Hi guys. I am still learning TCL and I'm having a problem working something out. I want my friends to be able to kick without being opped (getting the bot to do it for them) but when they type in a reason which is more than 1 word it just takes the first word of the reason. eg ...
<alex> .kick technoho You have been kicked.
* technoho was kicked by gutterslut (alex: You)
* technoho (fishy@*.*.*.gg30=) has joined #.Power
* ChanServ sets mode: +o technoho
If they dont pick a reason, I have made it so it makes its own, which works fine.
Anyway, here's the code ...
bind pub o .kick kickcommand
proc kickcommand {nick uhost hand chan text} {
set kicknick [lindex $text 0]
set kickreas [lindex $text 1]
if {$kickreas == ""} {
set kickreas "I don't need a reason"
}
set nickkickreas "$nick: $kickreas"
putkick $chan $kicknick $nickkickreas
}
thanks in advance,
- type.
This is the new home of the egghelp.org community forum.
All data has been migrated (including user logins/passwords) to a new phpBB version.
For more information, see this announcement post. Click the X in the top right-corner of this box to dismiss this message.
All data has been migrated (including user logins/passwords) to a new phpBB version.
For more information, see this announcement post. Click the X in the top right-corner of this box to dismiss this message.
Help!!
change this
to this
first line tells the script to just take the 2nd element of the $text, ie. "!kick $nick some reason here", you told it to just pick out "some", u need to use lrange to get everything from "some" to the end
Code: Select all
set kickreas [lindex $text 1]Code: Select all
set kickreas [lrange $text 1 end]Elen sila lúmenn' omentielvo
You may also consider placing
Before this line
Code: Select all
set text [split $text]
Code: Select all
set kicknick [lindex $text 0]
-
ttypefighter
Another problem ...
Hi,
Ok, what you guys said, works great, thanks again. I'm using a
at the top of the script, which is so only global ops on my bot will be able to use the command. However if I do a .match * 999 in telnet ...
surely if someone came online and wanted to masquerade as me they could because all they need is 1) to be on the same isp, 2) ident to be 'type' and 3) nick to be 'alex'.
Am I missing something here or is this very insecure ?
There IS a nickserv on this server but from what I've read on this forum its pretty difficult to check if the user is registered with nickserv and signed on. Nickserv would ask them for a password sure, but that would still give them ~ 60 secs to masquerade.
Could someone please explain how I could increase the security ?
- Alex (type)
P.S. Sorry if this post is in the wrong forum, it is along the lines of my previous question.
Ok, what you guys said, works great, thanks again. I'm using a
Code: Select all
bind pub o .kick kickcommandCode: Select all
.match * 999
[15:57] #alex# match * 999
*** Matching '*':
HANDLE PASS NOTES FLAGS LAST
alex yes 0 jmnoptx 15:44 (#.Power )
#.Power - 15:44
HOSTS: -telnet!*@*, *!type@125.84.*Am I missing something here or is this very insecure ?
There IS a nickserv on this server but from what I've read on this forum its pretty difficult to check if the user is registered with nickserv and signed on. Nickserv would ask them for a password sure, but that would still give them ~ 60 secs to masquerade.
Could someone please explain how I could increase the security ?
- Alex (type)
P.S. Sorry if this post is in the wrong forum, it is along the lines of my previous question.
In reality, yes, this is insecure, and true, this is the only way.
IRC was designed without services, thus, there is no native support, to check authenticity with such services.
As such, we have to make do with what we have. Hostmasks being the only way to reliably match users, then we have to use this.
In your statement, you enquired about having to use the same ISP.
Yes. So long as the IP starts with 128.84 and there ident is "type", then they will be matched as you. They don't need to have your nickname, because of the *! int he hostmask.
This is one of the reasons, why public command scripts, are not used. Literaly, besause they are insecure, and it would be pointless directly password protecting them, as any1 could see it typed.
As such, some of the better public command scripts, use a AUTH system, so passwords can be typed INDIRECTLY.
First, UserA would have to have a matching user-record in the bot, with the flag, EG o.
They would send a message to the bot, EG "/msg eggdrop AUTH <password>", with there eggdrop password.
The bot would then set them as authorised, as they have passed security measures.
They may then securly use the public commands.
This isn't as hard as using chan/nickserv to do authorisation (though it sounds like you havn't got the grasp of how this would wokr. Look below for this). Though you will have to watch how you do it. If done incorectly, a person can use the commands, without having to auth, so long as a person that doees match, has authed.
PS.
Nick/chanserv.
There is no way, to get the bot, to send a message to a nickname, from chanserv, asking them to identify with them. As such, this sort of authorisation doesn't work this way, but is far better.
It works better, so long as nick/chanserv uses usernames, or nicknames to do it's authorisation. EG, If my name is PPSlim, and I am authed, if I change nickname, I will have to use the password for that nickname.
What would happen, is simply, eggdrop would ask if UserA, has sent a valid identify command. If yes, then chan/nickserv confirms there identity, as there nick/chanserv password was correct.
