Steam Voip Security

News and discussions about new, recent and work-in-progress security vulnerabilities affecting games and game-related software
aluigi
Site Admin
Posts: 12984
Joined: Wed Jul 30, 2014 9:32 pm

Steam Voip Security

Post by aluigi »

Before the 03 July 2014 was possible to crash, freeze and in some cases probably even executing malicious code against all the players in a server or lobby of the games that use the Steam Voip API.

Do you know those games like Grid2 and the Valve ones (HL2, L4D*, Portal*) that allow you to voice chat?
Exactly those.
Even the same Steam client for the voice chat with the friends was vulnerable.

That's what I like of frameworks and libraries.

I created a dll injected in the game process that transformed any affected game in an exploit.

The full details are available in the following PDF:
http://revuln.com/files/ReVuln_Steam_Voip_Security.pdf
Top
aluigi
Site Admin
Posts: 12984
Joined: Wed Jul 30, 2014 9:32 pm

Re: Steam Voip Security

Post by aluigi »

An html version of the paper is available here:
https://revuln.blogspot.com/2018/12/ste ... -2014.html
Top

Return to “Game security”