Malicious Code Prevention Example

By mrjos on Dec 22, 2007

Basic example of how malicious code COULD be prevented by a script.

This isn't a full-fledged addon... it is simply an example of a problem I don't think many people think about. I apologise if this already exists elsewhere (I haven't scripted / paid attention to the community in >2 years).

Potential uses: Protection Addons, Personal Scripts (where you know you don't run dangerous commands and want to block them).

The aliases should be pretty simple for most people to copy / add new commands (or identifiers) to be blocked (or add extra logic to decide if to block them).

This is possible for people to work around by calling /!command but MOST scripters don't seem to realise this so it should prevent malicious attacks.

There's plenty of commands you may want to add to this... including items such as file handling, /alias, loading/unloading...

;jos 21/12/07. (first thing in >2 years - don't expect anything classic)

;This is just an example of something that could *potentially* prevent malicious scripts/actions
;being accidentally run using mIRC. It probably won't be useful for 99% of people - but it proves
;a concept to an extent. Obviously people worth their socks will use !command when being malicious.
;This isn't a full addon/script just a potential solution to a problem. If you like / want to use
;the idea. Feel free. The basics are there for blocking aliases. You can easily add more logic when
;deciding what to block. I don't think blocking identifiers would be too hard if required... but
;it would require some better logic. Remember $isid.

;Anyway I hope that someone finds it useful. Comments/flames always welcome.

menu status,menubar {
  Code Prevention (Example)
  .$iif(!%sec.overloads.run,$style(1)) Prevent '/run':$iif(%sec.overloads.run,unset %sec.overloads.run,set %sec.overloads.run -1)
  .$iif(!%sec.overloads.remove,$style(1)) Prevent '/remove':$iif(%sec.overloads.remove,unset %sec.overloads.remove,set %sec.overloads.remove -1)
  .-
  .$iif(!%sec.msg.overloads.warn,$style(1)) Display Code Prevention Warning:$iif(%sec.msg.overloads.warn,unset %sec.msg.overloads.warn,set %sec.msg.overloads.warn -1)
  .-
  .Prevent ALL of the above:unset %sec.overloads.*
} 
alias -l codeprevention {
  if (!%sec.msg.overloads.warn) {
    linesep $active
    .echo -ac "Info Text" Code Prevented: $+(/,$1-,)
    linesep $active
  }
}
alias run { 
  if (!%sec.overloads.run) { 
    codeprevention run $1-
    return
  } 
  !run $1-
}
alias remove {
  if (!%sec.overloads.remove) {
    codeprevention remove $1-
    return
  }
  !remove $1-
}

mrjos

Like Page Follow Author

Comments

Sign in to comment.
Are you sure you want to unfollow this person?
Are you sure you want to delete this?
Click "Unsubscribe" to stop receiving notices pertaining to this post.
Click "Subscribe" to resume notices pertaining to this post.