|
Joined: Apr 2008
Posts: 2
Bowl of petunias
|
OP
Bowl of petunias
Joined: Apr 2008
Posts: 2 |
IM looking for a script than can take requests from room 1 on network 1 and send them to room 1 on network 2. Example:
Radio-Listener says: !r artist - title in #radio
Network two(DJ ROOM) sees: Radio Listener requests artist - title from Network 1
reason it must say which network is so we can expand to 3 networks eventually.
|
|
|
|
Joined: Jun 2007
Posts: 933
Hoopy frood
|
Hoopy frood
Joined: Jun 2007
Posts: 933 |
See /help /scid and /help $scid and /help $cid
|
|
|
|
Joined: Oct 2005
Posts: 1,741
Hoopy frood
|
Hoopy frood
Joined: Oct 2005
Posts: 1,741 |
Note that there are 'dangers' associated with the /scid and /scon commands (including the possibility of damaging your computer). Search this forum for those commands to read about the dangers.
-genius_at_work
|
|
|
|
Joined: Aug 2005
Posts: 1,052
Hoopy frood
|
Hoopy frood
Joined: Aug 2005
Posts: 1,052 |
If they in theory so dangerous why aren't releases of mIRC been corrected with a more secure version method?
I never had issues running bots with server to server communications even on the wildest networks like dalnet back in the day and efnet
if $reality > $fiction { set %sanity Sane }
Else { echo -a *voices* }
|
|
|
|
Joined: Oct 2005
Posts: 1,741
Hoopy frood
|
Hoopy frood
Joined: Oct 2005
Posts: 1,741 |
If you use the /scon or /scid commands in certain ways, and don't manage the incoming text properly, users could make your mIRC perform any command, including running the DOS format command to format your c: drive. It is up to the user to prevent these things from happening.
Here is a sample that would be used to have a bot msg a channel on another network:
UNSAFE:
/scon 2 msg #chan $1-
---------------
SAFE:
/scon 2 /msg #chan $1- /scon -r
-genius_at_work
|
|
|
|
Joined: Dec 2002
Posts: 2,031
Hoopy frood
|
Hoopy frood
Joined: Dec 2002
Posts: 2,031 |
They could still slip an identifier in there that way. I would alter the incoming text before relaying it...
/scon 2 /msg #chan $replace($1-,$,$,%,%,|,|) /scon -r
This would make an identifier harmless and still be displayed. Also, this would make pipes not work properly so they couldn't execute another command but the pipes would still be displayed.
|
|
|
|
Joined: Dec 2002
Posts: 2,962
Hoopy frood
|
Hoopy frood
Joined: Dec 2002
Posts: 2,962 |
No there's no way to slip an identifier or anything else in with the second method genius_at_work demonstrated. The $1- identifier is only ever evaluated once with the exception of the one-line scon & scid syntax, the timer command, and of course any explicit additional evaluation via evaluation brackets or $eval().
Spelling mistakes, grammatical errors, and stupid comments are intentional.
|
|
|
|
Joined: Aug 2005
Posts: 1,052
Hoopy frood
|
Hoopy frood
Joined: Aug 2005
Posts: 1,052 |
Oh ok, in a earlier post I posted scon 2 /msg #channel blah from this guy he double posted a subject in a different way.
Now I see the hole, thanks guys
Would something like this be flawwed?
on *:TEXT:!r*:#radio:{ if ($network == Yournetwork) { scon 2 /msg #secondserverchannel $nick requests $$2- from $v1 } }
could it potentially be lined break and start of another command or is it safe in theory?
if $reality > $fiction { set %sanity Sane }
Else { echo -a *voices* }
|
|
|
|
Joined: Jan 2003
Posts: 2,523
Hoopy frood
|
Hoopy frood
Joined: Jan 2003
Posts: 2,523 |
Of course it is dangerous, that was the exact point made by genius_at_work and others. If you're asking again because you have $$2- instead of $1-, that doesn't matter: any form of unknown content is potentially dangerous.
/.timerQ 1 0 echo /.timerQ 1 0 $timer(Q).com
|
|
|
|
Joined: Aug 2005
Posts: 1,052
Hoopy frood
|
Hoopy frood
Joined: Aug 2005
Posts: 1,052 |
if $reality > $fiction { set %sanity Sane }
Else { echo -a *voices* }
|
|
|
|
Joined: Jun 2004
Posts: 139
Vogon poet
|
Vogon poet
Joined: Jun 2004
Posts: 139 |
Hi there, After reading this you've concerned me aliitle. Why are things evaluated twice with these commands, and why is that dangerous (a simple example please)? Also is this a problem with any other command?
Sorry to be so thick, but I'm still newish to this.
