- Apr 26, 2015
- 1,028
- 896
- 216
- Thread starter
- #21
We already talked about that on ts, but to be clear no. Plus i don't want it to go to the public section
Avatar tweaks | Make anyone crash just by clicking you :D ||| OLD THREAD
- Thread starter ehthe
- Start date
- Status
Supervisor
Administrator
- Apr 27, 2015
- 1,863
- 2,546
- 335
Yup, I think this is great - for the VIP section -
- Apr 25, 2015
- 1,844
- 2
- 2,197
- 327
If this gets out to the public quickly, it will get patched quicker than if it is private --- I think. Besides, there will be more usage of it and it will get patched faster. I think the best thing for the community is to keep it in the VIP section, then after it is patched I think we should report it and get a CVE number --- an official exploit identifier with credits to R4P3 and ehthe for making the working PoC (Proof-of-Concept).
I think right about now would be the perfect time to get some crazy protocol shit figured out in order to craft fake client connections to TeamSpeak 3 servers. Could you imagine like 15 bots joining and leaving a server repetitively with the name HTTPS://R4P3.NET/_#1, HTTPS://R4P3.NET/_#2, HTTPS://R4P3.NET/_#... automatically having the crash avatar --- hahahhahahaaghhahahaha.
I think right about now would be the perfect time to get some crazy protocol shit figured out in order to craft fake client connections to TeamSpeak 3 servers. Could you imagine like 15 bots joining and leaving a server repetitively with the name HTTPS://R4P3.NET/_#1, HTTPS://R4P3.NET/_#2, HTTPS://R4P3.NET/_#... automatically having the crash avatar --- hahahhahahaaghhahahaha.
newnameplz
Member
- Apr 26, 2015
- 23
- 24
- 35
newnameplz
Member
- Apr 26, 2015
- 23
- 24
- 35
Yeah, the restrictions with normal uploads.
Supervisor
Administrator
- Apr 27, 2015
- 1,863
- 2,546
- 335
Hahaha, your poll is great xD
just to remind you: 1BTC = $261,10 (August 15th, 2015)
just to remind you: 1BTC = $261,10 (August 15th, 2015)
- Apr 26, 2015
- 1,028
- 896
- 216
- Thread starter
- #30
- Apr 25, 2015
- 1,844
- 2
- 2,197
- 327
I don't see this being sold unless on some underground hack sales website in which case you would be lucky to get $50 for it. It would sell for much higher if it was a working RCE (Remote Code Execution) --- then we are talking closer to the $150 range. I have trouble collecting $1.00 to help keep the forum running around here, I don't think anyone is going to pay $$ around these parts lol.
- Apr 26, 2015
- 1,028
- 896
- 216
- Thread starter
- #32
Well everyone deserves to be paid for the work they do
But more importantly the price barrier is here because the vip rank is dirt cheap :/ which is highly dangerous for the sensitive content of the section itself.
But anyway nothing is set in stone ATM.
But more importantly the price barrier is here because the vip rank is dirt cheap :/ which is highly dangerous for the sensitive content of the section itself.
But anyway nothing is set in stone ATM.
Last edited:
- Apr 25, 2015
- 1,844
- 2
- 2,197
- 327
Well guys, I think ehthe makes a valid point. People deserve to be compensated for their work. He has spent many hours of time into researching this, working out the code and issues all without much documentation at all (if any even related to what he did) to help him. It is even said in the TeamSpeak forum what ehthe did is impossible --- clearly it is not though, assuming it works. I do trust him, personally. I do not think he is being greedy, he is looking out for the publicity of this vulnerability. He does not want everyone in this forum to download the plugin, then go in every server trolling people by crashing them. Then everyone will start submitting reports, get the vulnerability patched and all of his work gets patched possibly quickly. While I do not think everything should be charged for, this is a neat exploit in my opinion. Most of the people posting in this thread are free VIP, not all. $1.00 monthly is simply not enough to keep this forum running, I am emptying my pockets and sparing the various skills it takes to maintain a forum --- in addition, a lot of times goes into running a community. It seems everyone wants free stuff, that is not what the VIP section is about though. The VIP section is about research. If you really want what he has without the charge, make it yourself? You have access to most of the information to begin making it.
I am sorry if you do not like his decision to charge for the exploit tool he created, but it is his choice. Quitting the forum because he is choosing to charge for his work shows a lack of dedication to the R4P3 community. I am saddened by a decision to abandon this forum, but what you do is your choice.
I am sorry if you do not like his decision to charge for the exploit tool he created, but it is his choice. Quitting the forum because he is choosing to charge for his work shows a lack of dedication to the R4P3 community. I am saddened by a decision to abandon this forum, but what you do is your choice.
Supervisor
Administrator
- Apr 27, 2015
- 1,863
- 2,546
- 335
I think we really should charge for the stuff downloaded and keep the VIP area for the discussion, only. That way the people get paid for their job. It also seems more fair instead of bying access to everything if you don't even want everything (in the VIP section).
On the other hand, I don't think anyone would pay a lot of money for an addon like this. I really think ehthe put a lot of work into this, on the other side - They need to click you to get crashed. It is no comparison to the servercrash back in 3.0.11.1
I do have another neat idea. That way active members would get the stuff for less/free while people only wanting to download stuff have to pay. I think that would be a really good solution for everyone. (Remember me that I have to talk to Asphyxia about that )
On the other hand, I don't think anyone would pay a lot of money for an addon like this. I really think ehthe put a lot of work into this, on the other side - They need to click you to get crashed. It is no comparison to the servercrash back in 3.0.11.1
I do have another neat idea. That way active members would get the stuff for less/free while people only wanting to download stuff have to pay. I think that would be a really good solution for everyone. (Remember me that I have to talk to Asphyxia about that
)
- Apr 26, 2015
- 1,028
- 896
- 216
- Thread starter
- #37
Well I didn't think talking about remuneration would sparks such debate . Debate is almost always good as it permit communication of ideas and opinion which is necessary for a community to work correctly. But, as Asphyxia said, I spent 4 whole days (between 8 and 12 hours) working on this, and I'm still polishing it for release.
. Debate is almost always good as it permit communication of ideas and opinion which is necessary for a community to work correctly. But, as Asphyxia said, I spent 4 whole days (between 8 and 12 hours) working on this, and I'm still polishing it for release.
- Apr 25, 2015
- 1,844
- 2
- 2,197
- 327
Either way, we need to charge money for something here. You do not run a security forum that receives threats and attacks without money --- just the same way someone does not craft lines upon lines of code without coffee or energy drinks (this costs money) or even just food. Unfortunately there is no free way about this, R4P3 comes with a price tag. If you expect everything you want in life to be free, you are in the wrong life.
- Apr 25, 2015
- 314
- 398
- 112
This plugin is a big thing i admit it and you may request some payment for your work i respect it but i am looking to the pool and lowest prize is 0.25 btc (67.57 USD) and this is much more than ok. i would prefer learn TS SDK and create plugin myself than pay a huge amount of money for it.
- Apr 25, 2015
- 1,844
- 2
- 2,197
- 327
Perhaps that was the idea of ehthe in posting the high amounts. Maybe he wants people to consider making it on their own, to see if they can. Perhaps it is a challenge?
Want to be a hero and make it free? Do a little research and make it work.
- Status