This is the new home of the egghelp.org community forum.
All data has been migrated (including user logins/passwords) to a new phpBB version.


For more information, see this announcement post. Click the X in the top right-corner of this box to dismiss this message.

converting a regex from mirc to TCL

Old posts that have not been replied to for several years.
Locked
L
LtPhil
Voice
Posts: 26
Joined: Mon Jul 28, 2003 10:25 am

converting a regex from mirc to TCL

Post by LtPhil »

i have the following regex snippet from some mIRC code

Code: Select all

if ($regex($1, /^<- :([^!]*)![^@]*@[^ ]*\s*PRIVMSG\s*(\S*)\s*:\001\s*DCC\s*(SEND|RESUME).*"(?:[^" ]*\s){32}.*$/i)) {
    var %nick = $regml(1), %target = $regml(2), %type = $regml(3)
}
... but i cannot read regex's at all :-?

how do i get %nick, %target, and %type out of the regex?

... this is being borrowed from a "workaround" script for the mIRC 6.x DCC exploit... i want to write a script for my bot that kickbans anyone who sends the exploit. will post when i have it completed and working :)

[edit] actually, i'm not even sure if that actually parses for the exploit only or if it just parses all DCC's... but even if it parses all DCC's that's fine with me, i just need the DCC msg in a me-readable format :wink: [/edit]

thanks!
p
ppslim
Revered One
Posts: 3914
Joined: Sun Sep 23, 2001 8:00 pm
Location: Liverpool, England

Post by ppslim »

Code: Select all

bind CTCP - DCC handle:exploit
proc handle:exploit {nick uh hand dest key arg} {
  if {[regexp {(SEND|RESUME).*"(?:[^" ]*\s){32}.*$} $arg]} {
    # Trying to exploit us - Kick or ban here
    return 1
  }
  # non exploit, continue as normal
  return 0
}
L
LtPhil
Voice
Posts: 26
Joined: Mon Jul 28, 2003 10:25 am

Post by LtPhil »

thanks for the regex... now for the next thing...
what string would trigger that? we don't seem to have any exploiters running around at the moment (you know they'll come back the instant i leave or sth), so i need a way to test and make sure it triggers right

i've figured out that it has to begin with "SEND" or "RESUME"... :x

danke :)

-phil
User avatar
strikelight
Owner
Posts: 708
Joined: Mon Oct 07, 2002 10:39 am
Contact:

Post by strikelight »

LtPhil wrote:thanks for the regex... now for the next thing...
what string would trigger that? we don't seem to have any exploiters running around at the moment (you know they'll come back the instant i leave or sth), so i need a way to test and make sure it triggers right

i've figured out that it has to begin with "SEND" or "RESUME"... :x

danke :)

-phil
I highly doubt you'll find someone to post something (aka. the exploit itself!) that will test the regexp. Wait, and soon enough someone will test your regexp for you in your channels..
L
LtPhil
Voice
Posts: 26
Joined: Mon Jul 28, 2003 10:25 am

Post by LtPhil »

hmmm, indeed.

/me waits and watches channels
User avatar
caesar
Mint Rubber
Posts: 3778
Joined: Sun Oct 14, 2001 8:00 pm
Location: Mint Factory

Post by caesar »

It's an DCC SEND wich is in fact an sort of CTCP so it should work smoothly..
Once the game is over, the king and the pawn go back in the same box.
L
LtPhil
Voice
Posts: 26
Joined: Mon Jul 28, 2003 10:25 am

Post by LtPhil »

ppslim: thanks for the code... i checked my log (i have a putlog event if someone tries the exploit), and sure enough, it caught someone :)

*gives ppslim a bottle of bawls (or a mug of coffee, or any other caffeinated drink you'd prefer ;))*

now i'm just having trouble getting the banmask in the format i like (see my other post) :x
User avatar
caesar
Mint Rubber
Posts: 3778
Joined: Sun Oct 14, 2001 8:00 pm
Location: Mint Factory

Post by caesar »

tequila will do fine :)
Once the game is over, the king and the pawn go back in the same box.
User avatar
K
Voice
Posts: 34
Joined: Wed Jan 28, 2004 7:31 pm
Location: Romania @sibiu
Contact:

me to

Post by K »

i whant the script for exploiting to.can somebody past all the script or include it on a egghelp tcl scripts
User avatar
strikelight
Owner
Posts: 708
Joined: Mon Oct 07, 2002 10:39 am
Contact:

Re: me to

Post by strikelight »

dpgc wrote:i whant the script for exploiting to.can somebody past all the script or include it on a egghelp tcl scripts
As already stated earlier on in the thread, no one is going to paste the exploit, and if they did, the moderators would surely edit the post out. It would be irresponsible for such a respected irc venue to allow posting of exploits.
User avatar
K
Voice
Posts: 34
Joined: Wed Jan 28, 2004 7:31 pm
Location: Romania @sibiu
Contact:

no no no no

Post by K »

man i don't whant the code of the exploit i whant the code for the script for my eggdrop that kick/ban users who use the exploit. :-?
User avatar
arcane
Master
Posts: 280
Joined: Thu Jan 30, 2003 9:18 am
Location: Germany
Contact:

Post by arcane »

hm... isn't it possible to recreate the exploit by "translating" the regexp? if i know what i'm searching for, don't i know what i have to type?
aVote page back online!
Check out the most popular voting script for eggdrop bots.

Join the metal tavern!
Locked