Forum

Page 1 of 16 12311 ... LastLast
Results 1 to 15 of 234
  1. #1
    Join Date
    June 2008
    Posts
    18,279

    Query creates channels, send messages or pokes users

    The reason why this is possible on your server(s) is not a bug. It's permission related.

    Your server allows to send messages or pokes or create channels via ServerQuery Guest group. This is the one you get when you connect to a server via telnet without sending any login command.
    You need to change the permissions once (when your server was started for the first time before version 3.0.11.2.)
    Just updating the server will not solve the problem. Set permissions don't get changed during an update.


    Here are the steps to restrict the Guest Query to abuse your server for spam (chat, pokes and via channel name).

    1. Update your server to the latest version.
    http://www.teamspeak.com/downloads

    2. Login into the ServerQuery interface via telnet / putty to change the permissions in the next step.
    How to use the ServerQuery
    Ask your Admin or Hoster in case you don't have access to the ServeQuery and/or the serveradmin login.

    3. Perform these 3 commands in telnet/putty (replace yourpasswordhere with your own password and ANY_ACTIVE_PORT with the voice port of your server (9987 is default))
    Code:
    login serveradmin yourpasswordhere
    Code:
    use port=ANY_ACTIVE_PORT
    Code:
    servergroupaddperm sgid=1 permsid=b_channel_join_permanent permvalue=0 permskip=1 permnegated=1|permsid=b_channel_join_semi_permanent permvalue=0 permskip=1 permnegated=1|permsid=b_channel_join_temporary permvalue=0 permskip=1 permnegated=1|permsid=b_channel_create_permanent permvalue=0 permskip=1 permnegated=1|permsid=b_channel_create_semi_permanent permvalue=0 permskip=1 permnegated=1|permsid=b_channel_create_temporary permvalue=0 permskip=1 permnegated=1|permsid=b_client_server_textmessage_send permvalue=0 permskip=1 permnegated=1|permsid=b_client_channel_textmessage_send permvalue=0 permskip=1 permnegated=1|permsid=b_client_offline_textmessage_send permvalue=0 permskip=1 permnegated=1|permsid=i_client_private_textmessage_power permvalue=-1 permskip=1 permnegated=1|permsid=i_client_poke_power permvalue=-1 permskip=1 permnegated=1
    4. You did well when you read error id=0 msg=ok after each command. There is nothing more you need to do here.

    (Optional Hint:
    It could be that this Query still can send pokes and chats to users who own a i_client_needed_private_textmessage_power & i_client_needed_poke_power with a value lower than 0. You have to raise these values to 0 at least to avoid spam for them.)
    Last edited by dante696; February 22nd, 2017 at 10:10 AM. Reason: Thread overtake

  2. #2
    Join Date
    June 2011
    Posts
    8
    Disable create temporary channels, TS3-POLISH.PL looking for people on other communicators is a very bad example of such Teamspeak should block licenses because this practice in Poland is very common. Only you can stretch to the administration about the situation and report to the person responsible for the domain.

    "see in the logs the IP of the person who created the channels and insert to the black list"

    pozdrawiam.

  3. #3
    Join Date
    February 2012
    Location
    Germany
    Posts
    576
    What do you mean with "this practise in poland is very common"? What happens behind the scene? Why are people trying to hijack Teamspeak users to leave their home server and join the hijackers' server? Is it because people want users, users, and more users out of need of recognition, or are they planting malware on their servers, luring the unsuspecting users to install that?

  4. #4
    Join Date
    January 2014
    Posts
    7
    Schlumpi, as you said :P

    When i was total novice i didnt block whisper so people came to my server and then they just whisper to everyone message like " IP SERVER CHANGE: *NEW IP* "
    They can even ask you too create them a private channel (as common user) and then they rename it when admins are afk to message like above.

  5. #5
    Join Date
    February 2012
    Location
    Germany
    Posts
    576
    But why are they are doing this? What is the reason?

  6. #6
    Join Date
    June 2012
    Location
    Portugal
    Posts
    317
    Fix:
    Client Permissions -> In Unique ID write ServerQuery -> search for "create" -> enable create temporary channels -> click in the box to remove the check -> profit

    GIF: http://gyazo.com/04b84fae51cdf366469c2d228d7b2f43

  7. #7
    Join Date
    October 2011
    Posts
    34

    serveradmin creates channels

    Something strange happened on my teamspeak server.
    A user (supposedly) created channels using the "serveradmin", while I'm positive they don't have the password.

