Poker-AI.org :: View topic - OCR v RE

Poker-AI.org http://poker-ai.org/phpbb/

OCR v RE http://poker-ai.org/phpbb/viewtopic.php?f=26&t=2668	Page 1 of 1

Author:	HontoNiBaka [ Sun Dec 15, 2013 1:53 pm ]
Post subject:	OCR v RE
ConvexPolytope wrote: even though it seems that most people use OCR rather than reading the data directly from memory I would love to read the data from memory, but to me it seems so extremelly hard, I guess I am more of a high level guy. And then there is not only getting the data, but also the stealth.

Author:	ConvexPolytope [ Mon Dec 16, 2013 12:21 pm ]
Post subject:	Re: Welcome and Hello
HontoNiBaka wrote: I would love to read the data from memory, but to me it seems so extremelly hard, I guess I am more of a high level guy. If you haven't done any reverse engineering and stuff like that, it is certainly a steep learning curve. Having said that, the difficulty depends a lot on the software and how the data is stored in memory. I haven't reversed any poker software, so I don't know about that. Quote: And then there is not only getting the data, but also the stealth. Stealth is certainly an issue. One could use stealth techniques that modern rootkits use to circumvent anti virus software. Fwiw, OCR is not stealth either. Taking screenshots every second has to be detectable.

Author:	spears [ Mon Dec 16, 2013 1:46 pm ]
Post subject:	Re: Welcome and Hello
ConvexPolytope wrote: Taking screenshots every second has to be detectable. Not if you use 2 machines or run the poker client in a vm

Author:	bpdummy666 [ Sat Mar 01, 2014 11:32 pm ]
Post subject:	Re: Welcome and Hello
ConvexPolytope wrote: HontoNiBaka wrote: Taking screenshots every second has to be detectable. But how can they detect it? (not using VM)

Author:	HontoNiBaka [ Thu Mar 06, 2014 8:16 pm ]
Post subject:	Re: OCR v RE
They could probably scan for winapi calls like printwindow. Then they will scan for other processes, automatic clicks etc. and they will make a very detailed scan, the screenshotting alone might not be enough to ban you, but they will find more. But seriously, how is it even possible to get the gamestate from PokerStars? I have been trying it for 2 days now and I made zero progress. I don't need it for a bot, but for something else. I monitor it with spy++ and with api monitor -> zero calls to winapi. I try to scan the memory, it has no real structure, its just 60 MB of random data to me. I just need the players, open seats and player labels in real time. I am willing to pay for someone to teach me how to do it.

Author:	Bliss [ Fri Mar 07, 2014 2:39 pm ]
Post subject:	Re: OCR v RE
Perhaps this points you in the right direction? http://webcache.googleusercontent.com/s ... th-windbg/

Author:	HontoNiBaka [ Tue Mar 11, 2014 10:25 am ]
Post subject:	Re: OCR v RE
Thank you. I downloaded windbg, it's a good tool. But unfortunatelly I couldn't solve my problem yet. I can search the memory for strings, but not much more. I am trying to break, when the memory changes, but I don't know, which memory addresses are relevant. I can get the dealer chat now and I can get handhistories, but I still can not get real time player names and stacks.

Author:	HontoNiBaka [ Mon Mar 24, 2014 9:57 am ]
Post subject:	Re: OCR v RE
Ok, I stopped trying to use memory scanning and read up about dll injection instead. I have managed to inject my dll with CreateRemoteThread. I also realized, that PS does have a normal message loop, it was only, that Spy++ didn't display it, because I was using the 64bit version and Stars is 32bit, with 32bit spy++ I can see all the messages. Now all that is left is detouring the relevant methods. I have already hooked the window message loop, but this will most likelly not be enough. I also thought about hooking DrawText, because I decompiled a tool for PokerStars and it seems it also hooks DrawText. With that I would probably have all the player names and stacks for all positions. Am I on the right track? I am also wondering, how I should detour the function. Microsoft Detours is not an option, because I might want to sell my software at some point. Would EasyHook be good? The alternatives would be to do it by hand, I was thinking about import address table manipulation, export address table manipulation and hot patching, any tipps as to which one to choose, or any other tipps?

Author:	shadehs [ Mon Mar 24, 2014 12:54 pm ]
Post subject:	Re: OCR v RE
Maybe this can help you, it's c# code for datamining. http://forumserver.twoplustwo.com/45/so ... ng-353393/ I didn't test it.

Author:	spears [ Mon Mar 24, 2014 1:41 pm ]
Post subject:	Re: OCR v RE
How do you hide the hooks?

Author:	HontoNiBaka [ Mon Mar 24, 2014 2:26 pm ]
Post subject:	Re: OCR v RE
I am not hiding them. I am not using them for botting, a few guys asked me to develop a software for them, it will do nothing forbidden.

Author:	spears [ Mon Mar 24, 2014 3:52 pm ]
Post subject:	Re: OCR v RE
HontoNiBaka wrote: And then there is not only getting the data, but also the stealth.

Author:	HontoNiBaka [ Mon Mar 24, 2014 4:17 pm ]
Post subject:	Re: OCR v RE
You are right, I wanted to use it for botting at first but it was too hard and I used OCR instead. I got interrested in RE again, when I started developing a poker tool, because here I will at least need no stealth, maybe that way it will be somehow possible to do it. It would still be way too hard with stealth. I admit, it's a little different, from when the topic started.

Author:	HontoNiBaka [ Mon Mar 24, 2014 9:05 pm ]
Post subject:	Re: OCR v RE
I was unable to do it with EasyHook, I downloaded MinHook instead: http://www.codeproject.com/Articles/443 ... king-Libra Now I can hook the winapi calls and the message queue, but I wonder if that will be enough. I have realized, that DrawText only gets called in some cases, for instance, when you hover over a name.

Author:	HontoNiBaka [ Tue Apr 08, 2014 8:40 pm ]
Post subject:	Re: OCR v RE
Ok, I think I am done. It was a very educational experience.

Page 1 of 1	All times are UTC
Powered by phpBB® Forum Software © phpBB Group http://www.phpbb.com/