Cerus Network - For those who still play

[Windbreaker]

[Robbie Robb]

There wouldn't be many situations where being able to sniff out someone's hole cards would be useful since it doesn't appear that the opponent hole cards are sent until the end of the hand if/when shown. I suppose if you camped outside someone's house who plays HU there would be a big benefit .

What's scarier is the part he just kind of glosses over - that username and password is easily intercepted to allow for direct access to account.

[Talking Poker]

Wow. I haven't played there in years, but thanks for posting this.

And RR, you are looking at it wrong... the hole cards are showing up immediately, as soon as they are dealt.

[GTDawg]

Yeah, his own cards. Unless I am viewing the video wrong and misunderstanding what he is talking about.

To use this to your advantage, you would have to be at the network of the opponent that you are playing to grab the packets for the linux program.

How, exactly, does grabbing your own cards as they are dealt help you in any way, shape, or form? To gain an advantage, you're going to need your opponent's hole cards and...from what I understand in that video...you need to be somehow connected to the hub of a wired network or within reasonable distance of the wireless network that your opponent is using. That just isn't logistically possible under any circumstances.

Perhaps I am missing what he is describing, but that's the way the video implies things.

Also, I would say the username/password is the more important information, as well. It would make much more sense to have this program available in case you run in to an unsecured network of some sort (whether it be internet cafe, restaurant, dorm room, whatever). Scan it for people playing Absolute. Take their account information. Steal their shit.

[BlibbityBlabbity]

I believe this is addressing the basic holes in the security protocols that the Cereus Network has used to pass information back and forth between the Poker site server and the users computer. He is saying they did not use the standard industy encryption prtocols and instead created and used their own..... and their's suck (here, see, I can hack them).

If he can hack the windows computer from the linux computer through a wireless connection (if he is right around the house) or if connected with a wire if he breaks into the users house, I think he is saying it can also be done remotely as well. In either case, that is a huge issue.

When you send your confidential information (user, password, hole cards, credit card numbers, etc) to/from their server they should be encrypted in such a way that is someone does intercept the packets of data, they would not be able to decrypt them and read the information. Only the computer that is supposed to get the packet should have the code necessary to read it.

That said, we are talking about hackers and anything is possible if you put your mind to getting it.

[GTDawg]

I agree that their security system definitely needs work if he was able to grab that information. And, if they didn't use industry standards, that is very telling in that they seem to be incompetent and proud of their incompetence.

From that video, he doesn't not seem to imply that it can be done from ANYWHERE. Even though the simple idea of it being done is disconcerting. He seems to imply that there is some level of location needed to get the information (as opposed to anyone grabbing the information from their living room about any person playing the game).

But, again, he isn't capturing another person's hole cards. He is just grabbing his own.

While I find the ability to grab the information and produce a usable result bad, I'd say that being able to find the opponent's hole cards from a remote location to be far higher on the exploitation list of bad things that can happen.

But, again, he implies that you can grab a person's account information which would be far and away the most egregious problem surrounding this situation. Far more than gaining an advantage through knowing someone's cards.

[Windbreaker]

You are way too fixated on the own hole cards. He is proving that ppl playing on unprotected network, other ppl can obtain their hole card information due to the weak encryption on the Cerus Network.

[BlibbityBlabbity]

The reason he was only seeing his hole cards was that he was the one playing on the computer. If there was another player on the network that his software was monitoring (next door neighbor, for example) he could have been seeing them as well.

While what he was showing is still probably not allowed by Cereus, it is not illegal as it was his account, his network, and his player id he was hacking. If he had shown his software hacking other accounts there would be knocks on the door soon after... if there weren't already ("It's Annie Duke, WTF!")

[MAYHEM45]

PCA, Vegas during WSOP, the list goes on and on. Scary shit.

[GTDawg]

"He is proving that ppl playing on unprotected network, other ppl can obtain their hole card information due to the weak encryption on the Cerus Network. "
---
"The reason he was only seeing his hole cards was that he was the one playing on the computer. If there was another player on the network that his software was monitoring (next door neighbor, for example) he could have been seeing them as well. "

That's my point, though. Yes, I'm fixated on HIS hole cards...because he hasn't demonstrated that he can find ANOTHER person's hole cards without being physically near their network. (The idea of being able to see an entire table's hole cards, for example)

The need to be near an un-encrypted wireless network or connected to a hub that people are playing on diminishes the "scary" factor related to being able to see the hole cards. Unless we are going to assume that he will ALWAYS be playing near someone else playing Absolute on the same stakes/same table, whatever.

It is logistically improbable that he would be near someone else playing Absolute, considering he would need to play the same game as them for an extended period of time to gain an advantage from seeing their hole cards. I mean, he would...essentially...be seeing only one other person's cards. While an advantage, it isn't something that will GREATLY improve his winnings (although it is a huge advantage). And, again, he's never going to be playing multiple people from one network except in very rare circumstances.

I mean, how often is your neighbor playing poker on an unsecured network? How often is some random guy playing Absolute on the network at the local starbucks?

***
"PCA, Vegas during WSOP, the list goes on and on. Scary shit."

As mentioned before, these events are definitely more primed for him to steal account information as it would be a far easier score.

