chain

* GIRC is now in English only. * Now using mIRC 7.62. * Fixed error message from Sidebar's Treebar when connecting to many Networks. * To prevent monitor resolution bugs, the Toolbar items "Active Window" and "Time" are now in a fixed place next to the Lagbar. * Changed some menus to better adapt to english users. * Fixed bug that was closing the Mp3 Player on Desktop Mode when minimizing the GIRC. * Fixed bug with auto-ghost dialog, that was not asking for pass when nick was already in use. * Log viewer: Fixed bugs, added info and options on the menus. (/logs) * Fixed bugs with Auto-Message system on Channel Options dialog. (/opchan) * Whois now don't show Clones if theres none. * Spell Checker is now Spell Checker and Acronym system combined. (/spell) * Fixed Anti-Badword system from the Input System. (/inputs) * Added new items on the Help Window. (/ghelp) * Personal Options: Added option to auto load Past Logs when open Query/PVT * Short Commands: Added 2 exemple commands '+mo' and '-mo' to give or remove @OP from a user. Exemple: +mo john * Fixed Connection Profile button 'Connect on New Window' that was not setting default infos when you leave them blank. * New Mp3 Player: Fixed 'Next Song' Button that was not going to the correct song after clicking and selecting other song on the playlist. * Fixed bug with !Commands that the Buttons '-' and 'Disabled' could be clicked without any #Channel selected. * Changed 'Fast Mode' to 'Performance' moved from Menubar from 'Mode' to 'Options' * And other changes and fixes. https://sites.google.com/view/gircscript/home

Merry Christmas to All As the end of the year rapidly approaches, here at coders-irc would like to take this opportunity to wish you and your family a safe and restful holiday.

David-Bot nasce nel 2010, sul network IRC Azzurra, nel quale, in quel periodo, venivano ospitate le stanze di chat di tutti i forum della piattaforma ForumFree. Fu lì che iniziai la mia "avventura" su IRC. David-Bot ha origine dal mI.r]A[b.Ot e ha l'obiettivo di offrire un'esperienza di chat diversa, è stato studiato per garantire agli utenti la massima affidabilità per la protezione del canale da ogni genere di attacchi (che però va configurata dal pannello di controllo specifico, chiamato CPS), e nell'ultimo periodo, ha subito grandi cambiamenti e miglioramenti che lo hanno portato ad avere un'intelligenza artificiale, in stile CleverBot (famoso bot con cui chattare online). David-Bot offre: - Possibilità di gestire quasi totalmente il bot con i comandi da padrone (come ad esempio !saychan #canale <messaggio da far dire al bot> e altri comandi simili e non), che tra l'altro può decidere se disattivare o meno determinate funzionalità nei canali in cui sta il bot. - Riconoscimento automatico del padrone, quando il proprietario del bot cambierà nick, esso verrà impostato come nuovo proprietario. - Possibilità di avere 2 owners (questo per la gestione del canale), di cui una controparte maschile e una femminila, impostabili con !bot owner <nick> e !bot ownerf <nick>. - Possibilità di attivare i giochi su più canali in contemporanea, ma in network IRC diversi e giochi diversi (è possibile eseguire 1 sola instanza di gioco). - I giochi disponibili sono: trivia, sillabah, scarabeo, mercante in fiera, poker all'italiana, square, impiccato e IRC War (quest'ultimo è una simulazione dell'ormai datata IRC war, guerre fatte su IRC per rubare il canale di qualcuno, quando ancora non esistevano i services). - Servizi disponibili: Ora, Data, Invio del Topic in canale, Info sui comandi di IRC, Funzionalità per distribuire una sigaretta, gioco della bottiglia, gioco della bomba, servizio per controllare le ultime uscite al cinema, gioco denominato suka, gioco del saggio, raccolta statistiche per canale e clients utilizzati, gioco della SlotMachine, servizio per effettuare il countdown, possibilità di inserire citazioni, comandi vari di gestione del canale (!kickbanna nickname motivo, !banna nickname, !oppa nickname, !soppa nickname, !oppami <-- funge solo con il proprietario e se il bot è op o superiore permette al padrone di farsi mettere il grado di operatore in canale, dal bot), integrazione completa con ChanServ (non testato su anope 2.0, quindi alcuni comandi potrebbero non funzionare correttamente), integrazione con MemoServ e NickServ (!ms read last <-- legge l'ultimo memo ricevuto), offerte carine agli utenti, tramite comandi specifici, lista di comandi per operatori, proprietari del canale e per il padrone del bot inclusa (visibile con !comandi-op), servizio che tiene conto del picco di utenze del canale, servizio meteo, barzellette, test di affinità e altri comandi simpatici e più o meno utili, ad esempio è possibile impedire al bot di entrare in un determinato canale con !nojoin add #canale, possibilità di attivare una lista auto-join (per entrare in automatico nei canali), con !ajoinNUMEROon (es: !ajoin1on) e inserimento del canale con !ajoinaddNUMERO-DEL-NETWORK (dove a numero del network ci va messo un numero compreso tra 1 e 5, scelto prima con !ajoinNUMEROon), join automatico in canale su invito, possibilità di attivare i logs: il bot riporterà in un determinato canale ogni errore, messaggio ricevuto da chanserv o memoserv e altri messaggi di servizio (esempio: nick invita il bot su #canale). - Altri servizi come !invita <nickname> per invitare un nick in canale e simili... insomma, sono tantissimi per elencarli tutti Screen: È disponibile per il download insieme al Dragone2 Script al seguente link: https://varie.risposteinformatiche.it/IRC/ Per problemi, domande ecc. è possibile chiedere al sottoscritto o cercarmi in chat su IRC (Network: RisposteInformatiche, CaiusNet, ForumFree), nel canale #Risposte_Informatiche e/o #Dragone2. Nell'archivio zip del bot è presente anche un ChangeLog dei cambiamenti effettuati, aggiunte e bug fixes che verrà aperto durante il primo avvio. David-Bot8.0.zip

