Bitcoin Forum>Economy>Marketplace>Service Announcements>Micro Earnings
Pages:
Author

Topic: XAPO Script - Hacked - page 8. (Read 6092 times)

5ub_zer0
full member
Activity: 238
Merit: 100
Re: XAPO Script - Hacked
July 22, 2016, 08:20:19 AM
#12
Quote from: Omegasun on July 21, 2016, 08:54:28 PM
so many cheater today. hahaha. maybe because of the timer of the faucet is too long and the pay rate is too low. thats why they attempt to use bot. im dissappoint to the faucet user that using bot on faucet.. i am discourage now to create my own faucet. tsk

I dont have a problem with ot if a user have a script witch brings him to a faucet (like rotators) and only solve the captcha ... the problem ist if a user uses a lot of bots or find a way to disable to timer .. so he can make your faucet emtpy in a short time ...

The script i used is from here: https://github.com/destinybogan/Faucet-Builder the only thing what ive edited was the proxy detection i putted into the main index.php ... but maybe that was the problem .. at the moment i let my faucets down ..

Also i checked the server Server Against the HTTPoxy Vulnerability but it was ok ... also i had no phpmyadmin installed .. and as one of the few faucets around it was with ssl protected. So i have no idea whats going wrong but in the moment iam busy.

@Salem can you check my script too for a small tip ?

https://github.com/Subzeroxapo/xapo-script-hacked.git
Gifted
hero member
Activity: 504
Merit: 501
Re: XAPO Script - Hacked
July 22, 2016, 06:40:11 AM
#11
I assure you there is no back doors in the script but someone is always smarter then the next. we must join together to figure out a solution to this problem for the sake of everyone.
Omegasun
hero member
Activity: 742
Merit: 500
Re: XAPO Script - Hacked
July 21, 2016, 08:54:28 PM
#10
Quote from: 5ub_zer0 on July 21, 2016, 01:33:11 PM
My Xapo-Faucet faucet.today got attaked .. as you can see in the list below .. my 30min timer is useless :-) ..

Here is my statement of account:
https://xapofau.xyz/wp-content/uploads/2016/07/Personal-Wallet_2016-07-21.csv

Be careful all with the same script ...

so many cheater today. hahaha. maybe because of the timer of the faucet is too long and the pay rate is too low. thats why they attempt to use bot. im dissappoint to the faucet user that using bot on faucet.. i am discourage now to create my own faucet. tsk
alfaboy23
hero member
Activity: 546
Merit: 500
Re: XAPO Script - Hacked
July 21, 2016, 08:35:07 PM
#9
Quote from: torbente on July 21, 2016, 08:24:42 PM
Quote from: alfaboy23 on July 21, 2016, 08:22:53 PM
I'm not too much knowledgeable in PHP, but I believed that Gifted's distributed script had no backdoors.

I was also hit previously but in a different approach (not the same hack method base on the OP's log), mine is this:

https://bitcointalksearch.org/topic/m.15274896

Then, I just block the whole country where the IP is in, until now, I haven't been hit and I hope not ever.

Which country ? Could you say?
It's from Ind0nes!a.
But before I block that country, I first block the IP ranges he used, but he just uses another IP range, but still in that country Cheesy , and he hit me for the second time with the same method.
That's the time that I decided to block the whole country or technically, just most IP's on that country.
The effect is I do not have any visitors from that country anymore.
torbente
full member
Activity: 140
Merit: 100
Re: XAPO Script - Hacked
July 21, 2016, 08:24:42 PM
#8
Quote from: alfaboy23 on July 21, 2016, 08:22:53 PM
I'm not too much knowledgeable in PHP, but I believed that Gifted's distributed script had no backdoors.

I was also hit previously but in a different approach (not the same hack method base on the OP's log), mine is this:

https://bitcointalksearch.org/topic/m.15274896

Then, I just block the whole country where the IP is in, until now, I haven't been hit and I hope not ever.

Which country ? Could you say?
alfaboy23
hero member
Activity: 546
Merit: 500
Re: XAPO Script - Hacked
July 21, 2016, 08:22:53 PM
#7
I'm not too much knowledgeable in PHP, but I believed that Gifted's distributed script had no backdoors.

I was also hit previously but in a different approach (not the same hack method base on the OP's log), mine is this:

https://bitcointalksearch.org/topic/m.15274896

Then, I just block the whole country where the user's IP is in, until now, I haven't been hit and I hope not ever.
Salmen
legendary
Activity: 1059
Merit: 1020
Re: XAPO Script - Hacked
July 21, 2016, 04:50:16 PM
#6
Quote from: vodaljepa on July 21, 2016, 04:35:32 PM
Gifted you sure you aren't behind these attacks? I will investigate the code and see if any backdoor was planted by you

I just reviewed fast the code and couldn't see any backdoors.
vodaljepa
hero member
Activity: 658
Merit: 500
Re: XAPO Script - Hacked
July 21, 2016, 04:35:32 PM
#5
Gifted you sure you aren't behind these attacks? I will investigate the code and see if any backdoor was planted by you
Gifted
hero member
Activity: 504
Merit: 501
Re: XAPO Script - Hacked
July 21, 2016, 03:32:54 PM
#4
I think i need to add a timer to email and btc addresses not just ip
Gifted
hero member
Activity: 504
Merit: 501
Re: XAPO Script - Hacked
July 21, 2016, 03:27:51 PM
#3
hmm, i see my faucet is getting hit with a bot with same email address.  I  have been trying to figure out a way to stop this but any faucet can be hit with this tech.
vodaljepa
hero member
Activity: 658
Merit: 500
Re: XAPO Script - Hacked
July 21, 2016, 01:49:29 PM
#2
Is this the script Gifted was sharing with people on here?
5ub_zer0
full member
Activity: 238
Merit: 100
Re: XAPO Script - Hacked
July 21, 2016, 01:33:11 PM
#1
My Xapo-Faucet faucet.today got attaked .. as you can see in the list below .. my 30min timer is useless :-) ..

Here is my statement of account:
https://xapofau.xyz/wp-content/uploads/2016/07/Personal-Wallet_2016-07-21.csv

Be careful all with the same script ...
Pages:
Bitcoin Forum>Economy>Marketplace>Service Announcements>Micro Earnings
Jump to: