Casino Tips By Online Casino Admin

Cereus Poker: A New Glitch Software

This article was written by: Jannah Strat for Celebrity Poker Players

Email Jannah

Jannah Strat is an efficiently writer from Las Vegas, Nevada, USA. She's writes anything that has to do with online gambling. She tackles all about Casino Games, Poker Players and Sports Betting. She also owns two blogs about some of the best and hottest Poker Players and her blog about Celebrity Poker Players.

Absolute Poker and Ultimate Bet have joined forces to become the Cereus Poker Network. Both AbsolutePoker and UltimateBet poker share tables, software, and players. 

They are now one Cereus Poker site. This has created a great opportunity for rakeback players seeking Cereus Poker Rakeback. If you have an existing account at Absolute Poker, you can simply sign up for Ultimate Bet rake back. If you have an existing account at Ultimate Bet you can sign up for Absolute Poker rake back.

Poker Table Ratings informed the online poker community that it had “cracked the code” for both Cereus Poker Network sites, UB and Absolute Poker. PTR informed the network that it was able to find a software flaw that could allow would be hackers to see a player’s hole cards.

This time around the Cereus Network was quick to issue a statement, through COO Paul Leggett, on the matter:

One hour ago, I learned about an article posted today on Poker Table Ratings (PTR) regarding an issue with the local encryption that we use on the Cereus Poker Network.”

For those of you not familiar with the issue, PTR was able to crack our local encryption method.”

I wanted to blog to make sure our players and the poker community know how seriously we take this issue.”

I would like to start by reminding everyone that someone would have to have the technical capabilities to crack the encryption method we currently use and they would also have to hack into your local network in order to gain access to sensitive [player gaming] data. We are currently working on implementing a new encryption method and we expect to have it live in a matter of hours.”

PokerTableRatings has discovered a critical flaw in the Cereus Poker software which affects both Absolute Poker and Ultimate Bet, allowing an attacker to hijack victim’s poker accounts and display their hole cards in real time. We have alerted the Cereus Network to this vulnerability, providing them with source code necessary to demonstrate the problem. We hope our e-mail and this bulletin are sufficient motivation for them to fix the problem. 

We have no way of knowing if this exploit has been discovered and used to steal from Cereus users, but it seems unlikely. It is our hope that this information will allow Cereus users to protect themselves. The issue in general terms is that rather than using industry standard SSL encryption Cereus has used a custom form of encoding (not encryption) which can be cracked using the windows calculator. 
For interested readers we’ve explained the vulnerability in as non technical of a manner as we could below, otherwise you can skip ahead to the section entitled “Risk Levels for Players.” The sites did update their software and promised a more permanent solution by switching from XOR encryption, to the industry standard SSL
When logging into a poker client on your PC what is actually happening behind the scenes is a connection is established to the servers owned and operated by the poker network. This connection is used to transmit all data between your PC and the servers, including sending your username and password, betting actions, and your hole cards. 
On all poker networks this data is encrypted in a manner that would prevent any intercepted data from being used to gain access to your account, or steal your hole cards. This means essentially that the conversation is obscured to prevent eavesdropping, so that someone listening in cannot “hear” your password. 
Almost every poker network uses some implementation of the SSL protocol, which is the same type of security mechanism that everyone from banks to government agencies use to secure their data. There are several freely available implementations of this protocol including the open source OpenSSL . SSL is the industry standard, and is generally regarded as best practice for encrypting network transmissions.

The problem is that the Cereus Poker network does not use SSL to encrypt their communications; they use a custom form of encryption which is XOR-based. This form of encryption is known to be extremely weak, and in fact their particular implementation makes it particularly simple to decrypt network data due to an easily discoverable key.

In fact, the encryption that the Cereus Network employs isn’t so much encryption as it is encoding. To see how simple it is to decode this data, simply open up your windows calculator and set it on scientific mode. All that is really necessary to decode the data stream is the XOR button .

The requirement for this vulnerability to be exploited is network access. This means that if you are playing on an open wireless network, a cracked wireless network (something which is increasingly simple to do), or on a physical network which has been compromised – an attacker could dump the network traffic and exploit this vulnerability maliciously.

The implications of this vulnerability are that Cereus Poker accounts can be compromised and have their funds stolen and that an attacker could know the hole cards a Cereus Poker player is dealt in real time, then presumably exploit this knowledge to have an advantage against them at the poker tables. 
This attack can either be directed, in which a person who is known to play on the Cereus Network is targeted and exploited – or passive in which an entire network’s traffic is logged and communications to the Cereus Network servers are decrypted.

Wireless networks are particularly exploitable due to the ease with which they can be compromised without having physical access, only proximity to the victim. Indeed in many cases they won’t even need to be compromised because the wireless network is not encrypted.

Physical networks are also vulnerable to a variety of attacks, especially if the physical network is on a hub (instead of a switch) which allows an attacker to passively observe all network traffic. However a physical network can also be compromised by any network hops between a victims’s PC and the Cereus servers. They are also vulnerable to an ARP cache attack which can fool their PC into sending all network packets to an attacker’s PC which would then transparently relay the information to the router – resulting in uninterrupted internet access for the victim.

blog comments powered by Disqus