The 800lb gorilla in the room

For general discussion of the Poker Mavens software
Kent Briggs
Site Admin
Posts: 5626
Joined: Wed Mar 19, 2008 8:47 pm

Re: The 800lb gorilla in the room

Post by Kent Briggs »

navels wrote:Do we know that this prevents the specific exploit that prompted this thread?
Yes, the exploit modified the client Javascript that was stored inside the server's executable file. The server now verifies its own digital signature and shuts down if it detects any change. I mentioned this in the PFA thread last year.
Kent Briggs - [email protected]
Briggs Softworks - http://www.briggsoft.com
Kent Briggs
Site Admin
Posts: 5626
Joined: Wed Mar 19, 2008 8:47 pm

Re: The 800lb gorilla in the room

Post by Kent Briggs »

By the way, here's how you can detect a site that hacked their own server with modified Javascript. Load the poker client. You do not need to log in. Press Ctrl-U in your browser to show the source HTML. Look for this script tag:

Code: Select all

src="Source?Name=PokerMinJs&Ver=6.31&Crc=7C27A36E" type="text/javascript"
Click that link to display the compressed Javascript. Press Ctrl-F and do a search on "http" to look for links to external servers. The only one you should find is http://www.briggsoft.com which is tied to my background logo.
Kent Briggs - [email protected]
Briggs Softworks - http://www.briggsoft.com
navels
Posts: 9
Joined: Fri Mar 17, 2017 11:19 am

Re: The 800lb gorilla in the room

Post by navels »

Kent Briggs wrote:
navels wrote:Do we know that this prevents the specific exploit that prompted this thread?
Yes, the exploit modified the client Javascript that was stored inside the server's executable file. The server now verifies its own digital signature and shuts down if it detects any change. I mentioned this in the PFA thread last year.
Thanks!
ftpjesus
Posts: 150
Joined: Fri Dec 30, 2016 1:54 am

Re: The 800lb gorilla in the room

Post by ftpjesus »

Got a guy emailing me about this exploit earlier this week.. I told him I was curious since the developer had patched that capability out in 2020 with the signature file verification... crickets on a response still.. :D
Owner Operator of (TBA)
http://www.( TBA ) .com (Home Page)
http://www. (TBA) .net (Play Money)
http://www. (TBA) .eu (BTC Token tied currency and Stable Coins through Crypto quasi real money play)
Post Reply