[IRC-DEV] offtopic: Exploit de mIRC

KaLDoR KaLDoR at telefonica.net
Mon Oct 13 22:58:20 CEST 2003 

Bueno, sabiendo como está arrasando he encontrado un script para usar con el
mirc para "solucionar" temporalmente este problema.

---------------------------------------------------

; Raw window version 1.52.  Changes: Protects against resume attacks.
; DCC EXPLOIT PROTECTION REQUIRES MIRC 6.1 OR BETTER.
; This is copyrighted.  Released under the GPL.  Send bug reports or
suggestions to olathe 65 84 erler.org.
; Contributors: Olathe, TheJerk (idea for ignore -d in DCCWorkaround)

; Usage: Load it and let the initialization routines run.

; *** Opens a raw window when connecting to a server.  Allows you to see all
; *** messages between the server and mIRC and allows you to send raw
messages
; *** to the server.  Also allows saving the the raw window's buffer to a
file
; *** by right-clicking on it.

on *:start:scid -a rawwin

alias RawWin {
  window -ek0mnv $+(@Raw-, $cid)
  .debug -ipt $+(@Raw-, $cid) DCCWorkaround
  window -a $+(@Raw-, $cid)
}

on ^*:LOGON:*:{
  window -ek0mv $+(@Raw-, $cid)
  .debug -inpt $+(@Raw-, $cid) DCCWorkaround
}

menu @Raw-* {
  Save past raw text to log file:{
    var %i = 1, %file = $sfile($logdir $+ *.log, Save As, Save)
    %file = $+($chr(34), $iif($chr(46) isin %file, %file, %file $+ .log),
$chr(34))
    if (%file != $null) {
      while (%i <= $line($active, 0)) {
        write %file $line($active, %i)
        inc %i
      }
    }
  }
}

on *:INPUT:@Raw-*:{
  if ($left($gettok($1-, 1 ,32), 1) != $chr(47)) {
    scid $cid .raw $1-
    haltdef
  }
}

on *:CLOSE:@Raw-*:{
  ; Continue to block exploits without using a window or writing to a file.
/rawwin will reopen the window.
  .debug -i NUL DCCWorkaround
}

alias DCCWorkaround {
  if (($+(*:*!*@* PRIVMSG * :, $chr(1), DCC SEND "*) iswm $1) || ($+(*:*!*@*
PRIVMSG * :, $chr(1), DCC RESUME "*) iswm $1)) {
    echo 4 -ae *** Possible lamer: $1
    var %nick = $right($gettok($gettok($1, 2, 32), 1, 33), -1)
    .ignore -du2 %nick
    notice %nick Please do not exploit me.
  }
  else return $1-
}




-----------------------------

Copiadlo en la sección remotes de vuestro mIRC.


---

Checked by AVG anti-virus system (http://www.grisoft.com).
Version: 6.0.525 / Virus Database: 322 - Release Date: 09/10/2003

More information about the IRC-Dev mailing list