Why TeamSpeak Sucks

Asphyxia · Apr 25, 2015

PLEASE NOTICE: TeamSpeak staff have been working hard to make the security of TeamSpeak 3 stronger. I am happy to say that everything below is already fixed. We are still finding more bugs and security issues in this VOIP platform although the TeamSpeak developers have been cooperative with us by accepting our reports. I no longer believe that "TeamSpeak Sucks", the security was not the best although it is getting better and I feel that TeamSpeak security is getting strengthened/hardened with each vulnerability/bug the R4P3 Security Team forwards on to the developers.

TeamSpeak 3 has many security vulnerabilities that have been found by researchers from R4P3, we are security enthusiasts that enjoy trying to stay safe online. Some of the security issues are:

Buffer Overflow (?) from a BB Code handling issue with the QT Framework. Mumble also suffered from the same vulnerability although Mumble patched within a few days, TeamSpeak 3 was not patched for over 2 months.
Deadlock (hang/error/crash) in the server process, any user could remotely crash a TeamSpeak 3 server. This would disable everyone in the server from talking for 10-30 seconds (disconnected) until every users client times out and everyone drops off the server. The server then must be manually restarted (default) by the server owner unless there is an auto-restart script.
BB Code was accepted in nicknames and you could easily spam an entire server with links.

There are tens or even hundreds of unlisted vulnerabilities that have been found. They will be documented here with examples for educational and research purposes only. While the above mentioned issues are patched, there are still security issues unmentioned that do still work. The safer option at this time is http://wiki.mumble.info/wiki/Main_Page which is an opensource solution for anyone looking for a centralized voice/text solution, Mumble could be a great solution for gaming, business or anything else the requires voice communication between systems. There are also free mobile applications that work even though they aren't great, they do work whereas with TeamSpeak you must pay for the mobile application, usually you must pay for a server license and overall TeamSpeak is way too proprietary. I highly suggest looking at Mumble as an option, give it a chance at the least.

Asphyxia · Apr 25, 2015

Also, I hate this guy:

The video makes me laugh though. Look at that guys, post a video link and it auto embeds it, fancy.. huh?!

Bandit · Apr 26, 2015

I've always wanted something that had the design of ventrilo, the support and userbase of teamspeak, and the openness/everything else of mumble, which is obviously the most superior right now.

What I would give for a real skype killer, closest would be oovoo, or jitsi on xmpp as a secondary which is way more secure.

Speaking of XMPP, if anyone uses it, you can add me at [email protected]

Asphyxia · Apr 26, 2015

You nailed it Bandit, I think I'm going to get XMPP again --- I haven't used it for a little while. When I do, I'll add you. I'm getting off for a little bit to grab some food, then I'm going to import that old forum database, system and theme. That will be a nice surprise to anyone looking to read those posts! This website seems much faster to me now, what do you think?

Supervisor · May 5, 2015

What do you think about this - A possible weak point in 3.0.11.2/3?

I think it is 3.0.11.3 is still vulnerable for this.. only question is.. what is it?

XURY · May 9, 2015

Supervisor said:
What do you think about this - A possible weak point in 3.0.11.2/3?

I think it is 3.0.11.3 is still vulnerable for this.. only question is.. what is it?

I already knew about that DDoS Amplification Vulnerability

But what could be there in 3.0.11.2-3 ? I'd like to find that out

There HAS to be something... I mean..They are so dumb...But how do you actually search for something like that? I think it's not searching, it's just random finding, right

?

Supervisor · May 11, 2015

So now I do have confirmation there is a weakpoint.. but I still don't know what it is ;p

Kaptan647 · May 21, 2015

Supervisor said:
So now I do have confirmation there is a weakpoint.. but I still don't know what it is ;p

i have an idea . Recently i saw a post in forum.teamspeak.com . Some user said " There is a person. He comes to my server and he can change his country flag very fast after some time my server crashes". I dont think there is any antispam rules about changing ip without lefting ts server. If we can understand how this man did this maybe we can have a new exploit

XURY · May 21, 2015

Kaptan647 said:
i have an idea . Recently i saw a post in forum.teamspeak.com . Some user said " There is a person. He comes to my server and he can change his country flag very fast after some time my server crashes". I dont think there is any antispam rules about changing ip without lefting ts server. If we can understand how this man did this maybe we can have a new exploit

I actually know how to to that

Its done with a Batch Script, but i didn't know that it could potentially crash a server

Supervisor · May 25, 2015

kentauro

Possible severe security problem

I was in a conversation with a friend ( I from my Smartphone ) discussing a problem with a script in a forum we have. Then I ask him to send me the script code by private message to check it and I have taken a surprise ... The code is not shown in lines , but that was executed!! .

I think this is serious. Please note he sent me the code from his pc to my smartphone ( I bought TS for iphone)

this is normal?

dante696

Can you send me the code in a private message?

We should start working right now

This was posted 25-04-2015, 19:22
Link to this post

User_119 · May 25, 2015

XURY said:
I actually know how to to that Its done with a Batch Script, but i didn't know that it could potentially crash a server

How to do that ?

Supervisor · May 25, 2015

He will publish it in a non-public section, which is not existing, yet

User_119 · May 25, 2015

Kaptan647 said:
i have an idea . Recently i saw a post in forum.teamspeak.com . Some user said " There is a person. He comes to my server and he can change his country flag very fast after some time my server crashes". I dont think there is any antispam rules about changing ip without lefting ts server. If we can understand how this man did this maybe we can have a new exploit

I already view a french guy doing this exploit.

ehthe · May 25, 2015

Roms said:
I already view a french guy doing this exploit.

Wasn't his nickname Azk' ?

User_119 · May 25, 2015

ehthe said:
Wasn't his nickname Azk' ?

Hmm no he have random nick like TeamSpeakUser ...

ehthe · May 25, 2015

Roms said:
Hmm no he have random nick like TeamSpeakUser ...

Well some french guy came on my ts too and did the same flagy-thing x)

Supervisor · May 25, 2015

We tried to reproduce a crash on my server with this method, but no success

ehthe · May 25, 2015

Supervisor said:
We tried to reproduce a crash on my server with this method, but no success

It didn't quite crash the server when the guy came on. It just kinda slowed it down to hell. As soon as he was gone (banned him) everything went back to normal

Supervisor · May 25, 2015

mhm, how big(how many people online) is your server? We did not recognize any slow down. Maybe he was using another script then we did. Xury will post the script in the VIP section.

ehthe · May 25, 2015

Our ts server is fairly small (<32 users connected). His flag was changing at an amazing speed

Why TeamSpeak Sucks

Asphyxia

Owner

Asphyxia

Owner

Bandit

Active Member

Asphyxia

Owner

Supervisor

XURY

Member

Supervisor

Kaptan647

XURY

Member

Supervisor

User_119

Supervisor

User_119

ehthe

User_119

ehthe

Supervisor

ehthe

Supervisor

ehthe