If not, then they are not classed as authed.
You may note that you can't understand a word I said. It's shut shop time, I am hungry and my head aint too good. Simply ask if you don't understand anything.
IRC was designed without services, thus, there is no native support, to check authenticity with such services.
As such, we have to make do with what we have. Hostmasks being the only way to reliably match users, then we have to use this.
In your statement, you enquired about having to use the same ISP.
Yes. So long as the IP starts with 128.84 and there ident is "type", then they will be matched as you. They don't need to have your nickname, because of the *! int he hostmask.
This is one of the reasons, why public command scripts, are not used. Literaly, besause they are insecure, and it would be pointless directly password protecting them, as any1 could see it typed.
As such, some of the better public command scripts, use a AUTH system, so passwords can be typed INDIRECTLY.
First, UserA would have to have a matching user-record in the bot, with the flag, EG o.
They would send a message to the bot, EG "/msg eggdrop AUTH <password>", with there eggdrop password.
The bot would then set them as authorised, as they have passed security measures.
They may then securly use the public commands.
This isn't as hard as using chan/nickserv to do authorisation (though it sounds like you havn't got the grasp of how this would wokr. Look below for this). Though you will have to watch how you do it. If done incorectly, a person can use the commands, without having to auth, so long as a person that doees match, has authed.
PS.
Nick/chanserv.
There is no way, to get the bot, to send a message to a nickname, from chanserv, asking them to identify with them. As such, this sort of authorisation doesn't work this way, but is far better.
It works better, so long as nick/chanserv uses usernames, or nicknames to do it's authorisation. EG, If my name is PPSlim, and I am authed, if I change nickname, I will have to use the password for that nickname.
What would happen, is simply, eggdrop would ask if UserA, has sent a valid identify command. If yes, then chan/nickserv confirms there identity, as there nick/chanserv password was correct.
If not, then they are not classed as authed.
You may note that you can't understand a word I said. It's shut shop time, I am hungry and my head aint too good. Simply ask if you don't understand anything.
-
ttypefighter
-
ttypefighter
As an addition to that earlier post, as I am not too skilled in tcl yet, would it be ok to go about making a script which opens a file and adds the authenticated user to it when they have /msg'd the auth password and then when they leave the channel delete that user from the listed file (which would be located in the directory of the script or something) ?
Would that work ok dya reckon ? I think I can get my head around the file opening stuff from the tutorial at SUNiNET.
I suppose I would gave to make another lil one that checks every nick change and alter the file accordingly.
- type
Would that work ok dya reckon ? I think I can get my head around the file opening stuff from the tutorial at SUNiNET.
I suppose I would gave to make another lil one that checks every nick change and alter the file accordingly.
- type
To be honest that would work, but it wouldnt be ideal.
You can do most of it in the user data that is stored in the bot.
Have a look at lols tools (and other public trigger scripts) in the tcl archive - I always find reading other people's code is a good way to start learning a new language. You will find that lols tools uses the XTRA field of the users details to store auth info. This is probably the safest and easiest method of doing it...
HTH
P.
You can do most of it in the user data that is stored in the bot.
Have a look at lols tools (and other public trigger scripts) in the tcl archive - I always find reading other people's code is a good way to start learning a new language. You will find that lols tools uses the XTRA field of the users details to store auth info. This is probably the safest and easiest method of doing it...
HTH
P.
There are two ways of doing this.
Sorry photon, but I love doing long explanations, so I will just repeat you.
The first way, is using the XTRA field. SImply store somthing like the exact nick!user@host, in a feild called (EG) AUTH. Then you match it exactly, when a user want to use a secured command.
The second way, which is the quickest, safest, but hardest one to maintain (not by much), involves, storing nicknames in application memory.
IE. You have a global variable (if you dont understand variable scope, it means it's a variable that will remain accessable, so long as the bot remains running, isn't delted and isn't .restarted), that stores nicknames of people that have completed the auth process.
You simply check this list, when they use a secured command, using search commands.
In both, you will have to delete the information on part/quit, change it on nickchanges and so on. The first is the simplest for this.
Sorry photon, but I love doing long explanations, so I will just repeat you.
The first way, is using the XTRA field. SImply store somthing like the exact nick!user@host, in a feild called (EG) AUTH. Then you match it exactly, when a user want to use a secured command.
The second way, which is the quickest, safest, but hardest one to maintain (not by much), involves, storing nicknames in application memory.
IE. You have a global variable (if you dont understand variable scope, it means it's a variable that will remain accessable, so long as the bot remains running, isn't delted and isn't .restarted), that stores nicknames of people that have completed the auth process.
You simply check this list, when they use a secured command, using search commands.
In both, you will have to delete the information on part/quit, change it on nickchanges and so on. The first is the simplest for this.
A quick note on this.
There are 2 script in the Tcl archive, which will provide and conduct all the all the authorisation for you.