Dragone2 Script Il Dragone2 Script è uno script per mIRC che punta tutto sulla semplicità di utilizzo e sulla rapidità (ha diverse scorciatoie da tastiera per operazioni comuni in chat). Dragone2Script8.4.zip

A researcher discovered a serious vulnerability in an Xbox subdomain that exposed email addresses behind Xbox accounts. It only required an adversary to meddle with cookie files to extract this information. Xbox Subdomain Vulnerability Researcher Joseph Harris discovered a serious security flaw risking Xbox users’ privacy. The vulnerability existed in the “enforcement.xbox.com” subdomain – the portal letting Xbox users view and manage the enforcement actions against their profiles. Sharing the details with ZDNet, the researcher elaborated that when an Xbox user signs in to the portal, it creates a cookie file on the users’ browser having details of the web session. While this cookie helps in letting the user in without re-authentication, that’s where the problem existed. Specifically, this cookie file included Xbox user ID (XUID) in unencrypted form. Thus, anyone capable of meddling with the cookie file could change this XUID to retrieve other users’ names as well as the email addresses. The following video demonstrates the Xbox subdomain vulnerability leaking users’ data. Microsoft Deployed A Fix Upon discovering the vulnerability, the researcher reported the matter to Microsoft via their Xbox bug bounty program. Microsoft launched this bug bounty program for Xbox earlier this year. Following this report, Microsoft patched the bug last month simply by encrypting the XUIDs. Since it was a server-side fix, users don’t have to do anything to receive the fix. For them, the site continues to work the same way it did. It’s just that it no more discloses the users’ details. Although, this bug couldn’t allow hacking user accounts or the Xbox network. Nonetheless, it did allow an adversary to link users’ real email addresses with gamer tags and profile them. This could further lead to cyberbullying issues as well. Given the less-severe impact of the bug, it didn’t qualify for a bounty. Nonetheless, Microsoft still agreed to list the researcher’s name on its Hall of Fame. Attribution link: https://latesthackingnews.com/2020/11/27/xbox-subdomain-vulnerability-exposed-users-email-addresses/

Drupal, the fourth popular most popular CMS behind the websites today, has released emergency fixes for some critical flaws. Exploiting these vulnerabilities allows code execution attacks. Drupal confirmed known exploits exist. Drupal Code Execution Flaws Reportedly, Drupal has disclosed two serious security flaws, via a recent advisory, that could allow code execution attacks. As elaborated, two critical severity arbitrary PHP code execution flaws affected the different CMS versions. These include CVE-2020-28948 and CVE-2020-28948. Describing the issue in the advisory, Drupal stated, Attribution link: https://latesthackingnews.com/2020/11/28/drupal-release-emergency-fixes-for-critical-code-execution-flaws/ Drupal, the fourth popular most popular CMS behind the websites today, has released emergency fixes for some critical flaws. Exploiting these vulnerabilities allows code execution attacks. Drupal confirmed known exploits exist. Drupal Code Execution Flaws Reportedly, Drupal has disclosed two serious security flaws, via a recent advisory, that could allow code execution attacks. As elaborated, two critical severity arbitrary PHP code execution flaws affected the different CMS versions. These include CVE-2020-28948 and CVE-2020-28948. Describing the issue in the advisory, Drupal stated, Attribution link: https://latesthackingnews.com/2020/11/28/drupal-release-emergency-fixes-for-critical-code-execution-flaws/ Drupal, the fourth popular most popular CMS behind the websites today, has released emergency fixes for some critical flaws. Exploiting these vulnerabilities allows code execution attacks. Drupal confirmed known exploits exist. Drupal Code Execution Flaws Reportedly, Drupal has disclosed two serious security flaws, via a recent advisory, that could allow code execution attacks. As elaborated, two critical severity arbitrary PHP code execution flaws affected the different CMS versions. These include CVE-2020-28948 and CVE-2020-28948. Describing the issue in the advisory, Drupal stated, Attribution link: https://latesthackingnews.com/2020/11/28/drupal-release-emergency-fixes-for-critical-code-execution-flaws/

Researcher from the Google Project Zero team has found a serious bug in Facebook Messenger app that allowed spying. As detailed in a bug report, the researcher Natalie Silvanovich described that the bug existed in the WebRTC protocol that manages audio/video calls on Facebook Messenger. As a standard, audio transmission on calls begins only after the callee answer an incoming call. Explaining this behavior, the researcher stated, Attribution link: https://latesthackingnews.com/2020/11/23/facebook-messenger-bug-could-allow-spying-on-users-via-audio/

In a recent blog post, Drew Rowny, Google’s Product Lead, Messages, has shared the tech giant’s future plans. As revealed, Google is rolling out the end-to-end encryption feature to its Messages app. The Messages by Google is one of the popular Android apps among users for general communication. It is also often available as the default pre-installed messaging app in the latest Android phones. However, despite being popular, it still lagged behind other instant messaging apps like WhatsApp and Signal as it lacks key features such as end-to-end encryption. Nonetheless, Google now gears up to compete with other apps with its plans to roll out e2e encryption to Messages. This feature will ensure superior privacy to the users’ chats. As described in the post, Attribution link: https://latesthackingnews.com/2020/11/23/google-to-add-end-to-end-encryption-to-android-messages-app/

http://bit.ly/1bhqmrm

Facebook released its internally-developed Pysa security tool. Based on the open-source code of Pyre project, Facebook designed Pysa as a static code analyzer. The tool specifically looks for security bugs, unlike most other analyzers. Facebook decided to opensource the tool after witnessing its success in security Instagram. The tech giant’s internal team used the tool for identifying various bugs. Sharing the details of the tool in a post, Facebook stated, Attribution link: https://latesthackingnews.com/2020/08/11/facebook-launches-pysa-instagram-security-tool-as-open-source/