Image Image Image




Post new topic Reply to topic  [ 20 posts ] 
Author Message
 Post subject: SNGEGT and stealth
PostPosted: Fri Sep 19, 2008 7:47 pm 
Offline
New member
User avatar

Posts: 4
Favourite Bot: mine
Is it possible for SNGEGT to read poker client running across network; different drive, etc.?

I'll be honest, I want to "stealth" its use if possible while I am testing it out and learning.

I presently have PT2 (not 3) working with importing files across network, etc. Not hiding anything there it just makes better use of network resources for me using 3 workstations.


Thanks


Top
 Profile  
 
 Post subject: Re: Network install
PostPosted: Fri Sep 19, 2008 8:02 pm 
Offline
PokerAI fellow
User avatar

Posts: 7731
Favourite Bot: V12
To be honest, I never really looked in much details in how the SNGEGT interaction with the casinos is implemented. I mostly looked at the ICM/Nash calculator parts.

So I don't know of how much SNGEGT relies on win32 to obtain information, and how much do they rely on screen scraping. If someone is willing to make a short introduction on that then I can chime in with the stealthing.

If they use a combination of win32 plus screen scraping, then something like the winholdem bring program for 2-computer setups will be useful. But bring is detected by PokerStars.

If they rely solely on screen scraping - there are better alternatives. But I will most probably not discuss them in here, or decide at later point.

_________________
indiana


Top
 Profile E-mail  
 
 Post subject: Re: Network install
PostPosted: Fri Sep 19, 2008 8:25 pm 
Offline
New member
User avatar

Posts: 4
Favourite Bot: mine
Thanks Indiana

It is my understanding that FT and Party do screen scraping, but Stars does not. This is based purely on some things I have read on 2+2; not on any testing I have done.

I understand there is software to block screen scraping, but I've not checked it out.


Top
 Profile  
 
 Post subject: Re: SNGEGT and stealth
PostPosted: Fri Sep 19, 2008 8:33 pm 
Offline
PokerAI fellow
User avatar

Posts: 7731
Favourite Bot: V12
My queston was with regard what SNGEGT does, not what PS and FTP. PS and FTP can detect a program by numerous ways, so the best is to move this program to a second PC (if you want to go that way). How to move it - depends on what technique SNGEGT uses to obtain the game info.

_________________
indiana


Top
 Profile E-mail  
 
 Post subject: Re: SNGEGT and stealth
PostPosted: Fri Sep 19, 2008 9:35 pm 
Offline
New member
User avatar

Posts: 4
Favourite Bot: mine
indiana wrote:
My queston was with regard what SNGEGT does, not what PS and FTP. PS and FTP can detect a program by numerous ways, so the best is to move this program to a second PC (if you want to go that way). How to move it - depends on what technique SNGEGT uses to obtain the game info.


Well if there is anyway I can help in testing how to do that, just let me know.

Thanks again.


Top
 Profile  
 
 Post subject: Re: SNGEGT and stealth
PostPosted: Fri Sep 19, 2008 10:35 pm 
Offline
Level1 member
User avatar

Posts: 43
Favourite Bot: my own :P
zrabbit wrote:
indiana wrote:
My queston was with regard what SNGEGT does, not what PS and FTP. PS and FTP can detect a program by numerous ways, so the best is to move this program to a second PC (if you want to go that way). How to move it - depends on what technique SNGEGT uses to obtain the game info.

Well if there is anyway I can help in testing how to do that, just let me know.

Thanks again.

You could go through the SNGEGT source code, as I believe it's open source, and use it to figure out how it works.


Top
 Profile E-mail  
 
 Post subject: Re: SNGEGT and stealth
PostPosted: Fri Sep 19, 2008 11:15 pm 
Offline
Junior member
User avatar

Posts: 15
Favourite Bot: sngegt
sngegt uses win32 to detect the tables and then screen scraping to get the data from the tables. It reads button position, bets, stacks and own hole cards. That's it. Nothing post flop.


