SteamID Grabber

[EriX920]

This app will get all SteamIDs that Steam has logged in with. The latest SteamID will be at the bottom of the list.

 

[tarantino]

very nice

 

[EriX920]

, tell me where the passwords are saved.

Nevermind I know, maybe I will make a password cracker :-O.

 

[.ISO]

PW is md5 hash encrypted i believe

 

[EriX920]

Nope, it's based on the individual machineGuid, Half life IO and product ID. Hackless is cookin something up you just wait .

Heres what I mean --

void get_key(u8 *keystr) {
#ifdef WIN32
    u8      ProductId[256],     // 24
            MachineGuid[256],   // 37
            io[256];            // 16

    if(regkey(
        HKEY_LOCAL_MACHINE,
        "SOFTWARE\\Microsoft\\Windows\\CurrentVersion", "ProductId",
        ProductId, sizeof(ProductId)) < 0) goto no_id;
    printf("ProductId   %s\n", ProductId);

    if(regkey(
        HKEY_LOCAL_MACHINE,
        "SOFTWARE\\Microsoft\\Cryptography", "MachineGuid",
        MachineGuid, sizeof(MachineGuid)) < 0) goto no_id;
    printf("MachineGuid %s\n", MachineGuid);

    if(regkey(
        HKEY_CURRENT_USER,
        "Software\\Valve\\Half-Life\\Settings", "io",
        io, sizeof(io)) < 0) goto no_id;
    printf("HalfLife io %s\n", io);

    sprintf(keystr, "%s%s%s", ProductId, MachineGuid, io);
    printf("result key  %s\n", keystr);
    return;
no_id:
    strcpy(keystr, NOKEY);
    printf("result key  %s\n", keystr);
#else
    printf("\nError: you must provide a valid decryption key (this is not Windows!)\n");
    wait_exit(1);
#endif
}

 

[FSOwner]

PW is md5 hash encrypted i believe

It's md5 with salt from machine ID.

 

[.ISO]

Right.

 

[EriX920]

It's not MD5 it's AES encrypted with an IV and key. Little harder to break thats why you have to grab the data from the host pc and can't just use a special key.

int AESPHM_Decrypt(u8 *passphrase, u8 *output, u8 *input) {
    aes_context ctx;
    int     inputlen,
            passphraselen,
            ivoff,
            paddingLen,
            payloadLen;
    u8      key[SHA256_DIGESTSIZE],
            iv[IV_SIZE],
            checkDigest[HMACSHA_DIGESTSIZE],
            firstPadByte,
            *digest,
            *ivSeed,
            *payload;

    passphraselen = strlen(passphrase);
    inputlen = hex2byte(input, input);
    if(inputlen < MINIMUM_CIPHERTEXT_LENGTH) return(-1);

	digest = input + inputlen - HMACSHA_DIGESTSIZE;
	ivSeed = digest - IV_SEED_SIZE;

    sha2(passphrase, passphraselen, key, 0);

    sha1_hmac(key, sizeof(key), input, digest - input, checkDigest);
    if(memcmp(checkDigest, digest, sizeof(checkDigest))) return(-1);

	AESPHM_GenerateIvFromSeed(ivSeed, iv);

    aes_setkey_enc(&ctx, key, sizeof(key) << 3);
    ivoff = 0;  // AES_cfb128_encrypt in OpenSSL
    aes_crypt_cfb(&ctx, AES_ENCRYPT, 1, &ivoff, iv, input, &firstPadByte);

    paddingLen = (firstPadByte & 0x0f) + 3;
    if((input + paddingLen) > ivSeed) return(-1);

    payload = input + paddingLen;
    payloadLen = ivSeed - payload;
    if(payloadLen) {
        aes_crypt_cfb(&ctx, AES_ENCRYPT, paddingLen - 1, &ivoff, iv, input + 1, output);
        aes_crypt_cfb(&ctx, AES_ENCRYPT, payloadLen, &ivoff, iv, payload, output);
    }
    return(payloadLen);
}

 

[tarantino]

lol im only 13 but i think im smart guys.

 

[EriX920]

Are you seriously 13? I hope not..

 

[WorldWarIII]

He's not... but nice post Eric, stickied.

 

[Take-Out_Ninja]

And...exactly why is this useful?

 

[.ISO]

And...exactly why is this useful?

ofc noobs like you wouldn't understand...

 

[rushil01]

its useful because you don't have to get yoru ID manually...

 

[.ISO]

He doesn't know the use of SteamID... so....

 

[CBFroze]

I don't get the point of this either to be honest :L

 

[EriX920]

So you don't have to go in game and type status to figure out your STEAMID.

 

[sasquiotch]

Thanxs man nice work!