XAPO Script - Hacked | Bitcointalksearch.org

ardodd

member

Activity: 132

Merit: 10

I would say so. Seem to be too many Fly-by-Night shops setting up now.

Guess most of them don't realize that you have to make a commitment long term as the ads on the Faucet are mostly referral Faucets and/or Adsense which are long-long term commitments.

Shoot I have 10 websites and they all have Adsense and in 5 years i have made $9.45 from it. Not even enough to to meet withdrawal limit.

Some don't realize that they income from the site to sustain the Faucet payout commitment on their end. It is not something you buy $50 worth of Bitcoins and payout slowly depending on the amount of traffic and of course BOT's stealing too.

By-the-way what kind of drugs was I on when I posted this last night? Huh

Must of been good too.

Gifted

hero member

Activity: 504

Merit: 501

Quote from: ardodd on August 12, 2016, 12:28:13 AM

@Gifted,

Do you know how to make a searchable database that would host the Faucet List. I had time on my hands this week and remember back in 2000 when I first started doing online html and coding i had a website that i made which had a interface I could actually program myself.

Back then it was simple as all i did was create a database of websites, and then broke them down into specific categories for what they did. And created a simple search where anyone could enter the category they were interested in and then check the radio boxes for which specific areas they wanted to lookup.

Example:

I was pondering that thought about all these Faucets. As it would need to be able to scrap for Faucet sites and then be able to host the information. The developer would have the advantage as when they are found he/she would have to join that Faucet so others could see it. I was pondering on this while laying i the hospital bed. And had seen a big list on Faucet List that had Bitcoin, Dogecoin, Peercoin, Darkcoin, Litecoin, etc...and noticed that a Xapo List was not available. And with so many cryptocurrencies I remember having a multi-wallet with Cryptonator that had many wallets.

But am asking if one could code a database interface like above to list all these Faucets and make it use your crypto-wallet address to join them. One at a time so when opening up the program the complete list comes up and they can check off the websites as they surf for coins. I DO NOT want a bot to do the work, only to register for all the sites with. The parameters could be anything from amount of coins collected to time in between intervals. Say you have 100 websites with 5 minute intervals we could create one parameter for them. And every different time frame could be a set of parameters. Or we could set parameters for alphabetical listing. The possibilities is endless on parameters.

One of the things i figured needed would be a way to store the e-wallet addresses so it can be entered according that sites crypto-currency. The e-wallet addresses would have to be stored off-site for the users protection and only pulled up if they log into it securely to use the database.

I don't know if you would want to do something like that or not, but I am interested in seeing if you could make something like this and make dam sure that a BOT can not join the website with a firewall.

***Update***

I had a feeling that my computer had been infected so out of curiousity I used Norton Power Eraser even after I used MalwareBytes Anti-Malware to check my computer for any virus. And not surprised at all i found 3 trojans attached to .exe files. What amazed me is that it was called molested.exe and it was attached to one of my Processor programs. I can remember one day my computer shut down completely and I had to manually restart it. And when I did it told me that one or more of my drivers had stopped working or was going out. So it led me to what looked exactly like a Toshiba Official page and pulled up that Drive and so called updated it. To find out that it come from Faucet that had a backdoor virus which had a popup virus. And once the darn computer started opening page after page at a astounding rate i knew something got through the firewall.

But anyways the morale to the story is that the attacks may not be because of a security issue on the website, but a security issue on our computer itself in the Root or .exe files where they are able to communicate with your site through the Root or .exe file

Just a simple reminder to scan the Root files and .exe files even if you think you virus protection is up to date and see a warning to repair or upgrade. Watch it with multiple virus scans that remove trojans.

This wont happen unless all faucets are built the same... the hard part is getting all the faucets to be able to bind with our site and this will never happen. each website is different so the code would have to me crazy ! Unless you go with standerd faucetbox then it might work but those usually fail in a month or so because of lack of coding, experience ETC.

