Post finished Clientside Scripts here, known supporting clients for LUA scripting.
Note: Client must be
ADC 1.0
BCDC++ |
RSX++
-
Toast
Post
by Toast » 29 Jun 2008, 09:04
Code: Select all
--[[
simple workaround for dc++ exploit that affect most popular recent clients.
script should work with other clients with similar lua implementation
adrian_007 (c) 2008
]]--
dcpp:setListener( "clientIn", "exploitfix",
function( userp, line )
-- this is a hack...
if line == "$ADCGET list /// 0 -1 ZL1" then
DC():PrintDebug( "Dropped user that tried to crash you via exploit!" )
return true
else
return false
end
end
)
DC():PrintDebug(" ** exploitfix.lua loaded")
-
adrian_007
- Senior Member
- Posts: 126
- Joined: 06 Jan 2008, 13:00
Post
by adrian_007 » 29 Jun 2008, 10:35
checked with rsx++, maybe someone can confirm if it's working with other.
-
Toast
Post
by Toast » 30 Jun 2008, 10:38
i can check with BCDC++ later on this day when i get home from work
-
allnames
Post
by allnames » 30 Jun 2008, 16:11
Loads correct on LDC 1.00 v2a (DC++ 0.674) but I haven't verified it stops the exploit.
-
Yeppy
- Newbie
- Posts: 4
- Joined: 19 Mar 2009, 21:49
Post
by Yeppy » 19 Mar 2009, 22:02
how can you tell if it works ? cause i'm using it in rsx but i still get the little message that someone is trying to use my client to spam
-
adrian_007
- Senior Member
- Posts: 126
- Joined: 06 Jan 2008, 13:00
Post
by adrian_007 » 20 Mar 2009, 15:36
it doesnt prevent spam attempt but remote exploit that can crash your client.... and there's a update on my forum.
-
Toast
Post
by Toast » 20 Mar 2009, 16:09
Code: Select all
--[[
simple workaround for dc++ exploit that affect most popular recent clients.
script should work with other clients with similar lua implementation
adrian_007 (c) 2008
little change of string-recognition for better exploit-fix by FlipFlop (c) 2009
]]--
dcpp:setListener( "clientIn", "exploitfix",
function( userp, line )
-- this is a hack...
if string.find(line, "%$ADCGET (%S) //+ 0 %-1 ZL1") then
DC():PrintDebug( "Dropped user that tried to crash you via exploit" )
return true
else
return false
end
end
)
DC():PrintDebug(" ** exploitfix.lua loaded")
Yeppy the spam problem that your asking about is the CTM exploit and there arent any sure proof solutions out there yet
-
adrian_007
- Senior Member
- Posts: 126
- Joined: 06 Jan 2008, 13:00
Post
by adrian_007 » 20 Mar 2009, 16:23
ahh TmpAntiFlood can partially deal with it
-
Yeppy
- Newbie
- Posts: 4
- Joined: 19 Mar 2009, 21:49
Post
by Yeppy » 20 Mar 2009, 22:00
ok i got the updated version from rsx forums
btw how do you use the true/false that function returns ? cause i don't think just by sending text ("dropped user ... ") helps with anything
-
adrian_007
- Senior Member
- Posts: 126
- Joined: 06 Jan 2008, 13:00
Post
by adrian_007 » 21 Mar 2009, 16:35
if you return true, message isnt dispatched anymore - it's dropped at script level.