online poker - seeing other players' hands

[Tritz 0]

wasn't me, but i like him.

[MOMOwheeler 0]

Huh?  What just happened here?

Bluffs and tells; nothing nore, nothing less.

[Redrum 0]

I saw a demonstration on Monday by a very bright young man who was servicing my friend's computer that blew me away. He said it was relatively easy to play poker online and see the pocket cards of other  players at the table and when I pressed him (in disbelief) he demonstrated. He used my friend's wireless network and positioned 2 computers  side by side.  He had me log onto any poker site I played at (I chose Party Poker) and sit at a table of my choosing. I chose a $1-$2 Limit Hold-Em table and began playing. As I played he used the 2nd computer to access his own computer at home. He then used what he said was a Microsoft utility to identify the IP address of each player at the table. He then used his computer to access the IP address of 1 of the player's computers and get past the firewall (he said Norton's firewall was good - it would take him an extra 60 seconds to get past that - groan) and plant a utility of some sort on that player's computer. He then started typing (code? I'm no techie) like crazy and soon the 2nd computer sitting beside the one I was playing on showed the PP table and the players. Beside the name of player whose system he invaded were his 2 pocket cards! We watched long enough for that player to complete a few hands to a showdown to confirm that the pocket cards had been accurately displayed at the start of each hand. He then quickly shut everything down. This is an honest young man and he knew that he had done something inappropriate but he sure as hell proved to me that it could be done! No, he would NOT show us how to do it  :)He says that he's been told it can take up to an hour at the high limit tables for PP to identify this type of activity with their investigatory systems, and even more if the perp is smart about how he plays to avoid triggering any of PP's security tracking devices. One could easily pocket some handsome change in that time period.  I apologize for using a "dummy" ID to post this but I want to avoid any retaliatory action by PP.

Bullkakayou got your lie backwards. You'd have to go around the firewall before you could get the real ip addresses. But even if the other users were not protected,The biggest problem with the lie is, one would need to set up your own GUI to be able to see other peoples cards, you can't do that in a minute or 2, and I know you can't do it at all party poker software.The guy is a liar. But its a good story.

[Guest andibear]

It's not terribly difficult to sniff out an IP address

I hate people who make wildly crazy statements like this offhandedly and then base an argument on it. How do you figure out someone's IP address who is playing on a poker site? You can't, you just can't. The only way would be to ask them, and most people, were they to for some reason want to tell you, couldn't tell you anyway. You just can't "sniff out" an IP address of a random person on a poker site..

This is pretty much the end of this debate.I am alwaysone for open theory, however, we all know, and heard directly from the horses mouth that these poker sites will log you in, and send you required info when needed, (hands, and flops)The security is so ridiculous that you would have to hack PP or Poker stars to gain the info....and further more, if you had that info, why on earth would you waste your time playing them in poker, why wouldnt you get their account info, and simply chip dump their money to another account. etc....i rest my case

this is why i have a huge crush on you

[Royal_Tour 0]

this is why i have a huge crush on youI know, I'd be all over myself too

[psujohn 0]

He then used what he said was a Microsoft utility to identify the IP address of each player at the table.

Anyone with even the most basic understanding of how the internet works would know that this is complete and utter bullshit. Your computer connects to PP, your opponents computer connects to PP. The only way to get your opponents IP address is to hack the PP server. It's theoretically possible (though extremely unlikely) that someone could hack the PP server but the story as told is completely false.

[RayPowers 0]

Here I thought this would be a topic about Poker Office's cool new "See Mucked Hands" feature on its HUD. Imagine my suprise....Ray

[yeffy 0]

The biggest problem with the lie is, one would need to set up your own GUI to be able to see other peoples cards, you can't do that in a minute or 2, and I know you can't do it at all party poker software.

This is actually the easiest part of this whole story. NetOp installs in a minute or two, once it's on there....done. Full GUI with control.

[DDiabolical 0]

I only play when I can see my opponents cards. Otherwise, where's my edge?I direct them to a website, which both logs their IP and installs some spyware. Made it myself but it's based on NetCat so the port is hidden. I then check out their IP and connect to the port, bingo I can see their cards.Usually there can be a 20 second delay so it takes a while to see their cards preflop.

[delphi12 0]

I doubt someone could do that to me.    For one, I don't use Norton Firewall.    I've heard it's pretty difficult to break into someone's computer even if it isn't up to date on the patches.        This is a BS post.  However,  I believe that if you had cable internet and someone on the same network as you was also playing poker, you might be able to see their cards and also their desktop screen.    I've only heard this.    You use a packet sniffer or something and do it.

uhh.. not quite.. Definitely not their "desktop screen" as your screen does not go back and forth over your network (unless you are running something like RemoteControl). Also, your cards could be sniffed out, but alas it is encrypted. There was a story a while back that spoke of the problem with internet poker and that the ISP of the poker site has a LOT of power. If an unscrupulous person working at that ISP wanted to, he/she could in fact sniff all the packets going to each person on a table and (if he knew the encryption key) could in fact see all the data (ie hole cards of each person).