Gifted

hero member

Activity: 504

Merit: 501

Quote from: ardodd on August 12, 2016, 12:29:30 AM

Quote from: Gifted on August 12, 2016, 12:07:45 AM

Quote from: ardodd on August 11, 2016, 11:44:49 PM

I am so sorry for not being around everyone. This is one of those weeks no cares to go through. I am fighting cancer and it is not pretty. And on top of that i am fighting diabetes at the same time.

Spent all week in hospital with blood sugar levels at or above 500 and infections. Just have not had the energy to even get online til now.

I was trying to catch up some but things are kind of cobb webbed inside my head right now. So if someone could catch me up on where we are with the security i would love to get back into the conversation.

Well it seems in our combined efforts bot are no more. I believe the most significance is the fact that firefox is used with bots and is blocked on my faucet.Also the captcha reset was another flaw was fixed... seems all is well

Great job !!!!! I felt like Firefox and the iMacros would cause problems.

About your virus... just use this only https://www.microsoft.com/en-us/download/details.aspx?id=5201 Most virus's comes from antivirus !

ardodd

member

Activity: 132

Merit: 10

Quote from: Gifted on August 12, 2016, 12:07:45 AM

Quote from: ardodd on August 11, 2016, 11:44:49 PM

I am so sorry for not being around everyone. This is one of those weeks no cares to go through. I am fighting cancer and it is not pretty. And on top of that i am fighting diabetes at the same time.

Spent all week in hospital with blood sugar levels at or above 500 and infections. Just have not had the energy to even get online til now.

I was trying to catch up some but things are kind of cobb webbed inside my head right now. So if someone could catch me up on where we are with the security i would love to get back into the conversation.

Well it seems in our combined efforts bot are no more. I believe the most significance is the fact that firefox is used with bots and is blocked on my faucet.Also the captcha reset was another flaw was fixed... seems all is well

Great job !!!!! I felt like Firefox and the iMacros would cause problems.

ardodd

member

Activity: 132

Merit: 10

@Gifted,

Do you know how to make a searchable database that would host the Faucet List. I had time on my hands this week and remember back in 2000 when I first started doing online html and coding i had a website that i made which had a interface I could actually program myself.

Back then it was simple as all i did was create a database of websites, and then broke them down into specific categories for what they did. And created a simple search where anyone could enter the category they were interested in and then check the radio boxes for which specific areas they wanted to lookup.

Example:

I was pondering that thought about all these Faucets. As it would need to be able to scrap for Faucet sites and then be able to host the information. The developer would have the advantage as when they are found he/she would have to join that Faucet so others could see it. I was pondering on this while laying i the hospital bed. And had seen a big list on Faucet List that had Bitcoin, Dogecoin, Peercoin, Darkcoin, Litecoin, etc...and noticed that a Xapo List was not available. And with so many cryptocurrencies I remember having a multi-wallet with Cryptonator that had many wallets.

But am asking if one could code a database interface like above to list all these Faucets and make it use your crypto-wallet address to join them. One at a time so when opening up the program the complete list comes up and they can check off the websites as they surf for coins. I DO NOT want a bot to do the work, only to register for all the sites with. The parameters could be anything from amount of coins collected to time in between intervals. Say you have 100 websites with 5 minute intervals we could create one parameter for them. And every different time frame could be a set of parameters. Or we could set parameters for alphabetical listing. The possibilities is endless on parameters.

One of the things i figured needed would be a way to store the e-wallet addresses so it can be entered according that sites crypto-currency. The e-wallet addresses would have to be stored off-site for the users protection and only pulled up if they log into it securely to use the database.

I don't know if you would want to do something like that or not, but I am interested in seeing if you could make something like this and make dam sure that a BOT can not join the website with a firewall.

