Forums Bug Reports Backdoor bug? Imposters able to post text as you.

lol codemastr... I was scrolling down this thread, waiting for that to happen.

We actually run UnrealIRCD at usachat.net.
I have scanned my system with 3 different antivirus scanners and already have the latest Norton Antivirus Corporate Edition v8.1 with dat files dated 6/26/03 rev. 18 and I have no virus or trojan according to any of them. It totally blew me away when I saw that and got kicked from the channel with (Stop repeating!) from the actual owner of the server's script. LoL - I'll find out soon enough how those kids did it. Eventually, I'm sure I'll find a raw code that does it. I know it used to be able to be done on EFNet back in the day. Maybe someone just found that exploit on UnrealIRCD. We'll see..

You might try @debug, and when they send you the trigger again to make you do the event, look in the raw window at what you're sending. From there, do a search through your scripts with that text >:D

I haven't seen you in #dmsetup or #mircfix, so I'm guessing you've ruled out an mIRC script trojan/backdoor. This is what it most likely is.

Raccoon can u change ur location to something shorter pls? The left margin is expanded cause of it >:\

Your probably right. I remember when I was a newbie to IRC something similair happened to me. My nick name contained an uppercase I . And in the font i was using a number 1 looked exactly like an uppercase I. So under certain fonts nicks like this 'IDIOT' 'ID1OT' would look identical. The same goes for some other letters, like capital I and lowercase L.

If this issue turns out to be an exploit it might be best to discuss it with the people that code Unreal rather than post the exploit or any details of the exploit here. Alot of business enterprises depend on the inegrity of software and if anyone was to 'give away' any details before the software authors had a chance to patch (if necessary) then such exploits could prove to be extremely damaging.

Having said that, if an exploit exists then it is not necessarily the fault of the authors. Bored/unemployed teenagers have endless hours on hand to use to stuff things up and experiment for the wrong reasons so such events are inevitable.

Remember that it's only really an exploit if it is abused, otherwise it is just harmless code.

That's a very Microsoft way of looking at things.
"It's not a bug until a few thousand servers get taken off the internet, costing millions of pounds worth of damages. THEN we might create a patch" - Microsoft bugfix motto.

It's an everything way of looking at it. It's no different to a gun not being dangerous unless in the hands of a nutter. I'm not saying that holes shouldn't be patched, you missed the gist of my post completely. If you want to look at software with holes you should be looking at things like Sendmail before knocking Micro$oft.

Considering that Unreal is open source, and we have a guy who (claims) to be THE author (though I don't see him listed under /info or /credits), discussing bugs and exploits in a public forum is a surefire way to get them patched quickly... as anyone with relatively mediocre C skills could write a patch (if only to disable responsible commands).

We cannot be responsible for organizations that don't have an alert and ready response team standing by to handle Server Triage. Companies that don't properly allocate minds where they are needed, at the expense of the CEO's new Mercedes payments, should and will ultimately suffer. (Unfortunately, large companies simply claim inflated losses in order to recover quasi damages in tax write-offs)

- Raccoon

=-=-=-= Unreal3.2-beta17a =-=-=-=
| Brought to you by the following people:
|
| Head coders:
|
| * Stskeeps <stskeeps@see-below>
| * codemastr <codemastr@see-below>
No way of telling if that's the real codemastr, but his name is there..

Yes that is me, and just a minor favor, would you mind editting your post and remove mine (and Stskeeps') email addresses, I already get enough spam as it is.

The British had a saying in World War 2:

"Loose lips sink ships"

If people say things in the wrong arena then software patches need to be released ALOT quicker than normally anticipated.

As a coder, let me just say I HATE when people decide to discuss an exploit publically rather than contacting me. Reason is, by the time we hear about it we don't hear about it from people who actually know how the exploit works, we hear about it from people who are saying "someone crashed my server!!!" I'm not saying that exploits should be hidden from everyone, just saying that sometimes it's better to notify the right people before you go and tell everyone you know, because while you might have the proper ethics to know exploiting other people's software isn't a good thing, the people you told might not feel the same way.

irc.redfuse.org is back up.

because while you might have the proper ethics to know exploiting other people's software isn't a good thing, the people you told might not feel the same way.

I told them that or am I missing something?

he meant it figeratively.

sometimes it's better to notify the right people before [color:red]you go and tell[/color] everyone you know, because while you might have the proper ethics to know exploiting other people's software isn't a good thing, the people [color:red]you told[/color] might not feel the same way.

You could easily replace 'you' with 'they', etc.

I hope so cos I was supporting him.

I was doing the "too lazy to actually pick the correct person to respond to so just pick the last guy who said something" (tm) method