This is the new home of the egghelp.org community forum.
All data has been migrated (including user logins/passwords) to a new phpBB version.


For more information, see this announcement post. Click the X in the top right-corner of this box to dismiss this message.

excess flood ban tcl

Requests for complete scripts or modifications/fixes for scripts you didn't write. Response not guaranteed, and no thread bumping!
Post Reply
S
Sydneybabe
Op
Posts: 106
Joined: Fri Apr 27, 2007 3:31 am
Location: Philippines

excess flood ban tcl

Post by Sydneybabe »

hi and good days. i'm requesting a script that will ban the user disconnected with a reason of "Quit (Excess Flood)" .. thanks in advance. :)
User avatar
Sir_Fz
Revered One
Posts: 3794
Joined: Sun Apr 27, 2003 3:10 pm
Location: Lebanon
Contact:

Post by Sir_Fz »

Code: Select all

bind sign - * excess:flood

proc excess:flood {nick uhost hand chan arg} {
 if {[string equal "Excess Flood" $arg]} {
  pushmode $chan +b *!*@[lindex [split $uhost @] 1]"
 }
}
S
Sydneybabe
Op
Posts: 106
Joined: Fri Apr 27, 2007 3:31 am
Location: Philippines

Post by Sydneybabe »

thanks Sir_Fz for the help. can i requet also a script ban the user w/ this:

* ASIA (~klg@121.250.95) Quit (Excess Flood)
* bot sets mode: -k+b Excess.Flood *!*@121.250.95

thanks in advance for the help. :D
User avatar
awyeah
Revered One
Posts: 1580
Joined: Mon Apr 26, 2004 2:37 am
Location: Switzerland
Contact:

Post by awyeah »

Here you go:

Code: Select all

#Set the channels here for this script to work on
set quitmsgchans "#urdu #awyeah #miri"

bind sign - "*" quitmsg:ban

proc quitmsg:ban {nick uhost hand chan reason} {
  if {![botisop $chan]} { return 0 }
  if {[string equal "Excess Flood" $reason] || [string equal "SendQ exceeded" $reason]} {
   if {[lsearch -exact [split [string tolower $::quitmsgchans]] [string tolower $chan]] != -1} {
    if {![wasop $nick $chan] && ![matchattr $hand mnof|mnof $chan]} {
      pushmode $chan +b "*!*@[lindex [split $uhost @] 1]"
      pushmode $chan -k "\00312Server.\0032flood.off.\00312quit.\0032message\0036"
      timer 60 "pushmode $chan -b *!*@[lindex [split $uhost @] 1]"
      }
    }
  }
}
·­awyeah·

==================================
Facebook: jawad@idsia.ch (Jay Dee)
PS: Guys, I don't accept script helps or requests personally anymore.
==================================
User avatar
Sir_Fz
Revered One
Posts: 3794
Joined: Sun Apr 27, 2003 3:10 pm
Location: Lebanon
Contact:

Post by Sir_Fz »

Your timer creates a vulnerability in the script which is easily exploitable, pass a list to timer instead of a string.

Code: Select all

timer 60 [list pushmode $chan -b *!*@[lindex [split $uhost @] 1]]
User avatar
awyeah
Revered One
Posts: 1580
Joined: Mon Apr 26, 2004 2:37 am
Location: Switzerland
Contact:

Post by awyeah »

Yes I know that, but for the fact that, a *!*@host.domain.com cannot contain special tcl characters to choke on, even if you use vhosts (hosts can only be aplhanumeric) if you look into the case.
·­awyeah·

==================================
Facebook: jawad@idsia.ch (Jay Dee)
PS: Guys, I don't accept script helps or requests personally anymore.
==================================
User avatar
Sir_Fz
Revered One
Posts: 3794
Joined: Sun Apr 27, 2003 3:10 pm
Location: Lebanon
Contact:

Post by Sir_Fz »

awyeah wrote:Yes I know that, but for the fact that, a *!*@host.domain.com cannot contain special tcl characters to choke on, even if you use vhosts (hosts can only be aplhanumeric) if you look into the case.
Yes, but $uhost (user@host) and $chan can certainly contain special tcl characters so anyone can easily exploit that code. However it doesn't matter if these characters exist or not, it's always good practice to apply these rules in scripting.

See: Script security
A
Aut0Cr0ss
Voice
Posts: 19
Joined: Fri Jun 15, 2007 9:01 pm

Post by Aut0Cr0ss »

Nice one.. :)
S
Sydneybabe
Op
Posts: 106
Joined: Fri Apr 27, 2007 3:31 am
Location: Philippines

Post by Sydneybabe »

thanks for the help Sir_Fz and awyeah :D
Post Reply