R4P3 TeamSpeak Server Crash [ till 3.0.12.4-Beta 1 ]

[Jamie]

Is it possible to give you guys certain servers to make sure ours don't get hit?

 

[0x0539]

Is it possible to give you guys certain servers to make sure ours don't get hit?

The file is not public so you should'nt get hit. (yet)

 

[maniakk]

Is it possible to give you guys certain servers to make sure ours don't get hit?

Damn,

Good option to add "blacklist" with ip's servers from vip users to this crasher

 

[0x0539]

Damn,

Good option to add "blacklist" with ip's servers from vip users to this crasher

If that list would get exposed everyone would be fucked. So, no from me.

 

[Anonims]

I welcome when you make available crasher

 

[Derpf]

is the release not today ?

 

[Qraktzyl]

/Update: TeamSpeak did reply to us, so we might not release the exploit in one week. We'll see.

 

[0x0539]

He added this a day after the post.

 

[marjinalyus]

thanks man its good

 

[Qraktzyl]

He added this a day after the post.

I know, I just wanted to inform people that expects a release today that it might not happen.

 

[Member 2873]

so is that release coming any time soon?

 

[Qraktzyl]

We are still discussing if we are going to release this or not. No ETA.

 

[Joxiii]

We are still discussing if we are going to release this or not. No ETA.

I can only say no! Too many kids use this to crash big servers .... But it´s funny to troll teamspeak.com xD

 

[Laszl0w]

I think you can release it after its fixed by TeamSpeak Systems GmbH just like other releases.

 

[maniakk]

I think you can release it after its fixed by TeamSpeak Systems GmbH just like other releases.

Or give option only for ip: 127.0.0.1 not for all ip

 

[Laszl0w]

This will be not working because lot of people running servers on linux.

 

[maniakk]

This will be not working because lot of people running servers on linux.

Better don't work for linux users than kids down public servers for ads

 

[JackMeoff]

You have got to be kidding ... first of all, using Firefox ESR (the latest Firefox for [CentOS 32-bit] Linux, these Vimeo videos will not play; I had to download it via Yoo something or other online converter ... I got the highest quality (1900x1080) and can barely even see what whomever is doing to demonstrate this. ... Useless.

If you're going to do POC videos, make them easier to see .. maybe use a focus feature that focuses on whereever the mouse cursor is ... this feature is built in to newer versions of Camtasia Studio and is probably in other software as well.

"Jack".

Now a little bit of storry first:
We contacted TeamSpeak on 2/March that we did find a new vulnerability in TeamSpeak Server 3.0.12.2. Since they released 3.0.12.3 today, they might think they're secure. Well, as you can see below... they are really not.
We will release the exploit in about one week if TeamSpeak doesnt reply to our Email. (Only reply, not fixing anyting). Seems fair to me.

So here you've got the PoC video for version 3.0.12.3, released today (4/March/2016). The video only shows 3.0.12.3, but it also works for all versions below 3.0.12.3

Credits go to: @Kaptan647 @Derp @ehthe @Asphyxia @Supervisor


/Update: TeamSpeak did reply to us, so we might not release the exploit in one week. We'll see.

 

[0x0539]

You have got to be kidding ... first of all, using Firefox ESR (the latest Firefox for [CentOS 32-bit] Linux, these Vimeo videos will not play; I had to download it via Yoo something or other online converter ... I got the highest quality (1900x1080) and can barely even see what whomever is doing to demonstrate this. ... Useless
"Jack".

Lmao, blaming our video for sucking while your usage of OS and programs are the ones sucking.

 

[0x0539]

I can tell you what he does, he enters an IP, clicks a button and server goes down. x)