• You treat strings from untrusted sources as list. This is a bad practise, and will break the script on certain inputs.
  Generally not exploitable.
• You perform no validation or sanitation of remote data inserted into your SQL-queries.
  Thus, your script is vulnerable to Remote SQL-injection attacks. The script does not connect with multistatement support enabled, which does limit the impact of this poor coding. That, however, is not an excuse for not validating/sanitizing the data in the first place.

Statistics: Posted by nml375 — Sun Oct 31, 2010 12:31 pm

Statistics: Posted by madpinger — Sun Oct 31, 2010 10:47 am

Code:

CREATE TABLE  `CHANGE_THIS`.`bad_words` (`bword` VARCHAR( 25 ) NOT NULL , `bkick` VARCHAR( 250 ) NOT NULL ,KEY  `bword` (  `bword` ) ,KEY  `bkick` (  `bkick` )) ENGINE = MYISAM DEFAULT CHARSET = latin1;

CREATE TABLE  `CHANGE_THIS`.`channel_users` (`nick_id` INT( 25 ) NOT NULL AUTO_INCREMENT , `nick` VARCHAR( 35 ) NOT NULL , `title` VARCHAR( 200 ) NOT NULL DEFAULT  'Peasant', `host` VARCHAR( 200 ) NOT NULL , `requests` INT( 100 ) NOT NULL DEFAULT  '0', `fills` INT( 100 ) NOT NULL DEFAULT  '0', `points` INT( 100 ) NOT NULL DEFAULT  '0', `leeched` INT( 25 ) NOT NULL DEFAULT  '0',KEY  `nick_id` (  `nick_id` ) ,KEY  `leeched` (  `leeched` ) ,

Statistics: Posted by doggo — Sat Oct 30, 2010 8:09 pm

Code:

