30 August 2006 | 173,392 views

How to get Ops and takeover a channel on IRC Hack Hacking

Check For Vulnerabilities with Acunetix

I’ve been spending a lot of time online lately reading all kinds of stupid text files on how to “Takeover Ops Boi!!!”, “eLeEt WaYs To gEt OpS!!!”, “HOW TO GET OPS ON SERVER SPLITS”, etc. We all know none of these things work, at least not for me. They’re either written by morons, or they were written like 10 years ago and don’t work anymore. The method I’m presenting here DOES work, but it takes practice, patience, and careful reading.

Tools needed

An IRC script that can do mass deops quickly and easily (preferibly one that lets you press an F# (function) key to do mass deops, or one that automatically mass deops once you gain ops). You don’t want to have to start going through popup menus since you have to do this quickly.

An IRC script that can do mass CTCP versioning. I’ll explain later.

A wingate scanner. These aren’t too hard to find. Check http://packetstorm.linuxsecurity.com/wingate-scanner/

A few ‘war’ programs to exploit irc clients, nuke, flood, etc. When I say flood, I don’t mean like a ping flood in mIRC, I mean like a real ICMP flooder. Try to find Final Fortune, it’s a program I made myself… very effective.

A lot of patience.

A brain.

Process

Find a channel you want to takeover. This method will NOT work on Dalnet or any other networks with anything like ChanServ. Also, this won’t work if all of the ops in the channel are bots (unless they’re VERY badly programmed). OK, so once you’re in the channel, do a Version CTCP on all of the ops in there. Look for exploitable scripts (some versions of ircN, mIRC 5.3x, mIRC 5.4, etc.). Now, let’s say you find someone with nick ‘DumbOP’ and he’s using a script that you know you can exploit and disconnect him from IRC (but don’t crash him yet!).

/dns DumbOP to find his IP. Now take your handy wingate scanner. Plug in his IP and search for a similar one with the scanner. If you can’t find one in the same Class C range, try Class B if you have to, but make sure it resolves to something close to DumbOP’s IP.

Good, so now you have a wingate IP similar to DumbOP’s. If you couldn’t find an IP close to his, try this with another op with an exploitable script. Do a /whois DumbOP to find the IRC server he’s on and his ident (the thing before the @ip). So now that you have the wingate IP, what do you do with it? I’ll assume you never wingated before, and I’ll explain how to do it with mIRC. For
the example, let’s say the wingate IP is 1.2.3.4, DumbOP’s ident is ‘opident’, and DumbOP’s irc server is ‘irc.server.net’.

Open a new instance of mIRC, and in the status window, do the following:

/server 1.2.3.4 23

You’ll see it say “WinGate>NICK (some nick)”

Right after you see this, type:

/quote irc.server.net 6667

You’ll probably then see something like

“Connecting to host USER…Host name lookup for USER failedirc.server.net 6667
Connecting to host irc.server.net…connected”

You might see more than this, you might see less. The important thing to watch for is:

” -1.2.3.4- *** Looking up your hostname…
-1.2.3.4- *** Checking Ident
-1.2.3.4- *** Found your hostname
-1.2.3.4- *** Got Ident response ”

Once you see that, type:

/quote user opident opident opident opident
/quote nick DumbOP1

You don’t have to use ‘DumbOP1′, just use any temporary nick you want. Also, you can use ‘/raw’ instead of ‘/quote’ if you wish.

If you did everything correctly, you’ll see the MOTD for the irc server, and you’ll be connected. If by chance 1.2.3.4 is k-lined from irc.server.net, you’ll have to go through the whole process again with a different server. This makes your “spoofing” (it’s not REALLY spoofing) attempt less realistic looking, but if you have to use a different server, then do it.

Once you’re online, everything works like normal. Do a /whois DumbOP1 to see your info. It should be close to DumbOP’s.

You’re halfway there! The next thing to do (not necessary, but recommended) is to try to find out some info on DumbOP. I recommend trying “nbtstat -A ” at the dos prompt, that might provide you with a name or two if you’re lucky. This is just some useful information that might
come in handy. Also, try searching ICQ for his nick and check his info, you might find good stuff in there.

