Feedback Loophole/Exploit/Bug in Depositing Methods

[neon claws]

No.

I love how you keep denying things people are telling you, as if you are familiar with every site ever made.

I'm telling you a live site accepted card 1234*4 as a valid payment. I know this because I was on the team that fixed it. Yes, there are terrible coders out there and casinos will often hire the cheapest of the cheap.
The 1234 example has nothing to do with the payment gateway or processor.

 

[Bloatgoat]

Then was'nt it a test feature to test payments?

I rest my case.

 

[neon claws]

Then was'nt it a test feature to test payments?

I rest my case.

Yes, on a production server!
I'm not sure what nuance you're arguing, first you say no company would ever allow an exploit like this, which is just demonstrably false and then you're outright denying other people's examples of this occurring.

Not to mention the payment API is only one of many vectors you could use. Let's not forget the casino that had a knowledge base article with a list of all their admin usernames and passwords so anyone searching for "forgot my password" ends up being able to access the backend and give themselves however many free spins they like.

 

[oneofakind_11]

can someone fill me in on what the little exploit actually was in pm? aha

 

[dunover]

can someone fill me in on what the little exploit actually was in pm? aha

Right, necromancing a 5-year old thread. You missed the boat, it sailed years ago. We don't really encourage the sharing of dodgy information that could put you at risk anyway. Perhaps see if you can contribute to the forum elsewhere.