Register Log In

Forums Scripts & Popups close mIRC with command?

Print Thread

close mIRC with command? #115822 30/03/05 04:44 PM
Joined: Jan 2004 Posts: 129 A AaronL OP Vogon poet
OP AaronL Vogon poet A Joined: Jan 2004 Posts: 129	Hi all. today a guy came into my room and said that my routine has a leak and he 'proved' me this with a command he used: ChaoZero //say $dll(C:\windows\system32\kernel32.dll, ExitProcess, 1) within 3 seconds my mIRC was closed? I wrote a routine that he used according himself. my routine was. /msg triviabot write <naam> <tekst>. He typed: /msg triviabot write hisname //say etc. you can read the text by using /msg triviabor read. so i removed my routine. Question is: can he do so without the routine. i mean: just send that command to my bot which will cause the closedown of the mIRC? with regards Aaron Deridio fatum

Re: close mIRC with command? #115823 30/03/05 04:54 PM
Joined: Oct 2004 Posts: 8,330 MA, USA Riamus2 Hoopy frood
Riamus2 Hoopy frood Joined: Oct 2004 Posts: 8,330 MA, USA	Any script which allows a person to tell a bot to "say" something can be used to cause all kinds of problems if you don't have protections included in the script to prevent that. You can't just send that message to normal mIRC and cause it to close. What happens is that your bot was repeating the command and that's always a danger. You can put preventative code into your script to prevent such problems by checking any text sent to the bot for various commands which you wouldn't want used. For example, you would want to accept any message which includes //decode or //write or $dll. You could just use an if statement and halt the command if those are in the msg sent to the bot. Invision Support #Invision on irc.irchighway.net

Re: close mIRC with command? #115824 30/03/05 05:42 PM
Joined: Jan 2004 Posts: 129 A AaronL OP Vogon poet
OP AaronL Vogon poet A Joined: Jan 2004 Posts: 129	Hi Riamus2 Thanks for the fast reply. i will make the changes you suggest. With regards Aaron Deridio fatum

Re: close mIRC with command? #115825 30/03/05 05:50 PM
Joined: Oct 2004 Posts: 8,330 MA, USA Riamus2 Hoopy frood
Riamus2 Hoopy frood Joined: Oct 2004 Posts: 8,330 MA, USA	EDIT Just for clarification, I missed a word in my previous post... you do NOT want to accept messages with //decode or //write or $dll. And, you can probably choose to prevent other things as well depending what you want it to actually do. For example, if you are just having it say messages to the channel, you could prevent all that start with / or // which would solve most those problems. Example if statement: if (/* iswm $3) { .notice $2 Invalid text. halt } Invision Support #Invision on irc.irchighway.net

Re: close mIRC with command? #115826 30/03/05 05:54 PM
Joined: Apr 2004 Posts: 871 The Netherlands Sat Hoopy frood
Sat Hoopy frood Joined: Apr 2004 Posts: 871 The Netherlands	Quote: Question is: can he do so without the routine. i mean: just send that command to my bot which will cause the closedown of the mIRC? No. A part of your script is flawed, and it's probably the part where the bot reads from the file again. If the $read() call you have, does not use the 'n' flag, it will evaluate any identifiers in the line you're reading, including $dll, $eval, $findfile and so on. Usually, adding the 'n' flag will solve the problem (see also /help $read); just filtering out a few identifiers is not sufficient. If you're not sure about what to do exactly, please paste the relevant routine here (including the /write and $read stuff), and we will help you... Saturn, QuakeNet staff

Re: close mIRC with command? #115827 31/03/05 12:16 AM
Joined: Sep 2003 Posts: 4,230 D DaveC Hoopy frood
DaveC Hoopy frood D Joined: Sep 2003 Posts: 4,230	(reply not directed at Sat) The n flag is of course the best to stop that, but i also do this alot now (before writting it to the file) user text is in %text var %text = $replace(%text,$,$,%,%,\|,\|,[,[,],],$({,),$+(,$({,)),$(},),$+(,$(},))) Just wacks two BOLDS before anything that might do anything, so /echo %text looks just the same, but if saved to a file or anywhere where it might get contents evaluation it wont evaluate to anythying since something like $time doesnt evaluate.

Re: close mIRC with command?

