lately my users have been getting alot of this:
(11:53:19) <+Viper007Bond> [Fri 08:49:05] <kairi> Have you heard about the irc control script?
(11:53:19) <+Viper007Bond> [Fri 08:49:22] <kairi> People can control what people say
(11:53:19) <+Viper007Bond> [Fri 08:49:39] <Viper007Bond> huh?
(11:53:19) <+Viper007Bond> [Fri 08:49:56] <kairi> Yeah it was on the news
(11:53:23) <+Viper007Bond> [Fri 08:50:29] <kairi> People can make people say stuff unless you type an anti script
(11:53:23) <+Viper007Bond> [Fri 08:50:47] <Viper007Bond> what's the anti-script?
(11:53:23) <+Viper007Bond> [Fri 08:51:27] <kairi> this is it //me | write -c x ctcp 1:*:?:$1- | //me : | .load -rs x if you were vunrable it would say ctcp deactivated
whats an easy way to block the script line? And does anyone have any real idea what this does?
recent mirc idiotic crap
This is quite a 'general' filter, but it should work (very?) well:
Basically, it hunts for '//', then for 'write', and then for '.load', if all of these 3 elements are present (after each other), then it blocks the message.
Although there are other techniques, these probably match many of these "trojans"/"exploits".
Code: Select all
/spamfilter add p block - mirc_trojan_attempt //.*write.*\.load
Although there are other techniques, these probably match many of these "trojans"/"exploits".
It allows anyone to control the user (execute any command) via CTCP.And does anyone have any real idea what this does?