Store Page
Counter-Strike 2
All Discussions Screenshots Artwork Broadcasts Videos Workshop News Guides Reviews

Counter-Strike 2

Store Page
View Stats:
Global Achievements
Yuno Dec 13, 2023 @ 11:09am
IP GRABBING CS2 EXPLOIT FIXED?
is it safe or what?
The author of this topic has marked a post as the answer to their question.
Click here to jump to that post.
Originally posted by OKTIV4IK:
yes is fixing yesterday
< >
Showing 16-29 of 29 comments
heroinfacepalm' Dec 13, 2023 @ 12:01pm 
Originally posted by Hausi91:
Originally posted by Sugar, Spice and everything NICE:
Happen to me also... game started to lag and I lost 150€ worth of items...

Didnt have api key setup anywhere. Strong password. 2FA enabled...
Steam support says it's my fault and are unable to help.... even my prime status got sold wtf...
played a workshop map in the past days?
https://www.tiktok.com/@ohnepixel/video/7311781495201467681

No, only competitive
#16
peetah Dec 13, 2023 @ 12:04pm 
Sethioz is not right. Hes claiming to be apperently doing reverse engineering and hacking. If he really was doing that thing, he wouldve knew, that with enough knowledge, IP address might fk up the whole network, and the only thing you need to have is basic open-port knowledge, and ability to use nmap. Id suggest to not touch the game till its officially safe.
#17
Recon Dec 13, 2023 @ 12:05pm 
Originally posted by Yuno:
Originally posted by Sethioz:

way you write with your lol lol lol after every word, just shows how childish you are.
you clearly don't know how computers work or what IP even is or does.

before talking trash about me, do some research. i write game trainers, i do reverse engineering, programming and hacking. been doing that for over 20 years, but by all means believe what you want. believe that you can hack someone if you have their IP. blocked you. you're very badly informed individual.
so explain everyone who has lost their inv in the past few days lol, clearly you're very uninformed haha
idk dude, probably it was because of a completely separate exploit in the steam workshop that existed since 2017
#18
Hausi91 Dec 13, 2023 @ 12:11pm 
Originally posted by Sethioz:
Originally posted by Yuno:
What's not possible lol, if you can grab an ip watching a YT tutorial its simple but if you're advanced you can do way more than that lol, most smartest CS player i swear

way you write with your lol lol lol after every word, just shows how childish you are.
you clearly don't know how computers work or what IP even is or does.

before talking trash about me, do some research. i write game trainers, i do reverse engineering, programming and hacking. been doing that for over 20 years, but by all means believe what you want. believe that you can hack someone if you have their IP. blocked you. you're very badly informed individual.
As a real developer i tell you one thing:
If you're such a good developer and hacker, you should know that a full XSS exploit could do way more than just 'grabbing the IP'. That was just a use case. They could execute code in your context on your machine via the game (logged in), which could theoretically lead to an API hack in-game, depending on a lot of factors. But not impossible, depending on valves mess....
Pirate Software explain it well enough for the guys here: https://www.tiktok.com/@cazegaming/video/7311541798592122154

There are also clips showing the XSS exploit loading a gif, and then the guy's inventory gets emptied, but it could be two different videos cut together.
https://www.tiktok.com/@rosiol01/video/7311498709664156961

Edit:
My personal guess is that the video shows the XSS hack, and the inventory gets cleared due to the workshop map exploit and is from a different clip, but I could be wrong. Also, the XSS hack had some kind of character limit, but the Workshop exploit didn't. But i dont find a lot of stuff on that, Heck, I don't even play Counter-Strike anymore :)

Edit 2:
In 2019, it was definitely possible to run JavaScript through such an XSS exploit. And "An attacker could achieve full system access to the victims computer." which also can lead to loss of inventory. (always depending on some factors..)
https://hackerone.com/reports/631956

But it seems this time it was not the case with the Javascript, or it's just not publicly known. Not a lot of info out there.
We probably will never know, since Valve won't tell.

Two exploits within a short timeframe, both really bad ones.
Last edited by Hausi91; Dec 13, 2023 @ 3:00pm
#19
The author of this thread has indicated that this post answers the original topic.
OKTIV4IK Dec 13, 2023 @ 12:27pm 
yes is fixing yesterday
#20
Ernest Goes to Gaza Dec 13, 2023 @ 12:47pm 
Believe combining two exploits here. In game with odd links was IP grab. Workshop exploit was more sinister. I’m not smart enough to comment further. Hope all gets resolved OFFICIALLY
#21
Hamless Hog Dec 13, 2023 @ 12:55pm 
Originally posted by Yuno:
Originally posted by Sethioz:
what is safe?
so what if someone gets your IP? you been watching too many movies, there's nothing that one can really do with your IP, other than check which region you're from.
my friend lost his whole inv yesterday over 20k USD, what movies lol
How did that happen with an IP?
#22
Rondras Dec 13, 2023 @ 1:44pm 
Originally posted by Hogarth:
Originally posted by Yuno:
my friend lost his whole inv yesterday over 20k USD, what movies lol
How did that happen with an IP?
because its not an IP, the XSS thing lets you execute code remotely. More likely some dumbass is just show you a photo/gif or take your IP, wich is worthless. But a few people seem to have lost their inventories from this... how, who knows.
#23
MrBrown Dec 14, 2023 @ 5:30am 
Originally posted by Sethioz:
Originally posted by Yuno:
is it safe or what?
what is safe?
so what if someone gets your IP? you been watching too many movies, there's nothing that one can really do with your IP, other than check which region you're from.
Can't be that hard to read, he asked if its fixed, not what people can do with his IP.
#24
FS Carré Feb 26, 2024 @ 10:47am 
Originally posted by Sethioz:
Originally posted by Yuno:
is it safe or what?
what is safe?
so what if someone gets your IP? you been watching too many movies, there's nothing that one can really do with your IP, other than check which region you're from.

liltte monkey with IP u can do whatever u want cs2 was not safe
#25
Hamless Hog Feb 26, 2024 @ 10:52am 
Originally posted by MACHINEGUN VerDoo_:
Originally posted by Sethioz:
what is safe?
so what if someone gets your IP? you been watching too many movies, there's nothing that one can really do with your IP, other than check which region you're from.

liltte monkey with IP u can do whatever u want cs2 was not safe
Whatever you want? like what?
#26
Yuno Feb 26, 2024 @ 11:01am 
people still arguing? it's been fixed already why this discussion is revived?
#27
Hamless Hog Feb 26, 2024 @ 11:02am 
Originally posted by Yuno:
people still arguing? it's been fixed already why this discussion is revived?
Nobody seems to be arguing still.
#28
LeMonKy Feb 26, 2024 @ 11:35am 
Originally posted by MACHINEGUN VerDoo_:
Originally posted by Sethioz:
what is safe?
so what if someone gets your IP? you been watching too many movies, there's nothing that one can really do with your IP, other than check which region you're from.

liltte monkey with IP u can do whatever u want cs2 was not safe
You cannot do much with an ip.
#29
< >
Showing 16-29 of 29 comments
Per page: 1530 50

Counter-Strike 2 > General Discussions > Topic Details
Date Posted: Dec 13, 2023 @ 11:09am
Posts: 29

Discussions Rules and Guidelines