***Update***

I had a feeling that my computer had been infected so out of curiousity I used Norton Power Eraser even after I used MalwareBytes Anti-Malware to check my computer for any virus. And not surprised at all i found 3 trojans attached to .exe files. What amazed me is that it was called molested.exe and it was attached to one of my Processor programs. I can remember one day my computer shut down completely and I had to manually restart it. And when I did it told me that one or more of my drivers had stopped working or was going out. So it led me to what looked exactly like a Toshiba Official page and pulled up that Drive and so called updated it. To find out that it come from Faucet that had a backdoor virus which had a popup virus. And once the darn computer started opening page after page at a astounding rate i knew something got through the firewall.

But anyways the morale to the story is that the attacks may not be because of a security issue on the website, but a security issue on our computer itself in the Root or .exe files where they are able to communicate with your site through the Root or .exe file

Just a simple reminder to scan the Root files and .exe files even if you think you virus protection is up to date and see a warning to repair or upgrade. Watch it with multiple virus scans that remove trojans.

Gifted

hero member

Activity: 504

Merit: 501

Quote from: ardodd on August 11, 2016, 11:44:49 PM

I am so sorry for not being around everyone. This is one of those weeks no cares to go through. I am fighting cancer and it is not pretty. And on top of that i am fighting diabetes at the same time.

Spent all week in hospital with blood sugar levels at or above 500 and infections. Just have not had the energy to even get online til now.

I was trying to catch up some but things are kind of cobb webbed inside my head right now. So if someone could catch me up on where we are with the security i would love to get back into the conversation.

Well it seems in our combined efforts bot are no more. I believe the most significance is the fact that firefox is used with bots and is blocked on my faucet.Also the captcha reset was another flaw was fixed... seems all is well

ardodd

member

Activity: 132

Merit: 10

I am so sorry for not being around everyone. This is one of those weeks no cares to go through. I am fighting cancer and it is not pretty. And on top of that i am fighting diabetes at the same time.

Spent all week in hospital with blood sugar levels at or above 500 and infections. Just have not had the energy to even get online til now.

I was trying to catch up some but things are kind of cobb webbed inside my head right now. So if someone could catch me up on where we are with the security i would love to get back into the conversation.

sabotag3x

legendary

Activity: 2604

Merit: 2234

Crypto Swap Exchange

Quote from: 5ub_zer0 on August 08, 2016, 08:54:22 AM

Quote from: sabotag3x on August 08, 2016, 08:42:24 AM

Can someone try to use any proxy/vpn in my faucet? By "use" I mean CLAIM.. and give me a feedback please!
http://www.bitcoinamerica.com.br/faucet

Thanks a lot!

Notice: REFERER CHECK FAILED, ASSUMING CSRF! in /customers/c/f/6/bitcoinamerica.com.br/httpd.www/faucet/script/common.php on line 100 Warning: Cannot modify header information - headers already sent by (output started at /customers/c/f/6/bitcoinamerica.com.br/httpd.www/faucet/script/common.php:100) in /customers/c/f/6/bitcoinamerica.com.br/httpd.www/faucet/script/common.php on line 356 Notice: Banned: xxx.xxx.xxx.xxx in /customers/c/f/6/bitcoinamerica.com.br/httpd.www/faucet/script/common.php on line 309

Quote from: Gifted on August 08, 2016, 12:57:27 PM

Quote from: sabotag3x on August 08, 2016, 08:42:24 AM

Can someone try to use any proxy/vpn in my faucet? By "use" I mean CLAIM.. and give me a feedback please!
http://www.bitcoinamerica.com.br/faucet

Thanks a lot!

Notice: Banned: 46.101.138.168 in /customers/c/f/6/bitcoinamerica.com.br/httpd.www/faucet/script/common.php on line 309

Thanks! I think it's working, I can't block all VPN/Proxy/TOR systems however it can block a lot of services..
I banned 15.000 ASNs

Gifted

hero member

Activity: 504

Merit: 501

Quote from: sabotag3x on August 08, 2016, 08:42:24 AM

Can someone try to use any proxy/vpn in my faucet? By "use" I mean CLAIM.. and give me a feedback please!
http://www.bitcoinamerica.com.br/faucet

Thanks a lot!

