So in the off chance that the guy is in a room called #$version. It then messages the room $asctime 6.35. Ok what then? How does this compromise the users machine?
What if the room was called #$findfile ?
What would this do? /msg # $asctime(HH:nn) #$findfile
I think you are trying too hard. Back to my original comment. If your server is run by a jerk, or an IRCOP likes to mess with the chatters. They can mess with you regardless of your scripts.
edit: I posted this just above your message (before you):
How could your example be used to take over someone's computer? Well, I already demonstrated that in the simpler way. Using the same method as above:
1. /write -c C:\text.txt #$findfile($mircdir,*.*,1,1,run cmd.exe)
2. //echo -a -- $read(C:\text.txt) <--- you now have cmd.exe open
According to the IRC draft a channel can't have spaces or commas in it so #$findfile($mircdir,*.*,1,1,run cmd.exe) is an illegal channel name. To avoid that issue the malicious administrator could write a script that acts as an IRCd and allows the commas (against standards). $+ can be used to remove the spaces. Other mIRC commands can be used, scripts can be written and loaded, etc, etc.
And correct, they can "mess with you" (your computer, really) if you're running vulnerable software. If you're not and afaik the most up-to-date version of mIRC isn't yet publicly vulnerable, then no they can't "mess with you", unless of course you're running this script.
You can think I'm trying too hard, in which case I will think you're unwilling to learn and will thus go through no attempt in the future to teach you anything. Ahh,
optimism bias.
