R4P3 Client Crash/Anti-Crash [3.0.19.0]

dedmen

TeamSpeak Developer
Contributor
Mar 28, 2016
530
583
157
This plugin provides a hotfix addressing a recently discovered vulnerability affecting TeamSpeak3 Client version 3.0.19.0
It also provides a PoC Utility to exploit the vulnerability!


Only use it on your own Server for test purposes!
R4P3.NET wont take responsibility for damage caused.

gOjPVV3.png

This doesnt prevent crash if the String is still in the Chatlogs!


Credits go to the exploit's original authors!... and also

Derp: Plugin Development
Kaptan647: Plugin Development


-R4P3-DevTeam // Dedmen
 

scuterfrog

Member
Apr 21, 2016
11
2
35
Hi, can you add a Hotkey?

What ever, I like this plugin!
All works really fine! Trustworthy crash code blocking and sending.
 

scuterfrog

Member
Apr 21, 2016
11
2
35
We dont really want people to just Mass crash anyone out of fun. Thats not the intention.. So.. No.. no Hotkey.
Oh thats right :)
But the problem already exist :/ At the gommehd.net teamspeak 3 Server it feels like there are any second ~5 time outs.
That's scary to see :/
So when I think about it, then is your decision in my opinion is good.

But I'm also not been entirely innocent :rolleyes:
 
Last edited:

IMAGIN8

Member
Aug 22, 2015
10
4
38
Great. This should be added to VIP section, since its only one
[3.0.19.0] crasher.
 

dedmen

TeamSpeak Developer
Contributor
Mar 28, 2016
530
583
157
Great. This should be added to VIP section, since its only one
[3.0.19.0] crasher.
We didnt do that because the Chat message to crash people is already publicly available. The only difference is that people without this need to copy-paste the message.
 

Agusanz

Active Member
Jul 18, 2015
239
148
88
Good job..
mmm looks like you still crash when someone keeps telling you the crash string, it works fine the first 20 times, but after a while you will crash anyways..
and if you try to pm some people for example "ty." you will crash when you open the chat windows

Edit: yeah.. my server got fucked up with this bug and this doesn't works properly, sometimes it protects me but many many MANY times it fails.. just downgrade to 3.0.18.2

We dont really want people to just Mass crash anyone out of fun. Thats not the intention.. So.. No.. no Hotkey.
dcff2656d4.png

Cool story.
 
Last edited:

Derp

Retired Staff
Contributor
Apr 30, 2015
933
1,014
217
Good job..
mmm looks like you still crash when someone keeps telling you the crash string, it works fine the first 20 times, but after a while you will crash anyways..
and if you try to pm some people for example "ty." you will crash when you open the chat windows

Edit: yeah.. my server got fucked up with this bug and this doesn't works properly, sometimes it protects me but many many MANY times it fails.. just downgrade to 3.0.18.2


dcff2656d4.png

Cool story.
Will have that fixed on the next version (should come out pretty soon)! Thank you :)
 

Agusanz

Active Member
Jul 18, 2015
239
148
88
Will have that fixed on the next version (should come out pretty soon)! Thank you :)
About the "ty." example.. i meant the nickname, not the text message.. i dont know if you understood me correctly. i tried to pm some guys and i crashed few times because of that.. i tried later with another identity and yeah.. "ty." fy." i crashed every time trying to open the Private message tab
 

Derp

Retired Staff
Contributor
Apr 30, 2015
933
1,014
217
About the "ty." example.. i meant the nickname, not the text message.. i dont know if you understood me correctly. i tried to pm some guys and i crashed few times because of that.. i tried later with another identity and yeah.. "ty." fy." i crashed every time trying to open the Private message tab
Well, yesterday's release was a bit "On the Fly", and we didn't have time to go through everything. However, we will try to reproduce this issue and will release a quick fix addressing the it (and also will remove the unneeded channel crash function )
 

Ramadi

Member
Mar 12, 2016
79
19
43
if someone put the code in the Channel Description
i'll crash anyway - why is that ? and i cant delete the channel even untill i use YaTQA
 

Agusanz

Active Member
Jul 18, 2015
239
148
88
if someone put the code in the Channel Description
i'll crash anyway - why is that ? and i cant delete the channel even untill i use YaTQA
someone just discovered how the "unsupported characters" bug works xD

Don't even try to rename ur server name to that character.. you will have a bad time.
 

dedmen

TeamSpeak Developer
Contributor
Mar 28, 2016
530
583
157
Good job..
mmm looks like you still crash when someone keeps telling you the crash string, it works fine the first 20 times, but after a while you will crash anyways..
and if you try to pm some people for example "ty." you will crash when you open the chat windows
Both bugs are not reproducible. We just tried sending a few dozen crash strings and all of them were caught like it should be. And i just made two clients named "ty." and "fy." and tried to crash eachother.. nothing.. Opening the PM tab and sending PMs also didnt do anything bad. But i only tested 32-bit are you on 64-bit? although both plugins are the same code so there should be no difference
 

dedmen

TeamSpeak Developer
Contributor
Mar 28, 2016
530
583
157
if someone put the code in the Channel Description
i'll crash anyway - why is that ? and i cant delete the channel even untill i use YaTQA
That is because the crash occurs when trying to display that character. We cant easily edit the Channel Description On the Fly from the plugin. So we cant prevent it from showing.
 

Agusanz

Active Member
Jul 18, 2015
239
148
88
Both bugs are not reproducible. We just tried sending a few dozen crash strings and all of them were caught like it should be. And i just made two clients named "ty." and "fy." and tried to crash eachother.. nothing.. Opening the PM tab and sending PMs also didnt do anything bad. But i only tested 32-bit are you on 64-bit? although both plugins are the same code so there should be no difference
yes, im on 64bits.. are you on r4p3 teamspeak?

edit: i just tried to do it on r4p3 teamspeak and i didn't crash. i tried it again on my server and i crash.. what the fuck... if you want to check it out i can send you the dns name
edit2: i tried on my test teamspeak and i did crash.. what the fuck x2
 

fast_root

Member
Oct 10, 2015
23
13
38
My error, don't work for me .

---------------------------
Microsoft Visual C++ Runtime Library
---------------------------
Assertion failed!

Program: ...ogram Files\TeamSpeak 3 Client\ts3client_win64.exe
File: main.cpp
Line: 206

Expression: n == sz

For information on how your program can cause an assertion
failure, see the Visual C++ documentation on asserts

(Press Retry to debug the application - JIT must be enabled)
 
Top