Was Vivox Chat p0wned by Emerald Developers?
by Pixeleen Mistral on 30/08/10 at 12:16 pm
LindenWorld staff meetings an open book to ban-proof Fractured Crystal, Lonely Bluebird?
Did two Emerald developers – Fractured Crystal and Lonely Bluebird – taunt Emerald critic Hazim Gazov after using the Vivox voice chat admin portal disable Gazov’s Second Life voice? Were the rogue developers able to track Lab staff on private Linden-only islands? It appears so, if a screen capture provided to the Herald this weekend can be believed.
Over the last several months, a YouTube video and chatlogs have circulated, both of which strongly suggest both Fractured Crystal and Lonely Bluebird took the faction wars between the Emeralds and the Soviet Woodbury group to new levels after the Emerald’s site security was compromised and the data mining operation was revealed. This weekend, a source we will refer to as DeepYiff has provided the Herald with evidence the exploit that left Hazim Gazov speechless could also have compromised the security of all Vivox voice chat in Second Life.
While it is impossible to be absolutely certain that the screen captures DeepYiff provided are real, they appear to be the Vivox administration portal which can be used to mute, kick, or ban players from the voice service. The Vivox documentation also states that administrative users can listen in to chat channels without appearing to other users – something that may give pause to the Linden staff using Vivox chat for in-world meetings. The screen capture below shows what is seems to be a Linden staff meeting in progress on the LindenWorld B private island.
click image for full size view
According to Emerald critic Hazim Gazov, both Joe Linden and Soft Linden were aware that some sort of Vivox exploit had taken place after Mr. Gazov reported that his Vivox chat had been disabled. However it is unclear what – if any – action was taken other than to re-enable Mr. Gazov’s voicechat.
While the Vivox admin screen capture appears to be a bit dated – 1/3 of the Linden staff shown are no longer with the lab, presumably due to the lab’s recent cost cutting measures – it appears to be common knowledge in certain circles that chat has been badly compromised.
I asked Plastic Duck for comment last night, and while he was unsure of the exact method Fractured Crystal (jcool) used, Plastic Duck thought it likely that Fractured Crystal had gained control over the Vivox admin interface.
Pixeleen Mistral: what do you know about the VIvox admin interface?
Plastic Duck: it’s insecure
Pixeleen Mistral: how insecure?
Plastic Duck: jcool was able to get full access
Pixeleen Mistral: yeah, I got a screen shot that implies that
Plastic Duck: and disable peoples accounts
Pixeleen Mistral: Hazim’s account for instance
Plastic Duck: yeah
Pixeleen Mistral: but Vivox has a game moderator can listen in feature
Pixeleen Mistral: and LL uses vivox for staff meetings
Plastic Duck: yeah he can likely listen in on whatever
Pixeleen Mistral: any idea how jcool got in?
Plastic Duck: from what I understand you could just force some admin bit
Plastic Duck: and the servers would happily comply
Plastic Duck: or it could have been related to the exploit that lets you run a rogue sim
Plastic Duck: jcool was abusing the shit out of that one
Plastic Duck: to download files from peoples computers heh
All of this raises further questions about why Fractured Crystal has not been banned from Second Life – and how much longer the Lab will tolerate the Emerald gang. Fractured Crystal claimed responsiblity for the DDoS attack that led to Philip Linden warning players against the Emerald viewer last week, but perhaps he overheard something in a staff meeting that made him ban-proof.
Friend of all
Aug 30th, 2010
Questions arises why isn’t half the hackers banned.
The whole onyx team isn’t banned either.
Hazim Gazov
Aug 30th, 2010
That would make sense, when I asked JCool about it, he said something along the lines of “We don’t have access to that anymore, don’t worry about it.”
Friend of all
Aug 30th, 2010
Fractured will just come back as an alt as he always does.
You take one hacker down, all they have to do is change ip and they are in.
Randomizing mac and hardware can be done viewer side.
Little Lost Linden
Aug 30th, 2010
Holy Moly!
The Emerald scandal just keeps getting crazier and crazier!
This whole Emerald debacle is weirder than the time Hamlet Au went crazy.
http://thebotzone.net/2010/07/06/hamlet-au-goes-crazy/
One can only wonder what is next for this crazy Emerald viewer.
Friend of all
Aug 30th, 2010
Who is Plastic Duck ? Quack.
Orion
Aug 30th, 2010
One scandal after another, seemingly a new one each week! Rampant paranoia, facts spun distorted and twisted to the point where nobody can tell truth from fiction, and an endless stream of smear campaigns that would make a Washington insider cream in his sleazy little briefs… All over what? A gimped little world that’s so lagged out and broken that its really not even worth playing in any more.
There’s a simple solution to all of this Emerald crap. Report their obviously illegal activities to the FBI and let the law sort it.
