hi,

our clan [SAR] has been recently under fire from hackers and unwanted visitors on our public ts...

a recent 'hack' or 'exploit' may be to blame. a guest 1 will appear on our server, then suddenly more and more guests come on from the same ip and port (will not specify hacker ip at this time)
and our ts server will look some thing like this...

guest1 U
guest13 U
guest52 U
guest21 U
guest64 U
guest34 U
guest77 U
guest19 U
guest82 U
n0xious R SA CA
etc...

you cant ban the guests because it says ' could not complete; the specified user has no id'
we have all our channels deleted etc... the usual hacker stuff...
and a nice little message left from our resident hacker...

'hellooo , its me allebadaf, ur server is s**** and unprotected have fun repairing ur server xXx"

allebadaf and uRzUa our our 'resident hackers' i know that they have been targeting a lot of uk servers recently, they obviously have nothing better to do ...

please, help us fight the hacker threat!!

What version of server are you running?

Its recommended that EVERYONE use the most recent (BETA) version 2.0.23.6 - available from the downloads section (at the top of every page).

There is a known "hack" in previous versions that allowed a user to be on invisibly, it sounds to me like this is an extention of that.

Why not just make it so people have to be registered on your server?

Why not just make it so people have to be registered on your server?

we have tried that already...
and they still get passed it for some reason?
have no idea how though...

(server version... 2.0.20.1)

i will ask our hosts if they could install the latest version, as i don't have remote access to the server

yes it is hacks i have that program for sale with 2 others and they can create mass spammers a good way to stop it is by changing the pw to ts regulary but one thing that can't be stopped is when sum1 is on the ts using the hack program i have all i have to do is click a button to give me SA i tend not to use it though.
if any1 wants to buy it add me on **** on xfire or *****

you can also priv msg me

Neary

yes it is hacks i have that program for sale with 2 others and they can create mass spammers a good way to stop it is by changing the pw to ts regulary but one thing that can't be stopped is when sum1 is on the ts using the hack program i have all i have to do is click a button to give me SA i tend not to use it though.
if any1 wants to buy it add me on XXXXXXXXX on xfire or XXXXX@XXXXXXXXXX you can also priv msg me

Neary

Welcome to banland. Population you.

Do you really thinks its wise to advertise SELLING a TeamSpeak hack on the TeamSpeak official forums? Do you have any concept of what forum rules are?

Hi we at ***** are having the same problem and we have the updated version of ts is there any fixes of yet that we know of,

thanks

wat kind of mug advertises hacks on the intellectual properties owners forums ??

XD

that is one of the most stupidest things ive ever seen on these forums , lol

yeh.. anyway we have updated the server client to the beta version and we still have the same problem (anything to do with a no ip program?) coz it used to not detect an ip, but now it just says their ip and port is 0.0.0.1:00001 ... so... were just tinking about changing servers and not advertising our public ts now :)

If you've updated to the most recent beta SERVER and someone is still getting in, I'm sure the devs would like to get a look at your server logs. That might help them see what's being done to get in, so they can stop it.

If you've updated to the most recent beta SERVER and someone is still getting in, I'm sure the devs would like to get a look at your server logs. That might help them see what's being done to get in, so they can stop it.

I sent a bot thing i found to the devs

I found i could spawn bots on my server running the latest beta...

They connect and then disconnect a few moments later

yeh that is exactly what they do... spam the server and then vanish exactly 5 seconds later

yeh that is exactly what they do... spam the server and then vanish exactly 5 seconds later

Well, a tool i found does that, and i've sent it to the TS dev's

Just have to wait and see then

We already know that problem. We advice to use 3rd Party Tools like the TS2 Antiflood Deamon to stop that flooding kiddies.

We already know that problem. We advice to use 3rd Party Tools like the TS2 Antiflood Deamon to stop that flooding kiddies.

I really need to setup like that and TS2perl mod

Job for tommorow me thinks!

Ok well i have found many hacks i found n0x too one of the most hack teamspeak guy out there ***** and devs if u want all of the teamspeak hacks i have pm me and ill send them over :)

Ok well i have found many hacks i found n0x too one of the most hack teamspeak guy out there ***** and devs if u want all of the teamspeak hacks i have pm me and ill send them over :)

I think i found some of them

Email them them: info@teamspeak-systems.de

Here is a Log file text after i tried to ban a person that loged in with no user id. He didnt even have (U) behind his name... And i run the latest Version. Version: 2.0.23.6

Also they loged in with "The Death Code" in there name so when you clicked on them it crashed my Teamspeak Client.

