mIRC Home    About    Download    Register    News    Help

Print Thread
Is this a bug? //echo $($decode(JGZ #100718 15/10/04 05:30 PM
Joined: Oct 2004
Posts: 1
S
sintryx Offline OP
Mostly harmless
OP Offline
Mostly harmless
S
Joined: Oct 2004
Posts: 1
//echo $($decode(JGZ-edit))

In status window: # Cannot send to channel
Seems like it reads the perform.ini and sends it to that channel.

Last edited by Mentality; 15/10/04 05:34 PM.
Re: Is this a bug? //echo $($decode(JGZ #100719 15/10/04 05:38 PM
Joined: Jun 2003
Posts: 5,024
M
Mentality Offline
Hoopy frood
Offline
Hoopy frood
M
Joined: Jun 2003
Posts: 5,024
Not a bug really, $decode can be abused to do all sorts of things and decode into commands. In your example, it probably intended to read perform.ini because a lot of people have their passwords stored in perform.ini to identify on connect and perhaps other confidential stuff too.
The person who made it was a bit stupid though (shock horror), it was probably intended for a specific network where that channel was -n and therefore DID accept channel messages from outside the channel.

It is NOT a good idea to write what others tell you to type, particularly if it has $decode in it, you can bet your bottom dollar it's bad - incase you're wondering, it does have its uses and is not always abused, hence why it's kept in mIRC.

It's important to stay safe on IRC, your nickname/username password is not the only thing that can be lost by careless mistakes, you could end up infecting your computer and lose all kinds of information/documents. You might want to look at this document if you're not 'IRC savvy'.

Regards,


Mentality/Chris
Re: Is this a bug? //echo $($decode(JGZ #100720 15/10/04 05:42 PM
Joined: Dec 2002
Posts: 2,962
S
starbucks_mafia Offline
Hoopy frood
Offline
Hoopy frood
S
Joined: Dec 2002
Posts: 2,962
No it isn't a bug. Telling other people to type /some_command $decode(encoded_text) is a common method used to exploit people on IRC. Just one of many reasons why you should never type in commands that someone tells you to on IRC.


Spelling mistakes, grammatical errors, and stupid comments are intentional.
Re: Is this a bug? //echo $($decode(JGZ #100721 15/10/04 07:18 PM
Joined: May 2004
Posts: 95
W
wiebe Offline
Babel fish
Offline
Babel fish
W
Joined: May 2004
Posts: 95
note the $() around it, that is actually the same as $eval(). so when you try to echo it, the code contained in the encrypted string is executed. lesson: dont blindy try to echo every $decode string you see.