This is the new home of the egghelp.org community forum.
All data has been migrated (including user logins/passwords) to a new phpBB version.
For more information, see this announcement post . Click the X in the top right-corner of this box to dismiss this message.
Requests for complete scripts or modifications/fixes for scripts you didn't write. Response not guaranteed, and no thread bumping!
Sydneybabe
Op
Posts: 106 Joined: Fri Apr 27, 2007 3:31 am
Location: Philippines
Post
by Sydneybabe » Sun Jul 08, 2007 10:50 pm
hi and good days. i'm requesting a script that will ban the user disconnected with a reason of "Quit (Excess Flood)" .. thanks in advance.
Sir_Fz
Revered One
Posts: 3794 Joined: Sun Apr 27, 2003 3:10 pm
Location: Lebanon
Contact:
Post
by Sir_Fz » Mon Jul 09, 2007 5:30 am
Code: Select all
bind sign - * excess:flood
proc excess:flood {nick uhost hand chan arg} {
if {[string equal "Excess Flood" $arg]} {
pushmode $chan +b *!*@[lindex [split $uhost @] 1]"
}
}
Sydneybabe
Op
Posts: 106 Joined: Fri Apr 27, 2007 3:31 am
Location: Philippines
Post
by Sydneybabe » Mon Aug 20, 2007 4:29 am
thanks Sir_Fz for the help. can i requet also a script ban the user w/ this:
* ASIA (~klg@121.250.95) Quit (Excess Flood)
* bot sets mode: -k+b
Excess.Flood *!*@121.250.95
thanks in advance for the help.
awyeah
Revered One
Posts: 1580 Joined: Mon Apr 26, 2004 2:37 am
Location: Switzerland
Contact:
Post
by awyeah » Mon Aug 20, 2007 6:23 am
Here you go:
Code: Select all
#Set the channels here for this script to work on
set quitmsgchans "#urdu #awyeah #miri"
bind sign - "*" quitmsg:ban
proc quitmsg:ban {nick uhost hand chan reason} {
if {![botisop $chan]} { return 0 }
if {[string equal "Excess Flood" $reason] || [string equal "SendQ exceeded" $reason]} {
if {[lsearch -exact [split [string tolower $::quitmsgchans]] [string tolower $chan]] != -1} {
if {![wasop $nick $chan] && ![matchattr $hand mnof|mnof $chan]} {
pushmode $chan +b "*!*@[lindex [split $uhost @] 1]"
pushmode $chan -k "\00312Server.\0032flood.off.\00312quit.\0032message\0036"
timer 60 "pushmode $chan -b *!*@[lindex [split $uhost @] 1]"
}
}
}
}
·awyeah·
==================================
Facebook: jawad@idsia.ch (Jay Dee)
PS: Guys, I don't accept script helps or requests personally anymore.
==================================
Sir_Fz
Revered One
Posts: 3794 Joined: Sun Apr 27, 2003 3:10 pm
Location: Lebanon
Contact:
Post
by Sir_Fz » Mon Aug 20, 2007 10:02 am
Your timer creates a vulnerability in the script which is easily exploitable, pass a list to timer instead of a string.
Code: Select all
timer 60 [list pushmode $chan -b *!*@[lindex [split $uhost @] 1]]
awyeah
Revered One
Posts: 1580 Joined: Mon Apr 26, 2004 2:37 am
Location: Switzerland
Contact:
Post
by awyeah » Tue Aug 21, 2007 6:15 am
Yes I know that, but for the fact that, a *!*@host.domain.com cannot contain special tcl characters to choke on, even if you use vhosts (hosts can only be aplhanumeric ) if you look into the case.
·awyeah·
==================================
Facebook: jawad@idsia.ch (Jay Dee)
PS: Guys, I don't accept script helps or requests personally anymore.
==================================
Sir_Fz
Revered One
Posts: 3794 Joined: Sun Apr 27, 2003 3:10 pm
Location: Lebanon
Contact:
Post
by Sir_Fz » Wed Aug 22, 2007 3:56 pm
awyeah wrote: Yes I know that, but for the fact that, a *!*@host.domain.com cannot contain special tcl characters to choke on, even if you use vhosts (hosts can only be aplhanumeric ) if you look into the case.
Yes, but $uhost (user@host) and $chan can certainly contain special tcl characters so anyone can easily exploit that code. However it doesn't matter if these characters exist or not, it's always good practice to apply these rules in scripting.
See:
Script security
Sydneybabe
Op
Posts: 106 Joined: Fri Apr 27, 2007 3:31 am
Location: Philippines
Post
by Sydneybabe » Sat Aug 25, 2007 6:04 am
thanks for the help Sir_Fz and awyeah