Teamspeak3 Webinterface

Teamspeak3 Webinterface

Najsr

Moderator
TeamSpeak Developer
Apr 23, 2016
483
249
167
Anyway, is there a estimated date for the start of beta test?
 

Laszl0w

Well-Known Member
Oct 10, 2015
217
149
143
Waiting for final version.
I didnt liked your answer.
Please tell to our users your app is vulnerable to XSS.
 

First-Coder

Active Member
Nov 14, 2016
212
83
78
I will now try to fix that... That problem is, that i don´t really now how the hack works and how to fix them.... If someone have usefull tips pls let it me now ;).
 

First-Coder

Active Member
Nov 14, 2016
212
83
78
ohhh crap... I know how it work / happens...

that's so dump... Yeah that's a really terrible security problem and need to be fixed for sure... Thank you for this information! If you will get another bugs pls let it me know :)
 

First-Coder

Active Member
Nov 14, 2016
212
83
78
yes I've sawn that. But for now pls let me some time to fix this bug. After that you can try to crash the site again :).
 

razerxpke12

Member
Nov 5, 2016
4
1
35
Hello
Discover a failure in your dashboard
Due to error in the profile where we can change the personal information just put in the field Twitter or steam one with me malicious that when the admin will see his profile is redirected to google
For test click:
In Globale Einstellungen click
Benutzer -> And click in firt account (admin in this case)
And see what's happening with just a simple code placed in the profile.
If you need help im epxpert in cybersecurity web and I'm also developing a teamspeak panel but it's still very early on
 
Last edited:

First-Coder

Active Member
Nov 14, 2016
212
83
78
Hey guys,
I found today some time to write some code. And now I should have fixed that XSS exploid. Pls let me know if it works or if i forget some input fields.

I hope it works finde :p

Dear
First-Coder
 

Qraktzyl

Retired Staff
Contributor
Nov 2, 2015
997
728
161
Just want to tell you, this panel is full german and not english supported. The world doesn't revolve around germany, you know.

Yes, I find it annoying that I don't understand anything on this website.
 

First-Coder

Active Member
Nov 14, 2016
212
83
78
-.-, i forgot to upload it to the webserver. That ticket isn´t done now, but it will fixed later. On all other sides should be now xss secure!

Page works, what did you do with it? :D
For JS: I replaced that tags with nothing
Code:
.replace(/(<([^>]+)>)/ig,"")
. But this won´t work 100%!
For PHP: I show the text with htmlspecialchars and this means it will be not executed.

Just want to tell you, this panel is full german and not english supported. The world doesn't revolve around germany, you know.

Yes, I find it annoying that I don't understand anything on this website.
Sorry for that. The webinterface has already a english version, but i write in german so it´s not up to date. But in the closed alpha will be german and english supported. Later will also come dutch and french if I am right informed.
 
Last edited:

First-Coder

Active Member
Nov 14, 2016
212
83
78
Looks like its fixed.
But your site still vulnerable to Slowloris ;)
Yea that´s true ;). But this is just a demo side and Slowloris attack not the website. It attacks your whole server. If you have that webinterface on your own server you need to make it Slowloris secure.

Correct me if I am wrong ;) or if i understand that wrong :D.

PS for that who not know Slowloris: https://en.wikipedia.org/wiki/Slowloris_(computer_security)
 

Joxiii

Discord hater!
Feb 2, 2016
271
182
92
@First-Coder
My Feedback about First-Coder Closed Beta :
+Very Nice Design!
+Much Features that are useful!
+Easy to use!

-Bot can only connect realtime so it spam the ts3 log . (It would be nice if you have the option how fast the Bot refresh)

Thanks for have the acces of the closed beta and you have made a good job!
 
Last edited:
Top