Luigi Auriemma

aluigi.org (ARCHIVE-ONLY FORUM!)
It is currently 19 Jul 2012 11:41

All times are UTC [ DST ]





Forum locked This topic is locked, you cannot edit posts or make further replies.  [ 25 posts ] 
Author Message
 Post subject: Pokerstars/PartyPoker Password Recovery
PostPosted: 20 Jun 2009 13:36 

Joined: 06 Feb 2008 18:33
Posts: 5
anybody knows something about it/how does it works?

regards from Germany


Top
 Profile  
 
 
 Post subject: Re: Pokerstars/PartyPoker Password Recovery
PostPosted: 20 Jun 2009 18:10 

Joined: 13 Aug 2007 21:44
Posts: 4068
Location: http://aluigi.org
I'm working on them just in this moment, PokerStars is practically finished so remains the other to watch.
I will update the thread when I will release the password recovery tools


Top
 Profile  
 
 Post subject: Re: Pokerstars/PartyPoker Password Recovery
PostPosted: 20 Jun 2009 19:20 

Joined: 24 Sep 2007 02:12
Posts: 1114
Location: http://sethioz.co.uk
Luigi what hash does pokerstars use ? the password hash i mean (md5 ..etc)


Top
 Profile  
 
 Post subject: Re: Pokerstars/PartyPoker Password Recovery
PostPosted: 20 Jun 2009 21:03 

Joined: 13 Aug 2007 21:44
Posts: 4068
Location: http://aluigi.org
and I have finished the job also with PartyPoker, time for a pizza and then release


Top
 Profile  
 
 Post subject: Re: Pokerstars/PartyPoker Password Recovery
PostPosted: 21 Jun 2009 09:28 

Joined: 13 Aug 2007 21:44
Posts: 4068
Location: http://aluigi.org
released: http://aluigi.org
note that I'm not 100% sure if I have missed something in the generation of the local key of pokerstarspwd so try it and let me know if the password is decrypted correctly.
use this thread for reporting any problem about the pokerstarspwd and partypwd


Top
 Profile  
 
 Post subject: Re: Pokerstars/PartyPoker Password Recovery
PostPosted: 21 Jun 2009 12:49 

Joined: 06 Feb 2008 18:33
Posts: 5
Godlike!

partypwd: works fine!

pokerstarspwd: i got no file named "user.ini" !?


Top
 Profile  
 
 Post subject: Re: Pokerstars/PartyPoker Password Recovery
PostPosted: 21 Jun 2009 16:30 

Joined: 13 Aug 2007 21:44
Posts: 4068
Location: http://aluigi.org
have you checked if "user" or "user.ini" is available in C:\Program Files\PokerStars or C:\Users\USERPROFILE\AppData\Local\PokerStars or %APPDATA%\PokerStars ?
as far as I know user.ini is the only location where is stored the password when you choose to save it


Top
 Profile  
 
 Post subject: Re: Pokerstars/PartyPoker Password Recovery
PostPosted: 22 Jun 2009 14:22 

Joined: 06 Feb 2008 18:33
Posts: 5
ahhh i found them in "AppData\Local\PokerStars", works fine to. Big Thx!


Top
 Profile  
 
 Post subject: Re: Pokerstars/PartyPoker Password Recovery
PostPosted: 23 Jun 2009 21:48 

Joined: 16 Jan 2009 22:16
Posts: 19
Lol i was working on doing this the other day. Now that your working on this any chance to figure out Fulltilts poker algorithm? (Most popular poker room)


Top
 Profile  
 
 Post subject: Re: Pokerstars/PartyPoker Password Recovery
PostPosted: 23 Jun 2009 23:14 

Joined: 13 Aug 2007 21:44
Posts: 4068
Location: http://aluigi.org
I have released fulltiltpwd some hours ago before your post :)


Top
 Profile  
 
 Post subject: Re: Pokerstars/PartyPoker Password Recovery
PostPosted: 24 Jun 2009 00:23 

Joined: 16 Jan 2009 22:16
Posts: 19
Sorry i missed it, nice work


Top
 Profile  
 
 Post subject: Re: Pokerstars/PartyPoker Password Recovery
PostPosted: 12 Jul 2009 11:32 

Joined: 12 Jul 2009 11:26
Posts: 5
Hey luigi,
first off nice work on all the projects you've released man, you're truely a gifted reverse engineer.I tested out the FullTilt which works fine, but the pokerstars failed to decrypt the password correctly. Afaik most the poker games update weekly so something could of gave changed.

i'm on xp and I found the user.ini at C:\Program Files\PokerStars\user.ini and it returned

Code:
* PASSWORD: ??0???????????M&????????????????#???????????7??????b?????????m
??????

* this is the exact decrypted password as is without removing the username
  usually concatenated after the real password (like passwordusername)


Top
 Profile  
 
 Post subject: Re: Pokerstars/PartyPoker Password Recovery
PostPosted: 12 Jul 2009 11:51 

Joined: 13 Aug 2007 21:44
Posts: 4068
Location: http://aluigi.org
I have updated PokerStars in this moment but the algorithm is still the same.
the only reasons for which the password is decrypted wrongly are:
- the method used to retrieve the key emulated by me in pokerstarspwd is incomplete (it's possible although strange)
- something has been changed in your configuration, like id of the c: partition or network interfaces (like changing a mac address or adding a new device)

is that password correctly saved on your computer?
I mean, when you launch PokerStars can you login automatically and the password is hidden under the asterixes?


Top
 Profile  
 
 Post subject: Re: Pokerstars/PartyPoker Password Recovery
PostPosted: 12 Jul 2009 20:28 

Joined: 12 Jul 2009 11:26
Posts: 5
Thanks aluigi,
It might be the hardware thing, the password is saved on my system and can let me auto login, i'm going to install pokerstars in vmware and test this out in abit and report back the results.


Top
 Profile  
 
 Post subject: Re: Pokerstars/PartyPoker Password Recovery
PostPosted: 12 Jul 2009 22:20 

Joined: 13 Aug 2007 21:44
Posts: 4068
Location: http://aluigi.org
well in this case it's for sure something missing in my code which calculates the local key.

in the meantime I have attached the same manifest file of PokerStars which so let pokerstarspwd to act (talking about permissions) with the same limitations of PokerStars.
put it in the same folder of pokerstarspwd.exe and check if the decrypted password is still wrong.

unfortunately at the moment I don't have idea of what other field could be missed in the calculation of the key but I will verify again.
thanx for having reported the problem.


Attachments:
File comment: pokerstarspwd.exe.manifest
manifest.zip [501 Bytes]
Downloaded 162 times
Top
 Profile  
 
 Post subject: Re: Pokerstars/PartyPoker Password Recovery
PostPosted: 13 Jul 2009 02:14 

Joined: 12 Jul 2009 11:26
Posts: 5
Hey aluigi,
I installed pokerstars in vmware and your tools successfully recovers the password!(manifest wasn't needed), so it probably failed on my regular system due to me changing a hardware id or something. Thanks for your help


Top
 Profile  
 
 Post subject: Re: Pokerstars/PartyPoker Password Recovery
PostPosted: 13 Jul 2009 09:45 

Joined: 13 Aug 2007 21:44
Posts: 4068
Location: http://aluigi.org
the fact is that you have said that you can autologin which means that the password is stored and read correctly by PokerStars, so it's a fault in my tool


Top
 Profile  
 
 Post subject: Re: Pokerstars/PartyPoker Password Recovery
PostPosted: 29 Oct 2009 05:33 

Joined: 29 Oct 2009 05:26
Posts: 1
Hi Luigi / All -

I'm trying to recover a partypoker.net password since their password reset functionality (at partypoker) appears to be down and I can't really contact anyone for support there. Even their info@partypoker.net address just points me to the FAQ, and their FAQ lists simple enough steps to reset/recover a password---none of which works. Always times out. So...

On my computer, is the password stored somewhere, encrypted? I downloaded partypwd.exe and tried to just run it without any arguments/switches (so I could hopefully know what the valid options/switches are for how to actually use the program), but it just lists Luigi's name, email and web site, followed by 'press RETURN to exit'.

Can I 'use' this program to recovery a locally stored (somewhere on my computer) password for PartyPoker.net? Thanks for any confirmation/details!


Top
 Profile  
 
 Post subject: Re: Pokerstars/PartyPoker Password Recovery
PostPosted: 29 Oct 2009 12:16 

Joined: 13 Aug 2007 21:44
Posts: 4068
Location: http://aluigi.org
yes the tool is exacly a local password recovery which shows the plain-text password after having decrypted the one stored in the computer.

now judging the result of the tool on your computer I guess that you don't have the password saved because even if it was wrong the tool would have showed something.

you can check it also manually launching regedit and going in HKEY_CURRENT_USER\Software\PartyGaming and you should see some "Password" fields in the sub-keys.
if they don't exist or are empty means that the password is not stored locally.


Top
 Profile  
 
 Post subject: Need help
PostPosted: 01 Dec 2010 00:57 

Joined: 01 Dec 2010 00:49
Posts: 2
Trying to compile source.
Quote:
C:\MinGW\bin>gcc -o pokerstarspwd.exe pokerstarspwd.c -lgdi32 -lnetapi32 -libcrypto
c:/mingw/bin/../lib/gcc/mingw32/4.5.0/../../../../mingw32/bin/ld.exe: cannot find -libcrypto
collect2: ld returned 1 exit status

Where can I find this libcrypto ?
I downloaded and installed OpenSSL-Win32, but there no libcrypto anyway.
Help plz.


Top
 Profile  
 
 Post subject: Re: Pokerstars/PartyPoker Password Recovery
PostPosted: 01 Dec 2010 01:35 

Joined: 13 Aug 2007 21:44
Posts: 4068
Location: http://aluigi.org
-lcrypto or alternatively the full path of libcrypto.a


Top
 Profile  
 
 Post subject: Re: Pokerstars/PartyPoker Password Recovery
PostPosted: 01 Dec 2010 02:02 

Joined: 01 Dec 2010 00:49
Posts: 2
Can U plz upload libcrypto.a at rapidshare.com ?
I can't find it in C:\MinGW\ or C:\OpenSSL-Win32\


Top
 Profile  
 
 Post subject: Re: Pokerstars/PartyPoker Password Recovery
PostPosted: 01 Dec 2010 08:52 

Joined: 13 Aug 2007 21:44
Posts: 4068
Location: http://aluigi.org
if you don't see libcrypto.a you should see libcrypto.lib.
anyway you can take an old version of ssl (don't worry doesn't matter in this case) here:
http://downloads.sourceforge.net/gnuwin ... -1-lib.zip


Top
 Profile  
 
 Post subject: Re: Pokerstars/PartyPoker Password Recovery
PostPosted: 10 Dec 2010 20:30 

Joined: 10 Dec 2010 08:48
Posts: 1
I'm getting lots of errors for compile in dev c++, I've linked libcrypto.a and still getting lots of errors...

Do I need link other libs?

Can you compile the code (without the waits) and upload it please?


Top
 Profile  
 
 Post subject: Re: Pokerstars/PartyPoker Password Recovery
PostPosted: 12 Dec 2010 19:58 

Joined: 13 Aug 2007 21:44
Posts: 4068
Location: http://aluigi.org
Code:
           pokerstarspwd.exe
  Offset   |        no_wait.exe
-----------------------------
00000773   E8       90
00000774   18       90
00000775   87       90
00000776   03       90
00000777   00       90


Top
 Profile  
 
Display posts from previous:  Sort by  
Forum locked This topic is locked, you cannot edit posts or make further replies.  [ 25 posts ] 

All times are UTC [ DST ]


You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot post attachments in this forum

Search for: