Wednesday, July 9, 2008

Exploits Explained II: The #2,000 bug

Exploits Explained II: The #2,000 bug / by R a v e N (blacksun.box.sk)

<====================================================================> version 1.1, 27/10/99

Note: this hole was initially discovered by ^TCG^ aka The Cyber God, another member of BSRF.

Note 2: this hole might (and probably will) get fixed sooner or later, and then this text will become obsolete. Don't Email me (btw my address is barakirs@netvision.net.il if you

have RELEVANT questions) if it doesn't work.

Note 3: please read the note (yes, another note... :-) ) about this "bug" at the end of the tutorial.





Go online. Start your favorite IRC client. Now connect to a popular IRC network. Join a few channels, and then join channel #2,000.

Huh? What the hell just happened?



This bug works on the following IRC networks:



EliteIRCD and it's clones - Any versions

DALnet

DreamForge - Any version

EFNet

RelicNet

IRCNet

ConferenceRoom - Any version, any OS



Soooooo... what exactly happens here?

Well, if you're on either one of these networks and you join #2,000 you get kicked out of every channel you are in. Well, not exactly "kicked out". To the outside user it will look

like you simply did /part (/part #channel-name is the command that is used to leave an IRC channel) on every channel you are in.

So in other words, joining #2,000 get's you "/parted" from every channel you're in.

Why is this important? Here are some very nasty things you can do with this stupid bug:



1) Suppose there's a bot you want to kick off a certain channel (for example: this bot guards the channel and autokicks and maybe bans people who try to take over), but the only

thing you are allowed to do with the bot is to make it join channels. No problemo! Simply make it join #2,000.

2) Someone you hate just got OPped by the owner of the channel, an AOP (Auto-OP: a person that has AOP gets automatically OPped whenever he joins the channel), an IRCOP, an OP

etc'. After a while, the guy that OPped that other guy you hated vanished. Now, if the OPped guy will leave and rejoin the channel, he will lose his OP 'cause he doesn't have AOP.

Simply ask him to join #2,000 (tell him that you want to speak with him about something or that it's some interesting channel. It doesn't matter, as long as it sounds convincing).

He will join #2,000, get /parted from every channel, thus have to rejoin the channel - but this time, no OP!!

3) You can play lots of pranks on people by telling them to join #2,000. Hell, you can even tell someone that it's because of the Y2K bug, and that he has to turn off his PC and

send it to a computer store so they'll fix it and charge him for 200$.

4) If someone has created a channel that you wanted to own but didn't register himself as the owner yet, you can ask him to join #2,000. He will get parted from the channel, and

then all you'll have to do is to rejoin the channel, get OP ('cause you'll be the only one left in the channel) and register yourself with chanserv as the owner of the channel (it

is recommended to ban the other guy that you hate so he won't be able to take over the channel or anything before you finish registering it.

5) If someone has the "auto join on invite" (automatically joins a channel you are invited to) option turned on, you could invite him to #2,000 and... whoops! :-)

6) I dunno, think of something yourself! I have better things to do with my life. :-)





Oh, by the way, this bug doesn't just work on #2,000. It also works on #1,000, #3,000 etc'. But #2,000 is cooler, 'cause it's like some kind of a Y2K bug in IRC... lol.

Why? Because, when joining #2,000, you're actually joining #2, and then 0, and then 0, and then 0. Joining 0 parts you from all the channels you're in, so this is why /join 0, /join #1,500 etc' will do the same thing.

The following information was sent to me by Joan Luis Pinto.

Here is a snip of another Email which I have received from Erik Iverson:



Some IRC clients, like the one we are currently developing here at Dragonmount Networks, automatically add a # in front of channel names if not present. Then this trick won't work. It will change it to "/join #0". mIRC's "/j" alias works in this way too I believe.









More tutorials and mini-tutorials on our website - http://blacksun.box.sk

No comments:

ஸ்ரீ இராம நாம மந்திர மகிமை

ஸ்ரீ இராம நாம மந்திர மகிமை 🌷 1. நமக்கு நன்மை வரவேண்டுமானால் 'ராம நாமத்தை இடைவிடாமல் கூறவேண்டும். நமது ஒவ்வொரு மூச்சும் 'ராம் '...