how to play this game?
if i bet Jerry 0.01btc
Topic: ❤ Tom ❌ Jerry ❤ : Bitcoin Game (Read 755 times)
This game was implemented when cetobeto was still alive. it did somehow work, but we all know what happened to the site, with many of us not getting the balance we had because "they were too tiny". Now, if OP has created 3 faucet websites, and 2 of them are out due to debts, maybe it's not such a good idea to invest in this game
Well, the owner made a choice to Ignore the security holes & Vulnerabilities, so here we go.
SQL Injections
"NOTE! Security issue like this can allow an attacker to gain access to your MySQL Database, and access private information."
URL: http://tomygame.com/index.php
There are total of 23 holes which allows an attacker to access Database. I wont list them all.
$_GET Method:
If you send this data: view=profileview&viewuser=%5c
You will get an error:
If you send this data: /bannerclick.php?id=
You will get an error:
$_POST Method:
Send POST Data to this URL: /index.php?action=login&rid=41903324&&view=login
DATA to send: form_pwd=1&form_user=%5c&routing_code=94102
This means the web-site is completely unprotected from SQL Injections. Some1 already might have your username, passwords, and emails.
Directory Listing & Shell Upload
First of all, the server is configured in a wrong way, which allows anyone to browse all the files in any folder, which in most cases will reveal some sort of sensitive information. For example:
http://tomygame.com/blogs/
http://tomygame.com/ads/
This one is more interesting:
http://tomygame.com/members/avatar/
This is where user avatar files goes, when some1 upload one. Since EVERYONE can access this folder, an attacker can upload a file of his choice masked as avatar, and then just open this folder in browser, and launch the file. If you check this folder now, you will notice some1 already have done it.
These was only the MAJOR Problems, there are many other - minor bugs and problems, which I wont bother listing.
Sorry for the long report,
Thank you, Devsoft™.
actually i see tom and jerry....i don't like this one ald..
it let me think of previous cartoon scam...i forget what is the name ><..
however have nice planning then nice design!
it let me think of previous cartoon scam...i forget what is the name ><..
however have nice planning then nice design!
Its not so hard to remember the name of Op's previous "games"/"faucets" etc...
Read his name and his text signature, both of them have the same admin.
@op: Why you continue to do this after all the fuss and negs you get from your previous...cartoons?
Not much to analyze, it's pretty much a variation of a dollar auction (the jackpot), with some "pvp" elements. The owners of the place would get lots of easy money.
You are wrong, there is much to analyze, and I have found issues. I will first contact the owner, since I will not release this information in public before talking to this guy.
actually i see tom and jerry....i don't like this one ald..
it let me think of previous cartoon scam...i forget what is the name ><..
however have nice planning then nice design!
it let me think of previous cartoon scam...i forget what is the name ><..
however have nice planning then nice design!
Tom and Jerry is one of the world favourite cartoons that attracts attentions from children and some adults, you can do something more constructive with this idea rather than using this method of ponzi, HYIPs or lottery.
You can hacked down this site and send me pm and i will advise you on how to monetize this site legitimately.
You can hacked down this site and send me pm and i will advise you on how to monetize this site legitimately.
I actually had a similar Idea (Ofc not using Toms and Jerries).
I was, and I am still thinking of coding a much better version, similar in principle. Just with the Highest Quality Website, API, and a lot of features for users.
If there will we be people who want me to do it, I will prob. do it someday.
PS. Let's analyze your system. I will be back with my report today.
Not much to analyze, it's pretty much a variation of a dollar auction (the jackpot), with some "pvp" elements. The owners of the place would get lots of easy money.
I actually had a similar Idea (Ofc not using Toms and Jerries).
I was, and I am still thinking of coding a much better version, similar in principle. Just with the Highest Quality Website, API, and a lot of features for users.
If there will we be people who want me to do it, I will prob. do it someday.
PS. Let's analyze your system. I will be back with my report today.
Play Tom bit Jerry Game and win Bitcoins !
The winner team (the one with more bitcoins) break the loser
Winner will take all loser's bitcoins plus the jackpot.
At the end of the round these bitcoins are shared by all players who invested into the winner team.
Winner will take all loser's bitcoins plus the jackpot.
At the end of the round these bitcoins are shared by all players who invested into the winner team.
The fee is slowly raising during this round, it starts at 0 % and ends at 50 % rate.
Calculate carefully but act quickly! Or perhaps you'd better wait for the next round...
Play It Now :
http://tombitjerry.com/
Jump to: