Forums Feature Suggestions Internal mIRC Identify for remote checking

Greetings,

Many times some really bad people easily disable the Version and Finger replys which would identify them as a mIRC script user.

My suggestion is to add a internal mIRC identifer to all future mIRC releases in which a remote mIRC script could pull up and that would be nearly impossible to disable. The good folks are proud of the fact they are using mIRC, the shady folks don't want people to know.

Regards,

MDA

It is "impossible" to disable the version reply. The people who have done this have ILLEGALLY modified the mIRC exe file, there is virtually no way to stop that. Code could be added to detect the change, but then at the same time they change the version reply, they could change the code that detects the change. There really is no defense.

But on another note, I wouldn't say anyone who doesn't want their version reply is "shady" I'd be very happy if mIRC let you hide the reply. The first rule of preventing exploits is never let other people know what software and what version of the software you use. Once they have that, the job of hacking/exploiting you becomes many many times easier.

It is possible to disable the version reply using DLL's, or even only scripts. Not that I've done it, but I'm running a script that would take about two lines of additional code to do so.
Not that it really matters, because Khaled has made it pretty clear he'd like you to stay away from the version reply, so whether you hex mIRC or use a script doesn't make any difference in my opinion.

It would be nice if there was an option to ignore only version CTCP's though. Not that the fact you're using mIRC is a serious security issue, but using mIRC almost always implies you are using windows as well... (don't know if wine and other emulators emulate security bugs as well :[b][/b]P )
If you selected this option, mIRC would just ignore version CTCP's, not trigger any events, and not write them to debug.log or @debug (or people would exploit it for their own version reply anyway)

Codemastr's reply is 'It is "impossible" to disable the version reply. The people who have done this have ILLEGALLY modified the mIRC exe file, there is virtually no way to stop that.'

Codemastr' all anyone has to do is add this simple snippit to their script.

ctcp ^*:*:* { halt }

Walla, no replies from you to any ctcp quierys period, if you don't know nor realize the porn bots are using this same simple script snippit, then I'm unsure why you are responding to my previous post Codemastr. Version, finger, time, ping, in short all ctcp replys are stopped with that simple script snippit.

And in regards to the other individual that replied regarding needing two lines of script or adding a DLL to possibily disable the Version reply, here you are.

ctcp ^*:*VERSION*:* { halt }

Regards,
MDA

Did you test it yourself?

Greetings Online,

We use a slight variation of that code ourselves to trap certain events and remove the guilty partys trying to flood out ctcp events, ping flooding, time flooding etc. What's new, do you actually have something to add to the original post here?


Regards,
MDA

What he means is that your script doesn't work. That script will only work if you have motfv3 loaded and synced.

It's quite funny how you are so... arrogant, when the snippet you pasted doesn't even come close to working. I loaded your script, then I did a ctcp version on myself...
[12:47] [codemastr VERSION reply]: mIRC v6.03 Khaled Mardam-Bey
Huh, would you look at that! It still sent the version reply!!!

If you're going to be so sure of yourself, at least ensure that you are right.

Greetings Codemastr,

That snippit works fine, perhaps its too complicated for you to understand how and why that works. It simply halts any reply on the ctcp quierys sent to that script. I would normally take that as a good sign that you haven't figured out how easy it is to stop all such quierys, however sadly many have and the vast number that have are sleezy porn peddlers that are a unwelcomed pest in the chatrooms. That permits the porn peddlers to slip in unnoticed via mIRC with no Version nor Finger replies and then further permits them to ping and time disconnect the visitors in the chatrooms if other safeguards aren't in place. Check the rest of your ctcp reply routines Codemastr, you'll figure it out.


Regards,
MDA

/me laughs like crazy

Note: You can't prevent the standard version reply from being sent.

Try reading the helpfile, it provides useful information.

That cocky attitude isn't going to get you far MDA... Realise you do not know everything, or as it seems, very much.

Not that I need to further prove the version reply or anything..



Place ur face 6 inches from the screen, and read that last line back to me..

He is polite though lol

Greetings

The snippit doesn't work, perhaps that is too complicated for you to understand. Have you even bothered to try it in vanilla mIRC?


Regards,
Collective

I think you'll find your mistaken.

I hate people like MDA.. They're so annoying.. lol

"I'm a pompous moron who knows everything, and you are stupid, I lift my nose at you even though I am wrong and too ignorant to see it"

Greetings, lol

The snippit posted works fine in our mIRC scripts, if your'e not aware of how and why, that isn't the reason I started this thread. The reason for this thread was to add additional internal mIRC Identifying codes. LOL, seems for the folks here, what's there is more then enough, sadly though many folks have figured out how to make some slight external scripting adjustments and are trapping their ctcp event replies such as Version, Finger etc.etc. It seems a dead issue here, we'll have to pursue other means to scan for identifying what's in the chatroom with us.

Regards,
MDA