Jump to content


Photo
Question

I have no idea where else to ask this, I have no clue how to find the request CS:GO sends when renaming a weapon



  • Please log in to reply
5 replies to this topic

#1 Acorn Eyes

Acorn Eyes

    Newbie

  • Member
  • Pip
  • 4 posts

Posted 21 August 2018 - 07:50 PM

I'm trying to programmatically rename my weapons in CS:GO, mostly because I'm under the impression that inputs are only sanitized in the client.

 

Now there's one sure-fire way to do this, and that's to disassemble the program itself, but not only is that pretty difficult to do, I run the risk of being VAC banned (even though I'm not trying to do anything the game doesn't intend me to do). So for me its a last resort option. 

 

The other way, the way I'm trying to do, is packet sniffing to find the request CS:GO sends. Here's the issue, I'm completely new to packet sniffing and I'm worried I won't be capturing the right data. I know I can save the data I collect, but I'm worried that after I use up the $2 to rename a weapon, I'd have collected the wrong packets. 

 

So before I start sniffing packets I need to be 100% sure I will collect the relevant packets, and that I'll be able to use them to find the request sent. 

 

I'm wondering if anyone could help me with this endeavor or at least point me in the right direction.

 

 

 

 

 

TL;DR- How do I find the request CS:GO sends to rename a weapon.



#2 Dr. McKay

Dr. McKay

    Developer

  • Administrator
  • 1,817 posts

Posted 21 August 2018 - 09:26 PM

If you want my guess, fork node-globaloffensive and add this to index.js:

GlobalOffensive.prototype.nameItem = function(nameTagID, itemID, customName) {
    var buffer = new ByteBuffer(16 + Buffer.byteLength(customName) + 1);
    buffer.writeUint64(coerceToLong(nameTagID));
    buffer.writeUint64(coerceToLong(itemID));
    buffer.writeCString(customName);
    this._send(Language.NameItem, null, buffer);
};

If that doesn't work try swapping nameTagID and itemID. And if that doesn't work, you'd want to use something like NetHook2.



#3 Acorn Eyes

Acorn Eyes

    Newbie

  • Member
  • Pip
  • 4 posts

Posted 23 August 2018 - 03:02 AM

If you want my guess, fork node-globaloffensive and add this to index.js:

GlobalOffensive.prototype.nameItem = function(nameTagID, itemID, customName) {
    var buffer = new ByteBuffer(16 + Buffer.byteLength(customName) + 1);
    buffer.writeUint64(coerceToLong(nameTagID));
    buffer.writeUint64(coerceToLong(itemID));
    buffer.writeCString(customName);
    this._send(Language.NameItem, null, buffer);
};
If that doesn't work try swapping nameTagID and itemID. And if that doesn't work, you'd want to use something like NetHook2.

 

 
I tried it out, and it works, however I don't really understand bytebuffer.
 
Can you break down to me what happens when I pass "\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n" to the nameItem function?
 
The reason I ask is because it writes "-                 " to the item name.
 
Also I tried to debug it and tried the "﷽" it looks like the function adds a dash before string and then a space. 
 
You can see my attempts here: https://goo.gl/CmD6m5 (I can't post my steam inventory link because it gets autoformatted to emojis. So its a google shortlink instead.)

The revolver was named 20 

 
The M4 was named 10 

\n

 (20 characters)
 
The CZ was named 25 

\n

 (50 characters)


Edited by Acorn Eyes, 23 August 2018 - 05:29 AM.


#4 Dr. McKay

Dr. McKay

    Developer

  • Administrator
  • 1,817 posts

Posted 23 August 2018 - 10:52 AM

ByteBuffer is a layer over Node's regular Buffer which adds some nice things. Basically what's happening here is that you're allocating 16 bytes + however many bytes you need to represent your name string + 1 more byte, then you're filling in those bytes with the values shown (the name tag ID in 64 bits, the item ID in 64 bits, the name as a string, and a 0 byte at the end to represent the end of the string).

 

I'm unsure why that dash is being added. We might have missed a field, maybe. Try adding buffer.writeUint8(0); before the writeCString.


Edited by Dr. McKay, 23 August 2018 - 10:54 AM.


#5 Acorn Eyes

Acorn Eyes

    Newbie

  • Member
  • Pip
  • 4 posts

Posted 27 August 2018 - 01:07 AM

ByteBuffer is a layer over Node's regular Buffer which adds some nice things. Basically what's happening here is that you're allocating 16 bytes + however many bytes you need to represent your name string + 1 more byte, then you're filling in those bytes with the values shown (the name tag ID in 64 bits, the item ID in 64 bits, the name as a string, and a 0 byte at the end to represent the end of the string).

 

I'm unsure why that dash is being added. We might have missed a field, maybe. Try adding buffer.writeUint8(0); before the writeCString.

 

 

I don't know if you want updates or not, let me know if you don't.

 

But I haven't tried it so far, buying nametags everytime gets expensive so I'm running low for now. That's why I haven't really responded in several days. 



#6 Acorn Eyes

Acorn Eyes

    Newbie

  • Member
  • Pip
  • 4 posts

Posted 01 September 2018 - 02:28 AM

ByteBuffer is a layer over Node's regular Buffer which adds some nice things. Basically what's happening here is that you're allocating 16 bytes + however many bytes you need to represent your name string + 1 more byte, then you're filling in those bytes with the values shown (the name tag ID in 64 bits, the item ID in 64 bits, the name as a string, and a 0 byte at the end to represent the end of the string).

 

I'm unsure why that dash is being added. We might have missed a field, maybe. Try adding buffer.writeUint8(0); before the writeCString.

 

I just tried it, and it works flawlessly, I submitted a pull request.


  • Dr. McKay likes this





Also tagged with one or more of these keywords: Question

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users