http://aluigi.org/papers.htm#steamlobbylist
It simply gets the list of available matchmaking lobbies from a specific game (or range of game appids) you specify.
For example:
Code: Select all
steamlobbylist 480 # retrieves the lobbies used by SpaceWar (used by games in development and others)
steamlobbylist "" # all the games you have currently installed
steamlobbylist 400-500,4700,10-20 # range of appidsAnd it's funny to review the results of some games, moreover from a security point of view.
Europa Universalis IV
This recent game allows you to protect your server with a password, cool but the md5 hash of the password is posted publicly on the lobby as actual_password:
Code: Select all
lobby 109775241373644680 - 456488840 393216 8 1
actual_password: d4ac39237b6d9d0d43bb440babb2ded3
desc: eu4
mod: eu4
name: Gen. Guderian
password: 0
status: STARTING
version: EU4 v1.7.0 (f2a1)
lobby 109775241376111514 - 458955674 393216 8 1
actual_password: e0f8c553a8db4e2f8885dcc68f03c1b4
desc: eu4
mod: eu4
name: SMPL
password: 1
status: STARTING
version: EU4 v1.3.2 (d7f1)
lobby 109775241375808481 - 458652641 393216 8 1
actual_password: f6f3a32927465584dbb79b42300a2f63
desc: eu4
mod: eu4
name: Ikgear
password: 0
status: STARTING
version: EU4 v1.6.1.0 (d00f)
Football Manager 2014
Here the password is just in clear-text:
Code: Select all
lobby 109775241375973828 - 458817988 393216 8 1
all_selected_divisions: 755,0,0,757,0,0,765,1,0,769,1,0,771,1,0,772,0,0,776,1,0,784,0,0,788,2,0,790,0,0,791,0,0,793,0,0,796,1,0,798,0,0,799,0,0,800,0,0,1649,0,0,1651,0,0,
...
name: Football Manager 2014
name_substring_20: 1
name_substring_201: 1
name_substring_2014: 1
name_substring_Fo: 1
name_substring_Foo: 1
name_substring_Foot: 1
name_substring_Footb: 1
name_substring_Footba: 1
name_substring_Footbal: 1
name_substring_Football: 1
name_substring_Ma: 1
name_substring_Man: 1
name_substring_Mana: 1
name_substring_Manag: 1
name_substring_Manage: 1
name_substring_Manager: 1
network_version: 1401
number_managers: 2
num_selected_divisions: 25
password: smile123
lobby 109775241376115600 - 458959760 393216 8 1
all_selected_divisions: 765,0,0,776,0,0,788,0,0,796,0,0,
...
name: Football Manager 2014
...
password: kkk
lobby 109775241373668235 - 456512395 393216 8 1
...
password: maradonaThe other funny thing of this game is the name_substring_ parameter, as you can see from the first example it's splitted in multiple fields
Orion Dino Beatdown
Another example of clear-text password:
Code: Select all
lobby 109775241376667652 - 459511812 393216 8 1
Abilities: ENABLED
Credits: 0
CurrentPlayers: 3
difficulty: HARD
Dinos: ENABLED
GameType: SURVIVAL
Idle: DISABLED
MapName: ARID-NIGHT
maxplayers: 5
Privacy: FRIENDS ONLY
Revival: ENABLED
ServerName: DinoDino123
ServerPassword: colin
Slomo: ENABLED
Vehicles: ENABLED
version: 17
lobby 109775241385667163 - 468511323 393216 8 1
Abilities: ENABLED
Credits: 1000
CurrentPlayers: 1
difficulty: MEDIUM
Dinos: ENABLED
gametype: SURVIVAL
Idle: DISABLED
MapName: RAUPI-NIGHT
maxplayers: 5
Privacy: FRIENDS ONLY
Revival: ENABLED
ServerName: misha and nick
ServerPassword: password
Slomo: ENABLED
Vehicles: ENABLED
version: 17Sniper Elite V2
This game instead has an interesting bug, basically the Binary Blob field is a 64 bytes buffer without final NULL delimiter and so, when added to the lobby data, it takes also the subsequent memory.
Yeah a memory disclosure vulnerability:
Code: Select all
lobby 109775241373676416 - 456520576 393216 8 1
Attribute 0: 936
Attribute 1: 6
Attribute 2: 0
Attribute 3: 12
Attribute 4: 738715483
Binary Blob: 19080102000000008fa75d1b758fbebf758fbebf758fbebf02642f00faffc025G��„~����ῲÆţ¿́ȃ.��~@~��Ø}꿍
description: fareeis
FreePublicSlots: 6
hidden: 0
HostID: 0110000109b61c85
HostName: fareeis
LobbyType: 0
maxplayers: 12
NumPlayers: 6
Passworded: 0
PrivateSlots: 0
lobby 109775241387321262 - 470165422 393216 8 1
...
Binary Blob: 000f01056400000000000000a30d0000758fbebf758fbebf758fbebffa1f1c00*,YV*,YV*,YV*,YV*,YV*,YV*,YV*,YV*,YV+,YV+,YV+,YV*,YV+,YV*,YV+,YV*,YV+,YV$k╓▼C√╓
...
lobby 109775241386935981 - 469780141 393216 8 1
...
Binary Blob: 14080105a00f0000df68321b758fbebf758fbebf758fbebf02642f00feffc025Ω.▌=↕σ⌠>Σ─α@←ä?ë¼i┐µ₧L┐╟VE╛ä╛·sº=↕σ⌠>Σ─α@←ä?ë¼i┐µ₧L┐╟VE╛ä╛→jù=↕σ⌠>Σ─α@←ä?ë¼i┐µ₧L┐╟VE╛ä╛∩ļE↕σ
...If you find other examples, feel free to post them here.