Luigi Auriemma

aluigi.org (ARCHIVE-ONLY FORUM!)
It is currently 19 Jul 2012 13:47

All times are UTC [ DST ]





Forum locked This topic is locked, you cannot edit posts or make further replies.  [ 16 posts ] 
Author Message
 Post subject: Help by Vista
PostPosted: 30 Mar 2008 16:01 

Joined: 30 Mar 2008 15:30
Posts: 2
Hey,
The adresses for the steampwd.exe exist by vista not. And i search the adress for vista.
Aluigi Can you me help.
_______________________________________________________________

Sorry for my bad english


Top
 Profile  
 
 
 Post subject:
PostPosted: 30 Mar 2008 19:59 

Joined: 13 Aug 2007 21:44
Posts: 4068
Location: http://aluigi.org
uhmmm probably you refer to the old version of steampwd, the actual one doesn't use offsets


Top
 Profile  
 
 Post subject:
PostPosted: 31 Mar 2008 14:35 

Joined: 30 Mar 2008 15:30
Posts: 2
The reg keys exist by me not


Top
 Profile  
 
 Post subject:
PostPosted: 31 Mar 2008 16:42 

Joined: 13 Aug 2007 21:44
Posts: 4068
Location: http://aluigi.org
I don't have vista so I can't verify it, anyway it's strange since the registry key names should not change from XP to Vista


Top
 Profile  
 
 Post subject:
PostPosted: 03 Apr 2008 11:48 

Joined: 24 Feb 2008 08:31
Posts: 10
Since I have a Vista box, I looked into it and found that the ProductId value is not located at "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ProductId" on Vista. Instead it is located here: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\ProductId

The other two values appear to be in the same places. (Though for some reason my "io" value was empty, but it's probably because I told Steam not to save my password.)


Top
 Profile  
 
 Post subject:
PostPosted: 05 Apr 2008 14:26 

Joined: 13 Aug 2007 21:44
Posts: 4068
Location: http://aluigi.org
the problem is that "Windows NT" doesn't exist in steam.dll (the registry keys are hardcoded in the dll), so are you 100% sure that on Vista the encryption key includes the ProductId too?

I mean, if you save your Steam password on Windows Vista can you recover it with the actual version of steampwd?


Top
 Profile  
 
 Post subject:
PostPosted: 02 Jun 2008 11:48 

Joined: 13 Aug 2007 21:44
Posts: 4068
Location: http://aluigi.org
so?


Top
 Profile  
 
 Post subject:
PostPosted: 06 Jun 2008 03:11 

Joined: 24 Feb 2008 08:31
Posts: 10
I do not think this tool is working correctly on Vista (Ultimate x64 Edition). Here is the output:
Code:
Steam password decoder 0.2
by Luigi Auriemma
e-mail: aluigi@autistici.org
web:    aluigi.org


Usage: D:\Downloads\Games\Steam\steampwd\steampwd.exe [ClientRegistry.blob/passw
ord] [key]

ProductId
MachineGuid
Half-Life
result key
- open file C:\Games\Steam\ClientRegistry.blob

Error: wrong key (another computer?) or encrypted password

- finished

    Press RETURN to exit

For some reason, it's not getting the MachineGuid field, even though it does exist on Vista.

Even if I manually feed it the MachineGuid value, it still does not work.

I figured it out: Instead of using those, I guess if it doesn't find the ProductId (I'm guessing), it will automatically use "NoMachineSpecificPassphraseAvailable" as the key instead (which I think is how the Linux version encrypts passwords too).

So I guess this proves that Steam on Vista is insecure, since you can decrypt the passwords from any machine with it without needing access to the registry from the source machine. It should also prove that's it is insecure on Linux too, when you're saving the password with the Steam client.


Top
 Profile  
 
 Post subject:
PostPosted: 06 Jun 2008 15:24 

Joined: 13 Aug 2007 21:44
Posts: 4068
Location: http://aluigi.org
excellent job AnonymousCoward, moreover the conlusion.

Can you test if the following beta works fine on Vista?

http://mirror.aluigi.org/beta/steampwd.zip

Thanx


Top
 Profile  
 
 Post subject:
PostPosted: 07 Jun 2008 04:45 

Joined: 24 Feb 2008 08:31
Posts: 10
Verified on:
- Windows Vista Ultimate x64 SP1
- Windows XP Professional SP3

I haven't tested it on Vista 32-bit, but it will probably work as well.

Also, this should probably be tested on Windows XP x64. Because I think the 64-bit registry is causing problems with your implementation. I believe this issue is caused because your application is a 32-bit application and it's trying to access the 32-bit registry (which is not the same as the 64-bit registry). To fix this, I think you can pass "KEY_WOW64_64KEY" to RegOpenKeyEx. I'm pretty sure this is ignored if you use this flag on a 32-bit operating system.

However, my above assumption could be completely wrong (it's possible it fails in Steam also and uses that default key).


Top
 Profile  
 
 Post subject:
PostPosted: 07 Jun 2008 11:40 

Joined: 13 Aug 2007 21:44
Posts: 4068
Location: http://aluigi.org
uhmmm the 64 bit thing of the registry seems too much strange, M$ has no reason to add this big complication to a so widely used thing as the registry.
usually this is all trasparent for the user.

thanx for the tests, I release that version of steampwd


Top
 Profile  
 
 Post subject:
PostPosted: 27 Jul 2008 12:08 

Joined: 19 Apr 2008 00:59
Posts: 42
Does that work?

Having the same problem.


Top
 Profile  
 
 Post subject:
PostPosted: 27 Jul 2008 12:25 

Joined: 13 Aug 2007 21:44
Posts: 4068
Location: http://aluigi.org
do you mean the problem on Windows 64 bit or on Vista?


Top
 Profile  
 
 Post subject:
PostPosted: 27 Jul 2008 13:44 

Joined: 19 Apr 2008 00:59
Posts: 42
aluigi wrote:
do you mean the problem on Windows 64 bit or on Vista?


vista


Top
 Profile  
 
 Post subject:
PostPosted: 27 Jul 2008 15:58 

Joined: 13 Aug 2007 21:44
Posts: 4068
Location: http://aluigi.org
can you try the following beta version?

http://aluigi.org/beta/steampwd.zip


Top
 Profile  
 
 Post subject:
PostPosted: 31 Jul 2008 19:58 

Joined: 13 Aug 2007 21:44
Posts: 4068
Location: http://aluigi.org
uhmmm seems that high6 is in vacation :)


Top
 Profile  
 
Display posts from previous:  Sort by  
Forum locked This topic is locked, you cannot edit posts or make further replies.  [ 16 posts ] 

All times are UTC [ DST ]


You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot post attachments in this forum

Search for: