Originally Posted by
rawr im a tiger
ie. CSteamID CSteamUser014::GetPlayerSteamID()?
If you hook that and IsVacBanned, you'd probably be able to play in private matches while banned.
As for spoofing ID as a variable, I'm no protocol expert, but I think steam requires validation and does a server-side VAC Ban check before allowing you to auth to DemonWare.
Yes, that's what I was referring to. And if anyone is interested in the psuedo-code, here it is (for 1.9.453):
Code:
// 0x3B418448 is a pointer to the current player's ISteamUser class
steamUserStruct = Read<IntPtr>(0x3B418448);
// The first value of the ISteamUser class is a pointer to a virtual method table
vTableAddress = Read<IntPtr>(steamUserStruct);
// The GetSteamID function is the 3rd one in the VMT.
// +0 = GetHSteamUser
// +4 = BLoggedOn
// +8 = GetSteamID
getSteamIDMethodPtr = (IntPtr)(vTableAddress.ToInt64() + 0x8);
// Read the pointer to the function
getSteamIDMethodAddress = Read<IntPtr>(getSteamIDMethodPtr);
// Now modify the function at getSteamIDMethodAddress to do whatever, like return
// a fake CSteamID value (essentially an int64 which is stored as an EAX and EDX value).
// Example, to return a Steam ID of 0xDEADBEEFBEEFDEAD, we'd replace the function with this:
// mov eax, BEEFDEAD
// mov edx, DEADBEEF
// ret
Thanks to VoiDeD for making Open Steamworks public. :3
IntPtr can be replaced with Int32/Integer since all pointers in 32-bit processes are only 4 bytes long.