[C] TS3Hook

Do you like this plugin?


  • Total voters
    73

Bluscream

Retired Staff
Contributor
Joined
May 8, 2015
Messages
959
Points
171
Location
Germany

Asphyxia

Server Monkey
Administrator
Joined
Apr 25, 2015
Messages
1,048
Points
237
Age
25
Location
North America
This plugin allows you to preview all the commands your client sends and recieves in Teamspeak own Console.
If you have trouble using it or questions about it just ask here or create a new issue on Github.


Download: https://github.com/ReSpeak/TS3Hook/releases
Tutorial: https://github.com/ReSpeak/TS3Hook/blob/master/README.md
Issues: https://github.com/ReSpeak/TS3Hook/issues
Sourcecode: https://github.com/ReSpeak/TS3Hook
Vouched for virus total scan clean, be smart though and scan yourself or compile after reviewing code. :)


Here is a video for @Splamy and @Bluscream

Maybe 1 false positive? https://www.virustotal.com/#/url/be1547d67eb2733cd935e1f5e2863dd311a1e3f8c8bcf9643ca2bf5892de5313/detection
 
Last edited:

Bluscream

Retired Staff
Contributor
Joined
May 8, 2015
Messages
959
Points
171
Location
Germany
Yeah that one is a false positive from some asian or indian scanner :) Maybe they detect all archives as virus :DDD
 

M_Z

New Member
Joined
Jul 20, 2017
Messages
5
Points
18
Age
33
  • Make it possible to inject (send) own commands.
That would be brilliant! Many thanks for your effort. :)
 

Jackbox

Active Member
Joined
Jan 2, 2016
Messages
145
Points
74
Age
25
For what is this supposed to be?
https://social.msdn.microsoft.com/Forums/vstudio/en-US/023fe632-8835-4ff1-91d8-b209b8bea776/how-to-hookattach-to-a-running-process?forum=vcgeneral

Hooks and dll injection are used to get inside processes. Let me ask you this. What happens when you are inside a girl? You can make babies.

To better answer your question: you can inject your own commands to make the software behave how you want (when command injection comes as planned). For example in a game hooking/injection is used to make hacks. Software can read important variables like player 1, 2, 3 coordinates and then paint textures there in front of walls. With TeamSpeak 3 this could potentially be used to listen into another conversation from other channels, who knows. It all depends on how secure TeamSpeak 3 is. We know this much though, not very. We are excited to test.

A great resource for differentiating between hooking and injection may be found over here.

Hooking uses an operating system feature to monitor events sent to the process, like low level keyboard and mouse messages. Applications can utilize a targeted or global hook in order to keylog (malevolent) or listen for keystrokes in order to perform value adding functionality such as executing macros or other hotkey functionality. (benevolent)

DLL injection is what it sounds like, a dynamic linked library is injected into the target process by forcing the process to load the DLL. Once loaded, the injected DLL can act sort of like an API that can be accessed externally from the process (think backdoor API), and can interact with the public internals of the process that would otherwise be impossible.

DLL injection is mostly use benevolently by software debuggers and accessibility software for the disabled. However it is also used for cheating in single-player videogames through things like cheat-engine and trainers.

A trainer utilizes both of these techniques. The application that is loaded (the trainer) hooks the target application and listens for keystrokes associated with hotkey functionality. Usually at the same time it will DLL inject the application with their backdoor API. The trainer then listens for keystrokes that are associated with hotkey functionality, and when that keystroke event is detected, executes the associated functionality through the backdoor API.

As far as security is concerned, you do not want any non-trusted software doing either of these. You should be very careful with who you trust, and that is why non-reputable trainers are so dangerous to install and use. Both of these techniques require elevated permissions from the OS, which gives them access to other high-level OS features that you would never want non-reputable software to have.

Keep in mind when using these applications can listen to everything when loaded. Just because they say they inject "ApplicationA" doesn't mean they aren't also injecting your web browsers and password managers as well.

Use at your own risk.
 
Last edited by a moderator:

Asphyxia

Server Monkey
Administrator
Joined
Apr 25, 2015
Messages
1,048
Points
237
Age
25
Location
North America
I cant vote? Awesome plugin!
To vote, you have to reach the minimum number of posts. Become more active within the community and you will be able to vote. Not a perfect democracy but we try to give everyone a voice here. :D
 

Splamy

Developer
Joined
Apr 26, 2016
Messages
71
Points
56
Location
Germany, 127.0.0.1
Hmm well god job man, but that isnt very impressive to inject a hook.
PS:

As a little reference, that i know what i'm saying
Well I'm also the guy who wrote an own ts3 client lib, so writing the server wouldn't be a big step. What's your point?
(Btw. at least finally someone with some decency writing in c++ ;P )
 
Last edited:

WolverinDEV

Restricted
Joined
Sep 21, 2015
Messages
42
Points
62
Age
30
Well I'm also the guy who wrote an own ts3 client lib, so writing the server wouldn't be a big step. What's your point?
(Btw. at least finally someone with some decency writing in c++ ;P )
Well Okey man props on you I didn't noticed that (I'm not a github.com stalker :D)
We could probably do a penis length comparison but I think if we maybe work together we could build something more impressive than TeamSpeak currently (and ever?) is. Maybe Splamy can you contact me via pm to talk about details? (I can't create new conversations... I'm too new xD)

And yes I'm writing my code in c++ xD in my eyes the most performant language (except assambler or assambler near languages)

-- edit - -
I saw that yore already in a conversation with me
 

Celso

Member
Joined
Oct 1, 2017
Messages
143
Points
59
Age
21
Location
Brasil
Still do not understand what plugin functionality, how can I use it and for what? someone can explain me, I saw the video of Asphyxia anyway so I do not understand how I can use it.
 

MR-SPIDER

Member
Joined
Dec 7, 2016
Messages
1
Points
36
Location
TeamSpeak 3
With TeamSpeak 3 this could potentially be used to listen into another conversation from other channels, who knows
https://social.msdn.microsoft.com/Forums/vstudio/en-US/023fe632-8835-4ff1-91d8-b209b8bea776/how-to-hookattach-to-a-running-process?forum=vcgeneral

Hooks and dll injection are used to get inside processes. Let me ask you this. What happens when you are inside a girl? You can make babies.

To better answer your question: you can inject your own commands to make the software behave how you want (when command injection comes as planned). For example in a game hooking/injection is used to make hacks. Software can read important variables like player 1, 2, 3 coordinates and then paint textures there in front of walls. With TeamSpeak 3 this could potentially be used to listen into another conversation from other channels, who knows. It all depends on how secure TeamSpeak 3 is. We know this much though, not very. We are excited to test.

A great resource for differentiating between hooking and injection may be found over here.
How ? :)
 

Splamy

Developer
Joined
Apr 26, 2016
Messages
71
Points
56
Location
Germany, 127.0.0.1
Still do not understand what plugin functionality, how can I use it and for what? someone can explain me, I saw the video of Asphyxia anyway so I do not understand how I can use it.
Teamspeaks protocol from the client is well hidden and has no documentations. This tool can log all messages sent from your client and the server in plain text. It's mostly useful if you work with own client or server implementations.
 

Asphyxia

Server Monkey
Administrator
Joined
Apr 25, 2015
Messages
1,048
Points
237
Age
25
Location
North America
could we move all the off-topic posts to a seperate thread about server reverse engineering or smth
Also not to sound rude, everyone is asking what this tool is used for.

If 99% of individuals that use TeamSpeak 3 are not going to understand what this tool does or even what a hook is, we should certainly leave the relevant information here. This hook plugin is useless except to people as Splamy said:
mostly useful if you work with own client or server implementations
If we move this information elsewhere, how will anyone curious about a hook learn what it is?

My YouTube video on this hook has 24 likes and 4 dislikes. People like this plugin and I love it ♥! The only problem is not many people know what it is or how to use it. If we move all hook-related posts into a reverse engineering area or something, this thread will be locked and only act as a placeholder for downloading the hook. Everyone on YouTube is asking what it is and how to use it, so perhaps we need better documentation on it or we should leave reverse engineering posts here.
 
Last edited:

xKrystianeq

Member
Joined
Jun 9, 2016
Messages
3
Points
35
Age
22
oh wow, so many custom servers popping up suddenly, seems like we have to join the game too, lol.

My only plea to all people with own server implementations is too keep them for private use and don't do stupid shit. But that's just my opinion.
don't do stupid shit
What do you mean? Destroying teamspeak earnings by free server alternative?
btw. by your opensauce project /awesome people/ are attacking public servers with bots.
This is private project (and probably it will never be finished). Im not creating this because I dont have license just because classic server doesnt support plugins. And it isnt a server, but a "proxy" (client -> proxy (for example clientupdate client_nickname=*censored* -> command ignored; good nickname -> vanilla server) -> vanilla server).
 
Last edited:

Bluscream

Retired Staff
Contributor
Joined
May 8, 2015
Messages
959
Points
171
Location
Germany
Everything will be abused sooner or later, you can't prevent that. Even the official server / client was abused many times before. You have to weight pro and contra.

Just remember what minecraft servers were like before and after bukkit. It opened a whole new world for java devs and they love it. Even mojang does.
Sometimes reverse engineering and creating own modified versions rescue a dying game, take SAMP, MTA for example. Or MW2 which is unplayable in the official steam version since they removed all the vac checks. The custom clients that pop up have have a way better anticheat much more adjusted to the game and as a plus they have a lot of new gameplay content (guns, maps, features, server mods, etc).
 
Last edited:

Top