Jump to content
McKay Development

Cheekyzzz

Member
 View Profile  See their activity

  • Posts

    3

  • Joined

  • Last visited

 Content Type 

Posts posted by Cheekyzzz

  2. Steam login/dologin "steamLoginSecure" a way to get it?

    in General

    Posted

    I Totally get cookie when i use credentials using oauth authentication.

    1. https://steamcommunity.com/login/getrsakey/?username=
    2. encode pass to base64 rsa encrypt with mod and exp from getrsakey
    3. and use in body of POST https://steamcommunity.com/login/dologin/
    4. process dologin by response like success, requires_twofactor, emailauth_needed
    After dologin response was cookies then it tokens occur there.

    login response ->  <Response [200]>
    login response json ->  {'success': True, 'requires_twofactor': False, 'login_complete': True, 'transfer_urls': ['https://store.steampowered.com/login/transfer', 'https://help.steampowered.com/login/transfer'], 'transfer_parameters': {'steamid': 'XXXXXXXXXXXXXXX', 'token_secure': 'XXXXXXXXXXXXXXXAAD2EEF9ABFACXXXXXXXXXXXXXXX', 'auth': 'XXXXXXXXXXXXXXX4d4dc71ff713ed71XXXXXXXXXXXXXXX', 'remember_login': True, 'webcookie': 'XXXXXXXXXXXXXXX417DBA7D4A9274XXXXXXXXXXXXXXX'}}
    self._check_for_captcha
    self._assert_valid_credentials
    self._perform_redirects
    self.set_sessionid_cookies
    {'sessionid': 'd565899090d3cd4a5XXXXXXXX', 'steamLoginSecure': 'XXXXXXXXXXXXXXX%7C%7C8FA4BAXXXXXXXXXXXXXXXBFACD11A5E6D00', 'steamMachineAuthXXXXXXXXXXXXXXX': 'XXXXXXXXXXXXXXX417DBA7D4A927XXXXXXXXXXXXXXX', 'steamCountry': 'XX%7C9fa88826f83c4ad51e2191aef916d636', 'steamRememberLogin': 'XXXXXXXXXXXXXXX%7C%XXXXXXXXXXXXXXX416961e7fcdc7XXXXXXXXXXXXXXX', 'browserid': 'XXXXXXX29345752'}

    This is my topic can you reply it when you know about this thank u.

  3. Steam tradeoffer p2p gift

    in General

    Posted

    Hello ?
    I have developing own friends website. That used for steam CS:GO skin tradeoffer between friends. But i can't automate tradeoffers. Is there any solution make steam tradeoffers between steam users p2p. Like Dmarket etc.. This type of markets only authenticate users using Steam OpenID Authentication. But steam TradeOffer unofficial "https://steamcommunity.com/tradeoffer/new/send" endpoint is required steamLoginSecure JWT token cookie. How they still can doing tradeoffers between users p2p only authenticate using OpenID. OpenID can't return any sensitive data like token or jwt. Or this type of markets hijacking and get tokens or cookies ? Any replies will be appreciated :)

×
×
  • Create New...