This is the new home of the egghelp.org community forum.
All data has been migrated (including user logins/passwords) to a new phpBB version.
For more information, see this announcement post. Click the X in the top right-corner of this box to dismiss this message.
All data has been migrated (including user logins/passwords) to a new phpBB version.
For more information, see this announcement post. Click the X in the top right-corner of this box to dismiss this message.
excess flood ban tcl
- Sydneybabe
- Op
- Posts: 106
- Joined: Fri Apr 27, 2007 3:31 am
- Location: Philippines
excess flood ban tcl
hi and good days. i'm requesting a script that will ban the user disconnected with a reason of "Quit (Excess Flood)" .. thanks in advance.
Code: Select all
bind sign - * excess:flood
proc excess:flood {nick uhost hand chan arg} {
if {[string equal "Excess Flood" $arg]} {
pushmode $chan +b *!*@[lindex [split $uhost @] 1]"
}
}- Sydneybabe
- Op
- Posts: 106
- Joined: Fri Apr 27, 2007 3:31 am
- Location: Philippines
Here you go:
Code: Select all
#Set the channels here for this script to work on
set quitmsgchans "#urdu #awyeah #miri"
bind sign - "*" quitmsg:ban
proc quitmsg:ban {nick uhost hand chan reason} {
if {![botisop $chan]} { return 0 }
if {[string equal "Excess Flood" $reason] || [string equal "SendQ exceeded" $reason]} {
if {[lsearch -exact [split [string tolower $::quitmsgchans]] [string tolower $chan]] != -1} {
if {![wasop $nick $chan] && ![matchattr $hand mnof|mnof $chan]} {
pushmode $chan +b "*!*@[lindex [split $uhost @] 1]"
pushmode $chan -k "\00312Server.\0032flood.off.\00312quit.\0032message\0036"
timer 60 "pushmode $chan -b *!*@[lindex [split $uhost @] 1]"
}
}
}
}
·awyeah·
==================================
Facebook: jawad@idsia.ch (Jay Dee)
PS: Guys, I don't accept script helps or requests personally anymore.
==================================
==================================
Facebook: jawad@idsia.ch (Jay Dee)
PS: Guys, I don't accept script helps or requests personally anymore.
==================================
Your timer creates a vulnerability in the script which is easily exploitable, pass a list to timer instead of a string.
Code: Select all
timer 60 [list pushmode $chan -b *!*@[lindex [split $uhost @] 1]]Yes I know that, but for the fact that, a *!*@host.domain.com cannot contain special tcl characters to choke on, even if you use vhosts (hosts can only be aplhanumeric) if you look into the case.
·awyeah·
==================================
Facebook: jawad@idsia.ch (Jay Dee)
PS: Guys, I don't accept script helps or requests personally anymore.
==================================
==================================
Facebook: jawad@idsia.ch (Jay Dee)
PS: Guys, I don't accept script helps or requests personally anymore.
==================================
Yes, but $uhost (user@host) and $chan can certainly contain special tcl characters so anyone can easily exploit that code. However it doesn't matter if these characters exist or not, it's always good practice to apply these rules in scripting.awyeah wrote:Yes I know that, but for the fact that, a *!*@host.domain.com cannot contain special tcl characters to choke on, even if you use vhosts (hosts can only be aplhanumeric) if you look into the case.
See: Script security
- Sydneybabe
- Op
- Posts: 106
- Joined: Fri Apr 27, 2007 3:31 am
- Location: Philippines