denied To Work With Them But I Suddenly Think Why They Ingore Me Like This ? Than I Open stasyq Website And Check My Sql Injection Bug You Know What Happened Guys They Already Fixed My Sql Injection Bug I Check The Code And Everything But The Sql Injection Error Don't Come They Fix It For Sure Than I Understand Everything Why They Are Denied To Pay Me.

I Have Something In My Mind I Want To Share With You Guys:

1 - The CEO Said You Got Paid For Your Work ?

2 - The Next Month I Got Message From stasyq Team That They Don't Want To Paid Me For My Bug ?

3 - They Fix My Bug Without Letting Me Know And Without Pay Me Anything ?

So Tell Guy Guys What Do You Think Please Comment Below Feel Free To Ask Me Anything I Will Reply You Back.

And Here Is The Proof Of Sql Injection That I Found On Stasyq Website ?

http://i68.tinypic.com/2jf0oie.jpg
A well-known theme. I used to mess around with hacking games. As someone once told me that you can get the money, I have a couple of hacks has got, and then I was thrown and I decided to just reset vulnerability on a local forum. Far more profit
Anox_1337x
newbie
Activity: 1
Merit: 0
Re: Stasyq ( Sql Injection ) ( Bug Bounty Fraud )
April 02, 2018, 04:29:00 AM
#1
Stasyq ( Sql Injection ) ( Bug Bounty Fraud )

stasyq - https://www.stasyq.com/

stasyq ICO - https://stasyq.io/

Hello Bitcointalk Member How Are You All I Hope Everything Is Alright ? This Time Something Strange Thing Happened To Me I Want To Share With You And Please Comment Below And Tell Me What Do You Think Members.

I Was Just Generally Check One ICO Company Name stasyq The Website Look Normal When I Enter But The Contents Of Website It's Adult So I Was Just Thinking If They Are In Porn Industry Than They Have Alot Of Money They Can Hired Best Security Team If They Want So I Start My Testing To stasyq Website After Sometime I Realized They Are Not Using Parameter Encryption Than This Thing Lead To Perform Sql Injection Attack I Was Doubt In My Mind Than I Assume Lets Test Injection Attack I Create A Fake Parameter And Combine My Parameter To Server Parameter And I Use Injection Quarry And Suddenly The Sql Error Come Yes They Have Sql Injection I Can See That I Can Do Whatever I Want Fetch Up All Database Table Hijacked Whole Database But I Am Whitehat Security Expert I Can't Do This To Anyone Like I Said Before In My 1st Post Now I Need To Find Out Who Is The CEO And I Need To Contact Him/Her ASAP. The Ceo Is Romanas S You Can Find The CEO Name In ICO Website Than I Telegram Message it Here Is The Whole Conversation.

http://i64.tinypic.com/2e50h2a.jpg

http://i66.tinypic.com/330qnts.jpg

 After I Talk CEO They Said We Will Pay You Show Me What You Have Than I Trust This Guy It's Not Look Like Fake Or Scammer Like That After All He Is Running Big Company And Of Course They Have Money So I Decide To Tell Romanas S About My Security Vulnerability I Will Show Him Sql Injection But i Hide The URL Cause When I Ask Him About Reward ( Bounty ) They Denied And Tell Me It Was Not In My Hand I Will Talk To Our Developer And They Will Contact You Regarding This And I Will Send This Information To My Devloiper Regarding Your Sql Injection Attack And He Told Me To Wait Next Morning We Will Update You .

When I Wake Up Today The Message Come To My Telegram And I Am Completely Shocked What I See Here Take A Look Guys ?

http://i68.tinypic.com/xnrih1.jpg

The Guy Kicker From stasyq Team Said We Won't Pay You Than I Denied To Work With Them But I Suddenly Think Why They Ingore Me Like This ? Than I Open stasyq Website And Check My Sql Injection Bug You Know What Happened Guys They Already Fixed My Sql Injection Bug I Check The Code And Everything But The Sql Injection Error Don't Come They Fix It For Sure Than I Understand Everything Why They Are Denied To Pay Me.

I Have Something In My Mind I Want To Share With You Guys:

1 - The CEO Said You Got Paid For Your Work ?

2 - The Next Month I Got Message From stasyq Team That They Don't Want To Paid Me For My Bug ?

3 - They Fix My Bug Without Letting Me Know And Without Pay Me Anything ?

So Tell Guy Guys What Do You Think Please Comment Below Feel Free To Ask Me Anything I Will Reply You Back.

And Here Is The Proof Of Sql Injection That I Found On Stasyq Website ?

http://i68.tinypic.com/2jf0oie.jpg
Bitcoin Forum>Alternate cryptocurrencies>Altcoin Discussion
Jump to: