Forums Bug Reports shell execution with /run

Well due to the heavy debate going on with mozilla and the shell: exeuction bug.

I found out it also works with mirc just by doing /run shell: command.

It's very open to exploits, so maybe you should consider limiting or disabling it.

-
* /run: unable to open 'shell:'
-

Shell: is just the protocol, you have to actually specify something.

shell:.mp3 will open your default mp3 player

And amongst others are some internal windows commands/libraries/whatever, which can lead to actual code execution, buffer overflows and etc.

Ah yes. Now it works if I do /run shell: .mp3

Curiously, it doesn't work if you specify a file with a path. Such as: /run shell: D:\TestFile.txt

This is just another possibly abused command that can be avoided if users take proper precautionary methods to protect their computers - methods which are constantly repeated in various threads on this forum and on various websites.

For people that may be worried about this you may wish to disable the /run command in mIRC:

ALT+O > Other > Lock and check the box "Disable run, dll, com commands".

Regards,

Nope cause it isn't done like that. However i do know it's possible to trigger installers. So it will be possible to both silently install and uninstall.

Also it is possible to run any program in your windows directory. and subdirectories.

Which makes it possible to also start services, like telnet server.

Mentality i know you can lock that, but that feature is kinda general. If it was possible to do it more advanced, like specify what parameters etc.

Although you could say /run is dangerous as it is.

The key difference being, that URLs in mozilla aren't supposed to execute programs, and mIRC's /run is specifically designed to do just that; you can already run anything using /run without the "shell:" thing anyway, so how exactly is this an issue?

Try this:

/run .doc
/run shell:.doc

*runs*

Your point being?

useless

I don't see how the shell: protocol could be useful either, but since it's there, chances are it's useful to some

I assume shell: is an NT/XP only feature?

It doesn't exist in my 98SE either.

yes, it dosen't exist in my windows ME too

On Windows 2000, when I do:

/run shell: .mp3

A dialog pops up that says 'The folder 'shell: .mp3:' does not exist'. I am assuming this is a feature of Windows XP or NT 4.0.

well there is another way to limit /run actually without disabling all of it.

it should only run the executables you want. I know the script looks stupid cause it seems like it will go on a loop forever cause you make it do /run again after you type /run on your textbox, but im too bored so i tried it. And it works.
enjoy the script bro.

by the way, i made a different script, the same thing but it wont work. I'm not really sure whats wrong with it.


Now as you can see it's the same as my example #1, but this one doesn't work. It wont do anything.
i got other variations too, like putting them all into a variable instead of if ($1 == $read(etc.etc.)) i used a %variable instead but it still doesn't work. The first one is the only one that works. Anyone wanna help figure out what the difference is and why it works out on the first and not this one?

run {
if ($read(list.txt,wn,$1-)) { run $1- }
}

This alias can be bypassed with /!run though.