About two years ago now. I outlined a POC of a new type of Exploit involving Clients / Servers.
I explained it on the hlds mailing list. A few months later, someone on this list stole that POC. Made the bitmap, and got paid by VALVe for an exploit I found. I want that person to respond to this msg. And admit they are a Thief. I have a number of other exploits. That I never revealed to VALVe or these lists. A Master will never disclose the full knowledge in front of amateurs. I will state this. HLDS / SRCDS can be used to inject any client with anything. HLDS / SRCDS can be used to inject STEAM PLATFORM with anything. ( Token Auth Server / VAC ). And any MAP, MODEL, SKIN, SPRITE, TEXTURE, OR even just a simple resource file. CAN ALL HAVE MALICIOUS PROGRAMMING EMBEDDED INTO THEM. Just like the Spraypaint exploit. Malicious Programming can be embedded into any image file, texture file, model file, material file, map file. Or in just a malformed packet / file. And transmitted from the HLDS / SRCDS. Now, I dare ya. Try to steal this one and get paid for it on HackerOne. Thats the difference between an Applied Physicist and rank amateurs. End Contact. -StealthMode _______________________________________________ To unsubscribe, edit your list preferences, or view the list archives, please visit: https://list.valvesoftware.com/
