Forums Bug Reports dcc send "spam" possible

it's possible to spam a user with a non-exsistant file using mirc to another person using mirc if they have accept incoming files from everyone.

a simple command of /dcc send <nickname> < OR /dcc send <nickname> >
will intiate a file transfer of file _ to the user without checking to see if file exsits. proof below:

DCC Send of > to kicktd complete (00:00:01 0.00 KB/Sec)
-
DCC Get of _ from kicktd complete (00:00:01 0.00 KB/Sec)

this does not work in other IRC chat programs. I have tested in X-chat and you will get the error:

--- Received a malformed DCC request from kicktd.
--- Contents of packet: DCC SEND > 1154773822 1028 0

Please do not use this as a means to spam users with dcc get requests

Well, first of all, anyone who has it set to accept every file that anyone sends is taking huge risk.

Other than that.... on 98 and 98SE, if you try /dcc send nick > you get "dcc send of > to nickname unable to open file". With XP, it does show completed as you said. However, if you used a ficticious filename instead of > , or use _ on XP, you also get the unable to open file error. Perhaps XP uses the > for some redirect or something?

The behaviour you have described seems (in my opinion) to be more of an issue with dcc sizes of '0' being 'accepted' without even connecting to the user. If the filesize is 0 mIRC should ignore the request completely. Attempting to send non-existant files is not desirable, but the acceptance (and creation) of the dummy files is the real cause of the 'spam'. This could probably be used to cause grief with virus scanners that run checks on filenames.

I think the /dcc send behaviour could be improved:

- If the valid path points to a file, initiate the send.
- If only a valid directory name is given, open the find file dialog in that directory.
- If a valid directory and non-existant file is given, open the find file dialog in that directory.
- Otherwise produce a 'no such file' error.

At least this isn't a crashable DCC issue. :P

Edit: the send only seems to initiate with NUL, CON, COMn, LPTn (and PRN), <, >, ., and paths to folders (eg: C:\windows will attempt to send 'windows'), * changes the 'files of type' editbox, and in other cases produces the 'no such file' error. The 'not crashable' statement is now yet to be proven.

Edit2: More DOS device names, none of which have produced a crash (at least on XP). mIRC also blocks files with the device names on the receivers end.

Edit: to the person who said turning off the ignore feature yes its dangerous but it happens in rooms where alot of dcc transfers happens some ppl just think its easier I guess but you pay the risk.

edit 2: This will only work up to 237 charactors in length. if the string is 238+ you will get the usal Unable to open file error.

hmm it seems I underestimated the "it doesnt send anything". Once I checked my download folder I got the following:



it seems it does infact create a file named _ in XP.

Don't type:

//dcc send $me $str(> >, 33)

"to the person who said turning off the ignore feature yes its dangerous but it happens in rooms where alot of dcc transfers happens some ppl just think its easier I guess but you pay the risk."

i was referring to setting options to autoget without using a trusted list. Amazing how ppl delude themselves into thinking they are the only ones who "pay the risk" when they get infected. Unfortunately, we all pay a price as a result of users who simply dont care.

In the instances i mentioned where file was sent, yes it does in fact send, and shows files size as 0. I didnt say so because i misinterpreted your "doesnt send anything" to mean a file size of 0 since i assumed you had already checked your download directory before posting.

"we all pay a price as a result of users who simply dont care."

To pick up on that briefly, I'd take note kicktd. There are many types of viruses which make you load "GTBots" on to IRC networks - they can then be used for attacking (Distributed Denial of Service attacks) users, websites and indeed, IRC networks. I have, sadly, watched DALnet decline from a 140,000 strong user network to 35-40,000 (although DDoS attacks weren't the only contributors to that, it was the reason for about 75% of the loss).

In a perfect world where nobody was infected with a virus, billions of dollars/pounds/whatever-currency would have been saved in costs against individuals and corporate networks, not to mention days, weeks and months of people's free time - would you like being woken up at 4am by your boss saying to "get to the office now to get the website back online, someone's attacking it"? Unfortunately, a lot more than your hard drive can be lost from being infected.

Think before you act

Regards,

Mentality, you can also look at it like billions of dollars have been spent allowing for jobs of thousands of people therefor helping the economy......
/me thanks viruses

We probably could thank virii for employment prospects but the people that write them should be lined up and shot.

I didn't mean for this post to become a knock down drag out fight lol. By no means did I mean it's any one specific fault. I too have been affected by botnet's, DDoS's and other such attacks on IRC servers I help out on and I know it can get rather frustrating. All I wanted to do was point out the problome so it can be fixed and we won't have any attacks against users using mirc .

and to anyone using this to actually spam ppl shame on you!

ok I am done now you can resume your pre-schuedled entertainment

You are right that the issue should be patched, bear in mind though that there will always be ways of annoying people on IRC and some arn't always possible to defend against. It's a shame that there's people that have nothing better to do with their time and I am sure we all agree on that point.

and referring to what kicktd said about a "drop down drag out fight", if it involves what i said in reply to mentality did i by no means mean for it to come across as mean, it was just a funny comment i though. and if your not referring to me, then please /remove what i just said from yer brain hehe