He glosses over, what I feel, is the more serious issue. That account information can be gained through these security flaws.

It would be far FAR easier to scour Vegas during the WSOP for people playing Absolute on hotel wireless and grab their account information as compared to finding one single person's hole cards while you played against them.

***
I'm not sure if you guys are misunderstanding my point or not. I see that you can view the hole cards. However, there is a need to be physically NEAR someone (within network range of some kind) to grab their cards. And, you'd have to sit there and play them for an extended period of time to gain an advantage. It is a big advantage to know one person's hole cards, however, it isn't the same advantage as being able to see ALL the cards.

When looking at the entire situation, the idea that account information can be stolen through this security flaw is infinitely more serious than the ability to see one other person's hole cards.

[Talking Poker]

GTDawg - I think we are all saying the same thing. He's just showing how he can grab hole cards as an example. And stop thinking of it as his own hole cards... this of the person playing (just happens to be him) as the target and the other computer (also happens to be him) as the attacker. The fact that he was attacking himself is meaningless.

But yeah, I think if you play any poker on a public network (Vegas, etc, etc) OR if someone decides to target you and can get into your network, this is a pretty huge issue. No, I wouldn't be too worried about someone seeing my hole cards if I played on UB tonight. While scary, that's not the point and was just an example. But the fact that someone at PCA could compromise the login info of every poker player there because Cereus is too stupid to use SSL... that's just absurd.

[GTDawg]

I understand most of what you are saying...but
And stop thinking of it as his own hole cards... this of the person playing (just happens to be him) as the target and the other computer (also happens to be him) as the attacker. The fact that he was attacking himself is meaningless.

I'm not writing it off because it is "his" hole cards. Yes, it is obvious that it would be the target's hole cards. But, that is still one set of hole cards. That isn't the whole table. And, to grab that ONE set, you'd need to be physically near that person's network which means you aren't going to be grabbing multiple sets of hole cards and you'd have to sit and play that person constantly to use that advantage.

Grabbing one set of hole cards isn't as scary or as big an issue as somehow getting ALL of the hole cards OR the account info (which he mentions).

------
The logistics of getting one set of hole cards (the person you are targeting) doesn't seem to be as much of a benefit as the account info. You'd have to be physically near the person (or the network), you'd have to sit there and play the same person for quite a bit of time to take advantage of knowing their hole cards and, for all that work, you still aren't going to be getting information about the other people at the table.

If you could somehow target someone in a heads up match for an extended period of time...cash money. However, that is an exceedingly rare circumstance.

If you could somehow play against a group of people that were all playing the same table while on the same network...cash money. However, that is an exceedingly rare circumstance.

He is able to grab ONE set of hole cards. He isn't getting hole cards for the entire table (which would be the jackpot hack). And, to use that advantage, he has to be close to the person, playing the same table, and playing for quite a while to ensure you got some hands against them.

*****
Your second paragraph seems to be more in line with my point. Grabbing the hole cards of one singular person isn't really that BIG of a thing. Yes, it is huge. But, it pales in comparison to the idea of being able to grab the account information of someone playing Absolute on an unsecured wireless network. And, the ability to do that removes the entire work involved in actually using the knowledge of someone's hole cards to beat them in poker.

In that video, he glosses over it and instead discusses the hole card thing and how his program gets them before the computer program can draw the cards on the screen.

[Fildy]

Seeing as this is what I am studying, maybe I can shed some light on what is going on here. When on a wireless, or even wired network, data is sent over whichever medium (radio waves/copper Ethernet). Data being sent over wireless is much more vulnerable because when it is in the air, anyone can grab it.

THEY DO NOT HAVE TO BE ON YOUR NETWORK!!!! Simply in range of it. When in range of a wireless network one can grab the BSSID (Network name, Linksys or Dynex by default. If you are not retarded you have probably already changed this name along with the password. If not, you have bigger problems.

The linux box is running what is known as a packet sniffer. A packet is a chunk of information that is sent over the network. Since the object as a whole is too big to send it is cut up into these smaller packets and transferred easily over the medium. The packets are then rearranged into the original form and put to use. This packet sniffer collects the packets and reads them. There are many programs out there that will "sniff" packets on both windows and linux, I don't know about Mac as I don't have any personal experience, but I am sure there are. Packets are encrypted by default but this does not mean that the decryption cannot be broken. Obviously some "security expert" thought that his ingenious encryption was better than the industry standard (it isn't).

The packet tracer this man was using is obviously custom written since all it displays are the hole cards. This means that he(they, whomever they may be) has/have written a program that looks for specific packets (say pattern xyzxyz for example) decrypts the packet to display the hole card information. Thus the hole cards are shown.

The amazing part is I am sure packets can be sniffed like this from FTP and Pokerstars too, it is just a matter of cracking the encryption, and since Stars and FTP use what is probably the industry standard(or better) I don't think there is too much of a worry there.

As he said this is an issue with wired networks as well, but the problem is wireless, because as I said teh hacker/script kiddie doesn't even need access to your net, just to be able to read your SSID. With wired network they will have to breach the physical security that is your front door, and hopefully we don't let that happen. This doesn't mean it can't, just that it is more unlikely.

Hope this helps.

Cheers

[Talking Poker]

The latest from UB: