PHP Steam bot - How to login to page using RSA

Question

I've been trying to make simple Steam bot for sending announcements to Steam group by logging in to Steam page and then sending annoucement. I got stuck in logging in. Here is what I have:

include('Math/BigInteger.php');    
include('Crypt/RSA.php');
$url = 'http://store.steampowered.com/login/getrsakey/';    // here I get public key
$data = array('username' => 'user');         // I'm sending username by POST method

$options = array(
    'http' => array(
        'header'  => "Content-type: application/x-www-form-urlencoded\r\n",
        'method'  => 'POST',
        'content' => http_build_query($data),
    ),
);
$context  = stream_context_create($options);
$result = file_get_contents($url, false, $context);
$result = json_decode($result)

// And this is part that don't work:

$rsa = new Crypt_RSA();
$key = array(
    'n' => new Math_BigInteger($result->publickey_mod,16),
    'e' => new Math_BigInteger($result->publickey_exp,2)
);
$rsa->loadKey($key);
$password = $rsa->encrypt("password");    // encrypting password
$data = array(
    'username' => 'user',
    'password' => $password,
    'twofactorcode'=> "",
    'emailauth'=> "", 
    'loginfriendlyname'=> "", 
    'captchagid'=> "", 
    'captcha_text'=> "", 
    'emailsteamid'=> "", 
    'rsatimestamp'=> $result->timestamp, 
    'remember_login'=> "false" 
);
$options = array(
    'http' => array(
        'header'  => "Content-type: application/x-www-form-urlencoded\r\n",
        'method'  => 'POST',
        'content' => http_build_query($data),
    ),
);
$context  = stream_context_create($options);
$result = file_get_contents($url, false, $context);

And result is:

{"success":false}

Problem is that encrypted password does not look same as when I encrypted it with javascript functions which are used by Steam. So I tried encrypting password in javascript and then just paste it in PHP code but that didn't work either.

Any help would be appreciated.

Answer 1

Originally, I came here to find answers to my own questions, but I was disappointed to see that NO ONE has officially provided an answer to this. So, after using the information here to point myself in the right direction, I've chipped away at this for about an hour now and finally got it working for myself.

In order for this to work, all you have to do is download the .zip file here: https://github.com/phpseclib/phpseclib. Extract it to your server/ application directory, and use the following code below.

<?php
include('Math/BigInteger.php');    
include('Crypt/RSA.php');
define('CRYPT_RSA_PKCS15_COMPAT', true);  // May not be necessary, but never hurts to be sure.

$url_rsa = 'https://steamcommunity.com/login/getrsakey/?username=';
$username = "";  // Insert bot's username here.
$password = "";  // Insert bot's password here.


// Skip the extra work of POST'ing the data, just GET'ing the url works fine and saves space
$result = file_get_contents($url_rsa . $username);
$result = json_decode($result);

/*if ($result->success){
    echo "Got Info!<br/><br/>";
} else if (!$result->success){            // Remove comment markers during testing
    echo "Unable to grab Info<br/><br/>"; // You can also use this to log errors to a database or email you if needed.
}*/

//echo var_dump($result);
// More testing code, just to help you see what's going on.
//echo "<br/><br/>";

$rsa = new Crypt_RSA();
$rsa->setEncryptionMode(CRYPT_RSA_ENCRYPTION_PKCS1);
$key = array(
    'n' => new Math_BigInteger($result->publickey_mod,16),
    'e' => new Math_BigInteger($result->publickey_exp,16) // Fixed base :)
);
$rsa->loadKey($key);
$password = base64_encode($rsa->encrypt($password)); // Steam uses Base64_Encode()

//echo "Password Encrypted: " . $password . "<br/><br/>";
// Should look like numbers and letters, any 'weird' characters shouldn't be here

$data = array(
    'username' => $username,
    'password' => $password,
    'twofactorcode'=> "",
    'emailauth'=> "", 
    'loginfriendlyname'=> "", 
    'captchagid'=> "",         // If all goes well, you shouldn't need to worry
    'captcha_text'=> "",       // about Captcha.
    'emailsteamid'=> "", 
    'rsatimestamp'=> $result->timestamp, 
    'remember_login'=> "false" 
);
$options = array(
    'http' => array(
        'header'  => "Content-type: application/x-www-form-urlencoded\r\n",
        'method'  => 'POST',
        'content' => http_build_query($data),
    ),
);

$url="https://steamcommunity.com/login/dologin/";

$context  = stream_context_create($options);
$result = file_get_contents($url, false, $context);
$result = json_decode($result);

//echo var_dump($result);
// Hopefully everything went O.K. and you should be able pull out tokens
// for usage in your application.
?>

Results should be similar to this:

{
    "success":true,
    "requires_twofactor":false,
    "login_complete":true,
    "transfer_urls":["https:\/\/store.steampowered.com\/login\/transfer","https:\/\/help.steampowered.com\/login\/transfer"],
    "transfer_parameters":{
        "steamid":"XXXXXXXXXXXXXXXXX",
        "token":"Combination of Letters and Numbers",
        "auth":"Looks like a Hash Here",
        "remember_login":false,
        "token_secure":"More Letters and Numbers"
    }
}

When creating a bot, especially one that might be entrusted with holding people's valuable items (as most bots would), it's a good idea to use a very secure password.

A good format to follow would be a password around 20 characters long, containing numbers, letters, and some symbols. A good site that generates passwords CLIENT-SIDE is http://passwordsgenerator.net. Follow the recommendations listed on the website to keep your accounts secure.