>As you deduced, it is possible to spoof any SteamID you want and play for a couple of minutes before the server kicks you.
No, it isn't. Steam authentication tickets are signed by Valve's servers. You cannot craft a ticket containing any SteamID you want. You can, however, subject the server to a replay attack by reusing another user's authentication ticket. This allows users to play on your server with whatever SteamID they borrowed for approximately 1-2 minutes until the Steam server rejects them and the game server kicks them. On the original topic, there's nothing invalid about that SteamID in the OPs post: 08:29:18°pm (@VoiDeD) !sid [U:1:96295245] 08:29:45°pm (idler2) VoiDeD: STEAM_0:1:48147622 / [U:1:96295245] (UInt64 = 76561198056560973, IsValid = True, Universe = Public, Instance = desktop (1), Type = Individual, AccountID = 96295245) 08:29:45°pm (idler2) VoiDeD: †( http://steamcommunity.com/profiles/76561198056560973/) (Last Online = 3/18/2015 1:11:21 AM, Last Offline = 3/18/2015 1:11:39 AM) On Tue, Mar 17, 2015 at 8:12 PM, Bottiger <bottige...@gmail.com> wrote: > We experienced this several months ago and reported it to Eric Smith > but have not heard anything from him for a long time so we stopped > sending him exploits like this. > > As you deduced, it is possible to spoof any SteamID you want and play > for a couple of minutes before the server kicks you. > > We tried kicking or freezing people that didn't get verified within 30 > seconds but unfortunately this also happens frequently to normal > players. > > > > On Tue, Mar 17, 2015 at 5:59 PM, Weasels Lair <wea...@weaselslair.com> > wrote: > > Wondering if any other admin's have seen this. > > > > Today I had a player join with a SteamID that I was unable to ban by ID. > > From SourceMod I kept getting a message about waiting another 30 seconds > > and trying again, because that SteamID was not verified (yet)? > > > > In the end, I resorted to fire-walling-off his source IP address for now. > > > > When I punched his SteamID3 (which was showing as "[U:1:96295245]") into > > SteamIDConverter.com, it kept showing "unknown" for their SteamID64, > > "[U:1:0]" for their SteamID3, and blank for their plain SteamID? > > > > So, I am thinking it is a completely bogus/fake/spoofed SteamID. > > > > He seemed to be able to play only for a few minutes at a time, before he > > would get dropped from the server for having an invalid SteamID. > > Basically, he was in-game long enough to hack (aimbot) and disrupt the > game > > (repeatedly). He was able to just do that over and over, until I just > > blocked his source IP address all-together. > > _______________________________________________ > > To unsubscribe, edit your list preferences, or view the list archives, > please visit: > > https://list.valvesoftware.com/cgi-bin/mailman/listinfo/hlds_linux > > _______________________________________________ > To unsubscribe, edit your list preferences, or view the list archives, > please visit: > https://list.valvesoftware.com/cgi-bin/mailman/listinfo/hlds_linux > _______________________________________________ To unsubscribe, edit your list preferences, or view the list archives, please visit: https://list.valvesoftware.com/cgi-bin/mailman/listinfo/hlds_linux
