The Internet Portal for Casino Security

Enterprise
· home
· about
· services
· advisories
· projects
· casinos
· links
 
Miscellaneous
·
·
·
 
Bookstore
TCP/IP Network Administration

Recommended Books
 
  
We are dedicated to stress the limits of your product by conducting innovative security assessments.

Random Logic LTD www.random-logic.com
GamblingSecurity's disclosure policy was put together by the security community and has been adopted by our company since 2002.

DATE OF CONTACT: 09 October 2002
 
UPDATE: 16 October 2002
GamblingSecurity has not been provided with assurances that the notification was received.
 
CURSORY SECURITY SOFTWARE ADVISORY FOR RANDOM LOGIC LTD
Abstract

A quick, high level, security review has been conducted on Random Logic gaming software. Due to DCMA restrictions, no reverse-engineering whatsoever has been performed. This obviously limits the extent of discoveries as more weaknesses could have been found.

Summary

Vulnerability #1 - Cleartext Communications

Cleartext facilitate the analysis and understanding of the protocol used by the application. It also leaves the network communications vulnerable to eavesdropping.

For instance, the registration process and the login process when requesting a deposit both perform cleartext authentication, thus leaving the user's password vulnerable. The user is also misled into thinking the software is establishing a secure communication when making a deposit/withdrawal transaction:

"Establishing a secure communication with the InterSafe Global Server"

Vulnerability #2 - Flawed Authentication Process

It is possible to bypass the authentication process, thus login as any users without ever knowing their password. The "redirect message" (41327) in the authentication process is responsible for this vulnerability.

Vulnerability #3 - Impersonating the authentication server

It is possible to impersonate the authentication server in order to steal the user's credentials, and possibly decrypt the user's password. In this case, it would have been useful to reverse-engineer the application to determine how the password is manipulated (hashed or encrypted).

Vulnerability #4 - Replay Attack

It is possible, either after eavesdropping the network communication or after impersonating the authentication server, to use the user's credentials to impersonate the user without ever knowing his password.

This attack extends to any encrypted data. For instance, a malicious user could use someone else credit card without ever knowing the actual number. Although it could be tracked down to the fraudster account, it affects the casino's and the regulator's credibility.

Vulnerability #5 - Sequential Creation of User ID

It is possible to determine the user id of other users as it is a sequential number.
  
Latest Advisory
9 October 2002
REALTIME GAMING www.casino-on-net.com
 
News Archives

· Hackers Heaven: Online Gambling
· Internet Gambling Software Flaw Discovered
· Discover a security flaw? Get a lawyer
· A sure bet: Internet gambling is loaded with risks
· Risks to Casinos
· Online Gambling Is a Bad Bet


Share the news

 
All logos and trademarks in this site are property of their respective owner. All the rest are © Copyright GamblingSecurity 2002.