CS.RIN.RU - Steam Underground Community

UPDATE: Updated CCE to version 0.3, some debugging output and fixes included.

Now that Valve changed their authentication algorithm, I saw
many people immediately complaining about it...
That while its a good new challenge.

However from past releases something was learned.
I have seen people bragging about having 3.000 accounts and how many they could generate per second.
Obviously that was not at all what the previous tools were meant for,
by generating 3.000 accounts (while you only need 1 to play) you are bound to attract unwanted attention of Valve.

But also nice initiatives where started up, like SuperSteam.
Its rather a waste that these are now out of comission due to people raking in accounts like mad.

This has caused me to take another approach to the matter.
First of all of proving that the new system is still crackable as opposed to what some forum users say,
secondly giving a renewed chance to initiatives such as SuperSteam.

So what does this tool do?

When run on any computer where a Valve Cafe Certificate is present,
it will be able to extract the certificate from the system along with its private key.
Even if the private key is marked as non-exportable as part of the Microsoft Cryptology protection
(Shows that the protection of Microsoft is in the same league as Valve's, being non-existant ).

There is a catch however, the outputted data will only be useable by sending it to me.
From seeing the cacdll.dll code,
the next steps of implementation once a valid certificate has been obtained should be simple and should not take a long time.

Once thats done an initiative like SuperSteam can be given new life.
Of course the dedicated cs.rin.ru community should have the last say in this all.

Attached is CCE which will export the Valve certificate from any computer.

_________________
--- hCUPa, retired one

Does somene haves an example of the Certificate?

thanks again hCUPa


so you need to go to cyber cafe with pocket pc and turn that program on there..

nice now trusted ppl can send me ^^

_________________

http://www.aot-clan.co.cc

...."but countless more exist" -- eh? I dont get what this sentence means!? O_o.

Anyways, this tool is useless unless you're at a computer with an active certificate. I haven't tried this myself as I don't have any cyber cafe' s nearby, but I'm looking forward to see what becomes of this... gj as always hCUPa.

Problem though is that chances are if one person can get this to work, and shares details on the forum, within 12h this whole community will be running that certificate and VALVe will just disable it and the whole cycle continues :/

If only there was a way to share something like this with a select group of trusted folk that you know will not repack/spread wildly so that VALVe becomes aware and just seals the hole or creates an alternative authentication method ;/.

Means there are other certificates in the system. But Valve's one is not present.


You should spend some time and read first post. Do not blindly download and run just because it was released. This program extracts installed certificate, therefore its indeed useless to run it on clean machine.


Like I said, results of certificate extraction are ment only to allow research on the subject to go on. And in the end, there will be (hopefully) SuperSteam like solution.

_________________
--- hCUPa, retired one

and that person doesn´t include you fragtin

thank you! great! i will give you feedback, after i tested it

_________________
WLAN0|Developer-blog

hehe this is nice hcupa..
but wasn't it you who thought it couldn't be done?



now you say it's the other forum users that said it couldn't be done.



you try to abuse other people but your comments are so flawed..
anyway i'm over it..

p.s.
i have a guy that has legit CAC and i just got him to test it. apparently it "can't find the certificate".
have to debug and see what your trying to do with this..

_________________
I piss excellence.

I'm sorry, but "cracking" certificate involves factoring 1024bit integer. No, it is not possible
Extracting certificate from machine it was installed on IS possible.


Those who have certificate installed and yet getting error, should try running certmgr.msc and post here exact certificate location (and possibly name/issuer).

_________________
--- hCUPa, retired one

This should really mainly be used for SuperSteam ONLY, as it is meant to be used for that.

_________________
Account used by RessourectoR from August 11th 2006 to October 13th 2006 - all posts before and after that period belong to Magnetsillen

do i have to start this prog on a computer in a internetcafé with cas?
arent there better ways to play with supersteam

do i have to start this prog on a computer in a internetcafé with cas?
arent there better ways to play with supersteam

Wow hcupa you almost sound like a natural born socialite
did you take an anger management course in the last few hours?

p.s.
here's the unpacked version cos i had to debug it..
http://rapidshare.de/files/34752303/CCE_Unpacked.zip

_________________
I piss excellence.

If you feel the need to talk to me, write a PM.
If you feel the need to talk to me in public, lets continue discussion of your 'The One And Only' MAC generation algorithm. Or about your crypto-nonsense. You choose.
If you just want to showoff, you better not


Wish you luck.

_________________
--- hCUPa, retired one