package require mysqltcl 3.05namespace eval bad {namespace eval words {variable add_chan "#nzbmatrix.chat"#DB CONNECTIONvariable db_host "************"variable db_port "************"variable db_user "************"variable db_pass "************"variable db_name "************"#BAD WORDS TABLEvariable db_table "bad_words"variable db_badword "bword"variable db_kickmsg "bkick"#CHANNEL USER TABLEvariable db_user_table "channel_users"variable db_user_nick "nick"variable db_user_title "title"variable db_user_host "host"variable db_user_requests "requests"variable db_user_fills "fills"variable db_user_points "points"variable db_user_leeched "leeched"#TRIGGERSvariable  rehashtrig "-rehash"variable addtrig "-add"variable deltrig "-del"#BINDSbind join -|- "$bad::words::add_chan %" bad::user_add::add_userbind pub m|m $bad::words::rehashtrig bad::re_hash::rehash_funcbind msg -|- $bad::words::addtrig bad::badwordadd::addbadwordbind pubm -|- "$bad::words::add_chan *" bad::checkword::wordcheckerbind join -|- "$bad::words::add_chan *Guest*" bad::checknick::nickcheckbind msg -|- $bad::words::deltrig bad::badworddel::delbadword#END SETTINGS NAMESPACE}namespace eval re_hash {proc rehash_func {nick uhost hand chan arg} {rehashputquick "PRIVMSG $bad::words::add_chan :done.."}#END RE_HASH NAMESPACE}namespace eval user_add {proc add_user {nick host hand chan} {set nick_ident *!*@[lindex [split [getchanhost $nick] "@"] 1]    set check_user_handle [::mysql::connect -host $bad::words::db_host -port $bad::words::db_port -user $bad::words::db_user -password $bad::words::db_pass -db $bad::words::db_name];set added_user_get [::mysql::sel $check_user_handle "SELECT $::bad::words::db_user_nick FROM $::bad::words::db_user_table WHERE $::bad::words::db_user_nick = '$nick'" -flatlist];if { $added_user_get != "" } {::mysql::endquery $check_user_handle::mysql::close $check_user_handle} elseif {$added_user_get == ""} {set add_user_handle [::mysql::connect -host $bad::words::db_host -port $bad::words::db_port -user $bad::words::db_user -password $bad::words::db_pass -db $bad::words::db_name];if {[catch {set adduser [::mysql::exec $add_user_handle "INSERT INTO $bad::words::db_user_table ($bad::words::db_user_nick, $bad::words::db_user_host) VALUES ('$nick', '$nick_ident'   )"]; } badentry]} {::mysql::endquery $add_user_handle::mysql::close $add_user_handle} else {::mysql::endquery $add_user_handle::mysql::close $add_user_handle} }}#END USER_ADD NAMESPACE}namespace eval badwordadd {proc addbadword {nick uhost hand text} {set add_word [lindex $text 0]set add_kick_msg [lrange $text 1 end]if {$add_kick_msg == ""} {putquick "NOTICE $nick :you forgot a kick msg..";return}if { [isop $nick $bad::words::add_chan] == 0 } {putquick "PRIVMSG $bad::words::add_chan :$nick tried to add '$add_word : $add_kick_msg'  @ status is needed to add words";return}set badword_handle [::mysql::connect -host $bad::words::db_host -port $bad::words::db_port -user $bad::words::db_user -password $bad::words::db_pass -db $bad::words::db_name];if {[catch {set addmp3 [::mysql::exec $badword_handle "INSERT INTO $bad::words::db_table ($bad::words::db_badword, $bad::words::db_kickmsg ) VALUES ('$add_word', '$add_kick_msg'   )"]; } badentry]} {putquick "NOTICE $nick :$badentry"::mysql::endquery $badword_handle::mysql::close $badword_handle} else { putquick "NOTICE $nick :\00307Added \017 | $add_word | $add_kick_msg"::mysql::endquery $badword_handle::mysql::close $badword_handle}}#END BADWORDADD NAMESPACE}namespace eval checkword {proc wordchecker {nick uhost hand chan text} {set nick_ident *!*@[lindex [split [getchanhost $nick] "@"] 1]regsub -all {\003([0-9]{1,2}(,[0-9]{1,2})?)?} $text "" textregsub -all {\017|\037|\002|\026|\006|\007} $text "" textset line [split $text]set fnd 0foreach wordsaid $line {set check_word_handle [::mysql::connect -host $bad::words::db_host -port $bad::words::db_port -user $bad::words::db_user -password $bad::words::db_pass -db $bad::words::db_name];set check_word [::mysql::sel $check_word_handle "SELECT $::bad::words::db_badword, $::bad::words::db_kickmsg FROM $::bad::words::db_table WHERE $::bad::words::db_badword = '$wordsaid'" -flatlist];::mysql::endquery $check_word_handle::mysql::close $check_word_handleif { $check_word == ""} {  } else {incr fnd 1}}if { $fnd != "0" && [isop $nick $chan] == 0 } {set why [lrange $check_word 1 end]regsub -all {\{} $why "" whyregsub -all {\}} $why "" whyputquick "KICK $chan $nick :$why"} else { return}}#END CHECKWORDADD NAMESPACE}namespace eval checknick {proc nickcheck {nick uhost hand chan} {set kick_reason "NO! Guests allowed.. Change your nick by typing /nick nzblover and rejoin" putquick "MODE $chan +b $nick"putquick "KICK $chan $nick :$kick_reason"utimer 15 [list putquick "MODE $chan -b $nick"]} #END CHECKNICK NAMESPACE}namespace eval badworddel {proc delbadword {nick uhost hand text} {set add_word [lindex $text 0]if {$add_word == ""} {putquick "NOTICE $nick :what did you want me to remove exactly?";return}if { [isop $nick $bad::words::add_chan] == 0 } {putquick "PRIVMSG $bad::words::add_chan :$nick tried to remove '$add_word' @ status is needed to remove words";return}set badword_handle [::mysql::connect -host $bad::words::db_host -port $bad::words::db_port -user $bad::words::db_user -password $bad::words::db_pass -db $bad::words::db_name];set word_take [::mysql::exec $badword_handle "DELETE FROM $bad::words::db_table WHERE $bad::words::db_badword = '$add_word'"];if { $word_take == 0 } {putquick "NOTICE $nick :nothing found for '$addword'"::mysql::endquery $badword_handle::mysql::close $badword_handle} else { putquick "NOTICE $nick :\00307Removed \017 | $add_word "::mysql::endquery $badword_handle::mysql::close $badword_handle}}#END BADWORDDEL NAMESPACE}#END ALL NAMESPACES}

-rehash *to rehash the bot*/msg botnick -add badword some custom kick msg *to add a bad word*/msg botnick -del badword *to remove a bad word*

Statistics: Posted by doggo — Sat Oct 30, 2010 7:50 pm