Server Accident with Admin And Took Over

**Jeff Beauplan** · 18-06-2011, 07:39

This guy in my clan ask for server admin and i gave it to him, then he banned me and took over my server how do i get my server back....please help

Edit by mod
This was no hack it was an accident. Please don't use hack

**Nicocaps** · 18-06-2011, 07:41

Contact with your TS hosting , they will give you as owner a new token key. You can use that new token to be ServerAdmin and ban him

**Jeff Beauplan** · 18-06-2011, 07:43

How do i do that?

Edit: Every time I come on he kicks me

**Alcazar** · 18-06-2011, 14:21

Dont give permissions to every one, esp. if you dont know them.
You can set the privilege key when connecting to the server.
Or ask another SA (if available) to remove the person in question.

**poisonpanik** · 19-06-2011, 04:54

If you rent this server you need to contact your host to fix the problem. If you host the server yourself you either need to use server query to generate a new key, add yourself directly to the admin group. If you host it yourself I'd recommend stopping the server for a few minutes and restarting so if this client is online he may decide to go elsewhere. Then you can remove him from admin and check his client permissions to make sure he can't do anything.

**DJBlackLight** · 19-06-2011, 15:33

I am using the Java Teamspeak 3 Bot (http://forum.teamspeak.com/showthrea...=JTS3ServerMod) where i set the server admin group into protect. just activate the bot and set your ts3 identity to be server admin. then this friend gets automatically kicked and removed from SA group and you will be only SA. For questions you can join my ts3 server: 62.75.184.106:1337

**xHooKedx** · 23-06-2011, 21:08

Java Teamspeak 3 Bot requires Server Admin Query log in info.

If you host Ts3 yourself than this will work.
If you rent your server from a ATHP then this will most likely not work.

**Stefan1200** · 24-06-2011, 05:26

Originally Posted by xHooKedx

Java Teamspeak 3 Bot requires Server Admin Query log in info.

Thats not true!
You can also create an own query account (which is allowed on most rented servers) and add the needed permissions to it.

**hroost** · 27-06-2011, 23:26

hello
I have athp license and someone began to crack virtual servers...
version 3.0.0-rc1 [Build: 14 468]
The user comes to the server as a guest (although he unknown password server) and gets admin rights and then deletes the current admins, delete channels, change the settings and etc. These actions are repeated on multiple virtual servers, each server is different password ...
I banned it at iptables, but it is not the solution of the problem( he can use proxy
I changed the server admin password, ssh password and others but did not help(
how did he do this? and how to protect themselves from this in the future?
I think he use exploit..

---Thread got merged---

**simon22855** · 16-10-2011, 12:31

Hello my Friends!
Today my Windows Server was hacked!!!
They have an Hack so i cant ban them!!!
Here are Screens and the IPS from them!!!
And this Flex is that Peter i have look in Server log!http://i51.tinypic.com/2dh70ux.jpg
http://i55.tinypic.com/2sanec2.png
http://i52.tinypic.com/4vpye9.png
IPS:

92.77.106.171:Peter
87.151.160.13:3x3

*** German part deleted ***
*** This forum is english only ***

**florian_fr40** · 16-10-2011, 14:27

Hello

Like every time this is not a hack. A hack is a specific action against a system.
But, you don't provide us any information about your permissions system, your log, etc.

And the most time is just a permission problem.

Please send me in private message your database and log file.

**GodKratos** · 05-03-2012, 07:36

Today someone managed to get on our server and add himself to the server admin group and start banning users and changing server settings etc.

We shut down the server at the time and I have banned the account he used but I have no idea how he managed to access the server and how to prevent it from happening again.

All I can see in the server log is the following:

Code:

2012-03-05 00:11:39.660785|INFO    |VirtualServer |  1| client (id:977) was added to servergroup 'Aion GM'(id:10) by client 'SheepOfWarHatkeineEier'(id:977)
2012-03-05 00:12:09.932785|INFO    |VirtualServer |  1| client (id:977) was added to servergroup 'Player'(id:9) by client 'SheepOfWarHatkeineEier'(id:977)
2012-03-05 00:12:14.929785|INFO    |VirtualServer |  1| client (id:977) was added to servergroup 'Server Admin'(id:6) by client 'SheepOfWarHatkeineEier'(id:977)

Have we got something configured incorrectly or is there some default access backdoor that we have not closed or something?

Frankly the permission system on TS3 confuses me a bit so maybe we have done something wrong but I'm unsure how this person could give himself admin access without permission in the first place.

---Thread got merged---

**dante696** · 05-03-2012, 07:40

Please make sure that your i_group_needed_member_add_power in your important groups is much higher as users i_group_member_add_power.

**GodKratos** · 05-03-2012, 07:55

Thanks, looks like the i_group_member_add_power and i_group_needed_member_add_power settings are at the same value.
Where are the default user permission levels set at?

**dante696** · 05-03-2012, 07:57

You do not use the default groups. Please set a desiered Valure but read post #13. This will fix your problem as well.

Normal Values for Server groups (Server admin , Normal) are i_group_needed_member_add_power of 75

Thread: Server Accident with Admin And Took Over

Thread Tools

Rate This Thread

Display

Server Accident with Admin And Took Over

my servers is hacked :(

Server accident

TS3 Server accident

Thread Information

Users Browsing this Thread

Similar Threads

Server accident, admin banned and TS3 client bookmarks deleted..

[Resolved] I lost server admin permissions by accident.

[No Bug] Accident with Server 3.0.0-beta31-pre [Build: 13545]

Unchecked Web Admin Login under Server Admin now can't get back on web admin

Tags for this Thread

Posting Permissions