Notice: Banned: 46.101.138.168 in /customers/c/f/6/bitcoinamerica.com.br/httpd.www/faucet/script/common.php on line 309

5ub_zer0

full member

Activity: 238

Merit: 100

Quote from: sabotag3x on August 08, 2016, 08:42:24 AM

Can someone try to use any proxy/vpn in my faucet? By "use" I mean CLAIM.. and give me a feedback please!
http://www.bitcoinamerica.com.br/faucet

Thanks a lot!

Notice: REFERER CHECK FAILED, ASSUMING CSRF! in /customers/c/f/6/bitcoinamerica.com.br/httpd.www/faucet/script/common.php on line 100 Warning: Cannot modify header information - headers already sent by (output started at /customers/c/f/6/bitcoinamerica.com.br/httpd.www/faucet/script/common.php:100) in /customers/c/f/6/bitcoinamerica.com.br/httpd.www/faucet/script/common.php on line 356 Notice: Banned: xxx.xxx.xxx.xxx in /customers/c/f/6/bitcoinamerica.com.br/httpd.www/faucet/script/common.php on line 309

sabotag3x

legendary

Activity: 2604

Merit: 2234

Crypto Swap Exchange

Can someone try to use any proxy/vpn in my faucet? By "use" I mean CLAIM.. and give me a feedback please!
http://www.bitcoinamerica.com.br/faucet

Thanks a lot!

Gifted

hero member

Activity: 504

Merit: 501

Quote from: 5ub_zer0 on August 06, 2016, 12:01:03 PM

Quote from: Gifted on August 05, 2016, 02:16:24 PM

i just fixed that if you read the security patch for xapo.

Patch V1.1[/b]

find this code

Code:

if($response->success){
$view['main']['result_html'] = '

Congratulations you have won '.$amount.' Satoshis !!!

';
$url = get_main_url()."?r=".$username;
$view['main']['ref_link'] = '

Share your referal link and earn a '.$settings["referral_percentage"].'% lifetime bonus. Your referal link is '.$url.'

';

and replace with this

Code:

if($response->success){
header('Refresh: 30;url=[b]change to your faucets url[/b]');
$view['main']['result_html'] = '

Congratulations you have won '.$amount.' Satoshis !!!

';
$url = get_main_url()."?r=".$username;
$view['main']['ref_link'] = '

Share your referal link and earn a '.$settings["referral_percentage"].'% lifetime bonus. Your referal link is '.$url.'

';

This redirects back to your page after 30 seconds so that the captcha resets so that a imacro program cannot be programmed to just refresh and get credit every hour when they are sleeping. i would suggest do this immediately! Make sure you put your faucet address where is says change to your faucet url.

i did this already implemented yesterday morning ...

Code:

if($response->success){
header('Refresh: 30;url=https://faucet.today');
-snip-

and the problem was still there ..

but ardodd whould test it .. waiting for an answer

its a 30m second timer... you can change where its highlited header('Refresh: 30;url=change to your faucets url');

take out the bold code where the address goes.. that does not go there

5ub_zer0

full member

Activity: 238

Merit: 100

Quote from: Gifted on August 05, 2016, 02:16:24 PM

i just fixed that if you read the security patch for xapo.

Patch V1.1[/b]

find this code

Code:

if($response->success){
      $view['main']['result_html'] = 'Congratulations you have won '.$amount.' Satoshis !!!
';
      $url = get_main_url()."?r=".$username;
      $view['main']['ref_link'] = 'Share your referal link and earn a '.$settings["referral_percentage"].'% lifetime bonus. Your referal link is '.$url.'
';

and replace with this

Code:

if($response->success){
   header('Refresh: 30;url=[b]change to your faucets url[/b]');
 $view['main']['result_html'] = 'Congratulations you have won '.$amount.' Satoshis !!!
';
      $url = get_main_url()."?r=".$username;
      $view['main']['ref_link'] = 'Share your referal link and earn a '.$settings["referral_percentage"].'% lifetime bonus. Your referal link is '.$url.'
';

This redirects back to your page after 30 seconds so that the captcha resets so that a imacro program cannot be programmed to just refresh and get credit every hour when they are sleeping. i would suggest do this immediately! Make sure you put your faucet address where is says change to your faucet url.

i did this already implemented yesterday morning ...