    This is just part of the log:

    Code:
    2014-04-28 12:27:39.138940|INFO    |VirtualServerBase|  1| channel 'New TS3:IPxx.xx.xx.xx #820'(id:77379) created by 'serveradmin'(id:5)
    2014-04-28 12:27:39.149617|INFO    |VirtualServerBase|  1| channel 'New TS3:IPxx.xx.xx.xx #819'(id:77378) deleted by 'server'(id:0)
    2014-04-28 12:27:41.551846|INFO    |VirtualServerBase|  1| channel 'New TS3:IPxx.xx.xx.xx #821'(id:77380) created by 'serveradmin'(id:5)
    2014-04-28 12:27:41.565922|INFO    |VirtualServerBase|  1| channel 'New TS3:IPxx.xx.xx.xx #820'(id:77379) deleted by 'server'(id:0)
    2014-04-28 12:27:44.019206|INFO    |VirtualServerBase|  1| channel 'New TS3:IPxx.xx.xx.xx #822'(id:77381) created by 'serveradmin'(id:5)
    2014-04-28 12:27:44.031763|INFO    |VirtualServerBase|  1| channel 'New TS3:IPxx.xx.xx.xx #821'(id:77380) deleted by 'server'(id:0)
    2014-04-28 12:27:46.492726|INFO    |VirtualServerBase|  1| channel 'New TS3:IPxx.xx.xx.xx #823'(id:77382) created by 'serveradmin'(id:5)
    How could I prevent this from happening?

  8. #8
    Join Date
    December 2004
    Location
    RF
    Posts
    3,007
    Read whole log.

  9. #9
    Join Date
    February 2012
    Location
    Germany
    Posts
    576
    The channels are created by the user with the id 5, who has apparently assigned the nickname "serveradmin" to himself. He creates temporary channels, since they are immediately deleted by the server when the user leaves the channel. In the default permission setup, even guests can create temporary channels.
    If you set a global server password, he knows it. Or he is member of a group that ignores server passwords. He may also connect via server query - that part is unknown, since you only posted the channel creation log entries and nothing more.

    What you can do:
    - delete that user
    - set or change the server password
    - change the permissions so that guests are unable to create temporary channels
    - ban the name "serveradmin" (not the user, but the name, so no one is able to use this as nickname - but that does not prevent users from choosing other interesting names - see http://forum.teamspeak.com/showthrea...370#post223370)
    - if he logged in as the server query admin, change the server query admin password and ask yourself how he was able to acquire that password

  10. #10
    Join Date
    December 2004
    Location
    RF
    Posts
    3,007
    Good catch. I missed the word "deleted" at a first read.

  11. #11
    Join Date
    October 2011
    Posts
    34
    "serveradmin" is used for ServerQuery, by bots such as Gametracker, tsviewer, etc.
    This is NOT a user, and he does NOT join the server.
    The provided log is the WHOLE log.

    On "What can I do":
    - mentioned it above
    - no server password (public TS)
    - since it's a public TS, everyone can create temp channels.
    - as I said, no such user connects.
    - I am possitive that they don't have it, but i'll change it just in case.

  12. #12
    Join Date
    October 2011
    Posts
    34
    Solution found:

    Permissions -> Client Permissions -> Drag & Drop client here or enter client unique ID: -> Search for - ServerQuery -> b_channel_create_temporary ->
    http://oi57.tinypic.com/a3ntpy.jpg

  13. #13
    Join Date
    December 2004
    Location
    RF
    Posts
    3,007
    Better restrict serverquery use to a number of whitelisted IP's.

  14. #14
    Join Date
    October 2011
    Posts
    34
    Yep. That also worked
    Example for anyone interested:

    Code:
    iptables -A INPUT -p tcp --dport 10011 -j DROP
    iptables -I INPUT -p tcp -s 208.167.241.190 --dport 10011 -j ACCEPT #GT
    iptables -I INPUT -p tcp -s 208.167.241.185 --dport 10011 -j ACCEPT #GT
    iptables -I INPUT -p tcp -s 208.167.241.186 --dport 10011 -j ACCEPT #GT
    iptables -I INPUT -p tcp -s 108.61.78.147 --dport 10011 -j ACCEPT # GT
    iptables -I INPUT -p tcp -s 108.61.78.148 --dport 10011 -j ACCEPT # GT
    iptables -I INPUT -p tcp -s 108.61.78.149 --dport 10011 -j ACCEPT # GT
    iptables -I INPUT -p tcp -s 108.61.78.150 --dport 10011 -j ACCEPT # GT

  15. #15
    Join Date
    December 2004
    Location
    RF
    Posts
    3,007
    If I were you, I'd create a separate chain for specifying whitelisted IP's, or use ipt_recent capabilities to mange the list.

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Similar Threads

  1. How to send chat messages to Server Query
    By JamieG193 in forum Tools / Web Based
    Replies: 3
    Last Post: July 5th, 2013, 11:02 AM
  2. [Resolved] (not possible) How do I send out pokes to a defined usergroup?
    By Pluvrr in forum General Questions
    Replies: 1
    Last Post: August 28th, 2011, 04:50 PM
  3. send text messages to everyone
    By constrych9 in forum General Questions
    Replies: 5
    Last Post: February 8th, 2011, 07:01 PM

Tags for this Thread

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •