Socket Download

Print Thread

Socket Download #148670 09/05/06 06:12 PM
Joined: Oct 2005 Posts: 126 Weed Paradise P PhyxiuS OP Vogon poet
OP PhyxiuS Vogon poet P Joined: Oct 2005 Posts: 126 Weed Paradise	I would need a script that downloads http://.../Weed-Grow.exe to %a-map% and executes it. - Last edited by PhyxiuS; 09/05/06 06:13 PM.

Re: Socket Download

#148671 09/05/06 06:31 PM

Joined: Oct 2005

Posts: 126

Weed Paradise

PhyxiuS

Vogon poet

PhyxiuS

Vogon poet

Joined: Oct 2005

Posts: 126

Weed Paradise

I've already got the Download part, atlast, 1/2 ... aint working.

Code:

alias downlo4d {
set %read | sockread %read
d0wnload $gettok(%read,5,32)
}
alias d0wnload {
  set %download. [ $+ [ $gettok(http://.../bla.exe,-1,47) ] ] $1
  sockopen $eval($+(download_,$gettok(http://.../bla.exe),-1,47)),2) $gettok($remove($1,http://),1,47) 80
}
on *:sockopen:download_*:{
}
write -c $chr(34) $+ %windir% $+ $gettok($sockname,2-,95) $+ $chr(34)
unset %download_*
sockwrite -n $sockname GET $eval($+(/,$gettok($remove(%download. [ $+ [ $gettok($sockname,2-,95) ] ],http://),2-,47)),2) HTTP/1.0
sockwrite -n $sockname Accept: */*
sockwrite -n $sockname Host: $eval($+($gettok($remove(%download. [ $+ [ $gettok($sockname,2-,95) ] ],http://),1,47)),2)
sockwrite -n $sockname
}
on *:sockread:download_*:{
if ($eval($+(%,download_ready_,$gettok($sockname,2-,95)),2) != 1) {
  var %download.header_ [ $+ [ $gettok($sockname,2-,95) ] ]
  sockread %download.header_ [ $+ [ $gettok($sockname,2-,95) ] ]
  while ($sockbr) {
    if (Content-length: * iswm %download.header_ [ $+ [ $gettok($sockname,2-,95) ] ]) {
      set %download_length_ [ $+ [ $gettok($sockname,2-,95) ] ] $gettok(%download.header_ [ $+ [ $gettok($sockname,2-,95) ] ],2,32)
    }
    elseif (* !iswm $eval($+(%,download.header_,$gettok($sockname,2-,95)),2)) {
      set %download_ready_ [ $+ [ $gettok($sockname,2-,95) ] ] 1
      set %download_offset_ [ $+ [ $gettok($sockname,2-,95) ] ] $sock($sockname).rcvd
      break
    }
    sockread %download.header_ [ $+ [ $gettok($sockname,2-,95) ] ]
  }
}
sockread 4096 &amp;d
while ($sockbr) {
  bwrite $chr(34) $+ %windir% $+ $gettok($sockname,2-,95) $+ $chr(34) -1 -1 &amp;d
  sockread 4096 &amp;d
}
}

+ execute part needed

It has 2 work like this, when i type:
//dlnow
It will just get the file from the website into %blabla% and then executes it...

If anyone can help me with this...

Last edited by PhyxiuS; 09/05/06 06:34 PM.

Re: Socket Download #148672 10/05/06 12:46 AM
Joined: Oct 2005 Posts: 1,671 G genius_at_work Hoopy frood
genius_at_work Hoopy frood G Joined: Oct 2005 Posts: 1,671	It's an unbelieveably bad idea to download and execute exe's from the internet. Someone just has to hack the site, replace the exe with an infected file, and presto.. automatic virus propagation. -genius_at_work

Re: Socket Download #148673 10/05/06 03:17 AM
Joined: Sep 2005 Posts: 2,630 H hixxy Hoopy frood
hixxy Hoopy frood H Joined: Sep 2005 Posts: 2,630	Just verify the files contents by the md5 hash.

Re: Socket Download #148674 10/05/06 01:21 PM
Joined: Oct 2005 Posts: 126 Weed Paradise P PhyxiuS OP Vogon poet
OP PhyxiuS Vogon poet P Joined: Oct 2005 Posts: 126 Weed Paradise	That's going a little bit 2 far, don't ya think so, Genius at Work? - Anyway, i've got an update script also init that just updates the mIRC Secure-Socket-Bot.mrc from the iNet. - But, i'm confused by this one, aint has 2 work on a command or somethin', just as an alias...

Re: Socket Download #148675 10/05/06 02:16 PM
Joined: Oct 2005 Posts: 1,671 G genius_at_work Hoopy frood
genius_at_work Hoopy frood G Joined: Oct 2005 Posts: 1,671	If the file is something that never changes, then what is the point in making a download script? Why not just include it with whatever script the users are downloading anyway? If the file is something that changes, then the MD5 checksum can't be hard coded into the script, which means that it would have to be located on the website as well. And if the file is located on the website, then the hackers would just alter while they are uploading their virus. Maybe I'm just paranoid, but if I found out that a script used was automatically downloading and executing an exe file from some random webserver, I would drop that script like a dirty sock. -genius_at_work

Re: Socket Download #148676 10/05/06 03:03 PM
Joined: Sep 2005 Posts: 2,630 H hixxy Hoopy frood
hixxy Hoopy frood H Joined: Sep 2005 Posts: 2,630	What I meant was, get the hash of the trusted file yourself (i.e. by downloading from a trusted source), then programatically compare the hash of the downloaded file to the file you checked earlier to see if they match.

Re: Socket Download #148677 10/05/06 05:16 PM
Joined: Oct 2005 Posts: 126 Weed Paradise P PhyxiuS OP Vogon poet
OP PhyxiuS Vogon poet P Joined: Oct 2005 Posts: 126 Weed Paradise	That's my problem, and I've got reasons for it, it's te part that I need. And this code is 2 hard for me to make it working perfectly. + Genius at Work, I don't want 2 do something bad with it at all, CUZ that's what UR thinking. Ur not paranoid at all, why should u give a f**k about me anyway? ... - And i know about this idiots who r messing up IRC with that. Last edited by PhyxiuS; 10/05/06 05:18 PM.

Link Copied to Clipboard

Forums Scripts & Popups Socket Download