No I don't know how to save tickets. On Tue, Mar 17, 2015 at 6:58 PM, Ryan Stecker <[email protected]> wrote: > That looks like a client fuzzing random SteamIDs, did you happen to save > the ticket in question by any chance? > > If there's a legitimate bug here with steamclient not instantly rejecting > bogus IDs, that should definitely be reported. > > Regardless though, whatever you experienced isn't what OP dealt with. > > On Tue, Mar 17, 2015 at 8:39 PM, Bottiger <[email protected]> wrote: > >> This doesn't look like valid tickets being reused to me. >> >> Client 3160 [I:16:229567929] connected to universe 16, but game server >> [G:1:809] is running in universe 1 >> S3: Client connected with invalid ticket: UserID: c58 >> S3: Client connected with invalid ticket: UserID: c53 >> S3: Client connected with invalid ticket: UserID: c53 >> S3: Client connected with invalid ticket: UserID: c53 >> S3: Client connected with invalid ticket: UserID: c53 >> S3: Client connected with invalid ticket: UserID: c53 >> S3: Client connected with invalid ticket: UserID: c53 >> Client 3155 [I:0:1191841122] connected to universe 0, but game server >> [G:1:809] is running in universe 1 >> S3: Client connected with invalid ticket: UserID: c53 >> Client "Wololo" connected (72.69.41.145:27005). >> STEAMAUTH: Client Wololo received failure code 8 >> Dropped Wololo from server (Invalid STEAM UserID Ticket >> ) >> >> On Tue, Mar 17, 2015 at 6:30 PM, Ryan Stecker <[email protected]> >> wrote: >> >>As you deduced, it is possible to spoof any SteamID you want and play >> > for a couple of minutes before the server kicks you. >> > >> > No, it isn't. Steam authentication tickets are signed by Valve's servers. >> > You cannot craft a ticket containing any SteamID you want. >> > >> > You can, however, subject the server to a replay attack by reusing >> another >> > user's authentication ticket. This allows users to play on your server >> with >> > whatever SteamID they borrowed for approximately 1-2 minutes until the >> > Steam server rejects them and the game server kicks them. >> > >> > On the original topic, there's nothing invalid about that SteamID in the >> > OPs post: >> > >> > 08:29:18°pm (@VoiDeD) !sid [U:1:96295245] >> > 08:29:45°pm (idler2) VoiDeD: STEAM_0:1:48147622 / [U:1:96295245] (UInt64 >> = >> > 76561198056560973, IsValid = True, Universe = Public, Instance = desktop >> > (1), Type = Individual, AccountID = 96295245) >> > 08:29:45°pm (idler2) VoiDeD: †( >> > http://steamcommunity.com/profiles/76561198056560973/) (Last Online = >> > 3/18/2015 1:11:21 AM, Last Offline = 3/18/2015 1:11:39 AM) >> > >> > >> > On Tue, Mar 17, 2015 at 8:12 PM, Bottiger <[email protected]> wrote: >> > >> >> We experienced this several months ago and reported it to Eric Smith >> >> but have not heard anything from him for a long time so we stopped >> >> sending him exploits like this. >> >> >> >> As you deduced, it is possible to spoof any SteamID you want and play >> >> for a couple of minutes before the server kicks you. >> >> >> >> We tried kicking or freezing people that didn't get verified within 30 >> >> seconds but unfortunately this also happens frequently to normal >> >> players. >> >> >> >> >> >> >> >> On Tue, Mar 17, 2015 at 5:59 PM, Weasels Lair <[email protected]> >> >> wrote: >> >> > Wondering if any other admin's have seen this. >> >> > >> >> > Today I had a player join with a SteamID that I was unable to ban by >> ID. >> >> > From SourceMod I kept getting a message about waiting another 30 >> seconds >> >> > and trying again, because that SteamID was not verified (yet)? >> >> > >> >> > In the end, I resorted to fire-walling-off his source IP address for >> now. >> >> > >> >> > When I punched his SteamID3 (which was showing as "[U:1:96295245]") >> into >> >> > SteamIDConverter.com, it kept showing "unknown" for their SteamID64, >> >> > "[U:1:0]" for their SteamID3, and blank for their plain SteamID? >> >> > >> >> > So, I am thinking it is a completely bogus/fake/spoofed SteamID. >> >> > >> >> > He seemed to be able to play only for a few minutes at a time, before >> he >> >> > would get dropped from the server for having an invalid SteamID. >> >> > Basically, he was in-game long enough to hack (aimbot) and disrupt the >> >> game >> >> > (repeatedly). He was able to just do that over and over, until I just >> >> > blocked his source IP address all-together. >> >> > _______________________________________________ >> >> > To unsubscribe, edit your list preferences, or view the list archives, >> >> please visit: >> >> > https://list.valvesoftware.com/cgi-bin/mailman/listinfo/hlds_linux >> >> >> >> _______________________________________________ >> >> To unsubscribe, edit your list preferences, or view the list archives, >> >> please visit: >> >> https://list.valvesoftware.com/cgi-bin/mailman/listinfo/hlds_linux >> >> >> > _______________________________________________ >> > To unsubscribe, edit your list preferences, or view the list archives, >> please visit: >> > https://list.valvesoftware.com/cgi-bin/mailman/listinfo/hlds_linux >> >> _______________________________________________ >> To unsubscribe, edit your list preferences, or view the list archives, >> please visit: >> https://list.valvesoftware.com/cgi-bin/mailman/listinfo/hlds_linux >> > _______________________________________________ > To unsubscribe, edit your list preferences, or view the list archives, please > visit: > https://list.valvesoftware.com/cgi-bin/mailman/listinfo/hlds_linux
_______________________________________________ To unsubscribe, edit your list preferences, or view the list archives, please visit: https://list.valvesoftware.com/cgi-bin/mailman/listinfo/hlds_linux