29-12-06 17:28:43,ERROR,All,SQL, ExcecSQL Error: SQL logic error or missing database in query: insert into ts2_bans
(i_ban_server_id,
s_ban_ip,
s_ban_by,
dt_ban_created,
i_ban_minutes)
values
(58,
'68.201.31.132',
'†Server Monitor†[LoginName: *******] banned ww.myhacks.*******.net

And another:
24-12-06 02:05:58,ERROR,All,SQL, ExcecSQL Error: SQL logic error or missing database in query: insert into ts2_bans
(i_ban_server_id,
s_ban_ip,
s_ban_by,
dt_ban_created,
i_ban_minutes)
values
(58,
'76.175.53.96',
'† HGM † KNIGHT™[LoginName: ******] banned Chl0rid3 R SA

I stoped the flooder By adding the number 1 to the DisAllowedClientNameChars=()[]{}1
I have recently added (.) to the list to stop people from logging in with web adderesses.

wat kind of mug advertises hacks on the intellectual properties owners forums ??

XD

that is one of the most stupidest things ive ever seen on these forums , lol

yeh.. anyway we have updated the server client to the beta version and we still have the same problem (anything to do with a no ip program?) coz it used to not detect an ip, but now it just says their ip and port is 0.0.0.1:00001 ... so... were just tinking about changing servers and not advertising our public ts now :)

yeah, its like advertising that you are selling Action Replays on the NSider forums(for those who don't know, thats the official nintendo forums and Actionreplay is a cheat system for games and have a tendency to damage the games that you are using the AR with), but this takes the cake, I have never seen such blatent disreguard for intellectual property in my life, XD.

I have been hacked by TeamSpeak hackers too, the name of the hacker is ''3t0x'' watch out for this name TeamSpeak users, he WILL hack your server and then using the channels, put in the discription obscene, and abusive comments, this guy even hacked me Halo servers.

I managed to track him down to an address in Georgia, USA. if this name appears in your TeamSpeak, Ban his IP immeiately, as he will probably hack your TeamSpeak.

Forum Admins, THIS IS MERLY AN ADVISORY, AS I HAVE BEEN HACKED IN A SIMILAR WAY!!!

I managed to track him down to an address in Georgia, USA. if this name appears in your TeamSpeak, Ban his IP immeiately, as he will probably hack your TeamSpeak.



You tracked him down to his his ISP.. Wow what a skills.. Can i learn form you?

To all, use the latest BETA and TS2 Perlmod or antiflood daemon. It solves 99,9999999999999999999999999999999999999% of the scriptkiddie problems..
because you dont want to give them credit for something they didnt make right? They only use a premade script because they cannot do it themselves...

well, all you gotta do is go to an IP locator, that will quite literally give is location within a mile, and then phone the ISP, the locator will tell you that, and they will give you his address, then all you gotta do is call the authority's, I.E. Police, FBI, ect.......

Like i said, there is a fix for flooders but they dont work as well as you might think as they found a way around it in my TeamSpeak.......

I dont know how it goes over there in Britain, but sure as hell that aint working here..
The location you get is the ISP's server. And not his homeadress..
And if i would call a ISP all they would tell me is that they will handle it, they aint giving out a home adress.. hell even the police has troubles getting them most of the time..
Let alone a webmaster like me..

I have informed the Georgia Authority's, I.E. FBI

No ISP in the right mind is goen to give you their clients home address's as its against the international privacy law.

Not if you use the Freedom Of Information Act.

Not if you use the Freedom Of Information Act.

Erm... NO!
And iirc its only in the US..

Laws like that are to retrieve information stored about YOU, and not someone else...
Might want to read up on it, if your so sure about it...



Please lock this topic.. I feel this is gonna be a yes / no game

Thats how i got the dudes address..........

Your profile says your from the UK, and you got an adress in the US? I doubt it, but as i say this is gonna be a yes/no story..

the only way i see you getting a adress is if you are Police or similar and have gotten a warrant for the respective IP..

OK, you got the hackers address and I got my address.

Everything is ok and clear now.


Sorry, but this will gonna be a "nonsense discussion".


CLOSED


P.S.: To all, use the latest BETA and TS2 Perlmod or antiflood daemon.
That's everything I will say to the topic of hacking TeamSpeak servers.