AntiSpam tcl prevent sending bad data

Question

The script in the moment working fine. The new goal is simple. To decrypt the cloacked host. Charybdis ircd has an option to mask hosts. Such an example here with cloacked host:

[11:34:20] * BGChat13369 (~webirc@146.185.up.zu) has joined

I need to rewrite the tcl to do this job. I mean to decrypt this cloacked hosts as a normal host. I believe the following proc above i can do that but i am not sure how to include this in the hole script.

I will thankful if you help me around.

Simple code for decrypting the cloaked host.

bind pub - "!getip" getip

proc getip {nick uhost handle chan text} {
    bind raw - 378 ip_from_whois
    putserv "whois [lindex [split $text] 0 ]"
    utimer 10 [list unbind raw - 378 ip_from_whois ]
}

proc ip_from_whois {from keyword text} {
    ###putserv "privmsg #test12 :text contains: $text"
    putserv "privmsg #test12 :[lindex [split $text] end]"
}

Here is output from raw irc message

<- :bgchat.abvnet.org 311 Kiril BGChat63052 ~webirc 84.2.xh.ry * :http://chatbg.info
<- :bgchat.abvnet.org 319 Kiril BGChat63052 :#SEX #xxl #Liberta #Bulgaria #40-50 #Pristis #goplay #Rousse #20-40 #Chat #30-40 #bourgas #VIP #BGChat 
<- :bgchat.abvnet.org 312 Kiril BGChat63052 bgchat.abvnet.org :BGChat IRC Server
<- :bgchat.abvnet.org 378 Kiril BGChat63052 :is connecting from *@84.2.74.59 84.2.74.59
<- :bgchat.abvnet.org 317 Kiril BGChat63052 28 1482399651 :seconds idle, signon time
<- :bgchat.abvnet.org 318 Kiril BGChat63052 :End of /WHOIS list.

Here is the already working with normal hosts tcl.

# AntiFlood.tcl v1.0 
######################################################################

# What type eggdrop will be?
#
# 0 - Guard ( do not need to check )
# 1 - checker ( it's a checker just sending a bad info )
# 2 - both ( Guard + Checker) ( Guard banning and sending bad data info to the other guards. )
set espam(how) "0"

# Botnet nicks ( Guards)
set espam(guards) "Oberon"

# From which botnet nicks will recieve information
set espam(leafs) "CIA"

set espam(ExemptFlags) "f"

# 1 - $nick!*@*
# 2 - *!*ident@www.linux.com
# 3 - *!*ident@*
# 4 - *!*@www.linux.com

set espam(BanType) "4"


set espam(Reason) "Detected spam (type - \$type) from you on \[e:now\] from \$u"
set espam(BanLast) 120
set espam(Global) {
    {*join in*}
}

set espam(Public) {
    {*/server*}
    {*/s irc.*}
    {*irc.*}
}

set espam(Message) {
    {*/server*}
    {*/s irc.*}
    {*irc.*}
}

set espam(Notice) {
    {*/server*}
    {*/s irc.*}
    {*irc.*}
}

set espam(Quit) {
    {*/s*}
    {*/server*}
    {*irc.*}
}

set espam(CTCP) {
    {*/server*}
    {*/s irc.*}
    {*irc.*}
}

set espam(CTCR) {
    {*/server*}
    {*/s irc.*}
    {*irc.*}
}

set espam(ExemptList) {
    {*!*@Services}
}

# Binds
bind pubm - * e:publicspam
bind msgm - * e:msgspam
bind notc - * e:notspam
bind sign - * e:quitspam
bind ctcp - * e:ctcpspam
bind ctcr - * e:ctcrspam
bind ctcp - DCC e:dccspam

proc e:publicspam {n u h c t} {
    if {[e:isexempt $n $h $u]} {return}
    if {[e:isspam Public $t]} {return}
    e:punish $n $u $h Public
    return
}

proc e:msgspam {n u h t} {
    if {[e:isexempt $n $h $u]} {return}
    if {[e:isspam Message $t]} {return}
    e:punish $n $u $h Message
    return
}

proc e:notspam {n u h t d} {
    if {[e:isexempt $n $h $u]} {return}
    if {[e:isspam Notice $t]} {return}
    e:punish $n $u $h Notice
    return
}

proc e:quitspam {n u c h t} {
    if {[e:isexempt $n $h $u]} {return}
    if {[e:isspam Quit $t]} {return}
    e:punish $n $u $h Quit
    return
}

proc e:ctcrspam {n u h d k t} {
    if {[e:isexempt $n $h $u]} {return}
    if {[e:isspam CTCR $t]} {return}
    e:punish $n $u $h CTCR
    return
}

proc e:ctcpspam {n u h d k t} {
    if {[e:isexempt $n $h $u]} {return}
    if {[e:isspam CTCP $t]} {return}
    e:punish $n $u $h CTCP
    return
}

proc e:dccspam {n u h d k t} {
    if {[e:isexempt $n $h $u]} {return}
    set file [string tolower [lindex [split $t] 1]]
    if {[string match "*.exe" $file] || [string match "*.bat" $file] || [string match "*.zip" $file] ||
        [string match "*.rar" $file] || [string match "*.zip" $file] || [string match "*.vbs" $file] ||
        [string match "*.ini" $file] || [string length $t] > 130} {
        e:punish $n $u $h DCC
    }
}

proc e:isspam {type arg} {
    global espam
    if {$arg == ""} {return 1}
    set arg [strip:all $arg]
    if {[info exists espam(Global)] == 1} {
        foreach estr $espam(Global) {
            if {[string match -nocase $estr $arg] == 1} {
                return 0
            }
        }
    }
    if {[info exists espam($type)] == 1} {
        foreach estr $espam($type) {
            if {[string match -nocase $estr $arg] == 1} {
                return 0
            }
        }
    }
    return 1
}

proc e:punish {n u h type {c "1"}} {
    if {[isbotnick $n]} {return 0}
    if {[string match -nocase $c $::espam(leafs)]} {e:remspm $n $u $h $type}
    switch $::espam(how) {
        0 {e:remspm $n $u $h $type}
        1 {e:tellgrds $n $u $h $type}
        2 {e:tellgrds $n $u $h $type;e:remspm $n $u $h $type}
    }
}

proc strip:color {string} {
    regsub -all \003\[0-9\]{1,2}(,\[0-9\]{1,2})? $string {} string
    return $string
}

proc strip:bold {string} {
    regsub -all \002 $string {} string
    return $string
}

proc strip:underline {string} {
    regsub -all \037 $string {} string
    return $string
}

proc strip:all {string} {
    return [strip:color [strip:bold [strip:underline $string]]]
}

proc e:isexempt {nick hand host} {
    if {[isbotnick $nick]} {return 1}
    if {$hand == "*" || $hand == ""} {return 0}
    if {$::espam(ExemptFlags) == ""} {return 0}
    if {[matchattr $hand $::espam(ExemptFlags)] == 1} {return 1}
    foreach exhost $::espam(ExemptList) {
        if {[string match "*$exhost*" $host]} {return 1}
    }
    return 0
}

proc e:makeban {nick uhost} {
    switch $::espam(BanType) {
        1 {return "$nick!*@*"}
        2 {return "*!*$uhost"}
        3 {return "*!*[lindex [split $uhost "@"] 0]*@*"}
        4 {
            if {[string match "*html.chat" $uhost]} { set ban "*!*[lindex [split [maskhost $uhost] "!"] 1]"  } { set ban "*@[lindex [split $uhost "@"] 1]"}
        }
    }
}

proc e:bannick {ban chan} {
    if {$chan == "" || $ban == "*!*@*" || $ban == ""} {return}
    if {[validchan $chan] == 1 && [botonchan $chan] == 1 && [botisop $chan] == 1} {
        pushmode $chan +b $ban
        return
    }
    return
}

proc e:now {} {
    return [strftime "%d %b %Y %I:%M %P"]
}

proc e:remspm {n u h type} {
    if {[e:isexempt $n $h $u]} {return}
    set ban [e:makeban $n $u]
    if {![string match $ban $::botname]} {
        newban $ban $::botnick [subst $::espam(Reason)] $::espam(BanLast)
        putquick "kline 1440 $ban [subst $::espam(Reason)]"
    }
    foreach chan [channels] {
        if {[onchan $n $chan]} {
            putkick $chan $n [subst $::espam(Reason)]
            e:bannick $ban $chan
        }
    }
}

proc e:tellgrds {n u h type} {
    foreach b $::espam(guards) {
        putlog $b
        putbot $b "ebgspamdetected $n $u $h $type"
    }
}

bind bot - ebgspamdetected e:sdet
proc e:sdet {a b c} {
    if {![string match $a $::espam(leafs)]} {return}
    e:remspm [lindex $c 0] [lindex $c 1] [lindex $c 0] [lindex $c 3]
}

putlog "TCL | Anti Spam"

So here are the steps:

Someone wrote to the checker bad info.
Checker send this bad info to the guard bot
Guard bot decrypt cloacked host
Guard kline the already decrypted cloacked host.

I am willing to try help, but I am not familiar with the script so I'll need help understand it first. "Someone wrote to the checker bad info." Is the checker a channel? — Jerry, Dec 26 '16 at 05:59
Hello, I will try to explain you in details. Here's the example if someone wrote the the checker/guard on the different type set already such as private message, notice, ctcp and etc. for example "come to /server irc.lame.com" that will trigger this bad info because this is set as a bad info. — user3599612, Jan 05 '17 at 11:35

AntiSpam tcl prevent sending bad data

0 Answers0