RAW User Commands!

Archived discussion about features (predating the use of Bugzilla as a bug and feature tracker)

Moderator: Moderators

Locked
cyberal
Posts: 360
Joined: 2003-05-16 05:42

RAW User Commands!

Post by cyberal » 2003-08-17 19:51

I want to be able to make RAW User Commands! Why should I be stuck with the preset parameters. I want to be able to customize exactly what to do. Why have this possibility been blocked? How can this be abused?
http://whyrar.omfg.se - Guide to RAR and DC behaviour!
http://bodstrom.omfg.se - Bodströmsamhället, Länksamling om hoten mot vår personliga integritet

Twink
Posts: 436
Joined: 2003-03-31 23:31
Location: New Zealand

Post by Twink » 2003-08-17 19:57

that would be nice

Todi
Forum Moderator
Posts: 699
Joined: 2003-03-04 12:16
Contact:

Post by Todi » 2003-08-18 02:00

Is this an ironic post? =)
How can this be abused?
Well the first thing that springs to mind is ofcourse the ability to fake private messages, something that is very annoying and has been used more than once to "take over" hubs.

cyberal
Posts: 360
Joined: 2003-05-16 05:42

Post by cyberal » 2003-08-18 03:10

Todi> It was a simple question..
"ability to fake private messages" There is no such thing, the hub doesn't accept every single command it gets, if you were to send a pm with another sender name than yourself you would be disconnected. Atleast you should be, if not... change hubsoftware!
http://whyrar.omfg.se - Guide to RAR and DC behaviour!
http://bodstrom.omfg.se - Bodströmsamhället, Länksamling om hoten mot vår personliga integritet

smash
Posts: 4
Joined: 2003-08-17 20:12

Post by smash » 2003-08-18 15:28

there is a prog that has a fake nick pmer...

TheNOP
Posts: 275
Joined: 2003-07-07 21:41
Location: Quebec

Post by TheNOP » 2003-08-18 16:25

smash wrote:there is a prog that has a fake nick pmer...
and in recent Hub they get disconnect or ban if they use it. :twisted:
i also know a script that allow someone to do that VIP/OP (by default)
could be made for everyone.
note : it's do that in main chat only. :wink:
TheNOP

Have you read the FAQ?
Or the sticky ? It might give you idea.

Todi
Forum Moderator
Posts: 699
Joined: 2003-03-04 12:16
Contact:

Post by Todi » 2003-08-19 07:26

"ability to fake private messages" There is no such thing, the hub doesn't accept every single command it gets, if you were to send a pm with another sender name than yourself you would be disconnected. Atleast you should be, if not... change hubsoftware!
Well, it's obvious you've never used a buggy little thing called the "Neo-Modus DC Hub"

cyberal
Posts: 360
Joined: 2003-05-16 05:42

Post by cyberal » 2003-08-19 08:18

In a good hubsoftware none of what you are talking about should be remotely possible. If folks are still using hubsoftwares that can be manipulated so easily, fuck 'em! (sorry) Implementing raw commands wouldn't make these bugs more easily exploitable, lots of DC++ mods already have this possibilty! It would, however, make a HUGE difference to hub OPs & Admins!
http://whyrar.omfg.se - Guide to RAR and DC behaviour!
http://bodstrom.omfg.se - Bodströmsamhället, Länksamling om hoten mot vår personliga integritet

Lightning Man
Posts: 53
Joined: 2003-08-09 10:00
Location: Wilmington, NC
Contact:

Post by Lightning Man » 2003-08-19 09:07

cyberal wrote:If folks are still using hubsoftwares that can be manipulated so easily, fuck 'em!
Sure, let's run roughshod over people who are allowing their personal computers for use in you trading files. What was your IP again? :wink:

(edit: GMT - fixed your quote tags)

GargoyleMT
DC++ Contributor
Posts: 3212
Joined: 2003-01-07 21:46
Location: .pa.us

Post by GargoyleMT » 2003-08-31 09:02

Lightning Man wrote:Sure, let's run roughshod over people who are allowing their personal computers for use in you trading files. What was your IP again? :wink:
If a program has bugs, or security holes, what level of responsibility is it of other programs to make sure that nobody exploits them? This is a serious question.

cyberal
Posts: 360
Joined: 2003-05-16 05:42

Post by cyberal » 2003-08-31 18:39

If adding more functionality to the client means that another poorly made hubsoftware can be exploited I see that as normal evolution, survival of the fittest!

Gargoyle> you know this stuff, would implementing Raw commands accually be any threat to anyone (exept poorly made hubsofts)?
http://whyrar.omfg.se - Guide to RAR and DC behaviour!
http://bodstrom.omfg.se - Bodströmsamhället, Länksamling om hoten mot vår personliga integritet

TheNOP
Posts: 275
Joined: 2003-07-07 21:41
Location: Quebec

Post by TheNOP » 2003-08-31 19:54

what is the difference between command and raw ?
like in dc++k ? possibility to change the commands, parameters and order of the parameters sent ?
isnt that already available manualy in chat ?
unless you are talking about something else....
TheNOP

Have you read the FAQ?
Or the sticky ? It might give you idea.

cologic
Programmer
Posts: 337
Joined: 2003-01-06 13:32
Contact:

Post by cologic » 2003-08-31 20:19


TheNOP
Posts: 275
Joined: 2003-07-07 21:41
Location: Quebec

Post by TheNOP » 2003-08-31 21:11

thanks
If a program has bugs, or security holes, what level of responsibility is it of other programs to make sure that nobody exploits them? This is a serious question.
in my opignon, no clients should be made specialy to hide possible hub security flaws,or they will be discover only after the dommage is done.
it should be done at hub side for client -->hub.
and at clients side for client<---client.

DC client are not the only way to exploit a security hole. :wink:
TheNOP

Have you read the FAQ?
Or the sticky ? It might give you idea.

GargoyleMT
DC++ Contributor
Posts: 3212
Joined: 2003-01-07 21:46
Location: .pa.us

Post by GargoyleMT » 2003-09-02 10:45

TheNOP wrote:in my opignon, no clients should be made specialy to hide possible hub security flaws,or they will be discover only after the dommage is done.
it should be done at hub side for client -->hub.
and at clients side for client<---client.

DC client are not the only way to exploit a security hole. :wink:
This is, I hope, the prevailing opinion. I don't have an opinion on RAW commands, but if anyone wishes to veto the feature, they need a better explanation (in my mind) than "it can screw up hubs" etc.

Locked