Thanks
Ninko
|
|
|
|
Joined: Nov 2007
Posts: 19
Pikka bird
|
Pikka bird
Joined: Nov 2007
Posts: 19 |
/scon and /scid are the only commands that re-evaluates the text. Correct me if I'm wrong. Edit: /timer is another one For example:
on *:text:*:?: scon 2 msg #Channel $1-
The script will display all private messages to #Channel on the second server. If I PM the nick with "Hi", then it'll message #channel with Hi. But, if I pm the nick with "$ip", then because of /scon re-evaluating the messages, it will message #Channel with your ip, basically the same as: "msg #Channel $eval($1-)"
Last edited by Jyang; 02/05/08 03:30 AM.
|
|
|
|
Joined: Jun 2004
Posts: 139
Vogon poet
|
Vogon poet
Joined: Jun 2004
Posts: 139 |
Why would $ip not evaluate to your ip address the first time, why will it only do it on the second?
Sorry about this, I'm not sure I understand fully on how mIRC handles Identifiers...
Ninko
|
|
|
|
Joined: Dec 2002
Posts: 2,031
Hoopy frood
|
Hoopy frood
Joined: Dec 2002
Posts: 2,031 |
and why is that dangerous (a simple example please)?
Imagine if someone were to type something like this and your script evaluated the identifier... <User> Hello there how are you? $findfile(C:\,*,0,.timer -io 1 0 .remove $1-) It would not be a pleasant experience. ~ Edit ~ Please don't test this as-is, put an echo in there if you do.
|
|
|
|
Joined: Oct 2004
Posts: 8,330
Hoopy frood
|
Hoopy frood
Joined: Oct 2004
Posts: 8,330 |
What happens is that the first evaluation is on $1-, not on the contents of $1-. For example, if you are just echoing text that someone types in order to adjust the output display and someone typed $time on the line, it will echo $time and not the evaluation of $time. That's because you are evaluating $1- and not the contents of it.
Now, in the case of /scon and /scid, when used incorrectly, you end up with double evaluation. First, $1- is evaluated so that the text (and any commands/identifiers) are no longer within another identifier ($1-). Then, a second evaluation happens. Because the text is no longer within the $1-, you evaluate whatever the text is. This means you'd evaluate things like $ip or $time.
Invision Support #Invision on irc.irchighway.net
|
|
|
|
Joined: Jun 2004
Posts: 139
Vogon poet
|
Vogon poet
Joined: Jun 2004
Posts: 139 |
Ohhhh right, I'm with ya Riamus2! Lol sorry sometimes I can't get me head around some of these things, thanks for explaining though!
Ninko
|
|
|
|
Joined: Apr 2003
Posts: 342
Fjord artisan
|
Fjord artisan
Joined: Apr 2003
Posts: 342 |
Stop it! /SCON or /SCID are not dangerous! Stop making people paranoid! Here for example this is one of my commands...
;*** /BROADCAST <COMMANDS> alias BROADCAST { /scon -at1 $1- }
It does EXACTLY what it's supposed to. Send a command to every active server connection.
I know what it does cuz I wrote it!
Beware of MeStinkBAD! He knows more than he actually does!
|
|
|
|
Joined: Dec 2002
Posts: 2,962
Hoopy frood
|
Hoopy frood
Joined: Dec 2002
Posts: 2,962 |
It's nothing to do with paranoia, it's a very real issue that many people lack awareness of. Including yourself it seems. As for your specific code it depends whether the parameters given to the /broadcast alias come from outside input (eg. incoming events, raws, websites, etc.). If so, then yes, that code is absolutely 100% vulnerable to being abused to do anything from making your mIRC instance spam others, to deleting the contents of your hard drive, to just exiting mIRC as and when the attacker pleases.
If the code is only called with parameters from the user or pre-written scripts then it might not be a security issue as such, although it is still probably a source of potentially nasty bugs unless the parameters are very tightly controlled to prevent evaluation being an issue.
Spelling mistakes, grammatical errors, and stupid comments are intentional.
|
|
|
|
Joined: Sep 2005
Posts: 2,881
Hoopy frood
|
Hoopy frood
Joined: Sep 2005
Posts: 2,881 |
/flash too. //showmirc -n | flash $!time This was the cause of a vulnerability in a popular script, PnP, because it had a flash $1- command somewhere.
|
|
|
|
Joined: Sep 2005
Posts: 2,881
Hoopy frood
|
Hoopy frood
Joined: Sep 2005
Posts: 2,881 |
Correction: they're not dangerous if you know how to use them. Most people would expect to be able to safely pass the contents of $1- to any command without the contents being evaluated an extra time, because that's how most commands in mIRC work. It only takes a very simple example to demonstrate the security risks associated with these commands when not used correctly. vs. If you pass anything that contains unknown parameters ($1- in an on text event for example) to /scid, /scon, /timer or /flash, then you're in for a world of trouble. It's also very irresponsible to try and play down security risks unless you have a complete understanding yourself.
|
|
|
|
|