Hey I host a TeamSpeak server.
All Server Admin password are fully secure all have symbols numbers etc.
SuperAdmin passwords are the same.

All channel were NOT moderated

When a guest joined: Guest3
And before he left he said:
[19:49:27] Guest3 joined channel
[19:51:26] Shootmaniak quit
[19:51:26] Shootmaniak joined channel
[19:51:42] *priv* Guest3: hack by Street'Art
[19:51:48] Guest3 quit

Never saw that message because i was gaming even did nt know he was even in our ts.

Afther he left i got some messages from a friends he couldnt talk but when i saw all the channels they were moderated.

Our TS specs:
Server:
Free For All Teamspeak

Server IP:
ts.ftp.sh:8767
(85.214.20.111:8767)

Version:
2.0.24.1

Type:
Freeware Clan Server

Platform:
Win32

Welcome Message:
Welcome on this teamspeak server

Is there anything to prevent this i think it is done the same way as on the youtube video to hack te new version.
With ubuntu.

He also had to register when giving himself SA
So here is his acC:
ào_pàp__p never 04-01-2009 19:49:08

Password he used: àààà
Got the password from the server.dbs

Check your server log file for more information about how he might have gotten SA. Could you post the link to the vid?

Here it is: http://www.youtube.com/watch?v=k8hte_WlesY
Log:

-------------- log started at 14-11-08 08:41 -------------
---------------------------------------------------------------
14-11-08 08:41:08,ALL,Info,server, Server init initialized
14-11-08 08:41:08,ALL,Info,server, Server version: 2.0.24.1 Win32
14-11-08 08:41:08,ALL,Info,server, Starting VirtualServer id:1 with port:8767
14-11-08 08:41:08,ALL,Info,server, Started VirtualServer id:1 with port:8767
14-11-08 08:41:08,ALL,Info,server, Starting VirtualServer id:2 with port:8768
14-11-08 08:41:08,ALL,Info,server, Started VirtualServer id:2 with port:8768
14-11-08 08:41:09,ALL,Info,server, Server init finished
14-11-08 08:41:12,ERROR,All,frmMain, unable to detect external ip
14-11-08 08:50:06,ALL,Info,server, Stopping VirtualServer id:2 with port:8768
14-11-08 08:50:06,ALL,Info,server, Stopped VirtualServer id:2 with port:8768
14-11-08 08:50:09,ALL,Info,server, Starting VirtualServer id:3 with port:8769
14-11-08 08:50:09,ALL,Info,server, Started VirtualServer id:3 with port:8769
14-11-08 08:50:11,ALL,Info,server, Starting VirtualServer id:2 with port:8768
14-11-08 08:50:11,ALL,Info,server, Started VirtualServer id:2 with port:8768
14-11-08 08:50:29,ALL,Info,server, Stopping VirtualServer id:2 with port:8768
14-11-08 08:50:29,ALL,Info,server, Stopped VirtualServer id:2 with port:8768
24-11-08 18:17:33,ALL,Info,server, Stopping VirtualServer id:3 with port:8769
24-11-08 18:17:33,ALL,Info,server, Stopped VirtualServer id:3 with port:8769
25-11-08 16:23:39,ERROR,All,UDP Listener, SID: 1 CMD_cs_PlayerMovePlayer Exception: EReadError.Stream read error
25-11-08 16:23:39,ERROR,All,UDP Listener, SID: 1 CMD_cs_PlayerMovePlayer Exception: EReadError.Stream read error
25-11-08 16:23:39,ERROR,All,UDP Listener, SID: 1 CMD_cs_PlayerMovePlayer Exception: EReadError.Stream read error
25-11-08 16:23:39,ERROR,All,UDP Listener, SID: 1 CMD_cs_PlayerMovePlayer Exception: EReadError.Stream read error
25-11-08 18:09:07,ERROR,All,WEBINTERFACE, FileNotFound: "C:\Program Files\Teamspeak2_RC2\httpdocs\favicon.ico"
25-11-08 18:09:07,ERROR,All,WEBINTERFACE, FileNotFound: "C:\Program Files\Teamspeak2_RC2\httpdocs\favicon.ico"
25-11-08 18:09:07,ERROR,All,WEBINTERFACE, FileNotFound: "C:\Program Files\Teamspeak2_RC2\httpdocs\favicon.ico"
25-11-08 20:43:26,ERROR,All,WEBINTERFACE, FileNotFound: "C:\Program Files\Teamspeak2_RC2\httpdocs\favicon.ico"
25-11-08 20:43:27,ERROR,All,WEBINTERFACE, FileNotFound: "C:\Program Files\Teamspeak2_RC2\httpdocs\favicon.ico"
25-11-08 20:43:30,ALL,Info,server, Starting VirtualServer id:2 with port:8768
25-11-08 20:43:30,ALL,Info,server, Started VirtualServer id:2 with port:8768
28-11-08 14:57:54,ALL,Info,server, Stopping VirtualServer id:2 with port:8768
28-11-08 14:57:54,ALL,Info,server, Stopped VirtualServer id:2 with port:8768
28-11-08 15:00:17,ALL,Info,server, Starting VirtualServer id:2 with port:8760
28-11-08 15:00:17,ALL,Info,server, Started VirtualServer id:2 with port:8760
28-11-08 15:48:30,ALL,Info,server, Starting VirtualServer id:3 with port:8768
28-11-08 15:48:30,ALL,Info,server, Started VirtualServer id:3 with port:8768
28-11-08 23:36:10,ERROR,All,WEBINTERFACE, FileNotFound: "C:\Program Files\Teamspeak2_RC2\httpdocs\favicon.ico"
28-11-08 23:36:11,ERROR,All,WEBINTERFACE, FileNotFound: "C:\Program Files\Teamspeak2_RC2\httpdocs\favicon.ico"
28-11-08 23:36:11,ERROR,All,WEBINTERFACE, FileNotFound: "C:\Program Files\Teamspeak2_RC2\httpdocs\favicon.ico"
06-12-08 19:03:25,ALL,Info,server, Starting VirtualServer id:4 with port:1234
06-12-08 19:03:25,ALL,Info,server, Started VirtualServer id:4 with port:1234
17-12-08 20:40:13,ALL,Info,server, Stopping VirtualServer id:4 with port:1234
17-12-08 20:40:13,ALL,Info,server, Stopped VirtualServer id:4 with port:1234
17-12-08 20:40:27,ALL,Info,server, Stopping VirtualServer id:2 with port:8760
17-12-08 20:40:27,ALL,Info,server, Stopped VirtualServer id:2 with port:8760
17-12-08 20:40:35,ALL,Info,server, Stopping VirtualServer id:3 with port:8768
17-12-08 20:40:35,ALL,Info,server, Stopped VirtualServer id:3 with port:8768
17-12-08 21:13:43,ALL,Info,server, Starting VirtualServer id:3 with port:8768
17-12-08 21:13:43,ALL,Info,server, Started VirtualServer id:3 with port:8768
17-12-08 21:13:48,ALL,Info,server, Starting VirtualServer id:2 with port:8760
17-12-08 21:13:48,ALL,Info,server, Started VirtualServer id:2 with port:8760
04-01-09 20:12:34,ERROR,All,WEBINTERFACE, FileNotFound: "C:\Program Files\Teamspeak2_RC2\httpdocs\favicon.ico"
04-01-09 20:12:34,ERROR,All,WEBINTERFACE, FileNotFound: "C:\Program Files\Teamspeak2_RC2\httpdocs\favicon.ico"