[DRskateNT 0]

As a network enginner for a very large company I can say that this is possible... but as someone previously said the part that seems sketchy is figuring out what their IP address is...... unless they crack PP's software.. which would be almost impossible considering their security has to be one of the best.Seriously though... Tritz.. there was no need to create a new screename. we all know how paranoid you are.

[The Czar 0]

wasn't me, but i like him.

If there's one thing this forum has taught me, it's that this can be done. Tritz's argument had no cracks and I can't see any here either. I'm going to call my computer tech tonight and head over to FCP for the Negreanu Open tonight. Look out boys and girls. Tritz, your dollar is on the way.

[kennyg1966 0]

yes, you can do this. not only is it against the rules of every site, it will get your ass arrested.

When do we start?lets go rob DreamClown and crew....Is this an alternate universe?Trace the OP IP and have him arrested.

Daniel has an extra 755k we could take.?

[SweetDaddyFreak 0]

wasn't me, but i like him.

poor Tritz, cant post or start threads without someone talking about Pokerstars programs or airplanes.At least your a semi-celebrity on here

[insano 0]

Again, not only is getting the IP of the users at your table impossible. But even "IF" (big if) you could get into someones computer via some security hole in the O.S. it would be impossible to search the memory to find the current value of the hole cards in the party poker client. The only way you could even do it is to put a trojan on the machine, and have it monitor all the network activity. And then report the results back, that is if it could decode the party poker packets. Which would mean you would have to have the party poker client source code. Good luck getting that!

[insano 0]

wasn't me, but i like him.

If there's one thing this forum has taught me, it's that this can be done. Tritz's argument had no cracks and I can't see any here either. I'm going to call my computer tech tonight and head over to FCP for the Negreanu Open tonight. Look out boys and girls. Tritz, your dollar is on the way.

No Holes!?!? NO HOLES?!?His posts could have been fucking swiss cheese. I swear. I need to be able to punch people in the face through the internet.

[violaman 0]

Alright, hackers, gimme your best shot. This is why I bought a macintosh!

[insano 0]

Alright, hackers, gimme your best shot. This is why I bought a macintosh!

Well, I guess not having any software does solve the hacking problem doesn't it?

[gkunit20 1]

Alright, hackers, gimme your best shot. This is why I bought a macintosh!

Well, I guess not having any software does solve the hacking problem doesn't it?

Why do you think I only play on my mac?

[Abbaddabba 0]

I hate people who make wildly crazy statements like this offhandedly and then base an argument on it. How do you figure out someone's IP address who is playing on a poker site? You can't, you just can't. The only way would be to ask them, and most people, were they to for some reason want to tell you, couldn't tell you anyway. You just can't "sniff out" an IP address of a random person on a poker site. Now having said that, the rest of this post is possible. If you DID have someone's IP address (like if you were in the same room with the person and could look it up), then this would be possible, if you are running some sort of operating system that's not up to date with security patches, and if you don't have a good firewall set up, etc. I have no doubt this goes on, but the trick is getting the spying software on the person's machine to begin with, which is not near a trivial feat.

This is true.But I can think of a few people who have access to our IP addresses and know what our poker account names are.... the FCP mods. :evil:

[stealfromblind 0]

The only way you could even do it is to put a trojan on the machine, and have it monitor all the network activity

you can't do this because all of the network traffic on party is encrypted. but your a fucking idiot if you can't realize that you could read the pixels in the party windows and do a "memory compare" to identify the cards. on another note this entire scenario is possible but there are a few exceptions. as another posted stated without a good amount of social engineering you wouldn't be able to get other players ip's at the table without hacking into party. you could however post "40% rake back promo at party poker at www.rakebackblah.com" and i'm sure a few players at the table would click it and you could have the website logging ip's, pretty simple. the part about gaining remote access after getting the ip well thats not as hard as it sounds, do a google search on the latest windows security issues. using the WMF exploit you wouldn't even need the player’s ip.

[insano 0]

The only way you could even do it is to put a trojan on the machine, and have it monitor all the network activity

you can't do this because all of the network traffic on party is encrypted. but your a fucking idiot if you can't realize that you could read the pixels in the party windows and do a "memory compare" to identify the cards. on another note this entire scenario is possible but there are a few exceptions. as another posted stated without a good amount of social engineering you wouldn't be able to get other players ip's at the table without hacking into party. you could however post "40% rake back promo at party poker at www.rakebackblah.com" and i'm sure a few players at the table would click it and you could have the website logging ip's, pretty simple. the part about gaining remote access after getting the ip well thats not as hard as it sounds, do a google search on the latest windows security issues. using the WMF exploit you wouldn't even need the player’s ip.

Wow. People get stupider every day. I would love to hear about how you would do this "pixel capture" and then "find" the cards from it. I can't wait.Oh, and before responding. Please keep this in mind. I will have a PHD within a year in Computer Science. I've spent years studying protocols you have probobly never heard of. Let have a go!

