Forums Bug Reports Is this a bug? //echo $($decode(JGZ

//echo $($decode(JGZ-edit))

In status window: #ý Cannot send to channel
Seems like it reads the perform.ini and sends it to that channel.

Not a bug really, $decode can be abused to do all sorts of things and decode into commands. In your example, it probably intended to read perform.ini because a lot of people have their passwords stored in perform.ini to identify on connect and perhaps other confidential stuff too.
The person who made it was a bit stupid though (shock horror), it was probably intended for a specific network where that channel was -n and therefore DID accept channel messages from outside the channel.

It is NOT a good idea to write what others tell you to type, particularly if it has $decode in it, you can bet your bottom dollar it's bad - incase you're wondering, it does have its uses and is not always abused, hence why it's kept in mIRC.

It's important to stay safe on IRC, your nickname/username password is not the only thing that can be lost by careless mistakes, you could end up infecting your computer and lose all kinds of information/documents. You might want to look at this document if you're not 'IRC savvy'.

Regards,

No it isn't a bug. Telling other people to type /some_command $decode(encoded_text) is a common method used to exploit people on IRC. Just one of many reasons why you should never type in commands that someone tells you to on IRC.

note the $() around it, that is actually the same as $eval(). so when you try to echo it, the code contained in the encrypted string is executed. lesson: dont blindy try to echo every $decode string you see.