We have perlmod on the server with take over protection so he had to register first.
Perl log wasnt on so have no information further.

**IMPRESSIVE** link :/. He gets the superadmin password from the log file...he must be just too good for us :/

Lol indeed saw it now with better quality and saw what he did isnt even close to hacking.
But still there are some vids on youtube of hacking teamspeak with other version then 2.0.20.X

I have not seen any proof of crackers using a security vulnerability in TS to gain access/rights on a TS server...as long as you use the most recent version you should be safe...last time I felt like some comedy and watched some of the "OMFG I HACKED TS I AM SO 1337!" Videos on youtube the "greatest" feat was somebody using a tool to try possible password combinations...and since the server-admin of that server seemed to have skipped the class about password strength, he actually gained access, but hey, if you leave your door open it is hardly the houses security system at fault :p

Yeh that's right.
I also asked some 1337'ers to hack with there "fake" programs the old server.
But they don't response or say the reinstalled windows, so everything they showed is fake.

But i know for sure he kind of cracked or hacked it.
All ports on the server are open, etc.

On our server are all security system activated

If Street'Art can reveal his trick/hack and send the information to TS administration, then you are very thankfull person and helped the TS community to get more safe.

There is very little that people could do to even attempt to exploit TS. It is pretty straight forward and where they could has been created to block that. Most hackers/script kiddies get access through other software on the server then gain access to the other resources. The way that TS is setup, I would bet money that people could not hack in through anyway other than brute forcing the password.

Sounds like a challenge =D
But i cant, lets see if i can find someone.

How much do you want to bet?

Sounds like a challenge =D
But i cant, lets see if i can find someone.

How much do you want to bet?
Good luck finding someone. I am talking about a legitimate hack, across the internet, no network capturing, exploit going straight through and only TS. And no brute forcing passwords. The greatest weak point imo would be the webadmin. Plus the ones that might be able to do it through some miraculous way would most likely not even try as there is no money to gain.

Yeah that's right.
Hacking/cracking TS in an other kind of way than RightClick E || Bruter Force is impossible.