egghelp.org community Forum Index
[ egghelp.org home | forum home ]
egghelp.org community
Discussion of eggdrop bots, shell accounts and tcl scripts.
 
 FAQFAQ   SearchSearch   MemberlistMemberlist   UsergroupsUsergroups   RegisterRegister 
 ProfileProfile   Log in to check your private messagesLog in to check your private messages   Log inLog in 

encrypted trojan scan script (cont.)
Goto page Previous  1, 2
 
Post new topic   Reply to topic    egghelp.org community Forum Index -> Script Support & Releases
View previous topic :: View next topic  
Author Message
demond
Revered One


Joined: 12 Jun 2004
Posts: 3073
Location: San Francisco, CA

PostPosted: Mon Jul 18, 2005 12:37 pm    Post subject: Reply with quote

yep, that allows the guy to execute Tcl commands upon getting a connection initiated by your bot running this sh*t to the aspb (whatever that is) "database"

bottom line is what we've been saying (well, at least me hehe) over and over and over again on these forums: NEVER RUN ENCRYPTED EGGDROP SCRIPTS, EVER (that is, unless you managed to decrypt and audit it)
Back to top
View user's profile Send private message Visit poster's website
sKy
Op


Joined: 14 Apr 2005
Posts: 194
Location: Germany

PostPosted: Mon Aug 01, 2005 10:41 pm    Post subject: Reply with quote

MeTroiD wrote:
Guys, i just happen to know who made this script and code get obfuscated for a reason. You shouldn't deobfuscate code for someone without the explicit authorisation from the author, unless there would be malious code in it, which i dont think there is..


Well, will be nice if you take back your complaint about decrypting scripts. I don`t trust well known people blind. Now you see that he input a backdoor (not by accident(. That wasn`t nice,. I failed to see a regular usage of cmd 99. No one else from outside should be able to execute any tcl commands.
Back to top
View user's profile Send private message
metroid
Owner


Joined: 16 Jun 2004
Posts: 771

PostPosted: Wed Aug 03, 2005 6:19 pm    Post subject: Reply with quote

Wait, you didn't just comment on something i said several months ago did you?

Seriously, what are you getting at?
Back to top
View user's profile Send private message
demond
Revered One


Joined: 12 Jun 2004
Posts: 3073
Location: San Francisco, CA

PostPosted: Wed Aug 03, 2005 6:58 pm    Post subject: Reply with quote

MeTroiD wrote:
Wait, you didn't just comment on something i said several months ago did you?

Seriously, what are you getting at?


I can't speak for sKy but would guess he/she gets at your apparent endorsement of that particular encrypted/backdoored script

now, you may know the guy, the guy may be nice & not that type of person who would break into other people's shells, the backdoor may be there by an accident or meant as a service feature and not as break-in mechanism, and the script may be encrypted for educational purposes only - however all of that has nothing to do with the common sense security principle of never running binaries from a source not widely trusted & known to the public - and the fact you know the guy alone hardly makes his script(s) trusted by the public
Back to top
View user's profile Send private message Visit poster's website
metroid
Owner


Joined: 16 Jun 2004
Posts: 771

PostPosted: Fri Aug 05, 2005 7:48 am    Post subject: Reply with quote

That wasn't was i was saying at all demond. I just know who made it and i believe the other versions weren't encrypted.

I don't know nor care why that script has things like that as i dont use it anyway.
I was just saying that it makes no sense he is saying something after this much time.
Back to top
View user's profile Send private message
caesar
Mint Rubber


Joined: 14 Oct 2001
Posts: 3651
Location: Mint Factory

PostPosted: Fri Aug 05, 2005 3:04 pm    Post subject: Reply with quote

Could you guys please end this poitless discussion? Like demond said it's simple, just don't load *obfuscated* TCL scripts on your bot.

IMHO MeTroiD, no one considered you guilty of something just cos you either think or indeed know the person who made the script. Just relax.

If someone did a obfuscated TCL script then either he/she has something to hide or dosen't want other people snoop around their code, change a few bits and relase it as it's their own. I tend to think/belive (about the people like strikelight) to prevent other people from snooping around the code. If it's offered for free this dosen't mean you can do WHATEVER you want with it.
_________________
Once the game is over, the king and the pawn go back in the same box.
Back to top
View user's profile Send private message
Display posts from previous:   
Post new topic   Reply to topic    egghelp.org community Forum Index -> Script Support & Releases All times are GMT - 4 Hours
Goto page Previous  1, 2
Page 2 of 2

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum


Forum hosting provided by Reverse.net

Powered by phpBB © 2001, 2005 phpBB Group
subGreen style by ktauber