First Exploit/Bug of Steempay-woo-plugin v0.2 Beta by @steve-walschot : @roelandp robbed my shop for $15,000 in virtual goods! :)

fyrstikken (75)in #steempay • 8 years ago

So all of a sudden, the store was empty - all items had been sold for 0.1 SBD - the buyer: @roelandp our fantastic first customer whitehat and organizer of #steemfest. I had to disable SteemPay-woo-plugin immediately after losing almost $15,000 worth of virtual products :) so @steve-walschot - back to the coding-board :)

https://steemit.com/steempay/@fyrstikken/first-review-of-steempay-woo-plugin-v0-2-beta-by-steve-walschot-pay-with-steemdollars-on-woocommerce

If you installed SteemPay Woo Plugin - oh boy oh boy are you in trouble now!! :)

#betatesting #steemit #steemdollars #steemfest

8 years ago in #steempay by fyrstikken (75)

$12.24

Sort:

Trending

[-]

electropig (54) 8 years ago

Ya jess gotsta luv these here newfangled 'lectronical clicketty-boxes sum daze, duzncha? d=O)

$0.00

[-]

fyrstikken (75) 8 years ago

yeah, got to wait for @steve-walschot to write an update now, or ... christmas will start early for some people.

$0.00

2 votes

[-]

electropig (54) 8 years ago

Remember: Bugs are never a waste of time, as even in the worst case scenario, they quickly and easily help you remember every single word mama told you not to say when you were little! d=O)

Not quite as quick as that ()@#*ing idiot who cuts you off in traffic...but pretty close! d;^)

$0.00

[-]

steve-walschot (68) 8 years ago

On it.

$0.00

[-]

mrosenquist (69) 8 years ago

Security is so important. Code review, testing, and validation is mandatory.

$0.00

[-]

electropig (54) 8 years ago

Either that, or making sure that the camera is active, so you can at least record all those quickly changing expressions that invariably pop up when the bug first rears it's ugly head. d8^O

$0.00

[-]

mrosenquist (69) 8 years ago

True. Top-notch security programs have overlapping/supporting elements of Prediction, Prevention, Detection and Response, which forms a strategic process capability.

$0.00

[-]

ricardoguthrie (51) 8 years ago (edited)

Sounds like typical early adopter problems :)

$0.00

[-]

renzoarg (68) 8 years ago (edited)

sounds like a'='a' to me...
Code injection in diapers as a vulnerability, from a "security expert"... It is like a blunt blade coming from a "professional swordsmith".

$0.00

[-]

clevecross (59) 8 years ago

According to him it was $.01 SBD.... we got lies... WITCH HUNT BOYS!!!!

okay fine I will upvote and walk away

$0.00

[-]

ubg (58) 8 years ago

             .-.
            o   \     .-.
               .----.'   \
             .'o)  / `.   o
            /         |
            \_)       /-.
              '_.`    \  \
               `.      |  \
                |       \ |
            .--/`-.     / /
          .'.-/`-. `.  .\|
         /.' /`._ `-    '-.
    ____(|__/`-..`-   '-._ \
   |`------.'-._ `      ||\ \
   || #   /-.   `   /   || \|
   ||   #/   `--'  /  /_::_|)__
   `|____|-._.-`  /  ||`--------`
         \-.___.` | / || #      |
          \       | | ||   #  # |
          /`.___.'\ |.`|________|
          | /`.__.'|'.`
        __/ \    __/ \
       /__.-.)  /__.-.) LGB

$0.00

[-]

btcbtcbtc20155 (56) 8 years ago

There is no way this transaction can be honored. Wow. this is shocking for sure.

$0.00

[-]

ganjagirls (59) 8 years ago

Great catch @fryrstikken!

$0.00

[-]

renzoarg (68) 8 years ago

I've a video that shows how the plugin was created:

Some say that the same coder left the renowned OR 'a'='a';glitch at some of his creations too.

$0.00

STEEM 0.18

TRX 0.13

JST 0.029

BTC 57684.56

ETH 3120.56

USDT 1.00

SBD 2.33

First Exploit/Bug of Steempay-woo-plugin v0.2 Beta by @steve-walschot : @roelandp robbed my shop for $15,000 in virtual goods! :)

If you installed SteemPay Woo Plugin - oh boy oh boy are you in trouble now!! :)

Coin Marketplace