Last edited by guus on Fri Sep 19, 2008 11:19 pm, edited 1 time in total.

Top
 Profile E-mail  
 
 Post subject: Re: SNGEGT and stealth
PostPosted: Fri Sep 19, 2008 11:18 pm 
Offline
PokerAI fellow
User avatar

Posts: 7731
Favourite Bot: V12
That's what I thought, looking at your fix and the instructions how to setup.

This means that something like WH/bring is the easiest option, but this is detected by PS/FTP, so if you want to protect yourself etc - there should be additional protection of the bring.

_________________
indiana


Top
 Profile E-mail  
 
 Post subject: Re: SNGEGT and stealth
PostPosted: Fri Sep 19, 2008 11:20 pm 
Offline
Junior member
User avatar

Posts: 15
Favourite Bot: sngegt
indiana wrote:
That's what I thought, looking at your fix and the instructions how to setup.

This means that something like WH/bring is the easiest option, but this is detected by PS/FTP, so there should be additional protection of the bring.

Isn't there a guide on how to 'ninja' bring somewhere on the wh forums?


Top
 Profile E-mail  
 
 Post subject: Re: SNGEGT and stealth
PostPosted: Fri Sep 19, 2008 11:30 pm 
Offline
PokerAI fellow
User avatar

Posts: 7731
Favourite Bot: V12
I guess so, also there was a document circulating on how to stealth your bring. I guess if you just use the scraper, and click yourself (so not use in a bot) - this might be sufficient. But if you go for a bot with such setup - it's easy bust.

But even just for the scraping over bring I'm not 100% it's stealthy enough.

It's easy to come up with a stealthy setup, I'm pretty sure, but I won't have the time to design it, so for whomever go that route - his account will be under risk.

You can try as a first step (or someone) get SNGEGT running over bring.

_________________
indiana


Top
 Profile E-mail  
 
 Post subject: Re: SNGEGT and stealth
PostPosted: Fri Sep 19, 2008 11:33 pm 
Offline
Senior member
User avatar

Posts: 139
Favourite Bot: my own ;-)
Is there a link someone knows of that goes into depth on how bring works? I'm curious.

I can't believe that someone hasn't written a replacement for a simple remote screen capture application. I know that there is a lot of code out there that does similar things. I'm just not familiar enough with the operations of bring.exe.


Top
 Profile E-mail  
 
 Post subject: Re: SNGEGT and stealth
PostPosted: Fri Sep 19, 2008 11:39 pm 
Offline
PokerAI fellow
User avatar

Posts: 7731
Favourite Bot: V12
robotdog wrote:
Is there a link someone knows of that goes into depth on how bring works? I'm curious.

I can't believe that someone hasn't written a replacement for a simple remote screen capture application. I know that there is a lot of code out there that does similar things. I'm just not familiar enough with the operations of bring.exe.


That's all about bring:
http://www.winholdem.net/bring/

I also wonder that no one has written a replacement. But it's also a question, why write another one, beside the ability to recompile it.

I think as of now now casino detects bring by code patterns, so rewriting it isn't really motivated. On the other hand bring is just too popular and know to be used for such thing, so alternative is in the norm :)

_________________
indiana


Top
 Profile E-mail  
 
 Post subject: Re: SNGEGT and stealth
PostPosted: Sat Sep 20, 2008 12:05 am 
Offline
Senior member
User avatar

Posts: 139
Favourite Bot: my own ;-)
Thanks, I've read that already and didn't have too many details. I guess I'll have to play with it myself.

Being able to create a version that wasn't detected by the CC would probably be very useful as long as it worked with existing servers/backends. Also being able to extend it with new features (stealth, even) would be cool as well.

