Luigi Auriemma

aluigi.org (ARCHIVE-ONLY FORUM!)
It is currently 19 Jul 2012 13:54

All times are UTC [ DST ]





Forum locked This topic is locked, you cannot edit posts or make further replies.  [ 30 posts ] 
Author Message
 Post subject: Steam password decoder - will soon not be working?
PostPosted: 21 Sep 2009 20:32 

Joined: 21 Aug 2009 08:57
Posts: 12
There is a new Steam Client Beta running, and it looks like they changed the steam password system.

See here:

http://forums.steampowered.com/forums/s ... p?t=959112

"9/17/2009

- Updated steam ticket expiration logic. Please report any anomalies with saved passwords"


So, after opting in the beta, I restarted Steam, and I can no longer retrieve my password with the Steam password decoder.
I opened my clientregistry.blob with "ClientRegistry Toolkit" and found out that the "Phrase" thing is no longer here.


Top
 Profile  
 
 
 Post subject: Re: Steam password decoder - will soon not be working?
PostPosted: 22 Sep 2009 00:28 

Joined: 13 Aug 2007 21:44
Posts: 4068
Location: http://aluigi.org
in Steam beta only the sha1 hash of the password is saved, and no longer in the blob file but in the registry (ConnectCache)... mah


Top
 Profile  
 
 Post subject: Re: Steam password decoder - will soon not be working?
PostPosted: 22 Sep 2009 01:11 

Joined: 16 Aug 2007 06:25
Posts: 367
Probably to cut back on the number of account thefts... though I hope they use a seed of some type for their sha1 calculations.


Top
 Profile  
 
 Post subject: Re: Steam password decoder - will soon not be working?
PostPosted: 22 Sep 2009 09:15 

Joined: 13 Aug 2007 21:44
Posts: 4068
Location: http://aluigi.org
yes there is something similar because the sha1 doesn't seem the original sha1 of the password (the decryption of ConnectCache leads to a text-like string of 20 chars which is then xored during the connection), anyway now I investigate a bit


Top
 Profile  
 
 Post subject: Re: Steam password decoder - will soon not be working?
PostPosted: 23 Sep 2009 18:25 

Joined: 21 Aug 2009 08:57
Posts: 12
Does that mean the password decoder could be updated to get the password of this ConnectionCache thing? :)


Top
 Profile  
 
 Post subject: Re: Steam password decoder - will soon not be working?
PostPosted: 23 Sep 2009 22:25 

Joined: 13 Aug 2007 21:44
Posts: 4068
Location: http://aluigi.org
I have just released the new version of Steampwd which decrypts these fields:
http://aluigi.org/pwdrec.htm#steampwd

practically these ConnectCache fields act like cookies, so no password is stored.
in my tests I was able to use also the cookie of a previous session from my virtual machine on my computer but I have NOT performed deeper research.


Top
 Profile  
 
 Post subject: Re: Steam password decoder - will soon not be working?
PostPosted: 30 Sep 2009 11:54 

Joined: 21 Aug 2009 08:57
Posts: 12
Released http://store.steampowered.com/news/2882/


Top
 Profile  
 
 Post subject: Re: Steam password decoder - will soon not be working?
PostPosted: 30 Sep 2009 12:07 

Joined: 13 Aug 2007 21:44
Posts: 4068
Location: http://aluigi.org
yes I confirm, this version uses the cookie method.
I have also noticed something unusual although perfectly logic, practically even if you delete your ClientRegistry.blob then the client will be ever aware of the correct cookies.
for example if you logged in with 2 correct accounts, delete the blob file, reconnect logging in with only one you will receive the cookies of both the accounts.
obviously this was only a 1-minute test so I have verified nothing else and so I have missed something for sure


Top
 Profile  
 
 Post subject: Re: Steam password decoder - will soon not be working?
PostPosted: 01 Oct 2009 19:30 

Joined: 22 Sep 2009 17:46
Posts: 25
So is it still possible to decrypt the password?

I've loaded function from steam.dll like this one:
Code:
typedef bool (WINAPI *steam)(char*,int,char*,int,int*);
steam steamDecrypt = NULL;
HINSTANCE hLib;

hLib = LoadLibrary("Steam.dll");
steamDecrypt = (steam)GetProcAddress(hLib, "SteamDecryptDataForThisMachine");


Correct the code if it is bad.