Deadlycodec
Aug 30th, 2010
Plastic Dick != the one to ask about security problems. Force an admin bit? Seriously? But isn’t that a WEB BASED administration portal, fuckwads? I’m betting it wasn’t an SQL injection bug, so it was probs a set of weak account login credentials or broken access controls (ie Vivox relied on parts of the url for accessing certain functionality to be obfuscated and only known to authorized users). There aren’t generally “admin bits” over HTTP, dumbshit, unless you’re thinking of session management implementations (cookies) which would then be admin bytes under most circumstances. Want to keep making the herald look stupid? Continue to interview people like Plastic while they fall all over their face proving only that they know absolutely nothing. The “admin bit” is related to how the Second Life viewer communicates with the Lab’s servers, and has nothing to do with browser-based HTTP communications unless I suppose you pass it as a parameter to a server-side script or something, and of course the server-side script is programmed to handle it accordingly.
Imnotgoing Sideways
Aug 30th, 2010
This is… Stupid. (O.o)
The whole article reads like “LOLOL 1337 h4xx0rz turn yer computer into bomba!!!” (=_=)
samantha
Aug 30th, 2010
You are biased Mr immy because you think factured is just “misunderstood” and you have the gay hots for him. O.o
Uh NO
Aug 30th, 2010
@Imnotgoing Sideways
Um your name was listed on emerald’s regapi.
Imnotgoing Sideways has just logged in.
Uh NO
Aug 30th, 2010
@samantha
She is what I call, jay’s girlfriend.
Uh NO
Aug 30th, 2010
Pixie change
unlcear
to unclear.
Welcome
Zidonuke
Aug 30th, 2010
http://i35.tinypic.com/macaq1.png
Bah way to steal my hax. Modularsystems didn’t have shit on vivox except for the days after the TPVP meeting with joe linden when the “vivox speakerphone” LSL script leaked with the admin login. Also way to use my screenshots….
Imnotgoing Sideways
Aug 30th, 2010
I know my name is on the CDS list. Now what? I don’t copybot. Is there a boobie prize? Do I get extra Mormons at my door? (O.o)
Y’all’s just jealous because Frac wants mah butt. =^-^=
Darien Caldwell
Aug 30th, 2010
Sadly this looks authentic.
Nelson Jenkins
Aug 30th, 2010
This is pretty old news, these pics were circulating quite a while ago… I’ve had ‘em up on my site since it was created.
Plastic Herpaderps
Aug 30th, 2010
I’m going to go with Deadlys theory on this one. Sounds like some poor judgement in passwords than anything else.
PS. Pix stop going to Plastic for crazy hacker theories. He’s not even relevant to SL anymore. AKA.. Never-Has-Been amirite?
Anonymous
Aug 30th, 2010
[...] Artikel, der sich mit einem ehemaligen und einem derzeitigen Mitglied des Emerald Teams befasst. Was Vivox Chat p0wned by Emerald Developers? | The Alphaville Herald Haben wir es hier mit einem finalen Angriff zur Demontage des Emerald Teams durch seine Gegner zu [...]
Uh NO
Aug 30th, 2010
@Zidonuke
I believe Hazim is right.
Modular were the ones who turned off his voice.
Proof is in the cookie.
@Imnotgoing Sideways
No one wants your harry BUTT! No offense but I think your a man playing a female player.
Uh NO
Aug 30th, 2010
Vivox is too easy to hack.
Rob "N3X15" Nelson
Aug 30th, 2010
Vivox has been compromised. I’ve seen Phox troll combat sims over voice without ever being in the sim.
Uh NO
Aug 30th, 2010
Too many vivox pics and too many people hacking it.
@Nelson Jenkins
I seen some of them too. Ita all phox’s fault for showing them off.
meh
Aug 30th, 2010
ok seriously, can there be anything besides Emerald reported on this blog >.<
Nelson Jenkins
Aug 30th, 2010
@ meh
Sure, here you go.
http://alphavilleherald.com/2010/08/masha-delacourt-post-6-grrrrrl.html
chrismignon McDonnell
Aug 30th, 2010
Hazim Gazov is the creator of a viewer copybot named Inertia o.o.
Logically with a good spirit, a geek could take the voice.
http://wiki.secondlife.com/wiki/Voice/Technical
chrismignon McDonnell
Aug 30th, 2010
I said lol it’s ridiculous.
