Jump to content
McKay Development

Can Steam web auth establish a GC session for CS2 (e.g. trade-ups)

hnobody

By hnobody
in node-steam-user

 Share

Recommended Posts

hnobody Newbie

hnobody

Posted
Posted (edited)

I know this sounds unlikely, but I’ve seen a Chinese trading platform that actually works this way: I only need to sign in and link my account through Steam’s browser-based sign-in inside their app, and then it can perform automated trade-up contracts. This isn’t fake trade—in my inventory history, real trade-up contract entries appeared, even though I never authorized a desktop Steam Client login, and Steam did not show any new PC as an authorized device (for example, in the Steam Mobile app’s device / machine list). Does anyone know how this could be implemented? Thanks.

Update (packet capture): I also inspected the app’s traffic. In the payload the app sends back to the server for steamRefresh_steam, the sub field is still [web, derive, renew] (i.e., it does not look like a typical “full Steam Client session” fingerprint).

Edited by hnobody
Remarks

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

Loading...
×
 Share
Go to topic listing
×
×
  • Create New...