A coin dice script that needs help
Hi everyone, I uploaded this script because, after buying it for 0.18BTC, I was testing it out on my live server and got all my dogecoins hacked (although, it was only 2000 coins).
So I am giving it away to the community of GITHUB!
My guess is that it was a SQL injection attack. The thing I found out in my little investigation is that the hackers (2 players) got their account balance to say 999999999999999 (with no bet) and then withdrawn the most available (I for example had only 2000 Dogecoins). I know for a fact that they didn't got into the admin part. They injected it through a user session.
You can test out your penetration hacks on my server: cryptorange.com (only 3.5 Dogecoin left on it)
I did have the latest patch for protection against heartbleed attack even before the hack occurred.
Please, if you want to test it out on your server, use testnet so you don't get rob.
I will give a bounty of 0.1 BTC to the person who will make the most commits in 2014.
Cheers
If anyone wants to donate funds will be added to the bounty! Bounty donations: 16mkiwjhSo9XyRKhVUt4GYdAWDJTk4m8Uz
Related repports of this attack on bitcointalk.org: