This is something that I am rather familiar with :)
As of this moment, the only good sources for ircII scripts are at
ftp://ftp.pimpz.org and ftp://bitchx.htoc.com
You can trust the scripts from there.
Meanwhile, an ircII script can be as powerful as a shell, please check on
http://www.undernet.org the important FAQ file how to detect ircII
backdoors, I believe its also on pimpz.org ftp site.
You might want to hack a client source a bit to disable DCC and/or CTCP
commands. To be safe you can simply rename them adn retain the
functionality.
The source for the clients is widely available on ftp://bitchx.htoc.com
and ftp://ftp.undernet.org
That's all for now, I'll gladly answer your ircII related questions in
private.
***
Leonid Knyshov AKA Wise_One <wiseleo@juno.com>
http://kiassociates.com/computerhelp
http://kiassociates.com/computerhelp/personal
For file attachments please use wiseleo@hotmail.com and send a note about
it here :)
On Sat, 31 May 1997 01:03:21 +0300 Lista de securitate
<bugtraq@LICJ.SOROSCJ.RO> writes:
> This is a very strange trojan which affects Unix users (other
>OS-es may be affected as well) which use ircII or BitchX to link to
>irc
>servers. And in my country many system administrators do this. It was
>presented on the irc as amusement (how to kick off a listop with no
>access
>rights) but it may have more serious consequences.
>
> Some versions of a very popular (at least in romania) irc
>script
>(Atlantis) are trojan horses which implement new ctcp commands which
>allow
>other people on the irc world to execute irc commands in your client
>
>INCLUDING /DCC SEND AND /EXEC
>(if the client supports them)
>
>Atlantis 1.2b is the best known version of the script and if used
>under
>ircII (Unix version, Linux tested) The user using these two can have
>the
>mail read by others. Sample ircII prompt; noob victim, feur intruder:
>
><feur> /ctcp noob version