|
You last visited: Today at 14:27
Advertisement
[TS3 Exploit] Server crasher.
Discussion on [TS3 Exploit] Server crasher. within the Coding Releases forum part of the Coders Den category.
01/05/2015, 13:56
|
#1
|
elite*gold: 0
Join Date: Jan 2014
Posts: 101
Received Thanks: 54
|
[TS3 Exploit] Server crasher.
Hey,
i want to share my own TS3 Server exploit/servercrasher with you.
The exploit uses a vulnarability in ServerQuery. Any server with ServerQuery running is exploitable atm. It is written in Delphi language.
I kept the program easy:
1) type the IP/Host eg. 127.0.0.1 or voice.teamspeak.com into the field.
2) Press Crash it!
3) wait 5 seconds and the program will tell you if it worked or not.
Have fun !
Just delete the song.mp3 if you don't want to listen to it.
Download:
Password:
epvp
VT:
0 / 56
|
|
|
01/05/2015, 14:06
|
#2
|
elite*gold: 7
Join Date: Jul 2012
Posts: 467
Received Thanks: 63
|
Legend
|
|
|
01/05/2015, 14:18
|
#3
|
dotCom
elite*gold: 12400
Join Date: Mar 2009
Posts: 15,881
Received Thanks: 4,386
|
Would you like to share the source ?
|
|
|
01/05/2015, 14:22
|
#4
|
elite*gold: 0
Join Date: Jan 2014
Posts: 101
Received Thanks: 54
|
Quote:
Originally Posted by Devsome
Would you like to share the source ?
|
No sorry.
I don't want to let the kids c&p it..
But i didn't use any protection. You could easily sniff the packets i send or debug it with olly
When it is patched i will share it.
|
|
|
01/05/2015, 14:24
|
#5
|
dotCom
elite*gold: 12400
Join Date: Mar 2009
Posts: 15,881
Received Thanks: 4,386
|
Quote:
Originally Posted by nerdsupreme
No sorry.
I don't want to let the kids c&p it..
But i didn't use any protection. You could easily sniff the packets i send or debug it with olly
When it is patched i will share it.
|
Then I will sniff the packets when I'm back at home (:
|
|
|
01/05/2015, 18:06
|
#6
|
elite*gold: 1
Join Date: Feb 2009
Posts: 6,379
Received Thanks: 7,998
|
Just had a look at it in IDA (IDA's Delphi RTTI parsing = OP), good find. If I were you, I'd publish it somewhere more .. scientific, with source -- someone else WILL claim the credits for himself if you don't.
Edit: Also, as this is delivered as a binary, I noticed a serious lack of chiptunes in this tool. :P
|
|
|
01/05/2015, 18:49
|
#7
|
elite*gold: 0
Join Date: Jan 2014
Posts: 101
Received Thanks: 54
|
Quote:
Originally Posted by Ende!
Also, as this is delivered as a binary, I noticed a serious lack of chiptunes in this tool. :P
|
haha.. inb4update.
Quote:
Originally Posted by Ende!
Just had a look at it in IDA (IDA's Delphi RTTI parsing = OP), good find. If I were you, I'd publish it somewhere more .. scientific, with source -- someone else WILL claim the credits for himself if you don't.
|
Yes you are right, that will probably happen, but i don't really care
This exploit is not that much
Quote:
Originally Posted by Icy.
Legend
|
- but still kind of funny
I think that the people who are able to analyze my tool should be entitled access to it themselves.
|
|
|
01/06/2015, 01:20
|
#8
|
elite*gold: 1
Join Date: Feb 2009
Posts: 6,379
Received Thanks: 7,998
|
Quote:
Originally Posted by Don't_care
Selling fix for 5€
|
I hate this kind of people ..
Code:
iptables -I INPUT 1 -ptcp --dport 10011 -jDROP
.. or just disable the SQ entirely (is that possible?).
|
|
|
01/06/2015, 01:24
|
#9
|
elite*gold: 0
Join Date: Apr 2008
Posts: 639
Received Thanks: 147
|
Now that you published the complicated solution i guess I can come forward with the recommended one:
Update your server to 3.0.11.2
|
|
|
01/06/2015, 12:11
|
#10
|
elite*gold: 50
Join Date: Sep 2012
Posts: 3,841
Received Thanks: 1,462
|
i dont find any server where this is working thought i could have some fun^^
|
|
|
01/06/2015, 17:21
|
#11
|
elite*gold: 10
Join Date: Jun 2011
Posts: 952
Received Thanks: 517
|
Wenn ich das auf einen Server mache, kann einer herausfinden wer das war?
If I use this programm for a server, can anyone find out who it was?
|
|
|
01/06/2015, 17:36
|
#12
|
elite*gold: 0
Join Date: Apr 2008
Posts: 639
Received Thanks: 147
|
Ich halt es für unwahrscheinlich.
Kommt allerdings drauf an, wie gut sich der Serverbetreiber damit auseinandersetzt.
Teamspeak ist grundsätzlich sehr logfaul.
Ich finde genau 1 Zeile dazu und die lässt keinen Schluss auf den Verursacher.
Da ich nicht weiß, was genau das Programm hier macht, weiß ich auch nicht, wo man es loggen könnte.
Aber irgendwo muss ja ein Zugriff erfolgt sein und in einem Punkt ist teamspeak in Ordnung: timestamp
2015-01-05 23:49:06.827432
Man kann es also sehr leicht mit ggf. vorhandenen Logs abgleichen.
Riesiger Faktor hierbei allerdings: "ggf. vorhandenen".
|
|
|
01/07/2015, 19:34
|
#13
|
elite*gold: 15
Join Date: Feb 2013
Posts: 2,880
Received Thanks: 465
|
habe schon paar server crashed
|
|
|
01/07/2015, 20:40
|
#14
|
elite*gold: 0
Join Date: Apr 2010
Posts: 76
Received Thanks: 21
|
Funktioniert bei vielen Servern, aber warum soll man dich kontaktieren, wenn es nicht klappt ?
|
|
|
01/07/2015, 20:55
|
#15
|
elite*gold: 0
Join Date: Oct 2011
Posts: 3,872
Received Thanks: 1,163
|
Also bei mir hat es bisher bei keinem einzigen geklappt.
Woran kann man denn erkennen, ob der Server ServerQuery hat?
€; Habs raus, trotzdem danke.
|
|
|
|
|
Similar Threads
|
CS 1.6 Server Crasher
09/03/2013 - Counter-Strike - 5 Replies
hi all ...
i am newbie to this forum & i hope all pros here , same time i need ur help
some guy is crashing my cs 1.6 server for every 5 mins .. i know who he is but he is not stopping at all ... he connects to my server with random names & as soon he connects my sv gets crashed ... pls help me with an solution to secure my sv & also give me a program so i can attack his servers ...plzzzzz helpppppppp meeeeeeeeeeeeeeeeee :)
|
Server Crasher
01/21/2013 - Kal Hacks, Bots, Cheats & Exploits - 4 Replies
Server Crasher runs on KoemV2 latest Version with SendKoemV2.
Its based on the Transform Crash.
Tut:
1. Start Game
2. Start kalxoor LOADER.exe on Server Select Screen (a window should appear, named Server Crasher)
3. Ingame you need at least an Animal for Baby Transform so Egg Grade 11+ in your Inventory
4. Press Crash
|
Server Crasher ?
02/22/2011 - Counter-Strike - 12 Replies
Hallo,
ich wollte einfach mal fragen ob jemand derzeit einen Server Crasher oder ähnliches hat :))
mfg. Slurge
|
All times are GMT +2. The time now is 14:27.
|
|