They created open holdem whynot OpenBring. :D


Top
 Profile E-mail  
 
 Post subject: Re: SNGEGT and stealth
PostPosted: Sat Sep 20, 2008 9:07 am 
Offline
Junior member
User avatar

Posts: 15
Favourite Bot: sngegt
indiana wrote:
It's easy to come up with a stealthy setup, I'm pretty sure, but I won't have the time to design it, so for whomever go that route - his account will be under risk.

The very first step is someone to try to get SNGEGT running over bring.

I agree with you that it shoud be easy to come up with some stealthy setup, but I'm also not willing to risk accounts and invest my time in this at the moment.


Top
 Profile E-mail  
 
 Post subject: Re: SNGEGT and stealth
PostPosted: Sat Sep 20, 2008 11:00 pm 
Offline
Junior member
User avatar

Posts: 32
Favourite Bot: Akhs
indiana wrote:
I guess so, also there was a document circulating on how to stealth your bring.


there was a document on how to stealth poker android or other bot with using rootkit. i have it pm me and i will send it to you.


Top
 Profile E-mail  
 
 Post subject: Re: SNGEGT and stealth
PostPosted: Thu Oct 02, 2008 3:25 pm 
Offline
Senior member
User avatar

Posts: 206
Favourite Bot: i7 860
Bring doesn't do any compression to my knowledge. One more reason to have open-source alternative which every one could mutate to be distinguishable. There are most likely some bring variations built by some botters here, but it is understandable why there's little value in sharing something like that. Is there enough initiative to build something like this? It would be good to have this as part of the OH project, bigger user audience, more peer review/collaboration power.

The most basic version would require a server that accepts incoming tcp/ip connections and creates new window for each incoming request. The protocol would require support of sending image data (optionally losslessly compressed) and some ping-ack initiating request. Another packet type could be reserved for sending window's information (dimensions, title). Client side would be a simple window enumerator, and lets you choose which windows are send (with optionally some parameters with update interval, like in bring). I personally haven't used much bring, more experienced users could address another design problems with bring.

AKH, could you please PM this document? Thank you.


Top
 Profile E-mail  
 
 Post subject: Re: SNGEGT and stealth
PostPosted: Thu Oct 02, 2008 5:42 pm 
Offline
PokerAI fellow
User avatar

Posts: 7731
Favourite Bot: V12
Bring is detectable approach. Especially open source version will be easily detectable by any site that is determined in doing this. Even if it is doing mutation, knowing the source code makes detection of the executable much easier.

_________________
indiana


Top
 Profile E-mail  
 
 Post subject: Re: SNGEGT and stealth
PostPosted: Thu Oct 02, 2008 6:57 pm 
Offline
Senior member
User avatar

Posts: 206
Favourite Bot: i7 860
The standard stealthing measure being running the bring as stealth user within the restricted casino user account, how is it even possible to scan bring's memory for known patterns when you can't (atleast legally) access it's memory (should be protected)?


Top
 Profile E-mail  
 
 Post subject: Re: SNGEGT and stealth
PostPosted: Thu Oct 02, 2008 8:26 pm 
Offline
PokerAI fellow
User avatar

Posts: 7731
Favourite Bot: V12
Well I won't recommend to anyone using restricted casino account at first place. That's a serious hint for casinos. It happens on humans to run under restricted account too, but it has a lot of weight in detecting bots.

_________________
indiana


Top
 Profile E-mail  
 
 Post subject: Re: SNGEGT and stealth
PostPosted: Sat Jul 17, 2010 9:24 pm 
Offline
Junior member
User avatar

Posts: 15
Favourite Bot: none jet
could vista/win 7's user account control help to prevent the casino from reading the process memory of bring, altough it's running in a user account with admin rights?


Top
 Profile E-mail  
 
Display posts from previous:  Sort by  
Post new topic Reply to topic  [ 20 posts ] 


Who is online

Users browsing this forum: No registered users and 2 guests


You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot post attachments in this forum

Search for:
Jump to: