Invisible Client

Asphyxia

Server Monkey
Administrator
Joined
Apr 25, 2015
Messages
1,004
Points
237
Age
25
Location
North America
No mhh okay it is a bug or a plugin ?
Only way to know for sure is with a memory dump and for me to dig through the tree of usernames. Or someone else could do that, not hard just is going to take you creating that memory dump and that is not 100% safe for you depending what is in your memory. ;) Then again this memory dump could be pretty damn large and annoying to sift through, so having a reverse engineer remoted into your system with IDA Pro going at the client/server to dump the exact bytes would be most ideal for analysis. A packet capture could work wonders also, to see what the client is sending your server.

Otherwise we could just take the TeamSpeak dump but this would involve training and the same user being there - to capture.

My guess is the user is inserting some sort of a null character somewhere which voids the tree/list item e.g. %00 nullbyte injection or maybe not sending a piece of information needed to place the tree item. Could find this with fuzzing client inputs to the server. I wish I had more time and a security team. :cool:
 
Last edited:

NJINOX

Member
Joined
Sep 26, 2015
Messages
10
Points
35
Age
28
Yes, he said he did not need to know that he was kidding me xD
 

Top