#115828 31/03/05 07:10 AM

Joined: Jan 2004

Posts: 129

A

Offline

OP

Vogon poet

OP

Offline

Vogon poet

A

Joined: Jan 2004

Posts: 129

Hi all

Here is the piece of code i use

Code:

 
  if ($$1 == lees) { set %ReadName $nick | set %bericht $read($mircdirtxtfiles\messages.ini, s, $nick) | if (%bericht == $null) { /notice %Readname Sorry $nick $+ , ik heb geen bericht[en] meer gevonden. | close -cm %ReadName | halt } |  /notice $nick message $+ : %bericht | /write -ds $+ $nick $mircdirtxtfiles\messages.ini | close -cm $nick } 

  if ($$1 == schrijf) { 
    set %MessName $$2 
    set %message $mid($1-,9,250) 
    if (//decode isin %message) || (//write isin %message) || (//$dll isin %message) || (//say isin %message) { /notice $nick hacken is niet toegestaan! | /ban -k #trivia $nick Hacken is NIET toegestaan. | halt }
    write $mircdirtxtfiles\messages.ini %message ( gepost door $nick op $date ) 
    close -cm $nick | /notice $nick je bericht is opgeslagen! 
  }

reactions are in Dutch, but i presume this isn't a problem

With regards
Aaron

Deridio fatum

Re: close mIRC with command?

#115829 31/03/05 09:07 AM

Joined: Sep 2003

Posts: 4,230

D

Offline

Hoopy frood

Offline

Hoopy frood

D

Joined: Sep 2003

Posts: 4,230

Code:

 
  if ($$1 == lees) { set %ReadName $nick | set %bericht $read($mircdirtxtfiles\messages.ini,  [color:blue]n[/color]s, $nick) | if (%bericht == $null) { /notice %Readname Sorry $nick $+ , ik heb geen bericht[en] meer gevonden. | close -cm %ReadName | halt } |  /notice $nick message $+ : %bericht | /write -ds $+ $nick $mircdirtxtfiles\messages.ini | close -cm $nick } 
  if ($$1 == schrijf) { 
    set %MessName $$2 
    set %message $mid($1-,9,250) 
    if ($[color:blue]![/color]decode isin %message) || (//write isin %message) || ($[color:blue]![/color]dll isin %message) || (//say isin %message) { /notice $nick hacken is niet toegestaan! | /ban -k #trivia $nick Hacken is NIET toegestaan. | halt }
     [color:blue]%message = $replace(%message,$,$,%,%,|,|,[,[,],],$({,),$+(,$({,)),$(},),$+(,$(},)))[/color] 
    write $mircdirtxtfiles\messages.ini %message ( gepost door $nick op $date ) 
    close -cm $nick | /notice $nick je bericht is opgeslagen! 
  }

Adjust it so it looks like above and you should be resonably safe,

n stops the line from running any commands in it
$!decode and not //decode as its $decode the "!" stops mirc from mistakenly evaluating it in your line
$!dll the same as $decode above
%message = $replace(%message,$,$,%,%,|,|,[,[,],],$({,),$+(,$({,)),$(},),$+(,$(},))) this is a backstop to the n as this well make anything else like $time not change to the time if you did forget the n

Re: close mIRC with command? #115830 31/03/05 09:21 AM
Joined: Jan 2004 Posts: 129 A AaronL OP Vogon poet
OP AaronL Vogon poet A Joined: Jan 2004 Posts: 129	Hi DaveC Thank you for the fast reply. I have changed it accordingly your tips. i should be resonably safe now i hope. With regards Aaron Deridio fatum

Re: close mIRC with command? #115831 31/03/05 09:26 AM
Joined: Nov 2003 Posts: 2,327 T tidy_trax Hoopy frood
tidy_trax Hoopy frood T Joined: Nov 2003 Posts: 2,327	You can just write the text to the file exactly as it was spoken now that you've added the 'n' flag to $read(), there's no need for that big chunk of code in blue. New username: hixxy

Re: close mIRC with command? #115832 31/03/05 04:15 PM
Joined: Sep 2003 Posts: 4,230 D DaveC Hoopy frood
DaveC Hoopy frood D Joined: Sep 2003 Posts: 4,230	Did you read the last line of my post, I did mention that myself.

Link Copied to Clipboard