AntyIPLogger for your server!

Hello,
What do you think about the bot that protects the server against so-called IPLoggers? I have one, if anyone would be interested, I invite you to a private message!

1 Like

Is this a scam?

What is an “IPLogger” supposed to be anyway? You leave your IP address anywhere you go as it’s pretty much your address on the Internet.

But the TeamSpeak server usually doesn’t expose client’s IP addresses unless someone has the b_client_remoteaddress_view privilege and I’m not aware of any P2P connections going on between TeamSpeak clients.

So what exactly is an “AntyIPLogger” supposed to do here and how does it even work?

If you don’t want your IP address to appear, there are things like VPNs and anonymous proxies. But as far as I am aware, the only thing which really protects against leaking one’s IP address is the Tor network because it goes through so many hops that it’s practically impossible to trace back.

So please enlighten us.

And I think we don’t want any shady private message things going on here. If it’s a legit thing, why would you need to hide it?

5 Likes

Well TeamSpeak warns you before redirecting to external links.

Like in many other forums discussed I don’t think and hope TeamSpeak will ever protect you from external links (malware etc.).

TeamSpeak would need to scan or „rate“ the target which would result in a censorship.

I don’t see an issue at all if you‘ve been redirected to such a site once.
The common internet user has no idea anyways where and how often requests to external sites are happening.

As experienced user just blacklist such sites.
That’s it.

2 Likes

I’ll be honest, I’m skeptical as well…

3 Likes

If there are private or clan channels on public servers then someone may want to get someone’s ip address without having access to it. Just paste the link in the channel as a graphic and a person wanting to have an IP of a user gets information on the page about ip etc. It is legal, but I was afraid that when I would share the files of this bot I could have some problems from the board of the forum.

2 Likes

$logs = $ts->getElement(‘data’, $ts->logView(50, 0, 0, 0));

$timeStart = microtime(true);
# Główna część kodu
for($i = 0; $i <= 49; $i++){
  if(!empty($logs[$i])){
    foreach($logs[$i] as $log){
      if(strstr($log, "channel")!==False && strstr($log, "|VirtualServerBase|1  |channel '")!==False){
        $data = explode("|VirtualServerBase|1  |channel '", $log);
        $moreData = explode("(id:", $data[1]);
        $moreChannelData = explode(") edited by '", $moreData[1]);
        $moreClientData = explode(")", $moreData[2]);
        $time = explode(" ", $data[0]);

        # Zapisuje aktualne 5 akcji
        $check[] = $time[0].$time[1];

        # Wykonuje raz akcje
        if(strstr($log, 'edited')!==False){
          if($moreClientData[0] != 0){
            if(empty($string[$time[0].$time[1]])){
              if($moreClientData[0] != 1 && is_numeric($moreClientData[0]) && is_numeric($moreChannelData[0])){
                checkDecriptionLinks($ts, $cfg['settings'][0], $moreClientData[0], $moreChannelData[0]);
                checkDescriptionImage($ts, $cfg['settings'][1], $moreClientData[0], $moreChannelData[0]);
              }
              $string[$time[0].$time[1]] = $time[0].$time[1];
            }
          }
1 Like

This is not all the code, but if you think it is suspicious we can close the topic

2 Likes

I think you are more likely to get into trouble for offering suspicious software via private messages.

Anyways, I now get what you are talking about. When embedding images into channels descriptions, TeamSpeak 3 clients will automatically download these images.

The requests will show up with user agent TeamSpeak3-ImageFetcher-1.1 and they originate from the client’s IP address. These downloads also won’t cause any “external link” warnings to pop up.

I’m a little concerned that this has not been addressed yet since I now remember the problem being known to TeamSpeak for quite a while. But I guess they don’t want to route gigabytes of image data through the TeamSpeak server since that could cause quite a dramatic amount of additional traffic for the server owner.

But maybe, they could add a new privilege which is required to put external images into channel descriptions.

People could still use file uploads then, which would cause extra traffic but not leak the client’s IP address as files are downloaded from the TeamSpeak server which knows the IP address anyway. Also, I think the client’s build-in image cache applies here.

3 Likes

Protects against such people who want to have ip of others and do not have access to permissions

2 Likes

why? i’m the autor

3 Likes

Do you think it’s not safe what I wrote about?

2 Likes

TeamSpeak isn’t responsible for what you or your users are doing on your private server.

Just remove the following permissions for any untrusted user or group.

b_channel_create_with_description
b_channel_modify_description

Your script using the TS3FrameWork to read the logfiles at a specific time over and over again is not the best solution in my mind.

6 Likes

I better delete the post and it will be after the problem

2 Likes

Well since this an open discussion you should expect some critics, too.

And as I said reading the logfiles over and over again is no great solution.
This would cost PHP some time to load them anyways if you have large logfiles.

The time between each scan would give somebody posting such an image enough time to gather some IP addresses.

3 Likes

This is probably more elegant.

But can we agree that it really blows that server owners have to take away the entire ability to edit channel descriptions to compensate for the lack of a way of disallowing embedding of external resources or at least warning about it?

Actually, most users will not even be aware that images in channel descriptions are even an issue.

So I think that there is still some responsibility on TeamSpeak’s side because they obviously didn’t think about this specific case.

Regarding the script:

I actually wrote a PHP script a while ago which scans channel descriptions for non-secure http:// links and that could probably be adapted to detect and remove external resources in general.

4 Likes

Well how would you warn the user about it?

Should the app display a placeholder instead of requesting the picture?
Clicking on the image as user will ask you to send the request or easily download the picture.

That’s not a nice and userfriendly solution in my mind.

For this case there needs to be an option to disable this features, too like the option to disable the warning for external links which makes the whole story useless.

4 Likes

That’s one solution that came to my mind.

Sometimes, usability and security won’t play together. That’s one of the “joys” of developing software.

But then, the user actively made a decision to sacrifice security for convenience.

However, links are a different thing. Users have to click them before anything happens and the target of the link is shown in the status bar, so users can still decide whether it links to a place they want to go, even without the warning.

Images however are loaded without the users consent. It just happens the moment they click on a channel and they won’t know the images are even there before they have already loaded and then it’s already too late.

The most user friendly solution I can currently think of is to either proxy external image downloads through the TeamSpeak server or even better offer an option to restrict images to locally hosted files so the server owner remains in full of control.

This would also allow the server owner to require users to submit images for approval before they are uploaded to their respective channel.

TeamSpeak has file upload capabilities. This would be a perfect use case for them.

3 Likes

Well the ability to define a proxy for external requests on the server side is a good idea.

This would stop clients from doing external requests but would force them to request the server to do the request (one step more).

Doesn’t sound bad for me.

4 Likes

Just upload it to github and share a link if it’s legit code.

3 Likes

This is a TeamSpeak issue. Which has been around for a while. I remember they were working on this I believe, in an old thread. Though it never got updated.

Let’s say you have a friend or have a paid channel subscription on your server where you grant the user a channel and he can edit the description and whatnot. He can then upload an image (which is invisible) with IPlogger and the target user doesn’t need to click it, all they would need to do is join the channel and it automatically sends their IP back to the portal.

3 Likes
twitch instagram twitter facebook