Topic: XAPO Script - Hacked - page 5. (Read 6092 times)

Another hack job? 
Is anything to do with bitcoin not safe to use anymore? These things seem to be affecting it more and more these days that I am starting to worry if my coins will be available whenever I go and check to see if they are still there.
Xapo wallets can be affected if this script takes their wallet address associated to what they used for this faucet.

timer reset:

Open the source "inspect element" through the dev tools and remove the disabled attribute from the button/input tag. Simple
On Chrome, use ctrl-shift-I to bring up the dev panel. This can even be automated with a plugin such as tampermonkey. Write a script that modifies the site's DOM to remove those annoyances and have tampermonkey run it everytime you visit that faucet.

stop this by encrypting source code  fix is here  http://www.ioncube.com/html_encoder.php

new fix listed below

I heard in bitcoinblackhat i forgot the name of the forum that they have a script for timer resetter that can claim every minute.
so i think according to the claim in the first page in this thread i saw that every 2 seconds claim.
So i think he is using a complete bot. coin collector v4 dont work just like the same that every 2 seconds claim. because coin collector has only selected faucet..

what can you do?? @babo

yes i have seen those.. in fact they have my faucet list posted next to the download   as you can see here  http://thebot.net/threads/coincollector-v4-multi-faucet-bot.316973/page-36#post-3488787

@Gifted
thank you for your amazing script, i ear about security problem of your code.. if you want i can help to fix the problems.

Gifted,

As I said before I did not much experience in this but just wanted to give it a try. Thats no problem I have been called worse by better. And yes I am a idiot, I dont claim to be a genius by any means. Put a ROCK beside me and the ROCK would look like a ROCKET Scientist.

But to enhance this thread I went out looking for ways to get Bitcoins Fast and come back with this little contraption. It is called CoinCollector and I got it for $1.00 online. Now I did have to do some digging into it before I learned how it operated ( 30 Minutes to be exact ). And it was up and running gathering Bitcoins for me.

And this may not even be what you are talking about nor the whole conversation. But it is how I interpreted it.

#1 CoinCollector v4


#2 CoinCollector v4 Settings


#3 CoinCollector v4 ProxyList


#4 CoinCollector v4 Captcha Reading Services


I am sure any idiot could figure this out...I just need a little longer than your normal idoit...   

Russian

@Gifted I am new here but been reading this post for about two hours now. And been wondering how to effectively STOP BOTS from doing so much damage. I know everyone here has way more experience than myself.

I am ( In my little squirrel brain ) ( And yes not much room for thinking either ) mind ( hint smoke coming out of ears ) two things that come to mind are Log-in and Time on Site after Log-in.

Example #1
1) ABC user comes to site.
2) ABC user has to enter bitcoin wallet address or for Xapo a email address.
3) ABC user has to Solve Captcha.
4) ABC user is credited with xxx amount of satoshi.

***BOTS use a Captcha Service to Solve the Captcha's***

If the previous BOT or Hacker is running consecutive transactions is he/she or it having to Solve Captcha's before the transaction or has this BOT or person found a weakness in the script where they can call the same Captcha over and over. Not exactly sure how they would be able to freeze that Captcha but in theory it is possible and can explain how they are able to process so many transactions in a short period of time. 

I would like to ask if you are able to incorporate two ideas into the script and close all back doors for Captcha problems.

1) I know it is more of a bother than anything for any site to use a Password. But if we want the script to be secure we need to incorporate counter measures to STOP them. I would propose to add a Random Password from Random ORG with a Timer on it to input the Password or PassCode ( In theory it takes 20 seconds to see the code or password and enter it ) maybe longer if you are blind like me. By limiting the time on the Password or PassCode it stops the BOT from having time get it solved from a outsourcing place. This is for being able to STOP the BOT from entering. As the Password or PassCode is a one time thing and can not be duplicated for other users to benefit from.

2) If that is too much trouble then I would suggest as a last resort to have the user verify the Xapo email by sending them a Password or PassCode to enable automatic withdrawals. Which means the BOT or person would be hindered and frustrated so they would quit trying to hack it. As it keeps Honest Users Honest and DisHonest Users Away.

3) Use both methods and change the time limit on the Captcha Solving to under 20 seconds and Password or PassCode times to less than 20 seconds to respond. Adjust the time accordingly if needed.

 BOT = Password or PassCode  = BOT  = Owner  = Owner Reply   

From which email provider comes the most bots attack?

Blocking whole countries do not work either... i see  one email collecting every couple of min.. this is due to not having a timer on the email but if they are making false email accounts whats the point....i am at a dead stop with this problem..

So even if i built a login and timed by emails and ips it still would have no effect... The best thing i can think of is blocking the whole country

Block Russia like this in .htaccess  https://www.countryipblocks.net/deny_russia.txt

After the last attack on my faucet, aside from Ind0n3s!a, I also block most IP's that is using yandex.ru, and most of them are in Ru5s!a, but some of them are using non-Ru5s!an IP.

Sorry guys from yandex.ru, you will not be able to payout from my faucet.
Also there is a huge problem with determining proxy when you are behind cloudflare, so I decided to turn it off and check for proxies..
We will see if that helps.

Hey guys,
Im using different script which checks IPs & emails also, but....
Im getting drained by people with multi accounts (that is sure) and some bots may be too.

They found a method for creating multiple accounts. This is how it works:

1. create temporary email
2. go to textnow.com and create virtual phone number (for free!)
3. create another xapo account veryfing it using these fake emails and phones
4. join all your accounts so they can be operated from one xapo account
5. use proxies, vpns

As I can see in my phpmyadmin there is a lot of people that have 5-8 accounts. Even with the same login just in different provider (mostly from RU and UA).
But there is also A LOT (!!!!) of accounts like [email protected], [email protected] etc.. Random letters and year...

So what can we do?!?!

At this moment I turned on another captcha verification for those countries in Cloud Flare. But it did not stopped some of them..

ok, so i figured out that the timer only applies to the ip not the email or btc address... this is the mistake "its needs both"

These known Xapo faucets are also using the same script as Gifted's:

www.aliensbitcoin.eu
www.animalscoin.eu
www.freebtc.kz
www.gentlebitcoin.eu
www.goldcoinjar.com
www.ilovebtc.eu
www.jupiterbitcoin.com
www.onoxvo.es
www.pandabitcoin.eu
www.storesxbox.es
www.sunbitcoin.com
www.whalebitcoin.in
www.xapobtc.com

Althought they used the same script, most of them modified the script. I wonder if they also experienced the same attack?

Ok, so that didn't work ! I will be personally building a login and extra CAPTCHA for the Script and putting together a ready download. This will take a few days or a week because i have a day job that takes a lot out of me, so i will work a few hours a day with it and when i'm done i will post the improved Xapo Script.

i agree with you its done manual. this is why i think hes using TOR and this is why i updated the TOR IP'S in the .htaccess    so far it might be working.



here my thought... with vpn or proxie you can own so many but with TOR there is over 3000 of them so Blocking TOR is the solution