Code:
int  len = 0;
char encoded[256];
char decoded[256];
strcpy(encoded, "FILL IT HERE");
steamDecrypt(encoded, strlen(encoded), decoded, sizeof(decoded), &len)


How to get "FILL IT HERE" which was encrypted password now?


Top
 Profile  
 
 Post subject: Re: Steam password decoder - will soon not be working?
PostPosted: 01 Oct 2009 19:40 

Joined: 13 Aug 2007 21:44
Posts: 4068
Location: http://aluigi.org
no because the password is no longer stored


Top
 Profile  
 
 Post subject: Re: Steam password decoder - will soon not be working?
PostPosted: 01 Oct 2009 19:49 

Joined: 22 Sep 2009 17:46
Posts: 25
It's like hash now?


Top
 Profile  
 
 Post subject: Re: Steam password decoder - will soon not be working?
PostPosted: 01 Oct 2009 20:31 

Joined: 13 Aug 2007 21:44
Posts: 4068
Location: http://aluigi.org
no, it's like a cookie


Top
 Profile  
 
 Post subject: Re: Steam password decoder - will soon not be working?
PostPosted: 02 Oct 2009 14:57 

Joined: 24 Sep 2007 02:12
Posts: 1114
Location: http://sethioz.co.uk
I wanna ask: WTF ?
it means that steam uses "cookie" to "store" a password now ?
so it means if i select "remember password" and login, then exit steam and run something like ccleaner or zonealarm's cache cleaner (or any other tool that cleans temp files, cookies, caches..etc), after that when i run steam, will the password be remembered or its gone ?

*from my own experience i add that steam developers and security are dumb as donkeys, accounts are not stolen because of stored passwords (maybe 0.0001% of all stolen accounts is because of stored password)


Top
 Profile  
 
 Post subject: Re: Steam password decoder - will soon not be working?
PostPosted: 02 Oct 2009 17:26 

Joined: 13 Aug 2007 21:44
Posts: 4068
Location: http://aluigi.org
it's another type of cookie located in the ConnectCache so it gets not deleted by ccleaner and other cleaners.

the downside of this solution is that the login mechanism could not work in some cases (so the password gets lost), for example if steam is interrupted/crashed before the login or the ConnectCache value gets corrupted and possibly other less rare events.

anyway this is all I know at the moment.


Top
 Profile  
 
 Post subject: Re: Steam password decoder - will soon not be working?
PostPosted: 03 Oct 2009 15:50 

Joined: 24 Sep 2007 02:12
Posts: 1114
Location: http://sethioz.co.uk
what is the exact file where it is located in ?


Top
 Profile  
 
 Post subject: Re: Steam password decoder - will soon not be working?
PostPosted: 03 Oct 2009 17:28 

Joined: 13 Aug 2007 21:44
Posts: 4068
Location: http://aluigi.org
ConnectCache is a registry key, read the previous posts and the source of steampwd.c


Top
 Profile  
 
 Post subject: Re: Steam password decoder - will soon not be working?
PostPosted: 04 Oct 2009 18:07 

Joined: 24 Sep 2007 02:12
Posts: 1114
Location: http://sethioz.co.uk
nah its fine, im not really interested in it. i was just curious about the cleaning, if some programs can clean it.


Top
 Profile  
 
 Post subject: Re: Steam password decoder - will soon not be working?
PostPosted: 06 Oct 2009 15:48 

Joined: 30 Apr 2009 21:06
Posts: 22
Hi Aluigi,

if i understand you well i did installed Steam here the last one & i run your steampwd.exe
and i did saved login details & it show that
-password not found , the possible reasons are.... or the new version beta...
.....

does this mean we cant recover the login details anymore ?

Thanks


Last edited by Vasili on 06 Oct 2009 20:10, edited 1 time in total.

Top
 Profile  
 
 Post subject: Re: Steam password decoder - will soon not be working?
PostPosted: 06 Oct 2009 18:24 

Joined: 13 Aug 2007 21:44
Posts: 4068
Location: http://aluigi.org
exactly.
the plain-text password is no longer saved so, obviously, there is nothing to decrypt simply because just doesn't exist.

although there is no official confirmation from the Steam developers about this, it's not a coincidence the proliferating of problems related the new ticket/cookie mechanism like the following thread:
http://forums.steampowered.com/forums/showthread.php?t=980259


Top
 Profile  
 
 Post subject: Re: Steam password decoder - will soon not be working?
PostPosted: 06 Oct 2009 19:19 

Joined: 24 Sep 2007 02:12
Posts: 1114
Location: http://sethioz.co.uk
hey Luigi, im not sure if thats your 'field', but i have an idea for you.
first, would it be possible to retrieve/get the 'hash' of the password ? if yes (most likely yes), then what do you think about writing a plugin for "PasswordsPro" so you can recover/crack your hash with it.
i have no idea how they write the plugins, but they are in .ppl format and about 100-300kb.


Top
 Profile  
 
 Post subject: Re: Steam password decoder - will soon not be working?
PostPosted: 07 Oct 2009 02:54 

Joined: 01 Sep 2008 07:40
Posts: 31
so is this login update now required by steam for all users or is it still only operating under beta status? please advise.

thanks.

edit:
i do see on the steam page where it gives the changelog, it appears the beta changes were rolled out into an update:
http://store.steampowered.com/news/2882/

can anyone confirm that the login change did in fact take place for everyone?

thank you!


Top
 Profile  
 
 Post subject: Re: Steam password decoder - will soon not be working?
PostPosted: 07 Oct 2009 16:33 

Joined: 21 Aug 2009 08:57
Posts: 12
Read a few posts above :)


Top
 Profile  
 
 Post subject: Re: Steam password decoder - will soon not be working?
PostPosted: 08 Oct 2009 01:07 

Joined: 01 Sep 2008 07:40
Posts: 31
Yeah I saw what it said however I do not have Steam installed myself and have heard conflicting stories from other people about whether or not this update has been required for all users this month. I was hoping to get a confirmation from someone on these knowledgeable forums regarding the matter.


Top
 Profile  
 
 Post subject: Re: Steam password decoder - will soon not be working?
PostPosted: 08 Oct 2009 01:11 

Joined: 24 Sep 2007 02:12
Posts: 1114
Location: http://sethioz.co.uk
i never save any passwords in my pc (including steam) so i do not know + i have several accounts which i use constantly, so autologin is totally useless to me. however steam did update few days ago, but i never bother to check the changelog, usually when steam updates, it means a major disaster and lot of crashes.


Top
 Profile  
 
 Post subject: Re: Steam password decoder - will soon not be working?
PostPosted: 08 Oct 2009 01:34 

Joined: 13 Aug 2007 21:44
Posts: 4068
Location: http://aluigi.org
anyway yes, it's a forced update (doesn't matter if you are part or not of the beta client program, now it's the "default" Steam for anyone)


Top
 Profile  
 
 Post subject: Re: Steam password decoder - will soon not be working?
PostPosted: 08 Oct 2009 16:34 

Joined: 01 Sep 2008 07:40
Posts: 31
thanks all


Top
 Profile  
 
 Post subject: Re: Steam password decoder - will soon not be working?
PostPosted: 25 Oct 2009 22:25 

Joined: 31 Mar 2009 20:04
Posts: 3
Any news on this aluigi? I created a autoit script that called steam.dll together with warlenny and that stopped working (obviously). Any way of retrieving it via the new way?


Top
 Profile  
 
 Post subject: Re: Steam password decoder - will soon not be working?
PostPosted: 25 Oct 2009 22:38 

Joined: 13 Aug 2007 21:44
Posts: 4068
Location: http://aluigi.org
again, no, the new method is a ticket/cookie based way.
the password is no longer saved by Steam


Top
 Profile  
 
 Post subject: Re: Steam password decoder - will soon not be working?
PostPosted: 19 Nov 2009 02:15 

Joined: 19 Nov 2009 02:12
Posts: 2
Hey aluigi. Will it be possible to create a new Steam password finder with the new way they're storing passwords?

Thanks


Top
 Profile  
 
 Post subject: Re: Steam password decoder - will soon not be working?
PostPosted: 19 Nov 2009 15:00 

Joined: 13 Aug 2007 21:44
Posts: 4068
Location: http://aluigi.org
topic closed.
seems that repeating the same thing over 3 times is still not enough for some people...


Top
 Profile  
 
Display posts from previous:  Sort by  
Forum locked This topic is locked, you cannot edit posts or make further replies.  [ 30 posts ] 

All times are UTC [ DST ]


You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot post attachments in this forum

Search for: