30 Dec 2013

Hacker deconstructs the Pokerstars protocol. Why not again ?

This blog article was recently posted on hacker news. It’s a breakdown of how one hacker deconstructed the pokerstars protocol, to be able to view the data being passed between client and server. It follows a new trend set by the Coding The Wheel articles in openly discussing methods and tools in building an online poker bot.
I tried a few different attempts at the IO layer (hooking the poker client directly, screenscraping (wrote a cool little library), etc) before settling on hacking the protocol directly. However, I also started getting into actually playing poker heavily, and I realized a little while ago that there’s no way this bot will be profitable (including my time) unless I throw years of work at it, so I’ve decided to release my knowledge publicly. I’ve not seen anyone reversing the PStars (or any other service, in fact) protocol publicly, so I’m hoping to help out there.
In layman’s terms: The build a poker bot, one hurdle to overcome is reading the game state (your cards, the board cards, when it’s your turn, the other opponents, their stacks, etc etc). The most common way to perform this is attempt to read the screen of the client, using OCR or pixel recognition. It’s a brute-force technique that is prone to errors such as changes to the layout, window resizing, and general inaccuracy.
A much smoother approach, if possible, is to read exactly what information the Pokerstars server is passing to the client. This stream of data will including everything needed to interface directly with the server, by-passing the need to read second-hand from the stars client.
In the conclusion of the blog post, the source code is shared. The result appears to be the ability to view the raw uncompressed stream of data, although there’s a long way to go to actually understanding and using the resultant feed. This is promised in future blog posts.
There’s few important points to take from this: firstly, that reversing the protocol doesn’t provide any additional information – your opponents hole cards, or future board cards, are not visible in this data stream. This information won’t provide an inherent advantage. The reason for this deconstruction is it makes it easier for bot-writers to read and react to the poker game. This isn’t a good thing, and stars hopefully takes steps to block this process. But there’s no direct gain from achieving this.
Secondly, it’s clear the writer undertook this work more out of academic interest rather than a monetary goal: he notes in the introduction that he soon realised writing a bot that it would take so much effort ('years’) to write a profitable bot that it just wasn’t worth it.
This is important. Whilst the bar of entry to writing a bot is so high, then there is no threat to sites being flooded with bots. It currently requires someone who is both an expert at programming and at poker strategy (along with various other 'skills’, such as tenacity to keep running it, high risk threshold to failure and seizure of funds, lack of morals etc) for a bot to be implemented. Off-the-shelf bot packages will never pose a real risk to the game, and bespoke designs are such complex and lengthy tasks that anyone skilled enough to attempt it should realise the time will be better and profitable spent at other endeavours (including learning to play poker well themselves).

Source:

0 comments:

Post a Comment