Kid a (07-16-2016)
Kid a (07-16-2016)
How did AgentGOD manage to bypass VAC ban status?
Back then, you wouldn't get the "Steam connect error" and it was just a matter of patching out the code for VAC kicking players if they were banned (hence why you had to be host, or have the host disable VAC kicks). Now, you are unable to even connect to the servers to find a match. An untested theory is if you connect directly to a public match (Xeno said there is a function that allows you to connect directly to a server). The only issue with this I see is that the host's client still might try and kick you for cheating/being banned (provided this even lets you connect to the server in the first place).
Kid a (07-16-2016)
Since we have a lobby tool,can't we play online after doing that bypass trick and then turning that private lobby into public?
Not quite. Even if you did turn it into public, no one would join since you're not connected to the actual servers. People wouldn't be able to find you. As for trying to join a friend, you will just get the error "Player is not currently in a server" or something along those lines. Your best bet would be to try and find the function that connects directly to a server and test that out.
Or if you're feeling extra adventurous, record the packets between the client and server(s) on a banned, and an unbanned account, and then compare the results. Maybe you'll find something useful for bypassing further.
Last edited by MiKe34123; 07-16-2016 at 02:14 PM.
I'm not 100% sure, but I'd imagine the clients encrypt the data they send to each other in a match. If you can find the key/algorithm used to encrypt and decrypt the data, you can probably monitor it fairly easily.
As for the MITM approach, you can try using an unbanned account to search for matches, then relay the information back to your banned account and attempt a direct server connection to that match. Of course this still has the issue of the host potentially kicking you for being banned or you not being able to connect at all.
If you are referring to spoofing information sent by Valve servers, your best bet would probably be to ask around on some sites that partake in cracking the Steam API and functions for breaking some DRM (I won't name the site since I'm pretty sure I'm not allowed to, but you should be able to tell which one it is based on the English/Russian language mix).
Last edited by MiKe34123; 07-16-2016 at 02:15 PM.
I assume that when the user clicks on Play a request is sent to a server at Valve which checks the ID against a database of banned players and sends back a key defining whether the player is banned or not.
I don't have an unbanned account to test results against, but I'm sure someone on here has access to more than one account.
When a cheater is detected, 0x627920 gets called with one of the args specifying that it's a cheater. The client then seems to determine the client ID of the player and executes this command: "tempBanClient *ID* PLATFORM_STEAM_KICK_CHEAT". There are also the commands PLATFORM_STEAM_AUTH_DENIED and PLATFORM_STEAM_CONNECT_FAIL. I'm not 100% sure if this is handled by the client or server (or both). By checking the locations that have auth related functions, you can probably find what series of steps the client takes to auth. From there, just record differences in data sent/received by the client to the server on diff accounts and see what's different.
How can I inject the code
Please explain it step by step
-Update: Now I know how to create the dll and inject it. But it's only compatible with 1.2.211...
Last edited by fefire4; 07-18-2016 at 04:04 PM.
#include <Windows.h>
typedef void*(__cdecl *Cmd_RemoveCommand_t)(const char *cmdName);
Cmd_RemoveCommand_t Cmd_RemoveCommand;
BOOL APIENTRY DllMain(HMODULE hModule, DWORD reason, LPVOID lpReserved){
switch (reason){
case DLL_PROCESS_ATTACH:{
DisableThreadLibraryCalls(hModule);
Cmd_RemoveCommand = (Cmd_RemoveCommand_t)0x564320;
Cmd_RemoveCommand("steamlobbycreatefail");
break;
}
}
return TRUE;
}
MiKe can you change the code that it is compatible wíth version 1.2.208
pretty mad that they would do this honestly because i get the same steam connect failed. and i hacked over 250 days ago lol what a joke
Everybody is mad