Code:

    if($response->success){
      header('Refresh: 30;url=https://faucet.today');
   -snip-

and the problem was still there ..

but ardodd whould test it .. waiting for an answer

viralalert

full member

Activity: 266

Merit: 100

Quote from: sabotag3x on August 05, 2016, 06:39:49 PM

Quote from: 5ub_zer0 on August 05, 2016, 06:04:42 AM

Can you tell me/us please how you block a browser .. thanx in advance

I'm using this code

Code:

// Blocks Browser Multiple 
$get_name_browser = $_SERVER['HTTP_USER_AGENT']; // Get Name Broswer
$block_browser    = array("Avant Browser","Firefox","Yandex", "Opera","ELinks","SeaMonkey","Chromium","Iceweasel","Konqueror","WebKit Nightly","Iron","Pale Moon","Epiphany"); // Name Broswer Block

foreach($block_browser as $new){

    if(preg_match("/".$new."/",$get_name_browser)){
        die("Browser not supported!
");    
    }

}
//
?>

You must add a message something like this "Browser not supported, Please use google chrome".

Gifted

hero member

Activity: 504

Merit: 501

Try using your windows vps on my site http://www.bitcoinfaucetexchange.com/

testing this

Code:


/*
 * This file is part of the Symfony package.
 *
 * (c) Fabien Potencier 
 *
 * For the full copyright and license information, please view the LICENSE
 * file that was distributed with this source code.
 */

/**
 * Http utility functions.
 *
 * @author Fabien Potencier 
 */
class IpUtils
{
    /**
     * This class should not be instantiated.
     */
    private function __construct()
    {
    }

    /**
     * Checks if an IPv4 or IPv6 address is contained in the list of given IPs or subnets.
     *
     * @param string       $requestIp IP to check
     * @param string|array $ips       List of IPs or subnets (can be a string if only a single one)
     *
     * @return bool Whether the IP is valid
     */
    public static function checkIp($requestIp, $ips)
    {
        if (!is_array($ips)) {
            $ips = array($ips);
        }

        $method = substr_count($requestIp, ':') > 1 ? 'checkIp6' : 'checkIp4';

        foreach ($ips as $ip) {
            if (self::$method($requestIp, $ip)) {
                return true;
            }
        }

        return false;
    }

    /**
     * Compares two IPv4 addresses.
     * In case a subnet is given, it checks if it contains the request IP.
     *
     * @param string $requestIp IPv4 address to check
     * @param string $ip        IPv4 address or subnet in CIDR notation
     *
     * @return bool Whether the request IP matches the IP, or whether the request IP is within the CIDR subnet.
     */
    public static function checkIp4($requestIp, $ip)
    {
        if (false !== strpos($ip, '/')) {
            list($address, $netmask) = explode('/', $ip, 2);

            if ($netmask === '0') {
                // Ensure IP is valid - using ip2long below implicitly validates, but we need to do it manually here
                return filter_var($address, FILTER_VALIDATE_IP, FILTER_FLAG_IPV4);
            }

            if ($netmask < 0 || $netmask > 32) {
                return false;
            }
        } else {
            $address = $ip;
            $netmask = 32;
        }

        return 0 === substr_compare(sprintf('%032b', ip2long($requestIp)), sprintf('%032b', ip2long($address)), 0, $netmask);
    }

