Source Engine Exploits +2 ( Need Help). Steam id Stealing?

get your superiourity here ! be an offline or online GOD of the game. infinite ammo, unlimited nitro, turbo boost, god mode, you name it !
Post Reply
vegeta777
Newbie..
Newbie..
Posts: 2
Joined: Thu Aug 28, 2014 11:46 am

Source Engine Exploits +2 ( Need Help). Steam id Stealing?

Post by vegeta777 »

Hey.

a week ago there was a hacker in NotD community, which was banned and could get back in i don't know how but he just hijacks a user session to takeover his id and the original id owner will just get disconneted, For this the Coder Of NotD "JzServices" coded an anti-steam-stealing which is

Code: Select all

//Simple Booter

#include <sourcemod>
#include <sdkhooks>

#define VERSION "1.0.0b"

public Plugin:myinfo =
{
    name = "Simple Booter", 
    author = "JZServices", 
    description = "Source Bugfix", 
    version = VERSION, 
    url = "http://www.notdcommunity.com"
};

public OnClientPutInServer(client)
{
	if (!IsFakeClient(client))
	{
		new bool:matched=false;
		decl String:clientsteamid[64];
		GetClientAuthString(client,clientsteamid,sizeof(clientsteamid));
		for (new x=1;x<MaxClients;x++)
		{
			if (client==x){continue;}
			if (IsClientConnected(x))
			{
				decl String:playersteamid[64];
				GetClientAuthString(x,playersteamid,sizeof(playersteamid));
				if (StrEqual(clientsteamid,playersteamid,false))
				{
					PrintToServer("Matched player %N - %s and %N - %s",client,clientsteamid,x,playersteamid);
					ServerCommand("kickid %d", GetClientUserId(x));
					matched=true;
				}
			}
		}
		if (!matched){PrintToServer("Player %N - %s validated",client,clientsteamid);}
	}
}
Also,Look At this, i found something Very odd.

http://sourcebans.clanfng.com/index.php ... %01&Submit

STEAM ID : PC
Steam Community : 76561197960265728
he keeps getting banned and it's no use.


and it's probably not patched due to searching : 76561197960265728
gives u alot of sourceban bans.

the most recent one (of my searching ofc) is on 7-31-2014

http://thechurchofthedeag.com/bans/inde ... Type=steam

and i don't Think these are Nonsteam because i've logged on to them + they are Vac-Secured.


Second thing.

there is an exploit where u manipulate the spray to make Valve Engine crash.
it was released in 2013 and still not fixed (although not popular nor known).

but i really don't understand how to do it exactly.

Would you guys check this out?.

Links:
http://steamcommunity.com/app/440/discu ... 612450847/

Youtube Demostration:


PS: are there any remote or file upload exploits in CSS yet?, since i have a VAC-bypass method that would bypass all bans but if i got rcon banned i can't log in back :-(.


Thanks.
User avatar
Sethioz
Admin
Admin
Posts: 4762
Joined: Fri Jul 27, 2007 5:11 pm
Custom: Gaming YT > https://youtube.com/SethiozEntertainment
Game Hacking YT > https://youtube.com/sethioz
Game Hacks Store > https://sethioz.com/shopz
Location: unknown
Contact:

Re: Source Engine Exploits +2 ( Need Help). Steam id Stealin

Post by Sethioz »

Umm you mean he got banned from community?
That session hijacking is common, it's basically if you steal somebody's cookie and use it, you will be logged in as another user, steam might take some stuff from your client side, so it appears like you still use your own name / profile, but it actually uses other person's profile with your visual info?
I haven't looked into this at all, so not sure. Just from my experience that's how session stealing works. I've done it on some forums.

also i tested it on my own forum with a friend, he used my cookie stealer and i got his info, then i used cookie editor in firefox to edit mine and i was logged in as him, with his permissions.


as about exploits, i can't say much, but i asked Luigi (aluigi.org) to check this topic, in past he found some exploits in steam and source engine (i think), he might be able to tell more. I doubt he replies to this topic, but i sent him email and see what he says about it.
vegeta777
Newbie..
Newbie..
Posts: 2
Joined: Thu Aug 28, 2014 11:46 am

Re: Source Engine Exploits +2 ( Need Help). Steam id Stealin

Post by vegeta777 »

Oh so it's a bit difficult to do,Thanks mate.


i've already sended emails to alugi and Revuln( which i found out to be the same guy lol).


lets see what does he say about this.


Thanks Anyway Sethoiz, i appreciate it.
User avatar
Sethioz
Admin
Admin
Posts: 4762
Joined: Fri Jul 27, 2007 5:11 pm
Custom: Gaming YT > https://youtube.com/SethiozEntertainment
Game Hacking YT > https://youtube.com/sethioz
Game Hacks Store > https://sethioz.com/shopz
Location: unknown
Contact:

Re: Source Engine Exploits +2 ( Need Help). Steam id Stealin

Post by Sethioz »

it's all about motivation, i just don't find it interesting and i can't bother with it.
Post Reply