Remote RCon Overflow exploit for Ventrilo

Researching, Proof of Concepts, Hacking, Console Modding and Hacking and more. No game hacking / modding here.
Post Reply
duggadugga32
Newbie..
Newbie..
Posts: 8
Joined: Tue Jul 14, 2009 12:08 am

Remote RCon Overflow exploit for Ventrilo

Post by duggadugga32 »

yo what's up bros.. i came across this earlier while scouring youtube for videos of lasagna



as far as i can tell, it has something to do with packets?

lates
User avatar
Sethioz
Admin
Admin
Posts: 4762
Joined: Fri Jul 27, 2007 5:11 pm
Custom: Gaming YT > https://youtube.com/SethiozEntertainment
Game Hacking YT > https://youtube.com/sethioz
Game Hacks Store > https://sethioz.com/shopz
Location: unknown
Contact:

Re: Remote RCon Overflow exploit for Ventrilo

Post by Sethioz »

kind a messy, but ofcourse with packets, thats the way how server and client communicates. exploit is just a packet with your custom data, where you replace one thing or add another to make this possible.
i have never used ventrilo and never will, so i can't help you there, however Luigi have dealed with ventrilo and he has quite some exploits and PoCs for it (poc - proof of concept). however i can't remember that he have found such bug for 3.0.3.
duggadugga32
Newbie..
Newbie..
Posts: 8
Joined: Tue Jul 14, 2009 12:08 am

Re: Remote RCon Overflow exploit for Ventrilo

Post by duggadugga32 »

Sethioz wrote:kind a messy, but ofcourse with packets, thats the way how server and client communicates. exploit is just a packet with your custom data, where you replace one thing or add another to make this possible.
i have never used ventrilo and never will, so i can't help you there, however Luigi have dealed with ventrilo and he has quite some exploits and PoCs for it (poc - proof of concept). however i can't remember that he have found such bug for 3.0.3.
yea i asked him already over msn for help, he told me he doesn't do security vulnerabilities anymore/doesn't care about Ventrilo

i guess i'll fiddle around vent with WPE till somethin awesome happens :P

lates
User avatar
Sethioz
Admin
Admin
Posts: 4762
Joined: Fri Jul 27, 2007 5:11 pm
Custom: Gaming YT > https://youtube.com/SethiozEntertainment
Game Hacking YT > https://youtube.com/sethioz
Game Hacks Store > https://sethioz.com/shopz
Location: unknown
Contact:

Re: Remote RCon Overflow exploit for Ventrilo

Post by Sethioz »

wpe pro is not such a good idea if it comes to analyzing, use CommView. commview can modify and send packets too, only tht commview doesn't work on msn so well, there's some id problems, however you can still use it to analyze and it will prolly work on ventrilo (resending).
duggadugga32
Newbie..
Newbie..
Posts: 8
Joined: Tue Jul 14, 2009 12:08 am

Re: Remote RCon Overflow exploit for Ventrilo

Post by duggadugga32 »

yea i tried Commview out and i'm afraid this is too advanced for me.. but alas i shall push on; i think the packets are encrypted and i guess you have to decrypt them using one of aluigi's ventrilobotomy programs? i p much suck at this lols
User avatar
Sethioz
Admin
Admin
Posts: 4762
Joined: Fri Jul 27, 2007 5:11 pm
Custom: Gaming YT > https://youtube.com/SethiozEntertainment
Game Hacking YT > https://youtube.com/sethioz
Game Hacks Store > https://sethioz.com/shopz
Location: unknown
Contact:

Re: Remote RCon Overflow exploit for Ventrilo

Post by Sethioz »

CommView - how to use - capturing and resending the packets < this should help you out with commview. it is the best program if it comes to packet analyzing, they say that wireshark has some advanced features too, well i guess its true (encryption and decryption), but when i looked it, then it seemed quite hard to decrypt the conversation, however it is possible with wireshark.
why i like commview for such things, is that you can edit filters without stopping capturing, they take effect as soon as you change them and it also has the process based capture.

however i can't help you with ventrilo encryption. if its VoIP not encrypted, then you can try using Cain, it has a sniffer than can record VoIP conversations, but if its encrypted then you have to seek help from Luigi's forum on how to decrypt it. but how hard can it be if Luigi has tools for it.
duggadugga32
Newbie..
Newbie..
Posts: 8
Joined: Tue Jul 14, 2009 12:08 am

Re: Remote RCon Overflow exploit for Ventrilo

Post by duggadugga32 »

alrighty, i pretty much got the whole packets thing down (thanks for the tutorial btw) but alas i've ran into a huge wall... the decrypter is acting odd, it'll get up to " Ready: " then just becomes nonfunctional

even once i join the server with ventrilo_proxy running, nothing happens

Image

is there anyone here who uses ventrilo_proxy that can tell what's wrong?
User avatar
Sethioz
Admin
Admin
Posts: 4762
Joined: Fri Jul 27, 2007 5:11 pm
Custom: Gaming YT > https://youtube.com/SethiozEntertainment
Game Hacking YT > https://youtube.com/sethioz
Game Hacks Store > https://sethioz.com/shopz
Location: unknown
Contact:

Re: Remote RCon Overflow exploit for Ventrilo

Post by Sethioz »

i know basically nothing about ventrilo, you should visit http://aluigi.org/
Post Reply