November 22nd, 2008 by phrozen77
Not even a month ago, it was KVIrc 3.4.0 in it’s Windows release which has been vulnerable to what has been at least a DoS/crash.
As of yesterday, there have been new exploits posted on the usual sites around the internet – but this time it is not the fault of KVIrc’s URI handler, because the bug is only exploitable if the malicious link is opened with Microsoft’s Internet Explorer and is possible because of its unique way to handle double quotes (“) in links.
Tags: Hack, IRC, KVIrc, Software
Posted in Clients, Hack, IRC, Software | 6 Comments »
November 14th, 2008 by phrozen77
When the iPhone first hit the stores, it was a long time where there was no native IRC client available for it and there was no other option than jailbreaking the phone to get one.
Luckily for all IRC users among the iPhone owners, Björn Teichmann created Rooms to fill that gap.
Now being available in version 0.6.8 (and 0.7.0 in a few days) from the AppStore, it already has matured quite a bit, is pretty usable and incorporates most features one could think of to make it a full-blown client that caters to almost everyones needs.
Tags: iPhone, IRC, Rooms, Software
Posted in Clients, IRC, Software | 4 Comments »
November 6th, 2008 by phrozen77
Dealing with spam is something every IRC network had to do in the past, present or even maybe in the future.
If it is somebody that is trying to give your network a bad name, a trojan horse that tries to infect your users or just someone that tries to annoy you and your users doesn’t quite matter, spam probably has been an issue as long as IRC has existed.
Luckily, there are quite a few methods and ways to counter-act on it.
Tags: BOPM, DNSBLs, How-To, InspIRCd, IRC, IRC-Defender, NeoStats, Network Addons, Software, Unreal IRCd
Posted in IRC, IRCd, Network Addons, Networks, Tutorials | 6 Comments »
November 3rd, 2008 by phrozen77
Another day, another IRC client vulnerability…
Researchers have found a remotely exploitable vulnerability in the Quassel IRC client.
Quoted from the projects homepage:
Well, looks like 0.3.0.2 was not the last 0.3.0 release after all. coekie found an issue with CTCP handling in Quassel Core that allows attackers to send arbitrary IRC messages on your behalf. This issue is present in all versions prior to 0.3.0.3 and Git older than October 26th (rev. d7a0381).
Details on the vulnerability are provided on the webpage of the exploits author:
Tags: Hack, IRC, Quassel, Software
Posted in Clients, Hack, IRC, Software | Be the first to comment! »
October 31st, 2008 by phrozen77
No, not only mIRC has bugs 
For the second time, after a similar vulnerability in 2007, the irc:// URI-handler of KVIrc 3.4.0 is vulnerable to exploitation.
For successful exploitation of the security hole the user needs to be tricked to follow a maliciously crafted irc:// link – “Failed exploit attempts may cause denial-of-service conditions.” at least, or might even enable the attacker “to execute arbitrary code with the privileges of the user running the affected application.” - which we all know is Administrator for 95% of all Windows machines.
Tags: Hack, IRC, KVIrc, Software
Posted in Clients, Hack, IRC, Software | 1 Comment »