    /**
     * Compares two IPv6 addresses.
     * In case a subnet is given, it checks if it contains the request IP.
     *
     * @author David Soria Parra 
     *
     * @see https://github.com/dsp/v6tools
     *
     * @param string $requestIp IPv6 address to check
     * @param string $ip        IPv6 address or subnet in CIDR notation
     *
     * @return bool Whether the IP is valid
     *
     * @throws \RuntimeException When IPV6 support is not enabled
     */
    public static function checkIp6($requestIp, $ip)
    {
        if (!((extension_loaded('sockets') && defined('AF_INET6')) || @inet_pton('::1'))) {
            throw new \RuntimeException('Unable to check Ipv6. Check that PHP was not compiled with option "disable-ipv6".');
        }

        if (false !== strpos($ip, '/')) {
            list($address, $netmask) = explode('/', $ip, 2);

            if ($netmask < 1 || $netmask > 128) {
                return false;
            }
        } else {
            $address = $ip;
            $netmask = 128;
        }

        $bytesAddr = unpack('n*', inet_pton($address));
        $bytesTest = unpack('n*', inet_pton($requestIp));

        for ($i = 1, $ceil = ceil($netmask / 16); $i <= $ceil; ++$i) {
            $left = $netmask - 16 * ($i - 1);
            $left = ($left <= 16) ? $left : 16;
            $mask = ~(0xffff >> $left) & 0xffff;
            if (($bytesAddr[$i] & $mask) != ($bytesTest[$i] & $mask)) {
                return false;
            }
        }

        return true;
    }
}

Gifted

hero member

Activity: 504

Merit: 501

Quote from: sabotag3x on August 05, 2016, 06:39:49 PM

Quote from: 5ub_zer0 on August 05, 2016, 06:04:42 AM

Can you tell me/us please how you block a browser .. thanx in advance

I'm using this code

Code:

// Blocks Browser Multiple 
$get_name_browser = $_SERVER['HTTP_USER_AGENT']; // Get Name Broswer
$block_browser    = array("Avant Browser","Firefox","Yandex", "Opera","ELinks","SeaMonkey","Chromium","Iceweasel","Konqueror","WebKit Nightly","Iron","Pale Moon","Epiphany"); // Name Broswer Block

foreach($block_browser as $new){

    if(preg_match("/".$new."/",$get_name_browser)){
        die("Browser not supported!
");    
    }

}
//
?>

I don't read all replys here yet, after I'll read and reply.. just leaving the code here

this will stop bots because they use firefox.. an old version to use with bots great job !!

sabotag3x

legendary

Activity: 2604

Merit: 2234

Crypto Swap Exchange

Quote from: 5ub_zer0 on August 05, 2016, 06:04:42 AM

Can you tell me/us please how you block a browser .. thanx in advance

I'm using this code

Code:

// Blocks Browser Multiple 
$get_name_browser = $_SERVER['HTTP_USER_AGENT']; // Get Name Broswer
$block_browser    = array("Avant Browser","Firefox","Yandex", "Opera","ELinks","SeaMonkey","Chromium","Iceweasel","Konqueror","WebKit Nightly","Iron","Pale Moon","Epiphany"); // Name Broswer Block

foreach($block_browser as $new){

    if(preg_match("/".$new."/",$get_name_browser)){
        die("Browser not supported!
");    
    }

}
//
?>

I don't read all replys here yet, after I'll read and reply.. just leaving the code here

edit:

Quote from: 5ub_zer0 on August 05, 2016, 07:08:08 AM

Quote from: ardodd on August 05, 2016, 06:37:35 AM

Blocking Browsers is not the answer to your problem.

yes i am with you .. i just asked because i would like to know if there is a comfortabler way as baning a specific user-agent in htaccess ...

yeap, I know it's not the answer, however I have to try something.. I don't care about losing some access by firefox since I block some bot attack.. better a little revenue then losses

Salmen

legendary

Activity: 1059

Merit: 1020

Quote from: 5ub_zer0 on August 05, 2016, 08:42:44 AM

Quote from: Salmen on August 05, 2016, 08:16:19 AM

The solution of blocking all proxies is still not a good solution at all. It blocks almost all proxies. With an advanced proxy is it possible to bypass the proxy detection.

