Note that a) these guys do this for a living and b) they were hired by casino executives to perform this breach.
Good read tho. Clearly the piece is designed to rope in non-industry people so there's a fair amount of basic shit being touted as Deep Witchcraft but its still educational:
https://www.netragard.com/hacking-ca...roday-exploits
"Birds born in a cage think flying is an illness." - Alejandro Jodorowsky
"America is not so much a nightmare as a non-dream. The American non-dream is precisely a move to wipe the dream out of existence. The dream is a spontaneous happening and therefore dangerous to a control system set up by the non-dreamers." -- William S. Burroughs
If I had to take a guess casinos are probably the most incompetent when it comes to that shit compared to any other industry that has that much money sloshing around...
again this is just knowledge from working at the shittiest one around so maybe I'm misgeneralizing here...
Originally Posted by GambleBotsChafedPenis
its actually fairly well regulated from what i understand but i have no first hand experience to back it up.
i know barry could speak more to the point here than me but the actual interior networks, eg the shit connecting all the machines for preserving an audit trail, all that shit is fairly robust / well monitored, because once you fuck up there and get dinged you get your compliance ratings yanked and effectively lose business continuity.
that said.
when youre talking about like, the wifi, the room networks, even their PoS / billing systems, that shit is the wild fucking west.
"Birds born in a cage think flying is an illness." - Alejandro Jodorowsky
"America is not so much a nightmare as a non-dream. The American non-dream is precisely a move to wipe the dream out of existence. The dream is a spontaneous happening and therefore dangerous to a control system set up by the non-dreamers." -- William S. Burroughs
Most slot/ video poker machines are glorified Windows XP terminals.
Someone I know was going to reprogram a players card with a fun looking python scripted payload.
The person chickened out since that would be risking getting blackballed and not being able to attend Blackhat and Defcon.
yeah guess I was talking about more the people than the system infrastructure...that shit I don't know anything about, although there was a lotta shit at the evil empire from an IT perspective that was fucked up...
its actually fairly well regulated from what i understand but i have no first hand experience to back it up.
i know barry could speak more to the point here than me but the actual interior networks, eg the shit connecting all the machines for preserving an audit trail, all that shit is fairly robust / well monitored, because once you fuck up there and get dinged you get your compliance ratings yanked and effectively lose business continuity.
that said.
when youre talking about like, the wifi, the room networks, even their PoS / billing systems, that shit is the wild fucking west.
yeah the POS stuff was LOL bad...we had micros (believe that's the name) and the shit was just crap...if I wanted to be able to pull up an outlets sales, it shouldn't take an act of god or some massive digging to be able to pull the data up...
it wouldn't surprise me if their infrastructure was fucked up...you definitely don't want to run afoul of regulations, but in places like NV/NJ I'm sure that wouldn't mean shit if they found anything bad...you start getting the feds pissed at you (the KYC shit) that's when the pain train starts...
There are currently 1 users browsing this thread. (0 members and 1 guests)
Reply With Quote