mIRC Home    About    Download    Register    News    Help

Forums Active Threads Search Who's Online Help
Print Thread
what vulnerability is that in mirc 6.16 that?
#96142 30/08/04 12:54 AM
Joined: Aug 2004
Posts: 2
M
mst_tosh Offline OP
Bowl of petunias
OP Offline
mst_tosh
Bowl of petunias
M
Joined: Aug 2004
Posts: 2
Someone entered in a channel i was chatting and typed that

* NoOne sets sch ^*:^:$2- | /.unload ¬-rs ^

He was meaning that he was doing something remotely in my mirc (6.16, i didn't type anything people told me to or anything) and minutes later in NETSTAT there was a connection to a machine that probably had a sniffer, redirecting to my irc network to steal my nickserv password!!!


how can avoid that attack? /ctcp -t *@* ?

Re: what vulnerability is that in mirc 6.16 that?
#96143 30/08/04 11:25 AM
Joined: Jul 2004
Posts: 17
S
SpeedFire Offline
Pikka bird
Offline
SpeedFire
Pikka bird
S
Joined: Jul 2004
Posts: 17
Unless you loaded a bad script people could have sent you, there's no way they can do anything remotely.
The text that NoOne typed on the channel doesn't make any sense (it looks like scripting, but it's just garbage), this is probably a joke.

Re: what vulnerability is that in mirc 6.16 that?
#96144 30/08/04 11:29 AM
Joined: Aug 2004
Posts: 3
Italia
S
Suggestion Offline
Self-satisified door
Offline
Suggestion
Self-satisified door
S
Joined: Aug 2004
Posts: 3
Italia
it was an action? ( typed /me sets sch ^*:^:$2- | /.unload ¬-rs ^ )
write in the remote section of your mirc
on ^1:action:*sch ^*:#:{ .ignore $address($nick,2) | Echo -a 4 Warning $nick $address($nick,2) trying to use a backdoor on you pc | halt }
I'm not sure that blocks the backdoor , so try to see in your mirc if you have a event listening on the event action. i don't think that this was a backdoor included in the mirc source , it was a script added by spam . bye

Re: what vulnerability is that in mirc 6.16 that?
#96145 30/08/04 02:07 PM
Joined: Aug 2004
Posts: 2
M
mst_tosh Offline OP
Bowl of petunias
OP Offline
mst_tosh
Bowl of petunias
M
Joined: Aug 2004
Posts: 2
is wasn't backdoor, that's the problem... he done the /me to tease me, to show me that he done something remotely.. he did all with /ctcp or something... it was a fresh mirc 6.16 downloaded from mirc.com .. no script installed, that's why i came to the forum.

he said "READ THE ARTICLE, HAHA"

Last edited by mst_tosh; 30/08/04 02:09 PM.
Re: what vulnerability is that in mirc 6.16 that?
#96146 30/08/04 02:21 PM
Joined: Jun 2003
Posts: 5,024
London, England
M
Mentality Offline
Hoopy frood
Offline
Mentality
Hoopy frood
M
Joined: Jun 2003
Posts: 5,024
London, England
It is very unlikely to be a vulnerability. However, to be honest, it's pointless telling us that someone "did something" to you that wasn't a backdoor - without details, it cannot be fixed, and pasting an action that they typed is not really a detail.

Unless you can obtain information from them about exactly what they did and how they did it, we've got nothing to go on, nor has Khaled.

Nevertheless, I suggest you scan yourself for trojans - a lot of resources can be found in this thread. Make sure you use more than one/two, as no ONE virus/trojan scanner can detect everything.

Regards,

Mentality/Chris

Link Copied to Clipboard
Forum Rules · Mark All Read Contact Us · Help · mIRC Homepage