some proxys like the elite proxys could not detected with this described solution in this thread .. the faucetbox script can do it - if nastyhost is enabled (maybe it works disabled too) and claim with a elite proxy it will a message appear "invalid address" ... testet on my faucets

@salmen are your ISP Telekom ? .. because i got on the most faucets a vpn/proxy denied message with my normal connection .. so i have to use my private proxy (no worry guys - i am to old for making nonsens^^) .. than it works (funny or) .. only at faucetboxscript not as mentioned above

but anyway if i read things like the connector and proxyswitcher and all this .. makes me sad ...

My ISP is currently not Telekom and thereby can't check it now. However, the elite proxy is a problem and the windows vps.

Why is still no solution to block ISP? Isn't it weird if a user use proxy using vps?

Gifted

hero member

Activity: 504

Merit: 501

Quote from: 5ub_zer0 on August 05, 2016, 07:01:21 AM

Its me again .. there are still one thing what i don't like ... i will try to explain as good as i can in english ...

Example:

Your Xapo Faucet has a Cooldown (Timer) of 15minutes until next claim is allowed.

OK here we go - a Visitor enter your Faucet solve the Captcha and Claim .. he stays on your really cool Site .. and after 15 minutes he can press F5 (Refresh) in browser .. a small window pops-up
and ask if you want to send the Formular again (dont know how it is called in english - see screenshot in German)

If you answer with Yes .. the Browserwindows reloads/refreshs .. and you have automaticly claimed - without enter the Captcha again...

Now if a Black-hat have found a way how to disable the timer (ok we dont allow rightclicks and so on now ) he has only press F5 press Enter all time long .. and is happy ..

I am not a hero in Webdesign nor php .. but maybe a solution is to set the cookielifetime to 5mins ? or has it something to do with the session ? .. any ideas ?

i just fixed that if you read the security patch for xapo.

Patch V1.1[/b]

find this code

Code:

if($response->success){
      $view['main']['result_html'] = 'Congratulations you have won '.$amount.' Satoshis !!!
';
      $url = get_main_url()."?r=".$username;
      $view['main']['ref_link'] = 'Share your referal link and earn a '.$settings["referral_percentage"].'% lifetime bonus. Your referal link is '.$url.'
';

and replace with this

Code:

if($response->success){
   header('Refresh: 30;url=[b]change to your faucets url[/b]');
 $view['main']['result_html'] = 'Congratulations you have won '.$amount.' Satoshis !!!
';
      $url = get_main_url()."?r=".$username;
      $view['main']['ref_link'] = 'Share your referal link and earn a '.$settings["referral_percentage"].'% lifetime bonus. Your referal link is '.$url.'
';

This redirects back to your page after 30 seconds so that the captcha resets so that a imacro program cannot be programmed to just refresh and get credit every hour when they are sleeping. i would suggest do this immediately! Make sure you put your faucet address where is says change to your faucet url.

5ub_zer0

full member

Activity: 238

Merit: 100

Quote from: Salmen on August 05, 2016, 08:16:19 AM

The solution of blocking all proxies is still not a good solution at all. It blocks almost all proxies. With an advanced proxy is it possible to bypass the proxy detection.

some proxys like the elite proxys could not detected with this described solution in this thread .. the faucetbox script can do it - if nastyhost is enabled (maybe it works disabled too) and claim with a elite proxy it will a message appear "invalid address" ... testet on my faucets

@salmen are your ISP Telekom ? .. because i got on the most faucets a vpn/proxy denied message with my normal connection .. so i have to use my private proxy (no worry guys - i am to old for making nonsens^^) .. than it works (funny or) .. only at faucetboxscript not as mentioned above

but anyway if i read things like the connector and proxyswitcher and all this .. makes me sad ...

Topic: XAPO Script - Hacked (Read 6073 times)

Browser not supported!

Browser not supported!

Browser not supported!