Judge Joker
Aug 30th, 2010
Check this thread http://bit.ly/c31R2q
Emerald user asking Emerald Dev’s/Users on how to use a proxy with emerald to prevent data mining and from being found RL by geo to hide from some bad hackers they met in Second Life who are pushy.
e
Aug 30th, 2010
The current dev team still has members with at least grey background (Skills Hak, Lonely Bluebird). Just take a peek at http://emeraldviewer.net/devteam.shtml
Even Fractured Crystal seems still a member of the team at http://code.google.com/p/emeraldviewer/
Though it appears that the source code repository hosted at google only contains one update per version. and everything pushed there is done by “patterph0x”. So Fractured’s name there is more of a curiosity than alarming. Which is a shame as a public source code repository with all changes (in small patches) would go a long way building trust and transparency if that’s what the current emerald team still wishes, which i’m not sure of.
e
Ajax Manatiso
Aug 30th, 2010
Clear this up if I am mistaken, but I thought Hazim was a Woodbury and was banned along with the while Woodbury crew — so why was he filing a complaint with Linden Lab over not being able to use voice? Certainly he can make alts but LL supposedly has far more sophisticated ways to identify an end user rather than simple, and extremely inaccurate IP addressing.
Hazim Gazov
Aug 30th, 2010
@chrismignon
Fractured and Phox are the creator of a copybot viewer called Onyx, what’s your point?
@Ajax
This was before I was banned.
Imnotgoing Sideways
Aug 30th, 2010
Hazim was Crawlingin Meskin. Can’t say he and I were ever friends. (^_^)y
Friend of all
Aug 30th, 2010
Imnotgoing Stupid, shutup.
Also, the whole onyx team have been abusing vivox and passing out pics.
They even DDOS king’s accounts. I think phox who said that Discrete Dreamscape who helped them accomplish it.
http://img816.imageshack.us/img816/851/vivoxhacked1.png
Imnotgoing Sideways
Aug 30th, 2010
They turned me into a newt!!! DX
…
Well… I got better. (._.)
…
XD(_*_)
Darien Caldwell
Aug 30th, 2010
http://img816.imageshack.us/img816/851/vivoxhacked1.png
Hmm, that one is pretty interesting, because it shows the Display Names functionality already in place. Very interesting…
Friend of all
Aug 30th, 2010
Imnotgoing Sideways, don’t make me turn off your voice.
Friend of all
Aug 30th, 2010
@Rob “N3X15″ Nelson
Anyone using voice can move their voice dot which can be found in onyx source code which was made by cryogenic.
This can also be done with cameras.
You can easily lock your camera in the sim and tp to another sim and still rez objects in the other sim.
Friend of all
Aug 30th, 2010
@Darien Caldwell
Notice the emerald icon at the very bottom of the page. That should explain it all.
http://img816.imageshack.us/img816/851/vivoxhacked1.png
Zidonuke
Aug 30th, 2010
God damn it, Stop fucking using my screenshots out of context. Those were demonstrating the vivox hack. Those were made by DHD88/Zidonuke and were never involved with emerald.
Vivox Account Login:
http://www.bhr.vivox.com/
Login:
lolhax5
lolhax
Friend of all
Aug 30th, 2010
Emerald already did it.
Friend of all
Aug 30th, 2010
Phox admitted he hacked vivox.
Friend of all
Aug 30th, 2010
http://img816.imageshack.us/img816/851/vivoxhacked1.png
http://www.bhr.vivox.com/
login:
Ph0x
Everyone
http://www.sluniverse.com/php/vb/general-sl-discussion/48454-saga-continues-fractured-crystal-exploits.html
Friend of all
Aug 30th, 2010
http://www.bhr.vivox.com/
I think that link was on one of the emerald panels.
Zidonuke
Aug 30th, 2010
http://zidonuke.pastebin.com/RjwuEJdj
http://zidonuke.pastebin.com/LrBdTsKB
http://zidonuke.pastebin.com/T844WXQh
Thats all my info and communications. ENJOY
Friend of all
Aug 30th, 2010
And,
Phox also hacked it too.
Several people have been hacking vivox due to a lack of security.
Friend of all
Aug 30th, 2010
http://www.sluniverse.com/php/vb/general-sl-discussion/44468-onyx-source-code-has-been-4.html
Look for this famous Quote:
But I did report exploits, that’s what you don’t understand! I let Soft and Joe know that there was an exploit going around that would allow people to disable SLVoice accounts (as you so responsibly demonstrated.)
Hazim, also knew about vivox hacks. Your not the only one who can hack it.
Hazim Gazov
Aug 30th, 2010
@Friend of all
I only knew it existed because it was used on me and Lonely / Fractured were bragging about having done it
Friend of all
Aug 30th, 2010
I know hazim, I hang out in emerald point too.
Linden Lab denies major Second Live voice breach « Dwell On It
Aug 30th, 2010
[...] The best place to start looking at that talk would be over at the Alphaville Herald. [...]
Friend of all
Aug 30th, 2010
Its funny plastic duck ratted emerald out.
Zidonuke
Aug 30th, 2010
Wanna see the vivox admin CP here ya go.
http://osd.vivox.com/
demohax
zidodemo