This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| import hashlib | |
| from Crypto.Cipher import AES | |
| f = open("index.dat", "rb") | |
| f.seek(10) | |
| ctext = f.read(5) | |
| f.close() | |
| # hardcoded IV found at address 0x004277f6 |
ymgve
/ protobuf.py
Created
February 3, 2025 19:06
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| import io, struct | |
| def decode_varint(bio): | |
| n = 0 | |
| shift = 0 | |
| while True: | |
| c = bio.read(1)[0] | |
| n |= (c & 0x7f) << shift | |
| if c & 0x80 == 0: | |
| return n |
ymgve
/ verify_packages_tampered.py
Created
December 17, 2024 02:20
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| import os, sys, struct, zlib, hashlib | |
| def unpack(data): | |
| pkg_ver, compress_level, num_files = struct.unpack("<BII", data[-9:]) | |
| #print(pkg_ver, compress_level) | |
| tampered = False | |
| prev_file_start = None | |
| files = [] | |
| index = len(data) - 9 |
ymgve
/ protobuf.py
Created
December 14, 2024 19:42
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| import cStringIO, struct | |
| try: | |
| import psyco; psyco.full() | |
| except ImportError: | |
| pass | |
| class ProtoDeserializer(object): | |
| def __init__(self, message): | |
| self.sb = cStringIO.StringIO(message) |
ymgve
/ steam3cdn.py
Created
December 13, 2024 16:15
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| import cStringIO, struct, zipfile, base64, time, binascii, hashlib, urllib, urllib2, urllib3, requests | |
| from steamlib import crypto | |
| from steamlib.vdfparser import * | |
| from steamlib.protobuf import * | |
| try: | |
| import psyco; psyco.full() | |
| except ImportError: | |
| pass |
ymgve
/ verify_packages.py
Created
November 30, 2024 22:36
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| import os, sys | |
| # requires pycryptodome | |
| from Crypto.Signature import pkcs1_15 | |
| from Crypto.Hash import SHA1 | |
| from Crypto.PublicKey import RSA | |
| # key sent over network at startup | |
| pubkeybin = bytes.fromhex("30819d300d06092a864886f70d010101050003818b00308187028181009525173d72e87cbbcbdc86146587aebaa883ad448a6f814dd259bff97507c5e000cdc41eed27d81f476d56bd6b83a4dc186fa18002ab29717aba2441ef483af3970345618d4060392f63ae15d6838b2931c7951fc7e1a48d261301a88b0260336b8b54ab28554fb91b699cc1299ffe414bc9c1e86240aa9e16cae18b950f900f020111") | |
| pubkey = RSA.import_key(pubkeybin) |
ymgve
/ gist:7365a134f82a4bc2840623f8c4a1787e
Created
August 10, 2024 23:19
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| .C:c058 A2 0F LDX #$0F | |
| .C:c05a 20 44 C0 JSR $C044 | |
| .... | |
| .C:c044 A0 7C LDY #$7C | |
| .C:c046 88 DEY | |
| .C:c047 D0 FD BNE $C046 | |
| .C:c049 CA DEX | |
| .C:c04a D0 F8 BNE $C044 |
ymgve
/ trackerserver.py
Last active
October 31, 2023 05:17
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| import io, logging, secrets, socket, sqlite3, struct, time, traceback | |
| # TODO replace with something faster | |
| from CryptICE import IceKey | |
| logging.basicConfig( | |
| format="%(asctime)s %(levelname)-8s %(message)s", | |
| filename="trackerserver.log", | |
| encoding="utf-8", | |
| level=logging.DEBUG) |
ymgve
/ gist:d48cdb98990a161b775df3c7c9900412
Created
October 25, 2023 16:47
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| hashtable size: 4 entries, specified at offset 0x20 in the header | |
| full table size: hashtable size + number of entries in manifest, specified at 0x0c in the header | |
| lookup section: | |
| 00: 04 00 00 00 points to 04 in full table | |
| 01: 06 00 00 00 points to 06 in full table | |
| 02: 0A 00 00 00 etc | |
| 03: 0C 00 00 00 | |
| entry index sections: |
ymgve
/ emutest.py
Created
October 9, 2023 14:23
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| import hashlib, io, socket, struct, threading, time, hmac, random | |
| from Crypto.Cipher import AES | |
| from user import * | |
| from secondblob import * | |
| def steamtime_to_unixtime(steamtime_bin): | |
| steamtime, = struct.unpack("<Q", steamtime_bin) | |
| unixtime = steamtime // 1000000 - 62135596800 |
NewerOlder