[9911] in bugtraq
Re: Bug in IRC services
daemon@ATHENA.MIT.EDU (Kevin Day)
Fri Mar 12 20:54:01 1999
Date: Fri, 12 Mar 1999 19:43:04 -0600
Reply-To: Kevin Day <toasty@HOME.DRAGONDATA.COM>
From: Kevin Day <toasty@HOME.DRAGONDATA.COM>
X-To: fractalg@lidernet.pt
To: BUGTRAQ@NETSPACE.ORG
In-Reply-To: <yam7740.1049.136947040@mail.telepac.pt> from fractalg at "Mar
12, 1999 7:27:20 pm"
> Hello,
> I've just found a big hole in services provided by IRC networks. The
> services in question are Chanserv, Nickserv, Memoserv.
Most IRC networks use their own version of services, not even from the same
codebase.
> So it came the new version of the servers this time with a nice feature !
> You didnt need to identify the nick when the servers rejoined from the
> split ! The first time I saw this I tought about how would the services
> recognize me as the true nick before the split... I never had the chance to
> test this theory until some days ago.
Right, you add a hostmask that services are supposed to recognize you by.
(i.e. yourident@*.yourisp.com
>
So one server splitted and I took a nick from one administrator that wasn't
> even online ! And for my surprise when the servers rejoined I had full
> access to administrator privileges ! It just recognized the nick as a valid
> one and gave me the privileges.
1) No services I know give privileges based on nick alone. You have to be
/oper'ed and/or identified by password.
2) I know for a fact DALnet's and NewNet's services don't act this way, to
name two.
> This type of thing occurs because the server doesn't make any check, only
> checking if the nick exists in it's database. One solution of this problem
> would be keeping a database of user/ip before the split and then compare
> when servers rejoin.
This may have been due to a desync, but I've never seen this before. Without
knowing the services on the network you describe, I can't comment further,
but this doesn't happen anywhere I know of.
Kevin Day
Administrator irc.dragondata.com
Services coder on NewNet.
