Resource icon

TeamSpeak 3 Client <= 3.0.19.1 Freeze 2017-06-20

No permission to download

Asphyxia

Owner
Administrator
Apr 25, 2015
1,844
2
2,197
327
Asphyxia submitted a new resource:

TeamSpeak 3 Client <= 3.0.19.1 Freeze - TeamSpeak 3 Client <= 3.0.19.1 Freeze

The download link is right here, for registered users only. Registering is free, so register if interested:

Here is a video demonstration:


All that you need:
  1. The EXE file downloaded from above.
  2. Access to a server with TCP port 10011 open.
  3. The serveradmin username (default: serveradmin) and password.
  4. Then just do something like:
Code:
[url=ts3server://127.0.0.1]https://www.youtube.com/watch?v=-qFeUHEiPiM[/url]
...

Read more about this resource...
 
Last edited by a moderator:

Alligatoras

Administrator
Mar 31, 2016
2,570
12
2,857
381
Nice it worked fine....but i have a question....what if the server query port is not the default (10011) but it is different?
 

Asphyxia

Owner
Administrator
Apr 25, 2015
1,844
2
2,197
327
This is a PoC (Proof of Concept) tool, so it uses the default port 10011 and the default virtual server (1). :)
You are welcome though, if anyone else would like the support of a custom port I may be willing to do that.
 

Harrasan

Restricted
Jul 18, 2015
44
26
50
Good catch! But actually not very surprising. Since the TS client seems to do all the downloading of images etc in the main thread it's logical that the UI freezes. I'm not sure if TS will actually fix this, but they should. I guess whoever programmed the client is not the brightest candle on the cake. :p Stuff like this is supposed to be done asynchronous in another thread.

I just hope we won't see this crash out in the wild too often as it makes the entire server pretty much unusable for everyone.
 

Derp

Retired Staff
Contributor
Apr 30, 2015
933
1,017
217
TL;DR? If i change serverquery port, am i safe?
This has nothing to do with the server's serverquery port! This executable file will simply convert YOUR server to a 'freeze server"

Note: It needs permissions to do so! that's why serveradmin data are needed

So basically the full PoC is>

1- Create a server on localhost
2- Run the executable file to "convert" your server to a crash server
3- Try to connect to it... crash
4- Done

The executable file acts as a "query bot". It will establish a connection to your server and it will keep changing the server's banner, thus making your client start downloading all the banners, leading to a client freeze.

-Derp
 

Laszl0w

Well-Known Member
Oct 10, 2015
217
149
143
It freezes every version of Client it could be 3.0.19-3.0.19.1.

Just take care from unknown links from TeamSpeak and you wont able to freeze.

If you want to fix unsupported character crash please update your client to 3.0.19.1 version or use R4P3 Plugin.
 

Laszl0w

Well-Known Member
Oct 10, 2015
217
149
143
Im sure if this exploit freeze the 3.0.19.1 then it will freeze 3.0.18.1 for sure.
But give it a try

Its working with PHP too :D
RIP TeamSpeak.
 
Last edited:
Top