The next step is to disconnect DumbOP from IRC. Either use an exploit, or nuke him (Click is sometimes useful (if you don’t know what Click is, it’s a program made by Rhad to have an IRC server ‘nuke’ a person… it sometimes works)), or ICMP flood him. Do anything you have to to disconnect him. By the way, you should have your original IRC session still open, with your
wingated IRC session running as a different instance of mIRC (you should have 2 ‘versions’ of mIRC running at the same time now, one with your original nick, info, etc., and the other with the DumbOP1 stuff). While you’re attacking DumbOP, monitor the channel with your original session of mIRC and wait for DumbOP to disconnect. Immediately after you see that, rename DumbOP1 to DumbOP (/nick DumbOP) and join the channel! Don’t say anything! If you’re lucky, a stupid op will op you. Then mass deop. If nothing happens for about 5 or 6 minutes, mass message the ops, saying something like “what happened? why am I not opped?”. You might get into a conversation. Remember to keep calm, and talk like an op. Don’t freak out and demand for them to op you. The “useful information” might come in handy now. Often the ops will tell you to get ops from the bots. Just say something like you’re desynched from the bots because of your ping timeout.

If your impersonation is good enough, 9/10 times they’ll op you. Like I said before, IMMEDIATELY do a mass deop. If possible, bring AT LEAST two bots (real bots, not just simple clones) into the channel to hold it and protect it.

If you followed all these steps thoroughly, you should be able to takeover most channels as long as there are at least 2 human ops (1 of which you’ll be ‘spoofing’, the other you’ll be messaging to op you).

Good luck and have fun!

Originally by St0rmer from EFNet, updated by Darknet.



Recent in General Hacking:
- Kali Linux – The Most Advanced Penetration Testing Linux Distribution
- Microsoft Says You SHOULD Re-use Passwords Across Sites
- Dradis v2.9 – Information Sharing For Security Assessments

Related Posts:
- MySqloit – SQL Injection Takeover Tool For LAMP
- Elevator/Lift Hacking !!!!!
- AttackAPI 0.8 JavaScript Hacking Suite Available

Most Read in General Hacking:
- 10 Best Security Live CD Distros (Pen-Test, Forensics & Recovery) - 1,140,951 views
- Hack Tools/Exploits - 585,230 views
- Password Cracking with Rainbowcrack and Rainbow Tables - 416,261 views

Low-cost VPS Hosting

22 Responses to “How to get Ops and takeover a channel on IRC Hack Hacking”

  1. ManaBoleh.com 30 August 2006 at 6:50 am Permalink

    Dude…this is so olskool! Those tricks are kinda old but it sure works!

    Works well on EFnet and IRCnet where Server Bots are used instead of ChanServ (dalnet) or X (Undernet).

    BTW, eggdrop bots can be exploited too to gain OP access ;)

  2. Darknet 30 August 2006 at 7:34 am Permalink

    Yah man this is old styles ;)

  3. farking 1 September 2006 at 12:05 pm Permalink

    this way too old stuff man.. wingate? i still remember it.. and none of it can make it to the irc network as far as i know now..heheheh …better use an eggdrop or other bots..thats better :D

  4. IRCGhost 14 October 2006 at 8:32 pm Permalink

    Very old and stupid idea !

    Damnnnnnnnn wingate ! using ICMP ping or version, it can be disable CTCP heheeh so fuck off freaking guy

  5. Darknet 15 October 2006 at 8:14 am Permalink

    IRCGhost amazing, you are really smart, please do write a better article for us :)

  6. backbone 22 November 2006 at 8:35 am Permalink

    i will not criticise the article even if it’s oldschool ;) because this is the motto of Darknet “share your knowledge”, anyway I added my comment because there is a easyer way to maintain 2 conncetions through mIRC, other than opening 2 clients

    /server -m irc.server.org

  7. havuk 24 November 2006 at 5:42 am Permalink

    i’ve done all these since 97 (so many irc enemies, so i quit) and i agree this howto is already obsolete. that’s why you don’t see a lot of new warscripts these days because it just doesn’t work anymore.

    wingates doesn’t work anymore (btw it’s called bouncing) and most ops are now smart enough to use bnc. i think kids now days prefer ‘booting’ on the yahoo chatrooms now since it’s the ‘in thing’ today.

    now i just hang out on irc to download stuff and i prefer it this way. anyway it’s still a good article.

