| View previous topic :: View next topic |
| Author |
Message |
Sydneybabe
Op
Joined: 27 Apr 2007
Posts: 106
Location: Philippines
|
 Posted: Sun Jul 08, 2007 10:50 pm Post subject: excess flood ban tcl |
 |
|
hi and good days. i'm requesting a script that will ban the user disconnected with a reason of "Quit (Excess Flood)" .. thanks in advance.  |
|
| Back to top |
|
 |
Sir_Fz
Revered One
Joined: 27 Apr 2003
Posts: 3793
Location: Lebanon
|
| Posted: Mon Jul 09, 2007 5:30 am Post subject: |
|
|
| Code: | bind sign - * excess:flood
proc excess:flood {nick uhost hand chan arg} {
if {[string equal "Excess Flood" $arg]} {
pushmode $chan +b *!*@[lindex [split $uhost @] 1]"
}
} |
_________________
Follow me on GitHub
- Opposing
Public Tcl scripts |
|
| Back to top |
|
|
Sydneybabe
Op
Joined: 27 Apr 2007
Posts: 106
Location: Philippines
|
| Posted: Mon Aug 20, 2007 4:29 am Post subject: |
|
|
thanks Sir_Fz for the help. can i requet also a script ban the user w/ this:
* ASIA (~klg@121.250.95) Quit (Excess Flood)
* bot sets mode: -k+b Excess.Flood *!*@121.250.95
thanks in advance for the help.  |
|
| Back to top |
|
|
awyeah
Revered One
Joined: 26 Apr 2004
Posts: 1580
Location: Switzerland
|
| Posted: Mon Aug 20, 2007 6:23 am Post subject: |
|
|
Here you go:
| Code: |
#Set the channels here for this script to work on
set quitmsgchans "#urdu #awyeah #miri"
bind sign - "*" quitmsg:ban
proc quitmsg:ban {nick uhost hand chan reason} {
if {![botisop $chan]} { return 0 }
if {[string equal "Excess Flood" $reason] || [string equal "SendQ exceeded" $reason]} {
if {[lsearch -exact [split [string tolower $::quitmsgchans]] [string tolower $chan]] != -1} {
if {![wasop $nick $chan] && ![matchattr $hand mnof|mnof $chan]} {
pushmode $chan +b "*!*@[lindex [split $uhost @] 1]"
pushmode $chan -k "\00312Server.\0032flood.off.\00312quit.\0032message\0036"
timer 60 "pushmode $chan -b *!*@[lindex [split $uhost @] 1]"
}
}
}
}
|
_________________
·awyeah·
==================================
Facebook: jawad@idsia.ch (Jay Dee)
PS: Guys, I don't accept script helps or requests personally anymore.
================================== |
|
| Back to top |
|
|
Sir_Fz
Revered One
Joined: 27 Apr 2003
Posts: 3793
Location: Lebanon
|
| Posted: Mon Aug 20, 2007 10:02 am Post subject: |
|
|
Your timer creates a vulnerability in the script which is easily exploitable, pass a list to timer instead of a string.
| Code: | | timer 60 [list pushmode $chan -b *!*@[lindex [split $uhost @] 1]] |
_________________
Follow me on GitHub
- Opposing
Public Tcl scripts |
|
| Back to top |
|
|
awyeah
Revered One
Joined: 26 Apr 2004
Posts: 1580
Location: Switzerland
|
| Posted: Tue Aug 21, 2007 6:15 am Post subject: |
|
|
Yes I know that, but for the fact that, a *!*@host.domain.com cannot contain special tcl characters to choke on, even if you use vhosts (hosts can only be aplhanumeric) if you look into the case.
_________________
·awyeah·
==================================
Facebook: jawad@idsia.ch (Jay Dee)
PS: Guys, I don't accept script helps or requests personally anymore.
================================== |
|
| Back to top |
|
|
Sir_Fz
Revered One
Joined: 27 Apr 2003
Posts: 3793
Location: Lebanon
|
| Posted: Wed Aug 22, 2007 3:56 pm Post subject: |
|
|
| awyeah wrote: | | Yes I know that, but for the fact that, a *!*@host.domain.com cannot contain special tcl characters to choke on, even if you use vhosts (hosts can only be aplhanumeric) if you look into the case. |
Yes, but $uhost (user@host) and $chan can certainly contain special tcl characters so anyone can easily exploit that code. However it doesn't matter if these characters exist or not, it's always good practice to apply these rules in scripting.
See: Script security
_________________
Follow me on GitHub
- Opposing
Public Tcl scripts |
|
| Back to top |
|
|
Aut0Cr0ss
Voice
Joined: 15 Jun 2007
Posts: 19
|
| Posted: Wed Aug 22, 2007 10:33 pm Post subject: |
|
|
| Nice one.. |
|
| Back to top |
|
|
Sydneybabe
Op
Joined: 27 Apr 2007
Posts: 106
Location: Philippines
|
| Posted: Sat Aug 25, 2007 6:04 am Post subject: |
|
|
| thanks for the help Sir_Fz and awyeah |
|
| Back to top |
|
|
|
FAQ
Search
Memberlist
Usergroups
Register
Profile
Log in to check your private messages
Log in
