IRC Mission 6

[haha01haha01]

im also stuck on this one... i tried tons of different string manipulation commands, but it seems like the bot script has some filter that will never let it say !op.

[DrakierD]

You don't get the bot to say !op.

Focus on the exploits for the script you're given. Think about his client, think about what he's using for his script, and think about ways people exploit that.

[haha01haha01]

You don't get the bot to say !op.

Focus on the exploits for the script you're given. Think about his client, think about what he's using for his script, and think about ways people exploit that.

I know that its using MIRC and that i can inject certain commands and variabled (those starting with a $). Doesnt really help me, since AFAIK the command for making someone op is /mode, and i cant inject that.

[DrakierD]

You don't get the bot to say !op.

Focus on the exploits for the script you're given. Think about his client, think about what he's using for his script, and think about ways people exploit that.

I know that its using MIRC and that i can inject certain commands and variabled (those starting with a $). Doesnt really help me, since AFAIK the command for making someone op is /mode, and i cant inject that.

Are you SURE about that? Perhaps the way you're doing it is just "different" than the proper way. Keep focusing on exploits for the script. The first key is in knowing what is exploitable in the script. Then it is fashioning it to do what you want it to do.

[insider-]

anyone can give me a hint... $decode doesnt help.. $iif and $ifmatch too... i'm really stuck here :s

[haha01haha01]

Okay...
I tried the given script on an IRC server of my own (because it seems like moo doesn't REALLY use this script, it uses a modified version that for security purposes won't let you exploit that script in any possible way, and it makes the real exploit harder to find), and I don't seem to understand something. If I use "!write haha01haha01 $eval(msg $chan test)" and then read the memo, it simply shows "msg #testchan test" (testchan being the name of the channel I used). However, if I insert the following command into the script:
ON *:TEXT:!test:#: {
$eval(msg $chan test)
}
It actually evaluates the msg command and when saying !test it shows "test".

Why is the $eval command working differently when used inside the code and through the memos? at first I thought that functions don't work through the memos at all, but all the other functions I tried using through the memo ($replace, $hash, $readini) worked perfectly.

Can anyone explain this to me and also tell me if I'm on the right way? I never really dealt with interpreted\scripted languages in general (I'm a C#fag) and with mIRC in particular, so the whole thing is kind of confusing to me.
Also, if anything I posted above was a spoiler, delete it please.

EDIT: okay, I did some more tests. it seems like even when inside the code, using "msg $chan $eval(msg $chan test)" whats being messages is "msg #testchan test". The same thing happens when assigning the result of $eval to a variable. This makes me think that $eval (and perhaps other functions too?) act differently when it's being used alone ($eval(msg $chan test)) and when being used in order to get a return value (var %test = $eval(msg $chan test)).

[newblar]

$eval(msg $chan test) is not the code that's in the script, as you'll soon find out. The code that is in the script looks something like this:
msg $chan ...

Given this information, try and work out, using mIRC, why $eval is no help in this case.

The objective is to obtain +o, and I've already passed this, but shouldn't one possible solution involving $crlf technically work? I don't see why it doesn't.

[haha01haha01]

$eval(msg $chan test) is not the code that's in the script, as you'll soon find out. The code that is in the script looks something like this:
msg $chan ...

Given this information, try and work out, using mIRC, why $eval is no help in this case.

The objective is to obtain +o, and I've already passed this, but shouldn't one possible solution involving $crlf technically work? I don't see why it doesn't.

So, $eval is not the way to go here. Okay, that's one option down. I'll contact you if I have any other questions, thanks.

EDIT: okay, I completed it. And yes it's related to $crlf.

[Bash23]

Ok, can someone give me more hints? I'm tried ever possible thing I could come up with and it's still not working

[haha01haha01]

Ok, can someone give me more hints? I'm tried ever possible thing I could come up with and it's still not working

Best hint I can give you is think about how can $lf help you here. I would also recommend attempting the mission with your own bot using the given script instead of through moo, because it makes error tracing much easier.