  8. seck 7 December 2006 at 11:15 am Permalink

    this way is a sucker of dick way to haack a fucking hatest hackers irc what the fuck is a wingate made a fucking program that made in one second hack all like a winner.

  9. ermpet 14 January 2007 at 7:34 pm Permalink

    thanks a good article…. show some respect guys… thanks for share some knowledge

  10. bathosai 4 February 2007 at 12:26 pm Permalink

    wow!! ive never tot its imposibble. but its hard..hehehe
    anyway is it possible to mass deop adn ban from the channel
    that you dont have an accsess???

  11. Vincent Belmont 3 March 2007 at 11:37 am Permalink

    This method is lame and doesn’t really work and usually all ircd have chanserv or some form of a channel service, You either need to use a social engineering method, a retarded ircop, or the cahnnel operators old email address depending on if nickserv displays it, and then do the sendpass command and hope there password is the same or gives you some sort of access to a newer email address they use and attempt ti find a password either to there channel or nickname, “half the time people don’t think to change there passwords”, That is currently the only real way a regular access irc user can take a channel.

  12. Jas 11 May 2007 at 7:15 pm Permalink

    I’m still learning. Got any ideas that work

  13. hitlocke 23 May 2007 at 2:06 pm Permalink

    its good for knowledge of what he is sharing. Whether it works or not, or how practical it is…then it is up to us to find out on our own, and we’ll learn even more… the outcome of such experiment we’ll share it together and could generate better ideas.

  14. kupz 24 May 2007 at 2:42 am Permalink

    where can i find those tools u mentioned like: FINAL FORTUNE and CLICK..?? I tried looking for these files but none is available..

    Can u guys out there tell me wr can i find these plus… any working tools that clone flood a channel (undernet)…thanks

    Pls send it to my email cool_cut20@yahoo.com .. i appreciate it very very….

  15. Daniel 4 June 2007 at 8:55 am Permalink

    i just tried it on a couple stupid channels. .. didn’t manage to get ops on 2 but got one.

    and i didnt know you wrote Final Fortune! props!

  16. k4mpr3t 23 November 2007 at 6:59 pm Permalink

    hmmm …. those theory still works, even though it does outdated…. anyway … nice to hear ya ..guys ..

    have “hack” days !!!

  17. Ritchie 20 April 2008 at 3:16 pm Permalink

    doesnt work, says unable to resolve hostname or ip

  18. LebWolf 25 May 2008 at 4:39 pm Permalink

    well its an old idea ; and it will not work in a channel with X protection. btw ; its not easy to find the same ip used by that op . and alot of new mirc users disable the CTCP . you want to takeover a channel ? buy an eggdrop from the company they use :P LOL ; its better :D ….. cause they all have the same conf. so that you can get access :P to it before a smart eggdrop user :D change them :P
    good luck all … and show some respect for all idea’s …
    LebWolf ( undernet user since 2000 ) .

  19. yikes 27 July 2008 at 2:02 am Permalink

    i hacked the whole irc with this method. i m now the Gawd of irc. thanks.

  20. lyz 15 August 2008 at 10:16 am Permalink

    yay yikes. pretty cool stuff eh? me am just starting to read notes on how to use irc..

  21. Evan 11 January 2009 at 10:21 am Permalink

    hi there i just need some help im an old irc user but im not into hacking i was just wondering if it is possible to crack hack or take over a channel on dalnet server’s if yes im willing to pay any amount.

  22. Bogwitch 12 January 2009 at 5:28 pm Permalink

    Yup, if money is no object, buy DalNet.