[IRC-DEV] offtopic: Exploit de mIRC
KaLDoR
KaLDoR at telefonica.net
Mon Oct 13 22:58:20 CEST 2003
Bueno, sabiendo como está arrasando he encontrado un script para usar con el
mirc para "solucionar" temporalmente este problema.
---------------------------------------------------
; Raw window version 1.52. Changes: Protects against resume attacks.
; DCC EXPLOIT PROTECTION REQUIRES MIRC 6.1 OR BETTER.
; This is copyrighted. Released under the GPL. Send bug reports or
suggestions to olathe 65 84 erler.org.
; Contributors: Olathe, TheJerk (idea for ignore -d in DCCWorkaround)
; Usage: Load it and let the initialization routines run.
; *** Opens a raw window when connecting to a server. Allows you to see all
; *** messages between the server and mIRC and allows you to send raw
messages
; *** to the server. Also allows saving the the raw window's buffer to a
file
; *** by right-clicking on it.
on *:start:scid -a rawwin
alias RawWin {
window -ek0mnv $+(@Raw-, $cid)
.debug -ipt $+(@Raw-, $cid) DCCWorkaround
window -a $+(@Raw-, $cid)
}
on ^*:LOGON:*:{
window -ek0mv $+(@Raw-, $cid)
.debug -inpt $+(@Raw-, $cid) DCCWorkaround
}
menu @Raw-* {
Save past raw text to log file:{
var %i = 1, %file = $sfile($logdir $+ *.log, Save As, Save)
%file = $+($chr(34), $iif($chr(46) isin %file, %file, %file $+ .log),
$chr(34))
if (%file != $null) {
while (%i <= $line($active, 0)) {
write %file $line($active, %i)
inc %i
}
}
}
}
on *:INPUT:@Raw-*:{
if ($left($gettok($1-, 1 ,32), 1) != $chr(47)) {
scid $cid .raw $1-
haltdef
}
}
on *:CLOSE:@Raw-*:{
; Continue to block exploits without using a window or writing to a file.
/rawwin will reopen the window.
.debug -i NUL DCCWorkaround
}
alias DCCWorkaround {
if (($+(*:*!*@* PRIVMSG * :, $chr(1), DCC SEND "*) iswm $1) || ($+(*:*!*@*
PRIVMSG * :, $chr(1), DCC RESUME "*) iswm $1)) {
echo 4 -ae *** Possible lamer: $1
var %nick = $right($gettok($gettok($1, 2, 32), 1, 33), -1)
.ignore -du2 %nick
notice %nick Please do not exploit me.
}
else return $1-
}
-----------------------------
Copiadlo en la sección remotes de vuestro mIRC.
---
Checked by AVG anti-virus system (http://www.grisoft.com).
Version: 6.0.525 / Virus Database: 322 - Release Date: 09/10/2003
More information about the IRC-Dev
mailing list