[DDiabolical 0]

The only way you could even do it is to put a trojan on the machine, and have it monitor all the network activity

you can't do this because all of the network traffic on party is encrypted. but your a fucking idiot if you can't realize that you could read the pixels in the party windows and do a "memory compare" to identify the cards. on another note this entire scenario is possible but there are a few exceptions. as another posted stated without a good amount of social engineering you wouldn't be able to get other players ip's at the table without hacking into party. you could however post "40% rake back promo at party poker at www.rakebackblah.com" and i'm sure a few players at the table would click it and you could have the website logging ip's, pretty simple. the part about gaining remote access after getting the ip well thats not as hard as it sounds, do a google search on the latest windows security issues. using the WMF exploit you wouldn't even need the player’s ip.

Wow. People get stupider every day. I would love to hear about how you would do this "pixel capture" and then "find" the cards from it. I can't wait.Oh, and before responding. Please keep this in mind. I will have a PHD within a year in Computer Science. I've spent years studying protocols you have probobly never heard of. Let have a go!

I'm guessing your PHd in CS is either a complete lie, or just a seriously seriously shitty university.You're a great example of the new workforce in IT, people who know something, but not a lot.I'm guessing you don't even have a clue what Pixel Capturing means, I'll explain it to you saving you a trip to Google.The idea being, you take a checksum of an area of the poker client where the cards are displayed, you send that checksum back to yourself where you have HDS982HD = AhH3BD7832 = AdetcIt's a very simple and effective way of "reading" the screen without having to actually see it. I've made a couple of poker and blackjack bots and this is the technique I use.The actual card displayed on screen is unique, so once you have the coordinates to look at you grab the checksum of that rectangle of the card and can compare it to the database of the 52 cards (which you would have previously collected) and can with that derive what the card is.Everything I described in my first post is possible, any piece of software can be tainted with a second application, that could lie in wait of a Party table opening, then grab the cards' checksum and send it out to a remote shell where you pick it up.

[insano 0]

The only way you could even do it is to put a trojan on the machine, and have it monitor all the network activity

you can't do this because all of the network traffic on party is encrypted. but your a fucking idiot if you can't realize that you could read the pixels in the party windows and do a "memory compare" to identify the cards. on another note this entire scenario is possible but there are a few exceptions. as another posted stated without a good amount of social engineering you wouldn't be able to get other players ip's at the table without hacking into party. you could however post "40% rake back promo at party poker at www.rakebackblah.com" and i'm sure a few players at the table would click it and you could have the website logging ip's, pretty simple. the part about gaining remote access after getting the ip well thats not as hard as it sounds, do a google search on the latest windows security issues. using the WMF exploit you wouldn't even need the player’s ip.

Wow. People get stupider every day. I would love to hear about how you would do this "pixel capture" and then "find" the cards from it. I can't wait.Oh, and before responding. Please keep this in mind. I will have a PHD within a year in Computer Science. I've spent years studying protocols you have probobly never heard of. Let have a go!

I'm guessing your PHd in CS is either a complete lie, or just a seriously seriously censored university.You're a great example of the new workforce in IT, people who know something, but not a lot.I'm guessing you don't even have a clue what Pixel Capturing means, I'll explain it to you saving you a trip to Google.The idea being, you take a checksum of an area of the poker client where the cards are displayed, you send that checksum back to yourself where you have HDS982HD = AhH3BD7832 = AdetcIt's a very simple and effective way of "reading" the screen without having to actually see it. I've made a couple of poker and blackjack bots and this is the technique I use.The actual card displayed on screen is unique, so once you have the coordinates to look at you grab the checksum of that rectangle of the card and can compare it to the database of the 52 cards (which you would have previously collected) and can with that derive what the card is.Everything I described in my first post is possible, any piece of software can be tainted with a second application, that could lie in wait of a Party table opening, then grab the cards' checksum and send it out to a remote shell where you pick it up.

Finally someone who actually (sort of) knows what they are doing.Pixel capturing is hardly what I would call what you were doing, but I guess i've heard worse references before.Running a program that would capture the PP client, pinpoint where someone is sitting, where the cards are located, etc... would be insanely difficult to accurately produce. Not only would you run into all sort of sync issues with the captures, but there is no guarantee from the client that the resizing of the PP windows is even accurate. There are a lot of unknowns that would be found only if examining the code of the PP client.I'm not saying that designing something like that is impossible. It certainly is not. But without looking at the PP source code? I don't know... Anyway, most of my argument was based on getting something like that installed on a machine with only knowing an IP. I'm sure I don't have to elaborate on how impossible that is.

[The Czar 0]

wasn't me, but i like him.

If there's one thing this forum has taught me, it's that this can be done. Tritz's argument had no cracks and I can't see any here either. I'm going to call my computer tech tonight and head over to FCP for the Negreanu Open tonight. Look out boys and girls. Tritz, your dollar is on the way.

No Holes!?!? NO HOLES?!?His posts could have been fucking swiss cheese. I swear. I need to be able to punch people in the face through the internet.

I hope you're kiding. Are we all so stupid that every post needs an sw? I mean, really, how obvious.