Visit This link
The first script, privdes a simple, single line to add to the above script. Read it, and it will tell you exactly how to authorise yourself to use commands.
The second also looks good, yet is a tiny little bit more complex.
I have not read either of them properly, but they are good starts to help youw ith this.
There are 2 script in the Tcl archive, which will provide and conduct all the all the authorisation for you.
Visit This link
The first script, privdes a simple, single line to add to the above script. Read it, and it will tell you exactly how to authorise yourself to use commands.
The second also looks good, yet is a tiny little bit more complex.
I have not read either of them properly, but they are good starts to help youw ith this.
-
ttypefighter
Hi guys.
Thanks for the help, you guys are great. I have looked up some info regarding the XTRA option and found the following ...
http://johoho.eggheads.org/eggdrop/othe ... t_User-set
I am going to go along with the XTRA idea using that info.
I'll report what I have when I have something
Thanks again,
- type.
Thanks for the help, you guys are great. I have looked up some info regarding the XTRA option and found the following ...
http://johoho.eggheads.org/eggdrop/othe ... t_User-set
I am going to go along with the XTRA idea using that info.
I'll report what I have when I have something
Thanks again,
- type.
Without criticizing the scripts, from the standpoint of strict authentication, both these scripts are flawed. Without going into all details, some other tcl flaws/weird things and problems, below are some minor comments.ppslim wrote:A quick note on this.
There are 2 script in the Tcl archive, which will provide and conduct all the all the authorisation for you.
Visit This link
The first script adds a userflag (by default a "Z") to a handle upon succesfull authentication. From that moment on, any other user having a nick!user@host which matches with one of the hosts inside eggdrop of the already authenticated user, is then also authenticated.
The second script uses three (!) XTRA fields upon authentication. Without going into details, review the procedure "authok" which takes the arguments nick, host and hand:
Although a bit more difficult, it is sometimes possible for a malicious user to have the exact same user@host as the already authenticated user (but a different nick of course). If in the above script the setting "auth_clones" is "0", then such a malicious user is automatically also authenticated.proc authok {nick host hand} {
global auth_clones
if { [validuser $hand] == 0 } { return 0 }
if { [getuser $hand XTRA auth] < 1 } { return 0 }
if { [getuser $hand XTRA authhost] != $host } { return 0 }
if { $auth_clones == 1 && [getuser $hand XTRA authnick] != $nick} { return 0 }
return 1
}
There are also other factors one should keep in mind when writing/reviewing such a script: what if the bot gets banned/kicked from the channel? How about a netsplit? How would the authentication script deal with such situations?
After not bothering to read the scripts, and aggreeing with you, I decided to have a shot at it myself.
In theory, this should work. I havn't checked over for spelling mistakes or logic errors.
It will handle bot disconnects, netsplits, timed checks, time limits for auth (could do witha re-auth system, if a user uses a command within the auth period).
It was designed with no optimisation, and a lot of code is repeated, and my head is simply too screwed at this time, to see how to fix that. Each tiem I look, I go LALA and leave it.
If ya wish to try it, or see the theory behind it, obtain it from.
http://acarr.plus.com/auth.tcl
In theory, this should work. I havn't checked over for spelling mistakes or logic errors.
It will handle bot disconnects, netsplits, timed checks, time limits for auth (could do witha re-auth system, if a user uses a command within the auth period).
It was designed with no optimisation, and a lot of code is repeated, and my head is simply too screwed at this time, to see how to fix that. Each tiem I look, I go LALA and leave it.
If ya wish to try it, or see the theory behind it, obtain it from.
http://acarr.plus.com/auth.tcl
-
ttypefighter
Hi guys,
Both of those scripts completely confuse the hell outa me, I'm trying to figure them out bit by bit but still no-where near getting the idea :/ For now all I'm trying to do is script something which at least just gives the user an XTRA field - at which, unfortunately, I'm failing. I'll get the snag in the end though no doubt.
The reason I'm just starting simple stuff first is so I at least know I can do it, hehe.
This is what I have at the moment ...
I can't figure out how to view the XTRA fields of the users though, ( which means I dunno if it's working or not ) so that might help me out a bit if someone could tell me, lol - Like I said, I am really new to all this TCL stuff, but I am starting to get the drift.
Thanks guys, you are being really helpful
- type
Both of those scripts completely confuse the hell outa me, I'm trying to figure them out bit by bit but still no-where near getting the idea :/ For now all I'm trying to do is script something which at least just gives the user an XTRA field - at which, unfortunately, I'm failing. I'll get the snag in the end though no doubt.
The reason I'm just starting simple stuff first is so I at least know I can do it, hehe.
This is what I have at the moment ...
Code: Select all
bind msg o auth authuser
proc authuser {nick host hand text} {
set authpass [lindex $text 0]
if {$authpass == "password"} {
setuser $hand XTRA "AUTHYES 1"
}
}
Thanks guys, you are being really helpful
- type