mIRC Home    About    Download    Register    News    Help

Print Thread
#131895 05/10/05 09:37 PM
Joined: Jan 2004
Posts: 133
W
Vogon poet
OP Offline
Vogon poet
W
Joined: Jan 2004
Posts: 133
I am tring to get how many people are in a channel from a different network ..

set %totalpeople $nick(%channel,0)

how do i do that from a differnt network ?
or maybe a command that checks all networks i am on ..
for the %channel and gives me the total people in
that room ..

Joined: Aug 2005
Posts: 1,052
L
Hoopy frood
Offline
Hoopy frood
L
Joined: Aug 2005
Posts: 1,052
irc.server1.com = 1st open server
irc.server2.com = 2nd opened server

script:>

example
on *:TEXT:!Users*:*: {
scid 2 //c.users $2
}

Code:
alias c.users {
  var %c.calc = $nick($1,0)
  scid 1 //msg #ChanYouWantToPost %c.calc
}


usage is has follows, the first server you are on = $CID (1) you can do a test in your mirc window liek //echo -a $cid if it says 1 that means its your first connect if its any other adjust script accordingly

so someone types !users #testchan

which #testchan is on the other server

your script performs the alias which calcs the users on specified chan

so we work with SCID 1 and 2 ... youll learn by looking at my script what i mean by that


Code:
if $reality > $fiction { set %sanity Sane }
Else { echo -a *voices* }
Joined: Jan 2004
Posts: 133
W
Vogon poet
OP Offline
Vogon poet
W
Joined: Jan 2004
Posts: 133
I think you miss-understand ..

I am tring to get how many people are in a channel
and set that to a %totalpeople < var

set %totalpeople $nick(%channel,0)

need a command that checks all networks i am on ..
for the CHANNEL > %channel
and gives me the total people in that room
saved to: %totalpeople

Because : $nick(%channel,0) < only works for one server.

Joined: Feb 2004
Posts: 2,019
Hoopy frood
Offline
Hoopy frood
Joined: Feb 2004
Posts: 2,019
We've already been through this, when giving people code, try to make sure it is not open to exploits, as your code is. I can format his hard drive with that on text event that you gave him.

Read what I told you here


Gone.
Joined: Aug 2005
Posts: 1,052
L
Hoopy frood
Offline
Hoopy frood
L
Joined: Aug 2005
Posts: 1,052
are you sure sure ?? id invite you to my network and me with that script and you attempt to format my pc i never seen it exploitable b efore its not that i dont believe you but maybe this exploit was fixed in latest releases??


Code:
if $reality > $fiction { set %sanity Sane }
Else { echo -a *voices* }
Joined: Feb 2004
Posts: 2,019
Hoopy frood
Offline
Hoopy frood
Joined: Feb 2004
Posts: 2,019
I'm 100% sure.

This is the code I've used:
Code:
on *:TEXT:!Users*:*: { 
  scid 1 //c.users $2
} 

alias c.users {
  var %c.calc = $nick($1,0)
  scid 1 //msg #ChanYouWantToPost %c.calc
}

Note that the only difference with yours is that I put a 1 after the scid, because I was testing this on a client that is only on 1 network.

For example, do you know many people have an alias for quit? Like /q for example or even /quit that will add an extra message for them?

Here's how to make those people quit with the code you gave the original requester:

I type: !users $quit, and the person who hosts this script is disconnected. Now you may say it's all very innocent, and it depends on them having a /quit alias, but many do, and it shouldn't be possible to do it in the first place. Oh wait, you dismiss this argument? Fine, let's just install a quit alias on their mIRC, just to be sure, ok?

!users $($replace(alias*quit*quit*|*$quit,*,$chr(32)),2)

There we go, this created a /quit alias on their computer, and immediately after that made them quit.


Let's make things a little bit worse. Fortunately for you, you put $2 instead of $2-, or it would have been even easier to exploit, but with a little inventivity we will achieve the same result.

!users $findfile($mircdir,*,0,$replace(echo*-a*$1,*,$chr(32))).shortfn

Guess what it does? Right, it will echo all files in your mirc directory. It's easy to change this to delete all your files on your c:\ drive, but I'm not showing how. I could use /run ... and have access to the DOS command prompt, and you know what that means, right?

If you had put $2-, then I wouldn't even have to use that $replace hack, but maybe it's for the best that you did, so I can show you that you need to be really careful about what kind of code you give out to people.

You were lucky in another sense that you put scid 2 .... People who only have 1 server window open, will see it raise an error, which halts the script, and thus also the malicous code. However again, thats playing with fire, as many many people have atleast 2 server windows open, which means all of them are vulnerable for exploits with your code.

I sincerely hope you've finally understood my worries, and that in the future you, and other people will take these dangers of double evaluation into account that come with commands like /timer, /scid, /scon ...

Ways to prevent this problem were shown here where I've already linked to.

One last note, people might think that the examples I gave might give people ideas to try to exploit such code however anyone that knows $findfile and can read the help file knows that it can execute commands. The solution is not removing this functionality as it serves a great purpose, but to make less experienced scripters aware of these issues so that they cease to be an issue in the first place. If you don't give out code that is open to exploits, then it doesn't matter if $findfile can execute commands, or that $eval works the way it does.

Nevertheless, it's a shame that I have to go so far as to give you actual examples, when you could have simply taken my word for it, or tried out some things on your own.


Gone.
Joined: Aug 2005
Posts: 1,052
L
Hoopy frood
Offline
Hoopy frood
L
Joined: Aug 2005
Posts: 1,052
Oh i c, well i was looking for more basic exploits then that.. ill try to test those exploits to see

so next time ill use

on *:TEXT:*:*: {
if ($1 == !Users) {
scid 2
c.users $2
}
}

right?


Code:
if $reality > $fiction { set %sanity Sane }
Else { echo -a *voices* }
Joined: Feb 2004
Posts: 2,019
Hoopy frood
Offline
Hoopy frood
Joined: Feb 2004
Posts: 2,019
Basic exploits? It would have been a bless if it were only basic exploits, but these are the real deal, the ones that will damage your system the most.

Any exploit is one too many.

Yes, that's a good way to go around it, requires no effort extra, and saves a lot of potential trouble smile
Don't forget to also change it in the c.users alias. Okay, right now it won't be a problem since it will always be a digit that is messaged, but what if the person later on makes some adjustments to the code, not knowing there is a huge potential danger accompanying it? Better play safe, and make it safe from the first step.

Note that the !users * in the matchtext was fine, the only thing we need to worry about is how we handle scid/scon/timer etc.


Gone.
Joined: Dec 2002
Posts: 1,245
M
Hoopy frood
Offline
Hoopy frood
M
Joined: Dec 2002
Posts: 1,245
alias testcount {
scid -as chancount $!nick(#channel,0)
echo -a #channel Count %chancount
unset %chancount
}
alias chancount {
set %chancount $calc(%chancount + $1)
}

ok, this was a headache since I don't normally work with multiserver
anyone have a better way?

Joined: Jan 2004
Posts: 133
W
Vogon poet
OP Offline
Vogon poet
W
Joined: Jan 2004
Posts: 133

Nice .. Thanks Guys !

Man didnt Mean To start Something lol smile

MikeChat < THANKS smile

Works Great !

Joined: Dec 2002
Posts: 1,245
M
Hoopy frood
Offline
Hoopy frood
M
Joined: Dec 2002
Posts: 1,245
well... this way we all learn

Joined: Jul 2003
Posts: 655
Fjord artisan
Offline
Fjord artisan
Joined: Jul 2003
Posts: 655
Just a very little snippet i use regularly in my own scripts you might find useful. Generally i find it better to include the little snippet where neccersary (usually with alias -l) rather than hardcode the scid/cid values, since that could cause errors if you connect to your servers in a different order for example.

Code:
alias net2cid {
  var %x = $scon(0), %y = 0
  while (%y &lt;= %x) {
    if ($scon(%y).network == $1) {
      return $scon(%y)
    }
    inc %y
  }
}


example use: scid $net2cid(AustNet) echo -s testing

Obviously, replace AustNet with the name of a network of your choice (you can use //echo -a $network to make sure you have the name correct)


"Allen is having a small problem and needs help adjusting his attitude" - Flutterby
Joined: Feb 2004
Posts: 2,019
Hoopy frood
Offline
Hoopy frood
Joined: Feb 2004
Posts: 2,019
If you'd put echo -a $network, it would echo the network of where you issued the command, not the one where you set the scid to. You'd need to escape it by putting $!network.

Note please read this thread carefully, because the way you had your example set up, is again potentially dangerous for exploitation of bad code.

Do not use: scid <cid> <code> unless you are 100% sure of what you're doing, and even if you do know it, let the person who you give the code to know that if he puts other code than yours in it, he is open to exploitation.

Preferable would definitely be:

scid <cid>
code

or
scid <cid> | code


I can't stress this enough people, this is no joke.

Joined: Jul 2003
Posts: 655
Fjord artisan
Offline
Fjord artisan
Joined: Jul 2003
Posts: 655
Indeed i forgot the pipe.


"Allen is having a small problem and needs help adjusting his attitude" - Flutterby

Link Copied to Clipboard