We had a user last night log on to our TS server but he was invisible, so we were unable to kick him off the server. He also was able to somehow either speak globally to all the channels/sub channels at one time, or direct which channels he wanted to talk to passworded or not. I don't believe he was able to hear what was said in the passworded channels but he was still being obnoxious by talking and playing his music very loudly. He was also able to send global txt messages without the server knowing who sent them. He was spamming these after everyone had muted their microphones and speakers. I do not believe he had server admin rights since he never kicked people or moved them from one channel to the other, and stuff like that, things that only people with those rights can do. One of our memebers briefly chatted with the guy and he didn't know who we were or even what game that we use the server for was, so I believe it was just a random hack...

If you have any advice or ways to prevent this from happening again please let me know. There is no password to log on to our TS server but besides putting one up is there anything else we can do to prevent this again?

yea on my server i have the same problem. I did nottice that if you disconnect from your server and reconnect, you will be able to see him again and then you can bann him. That worked fine up till today when someone was doing the exploit thing very fast so when i would re connect, he would have it done before i can bann him.

I just put a password on my TS and now i dont have that problem.

Altho, i would like to know how they are doing that. They get on, make a unregesterd channel, go into it and then when they leave the channel there invisable :eek: :eek: :eek: And one time i was in the channel with one of the guys, and i was invisable and stuff. its cool!

but yea pain in the bottom exit port hole.

thanks for the tip. I'll try this method if he decides to come bother us again. Hopefully I can be quick about it and ban his IP ;)

Ok here's another link with people who had the same problem that I did and it answered most of my questions. I did do a search before my original post but i must have missed this one...

http://forum.goteamspeak.com/showthread.php?t=27428&highlight=hack

well i think you've hit the nail on the ehad there m8 - remove the permissions to create channel for unreg users ...... I have ;-)

I too got this problem user last night. He started making channels and saying profane things, however he also started logging on and off and I was able to get his info. I manual added his IP to the ban list. I also disabled Guest creation of new channels to avoid this problem. I hoping that will alleviate the problem as suggest by other users. Their is definite a problem when a invisible user get on. I don't know if the user is accurately invisible when he logs on but as the individual logs on and off they are susceptible to identification info if you can catch them real quick. I suspect they are using a script of some kind to enable the invisibility.

I know this is like reviving a dead thread, but I'm doing this for the sake of others who might search the forum for a solution to the invisibility hack.

I have stumbled upon these hacks, and while I have informed the devs about it, in the meantime, I will tell you.

How it works: There is no script. It's a custom (or modified?) TeamSpeak Client.

Since it doesn't work with standard TS Clients, I go on...

How it's done: User joins server (with custom client), creates a channel with any name, creates another channel with the topic & description of the system msg for the previous channel. He now becomes invisible.

While removing (U) rights to create a channel will decrease this from happening, it won't stop it. This "hack" works for any class, U, R, even SA. There is no way of preventing this short of removing rights to create unregistered channels. I just tested this hack with registered channels instead of unregistered, and it didn't work. If they can't create an unregistered channel, they can't become invisible.

Also, as others have said above, there's only one way to get rid of an active invisible hacker. Rejoin server. When you rejoin, you'll have a few seconds before he vanishes again. Ban him during this time.

Hope this helps you folks.

PS: Mods: if you feel the 'how it's done' is inappropriate please feel free to remove it. It requires a custom client, so I didn't see the harm of explaining it.

if u updated your server and client u cant server 2.0.21.0 and client 2.0.32.60 version are the only versions they work on :) O and it doesnt have to be a custom client ;)

Zechariah,

I know this is an old topic but I would like to explain this a little better for you guys. The TeamSpeak clients are being modified usually with a Hex Editor. Once you get the basic understanding of the hex code and what changes what, its fairly easy to modify programs.

I have multiple teamspeak clients that do many different things, one allows me to remove the (R CA SA) From my name so that you can not click on my name without getting the RTF Error. Another allows me to grant my self CA no matter the server unless the function is turned off, we never finished looking over the client to see if we could do it to SA. One we built short cut buttons into so that you could kick all, change colors, go invisible, and some other functions.
These were for testing purposes and understanding purposes only, these were not distributed.

These programs will not be distributed so please do not ask for them, many other versions have been created and are available online, but most of them have been patched so they don't work correctly anyway.

Now,

For your channels, basically we took out the block on how many characters a channel name/description/topic can hold. The client only recoginizes so many characters, so by turning up the characters, it caused the user to go invisible within a channel. Turning off creating un-reged channels could not fix this at all except for your un-registered users, users with no CA, SA or privileges. Basically, you had to patch the server which is out now to stop this, but at that time you had to disable channel creating completely to fix it, it worked with or without being able to register / unregistered a channel, just as long as you could create a channel.

When a security team known as -g-0-0-n-s invented your RTF Error, all hell broke loose with teamspeak. We were able to create versions of teamspeak that caused errors and crashes on servers and clients. This is what started MTSB - Known as My Team Speak - B***H - This was a small little teamspeak mayham of server control because we found a way to use characters that others could not as well as errors. Being and unregistered user we could connect as TS_Ryan (R CA SA) (U) - The (R CA SA) was nothing but a mirror untill we could make the (U) disapeer, once we did that with the RTF most humans would react and right click us receive and error, the second time they could click us it would allow them to revoke SA but we really did not have it so instead they would grant it.

I have designed and coded multiple un-released perl scripts to prevent all these actions. For you to join most of my teamspeak servers you would have to go through a small process of verification. This was designed with TS - CI which is a program Black Bart of Invisible Warriors designed to help reduce teamspeak take overs and your everyday noob.

Your on the right track though, even though this is an old post and thats all fixed. I still design perl mods to do other things with teamspeak because its a very open source coded program, so there is alot we can mess with. We have not mastered everything, but close to it. Were not looking to take teamspeak over and destroy peoples stuff, thats pointless, we are here to stop those who do it. I could use any useful information, and I'm sure you guys could to.

Serious necropost is serious...