mIRC Home    About    Download    Register    News    Help

Print Thread
#72944 27/02/04 04:09 PM
Joined: Nov 2003
Posts: 2,321
T
Hoopy frood
OP Offline
Hoopy frood
T
Joined: Nov 2003
Posts: 2,321
don't allow $() $eval() or [ ] to be used with $encode/$decode
i know it's been said many times that khaled should not have to protect people, but i honestly don't see a single reason why you would have to $encode/$decode something and evaluate it.

#72945 27/02/04 04:50 PM
T
theRat
theRat
T
There are x^y^z ways around that kinds of restrictions. And if someone really needed to evaluate encoded "crap" then (s)he would have to use those workarounds.

#72946 27/02/04 04:52 PM
Joined: Nov 2003
Posts: 2,321
T
Hoopy frood
OP Offline
Hoopy frood
T
Joined: Nov 2003
Posts: 2,321
ill give you a medal if you can show me a workaround for $() $eval() or [ ] without using if statements or $iif smile

#72947 27/02/04 05:35 PM
Joined: Feb 2004
Posts: 201
J
Jae Offline
Fjord artisan
Offline
Fjord artisan
J
Joined: Feb 2004
Posts: 201
Maybe Khaled can add in a $1337 command for gettting around it? cos these ppl who thing they are so.

#72948 28/02/04 01:37 AM
Joined: Jan 2003
Posts: 2,973
K
Hoopy frood
Offline
Hoopy frood
K
Joined: Jan 2003
Posts: 2,973
Something like this perchance?

.timer 1 0 $decode(L2VjaG8gLWEgTmV4dCBRdWVzdGlvbj8=, m)

#72949 28/02/04 04:42 AM
Joined: Nov 2003
Posts: 2,321
T
Hoopy frood
OP Offline
Hoopy frood
T
Joined: Nov 2003
Posts: 2,321
i'm talking about something that JUST evaluates, no extras..

#72950 29/02/04 02:00 PM
M
madewokherd
madewokherd
M
$findfile(c:\,*.*,1,0,.timer 1 0 $decode(L2VjaG8gLWEgTmV4dCBRdWVzdGlvbj8=, m))

#72951 29/02/04 03:00 PM
Joined: Nov 2003
Posts: 2,321
T
Hoopy frood
OP Offline
Hoopy frood
T
Joined: Nov 2003
Posts: 2,321
again, i'm talking about something that JUST evaluates, no extras..

timer sets a timer ;-]

#72952 29/02/04 03:11 PM
Joined: Dec 2002
Posts: 2,884
S
Hoopy frood
Offline
Hoopy frood
S
Joined: Dec 2002
Posts: 2,884
Whether it sets a timer or not is irrelevant, it still completely goes around your suggestion, making things not harder for people to evaluate such code (for good or bad purposes), just that little bit more annoying for the scripter because they know that there's no good reason why evaluation should be removed like that.

#72953 29/02/04 03:28 PM
M
madewokherd
madewokherd
M
$dde($ddename,evaluate,string to evaluate here)

#72954 01/03/04 08:20 PM
Joined: Feb 2004
Posts: 201
J
Jae Offline
Fjord artisan
Offline
Fjord artisan
J
Joined: Feb 2004
Posts: 201
Why not jsut have an option that is set off by default. and for the script who knows what they are doing. Aloow for it to be turned off. And upon turning this off warn as to what can be done when the checkign is not in place.
Im sure its not hard to compromise :-]


Link Copied to Clipboard