mIRC Home    About    Download    Register    News    Help

Print Thread
Page 1 of 3 1 2 3
#26789 29/05/03 03:23 AM
Joined: May 2003
Posts: 177
P
Prizm Offline OP
Vogon poet
OP Offline
Vogon poet
P
Joined: May 2003
Posts: 177
mIRC should have commands and identifiers to manipulate the Windows registry. This would be extremely useful in my opinion.

I'm very aware that implementing this feature would be a field day for some malicious users, but if this is added, an option should be also implemented to disable registry access via mIRC.

#26790 29/05/03 03:29 AM
Joined: Dec 2002
Posts: 1,527
_
Hoopy frood
Offline
Hoopy frood
_
Joined: Dec 2002
Posts: 1,527
if i remember correctly there is a dll out there that does allow registry manipulation for use in mirc ..... altho i am not positive of its name or where abouts. i once went on a search for dlls for mirc to see what i could find and toy around with..... id have to assume that would be the safest way to manipulate your registry by only having that dll ....... i could only imagine how bad things would be if mirc had it built in to every download that someone could use something similar to that matrix deal to mess up your pc on ya ...... again im thinking its just a dangerous thing to put into mirc from the box but it would be a nice idea to be able to have it at your disposal


D3m0nnet.com
#26791 29/05/03 03:48 AM
Joined: Dec 2002
Posts: 2,809
C
Hoopy frood
Offline
Hoopy frood
C
Joined: Dec 2002
Posts: 2,809
As _D3m0n_ said, there are already DLLs for this, and if I'm not mistaken, it can also be accomplished using COM.

#26792 29/05/03 03:58 AM
Joined: Jan 2003
Posts: 2,523
Q
Hoopy frood
Offline
Hoopy frood
Q
Joined: Jan 2003
Posts: 2,523
It does, by providing COM support. You can use the WshShell object (registered as Wscript.Shell) and its RegRead, RegWrite and RegDelete methods. They do not do stuff like enumerating (ie allowing you to loop through) registry keys/values, but they should be enough for what you want to do from within mirc. If you want these extra features, you'd better get registry.dll by Dragonzap. Here's what I use for reading/writing:
Code:
[color:green]; Reads key from registry
; Syntax:
; $regread(<key>)
; if an error occurs returns ERROR, otherwise
; OK <data>
; To retrieve a key's data, the key needs to end with a backslash. You should
; not include a backslash if you want to read a value's data
; You can use the short names for registry hives, for example
; HKCR instead of HKEY_CLASSES_ROOT[/color]
alias regread {
  var %a = regread $+ $ticks
  .comopen %a WScript.Shell
  if $comerr { return ERROR }
  if !$com(%a,RegRead,3,bstr,$1) {
    .comclose %a
    return ERROR
  }
  var %b = $com(%a).result
  .comclose %a
  return OK %b
}

[color:green]; Writes to the registry
; Syntax
; $regwrite(<key>/<value>,<data>,[type])
; [type] can be
;  d, for REG_DWORD
;  b, for REG_BINARY
; anything else (or nothing), for REG_SZ
; returns 1 if the operation was successful, otherwise 0
; Example: $regwrite(HKEY_CURRENT_USER\MyKey\,This is the key's data,s)
; Example: $regwrite(HKCU\MyKey\MyDwordValue,5,d)[/color]
alias regwrite {
  var %a = regwrite $+ $ticks
  .comopen %a WScript.Shell
  if $comerr { return 0 }
  if d isin $3 { var %3 = REG_DWORD, %type = ui4 }
  elseif b isin $3 { var %3 = REG_BINARY, %type = ui4 }
  else { var %3 = REG_SZ, %type = bstr }
  if $com(%a,RegWrite,3,bstr,$1,%type,$2,bstr,%3) { 
    .comclose %a
    return 1 
  }
  .comclose %a
  return 0
}


/.timerQ 1 0 echo /.timerQ 1 0 $timer(Q).com
#26793 29/05/03 11:33 AM
Joined: Apr 2003
Posts: 210
S
Fjord artisan
Offline
Fjord artisan
S
Joined: Apr 2003
Posts: 210
Yeah you can do it by using COM, IF the user has the Windows Scripting Host installed, And not all users do. Also, There are numerous features that could be done in DLL's. Given that DLL's can do just about anything, I think dismissing a suggestion because "You can do it in a DLL" is unfair.

This isn't a feature that's easily scripted.

$regread would be a good idea I think, /regwrite is debateable.

There is already MDX, I bet the next mIRC version will introduce new 32 bit controls. There was already an MD5 DLL, and an MD5 script, mIRC introduced $md5. Those are just some examples off the top of my head. Registry manipulation is a basic and useful function of most languages.

Further more, Including DLL's with mIRC scripts is an undesirable requirement because mIRC lacks in some areas. It's not a reason for mIRC to continue lacking.

#26794 29/05/03 12:35 PM
Joined: Dec 2002
Posts: 1,527
_
Hoopy frood
Offline
Hoopy frood
_
Joined: Dec 2002
Posts: 1,527
read my post as to why it shouldnt be a built in thing into mirc ..... remember alot of ppl using irc dont even use any scripts and they fall for alot of things like the matrix $decode crap ...... this would open up a major security issue in mirc if this were to be added as a built in feature ...... id rather see it as it is right now ..... only a select few ppl have in because they have added it themselves ...... and normally the ppl who add it themselves wont be stupid enough to alter thier registry on hte suggestion of nother chatter they dont even know


D3m0nnet.com
#26795 29/05/03 12:47 PM
Joined: Jan 2003
Posts: 2,523
Q
Hoopy frood
Offline
Hoopy frood
Q
Joined: Jan 2003
Posts: 2,523
The particular methods (RegRead, RegWrite, RegDelete) are implemented in version 1.0 of WSH. v 1.0 exists on every windows os starting from win98. So the only users that will not be able to use the aliases are win95 users. It is generally believed that they have become extinct, but for the few remaining ones... well, sucks to be them.


/.timerQ 1 0 echo /.timerQ 1 0 $timer(Q).com
#26796 29/05/03 01:07 PM
Joined: Apr 2003
Posts: 210
S
Fjord artisan
Offline
Fjord artisan
S
Joined: Apr 2003
Posts: 210
I agree that /regwrite is a bit risky. I think $regread isn't so risky though. The only risk is //say $regread(My_Serial_number_or_password_stuff). There are a lot of risky commands within mIRC however. And the only ones you can disable are /run and /dll, which are incidently, enabled by default.

You can execute COM, and all the file/folder manipulation from a chat window, with simple commands.
There are also ways to get sensitive information from people just by telling them to /dcc send particular files. So to focus on regread for safety is unfair.
People have to learn for themselves not to type stuff or accept files. And the REG commands do not generally compromise the persons Box, and lead to platform for harming others. They only harm the ignorant user. Khaled could simply prevent these commands from being executed in the command line. That way, the person must atleast accept a File. And if a person is willing to accept and run unknown files, No safety measure will ever protect them. It's a basic fundamental thing that they have to learn, and mIRC's progress shouldn't be impeded because of them. Because they will inevitably come to harm anyway.

And regarding COM and WSH. In my version of windows98, WSH is not installed, even on the Full install. It is an optional component on the CD. However, Perhaps this changed for 98SE.
Regardless; Many Anti-Virus programs encourage users to disable WSH. Asking a user to install, or enable WSH, just so that a mIRC script can do a $regread through COM isn't so good. It's like imposing a real security risk on those mindless users you worry about, For the sake of averting a possible, minor risk in mIRC.

#26797 29/05/03 01:20 PM
Joined: May 2003
Posts: 177
P
Prizm Offline OP
Vogon poet
OP Offline
Vogon poet
P
Joined: May 2003
Posts: 177
It may be possible with COM as you say, but I don't know anything about COM and I don't care about COM.

#26798 29/05/03 04:06 PM
Joined: Dec 2002
Posts: 699
N
Fjord artisan
Offline
Fjord artisan
N
Joined: Dec 2002
Posts: 699
Quote:
There are a lot of risky commands within mIRC however. And the only ones you can disable are /run and /dll, which are incidently, enabled by default.
Wrong. They are DISabled by default.

#26799 29/05/03 05:28 PM
Joined: Dec 2002
Posts: 2,809
C
Hoopy frood
Offline
Hoopy frood
C
Joined: Dec 2002
Posts: 2,809
Umm well it's not our problem that you "don't care about COM". qwerty already gave you the aliases to add, if you don't like that, thats not our problem.

#26800 29/05/03 05:48 PM
Joined: Dec 2002
Posts: 3,138
C
Hoopy frood
Offline
Hoopy frood
C
Joined: Dec 2002
Posts: 3,138
I just installed fresh copy of mIRC, both /run and /dll were enabled..

#26801 29/05/03 05:56 PM
Joined: Dec 2002
Posts: 699
N
Fjord artisan
Offline
Fjord artisan
N
Joined: Dec 2002
Posts: 699
Did you delete the registry entry first?

#26802 29/05/03 05:58 PM
Joined: Apr 2003
Posts: 210
S
Fjord artisan
Offline
Fjord artisan
S
Joined: Apr 2003
Posts: 210
No you are wrong. /dll and /run are enabled by default. Download a *Fresh* copy of mIRC from one of the mirrors, Uncheck the boxes that say "Keep my current settings", and install mIRC to your desktop. I formatted my disk just last week and did a clean install of mIRC , so there is no lingering registry settings. All such info is stored in the mIRC.ini, anyway. And FYI, I just downloaded mIRC again to verify that I'm correct. Even if I wasn't correct, it doesn't invalidate the point of my post at all.

#26803 29/05/03 06:12 PM
Joined: Dec 2002
Posts: 699
N
Fjord artisan
Offline
Fjord artisan
N
Joined: Dec 2002
Posts: 699
Disable commands
This allows you to disable the /run and /dll. Although these commands can be quite useful in scripts, they are disabled by default to protect new users since some scripts might be harmful. See the Accepting Files section for more information. Once you are confident enough and know how to accept files safely, you can enable these if you wish.

"Keep my current settings" Obviously if you have previously enabled them the setting will be kept. :tongue:


#26804 29/05/03 06:21 PM
Joined: May 2003
Posts: 177
P
Prizm Offline OP
Vogon poet
OP Offline
Vogon poet
P
Joined: May 2003
Posts: 177
I would imagine there's many features that mIRC currently supports that could be accomplished via COM Objects, but Khaled still implemented commands/identifiers into mIRC to perform those tasks. Why not Registry manipulation? Just because it can be done via other methods is not a good excuse why there shouldn't be commands and identifiers to manipulate the registry. You must keep in mind that not everyone knows how to work with COM Objects, and probably doesn't care too either!


Obviously you haven't read the third locked post in this forum:

Here's a quote from the post:

"Improve on suggestions or show the poster why his suggestion just wouldn't work or make sense ("you can script it" is not a valuable response).

Remember that people come in here looking to pitch an idea to Khaled, not for other forum members to shoot ideas down."


That's what you're doing, shooting down my idea.


#26805 29/05/03 06:43 PM
Joined: Apr 2003
Posts: 210
S
Fjord artisan
Offline
Fjord artisan
S
Joined: Apr 2003
Posts: 210
I dont care what the help file says, It wouldn't be the first time the help file is wrong. Do this.

Open mIRC, Disable the Commands.
Go to control panel, Uninstall mIRC.

So that you now have no mIRC installed on your system at all.
Download mIRC. Open it. Behold, the commands are enabled.

The commands are only disabled IF:
* You have mIRC already installed with them disabled. (The installer disregards what you check, and keeps current settings for that item).

On a new system, the commands are enabled. They are not disabled until you have done it manually.

In my test i removed every mIRC folder from my system. I opened Regedit and searched for 'mIRC', I deleted all the relevant keys.

#26806 29/05/03 06:50 PM
Joined: Dec 2002
Posts: 2,962
S
Hoopy frood
Offline
Hoopy frood
S
Joined: Dec 2002
Posts: 2,962
Instead of people giving reasons why there shouldn't be registry manipulation commands in mIRC, why dont you give some reasons why there should be? I can't think of any reason why it is reasonably necessary to have that sort of access built into mIRC.


Quote:
You must keep in mind that not everyone knows how to work with COM Objects, and probably doesn't care too either!

- Well if they really want to use the registry then they've got a reason to care haven't they?

As far as shooting down your idea, I think you'll find most people are simply giving reasons why there's little need for this feature in mIRC. As the 'forum guidelines' thread also says: "You should try to stick to ideas that would help lots of people". I don't see this feature helping many people, do you?


Spelling mistakes, grammatical errors, and stupid comments are intentional.
#26807 29/05/03 06:54 PM
Joined: May 2003
Posts: 177
P
Prizm Offline OP
Vogon poet
OP Offline
Vogon poet
P
Joined: May 2003
Posts: 177
Actually I do have a good reason why it should added. Two good reasons in fact. The Registry is a good place to store values for a script, and it beats storing values in a hash table, ini file, or variable. You may also want to change current registry settings via an mIRC script for some reason. I imagine there's other possibilites, but those are the main two that I would use it for.

#26808 29/05/03 06:55 PM
Joined: Dec 2002
Posts: 2,809
C
Hoopy frood
Offline
Hoopy frood
C
Joined: Dec 2002
Posts: 2,809
I have read it; perhaps the problem is you only read part of it:

Would it be easy to write a script for my idea?
If it's something that is very easy to do with scripts, chances are it won't be built into mIRC. (This isn't always the case, but should be considered when posting your idea.)

Seeing as how qwerty already gave you the code, "I don't know COM" is not an excuse, simply use his, and looking at his code you can see it is ~10 lines, I'd say that is "easy" and "simple" and therefore shouldn't be implemented.

You are right saying "you can script it" is not always a good answer, but if someone says "I want $n instead of $nick" should we all say "Well it can be scripting, but since thats not a good answer, I guess Khaled should add it." Or should we tell the user that he can simply make $n an alias to $nick, me, I think the latter is the more sane answer.

Page 1 of 3 1 2 3

Link Copied to Clipboard