DC++ pre-0.704 and DC++ 0.75+1 cannot communicate via client-client ADC connections to transfer files. This change affects neither ADCS/0.10 nor NMDC client-client protocol-based interoperability.
Anyone using using a DC++ client recent enough to have even moderate ADC support but old enough to be directly affected by this should have already updated to at least DC++ 0.707 to avoid remotely triggerable crashes, regardless.
This commit by ullner, coming in the next DC++ release, causes some popular hubs perhaps unexpected problems.
Hub administrators should probably look into updating their hub software.
Enjoy, all.
In the spirit of public disclosure to encourage users to move to recent versions and to encourage mod developers to fix their code, this post announces a well-known but not publicly announced somewhat recent remote DC++ exploit.
The DC++ NULL Pointer Remote Denial of Service Vulnerability involves sending an $ADCGET command such as “$ADCGET (%S) //+ 0 %-1 ZL1″ to the other client along a client-client connection, which will promptly and reliably crash the latter client. This affects all recent versions until 0.707, so unless you’re running one of 0.707, 0.7091, 0.750, or a more recent development-snapshot, you’re probably vulnerable to this remote crash.
Furthermore, one doesn’t have to manually connect to another client for this crash to occur; a connection triggered by autosearch/add-queue is sufficient. Alternatively, one doesn’t even have to rely on that but can instead just send $(Rev)ConnectToMe commands to other clients to create client-client connections in the manner of some client-detection mods and systematically crash an entire hub of DC++-pre-0.707 users by connecting to them and sending them the example poison command.
This exploit is one example of why as with all network-facing software, one should keep DC++ updated.
Seasons greetings everyone from us at DCDev
Wanted to rant about private only scripts and the idiocy usage of em since a script really cant determine if its public or private.
Private only scripts are mainly used in Ptokax / Verlihub or any soft using lua scripting interface.
So what does the tag stand for in DC++
1/1/1
first digit is unregistered usually determined as public hub but all it really is is unregistered.
second digit is registered here is where most people thing it means private and hidden away in the deep corners of the direct connect network (it kinda amuses me) since it could be a public vip or just an account on hub that you registered yourself at.
Third and last is of course the operator digit this really doesn’t show if its private or public either.
and using hublist to check if same user is online at other hubs on NMDC is pretty dumb too since, It might be an shared connection.
What if the person has a brother or sister that uses DC++ and likes to beĀ on a public hub to talk about nothing and everything.
plus it really cracks me up that we are talking about securing private hubs that are communicating via cleartext protocol 
using NO ENCRYPTION thats really funny how secure is the hub in that regard let me tell you’ll.
Its really just a waste so in the holiday seasons i leave you with the words of wisdom your only as secure as your own box (hub).
P.S for all those people making these scripts for god sake do it right and put in a 60-90 second delay before kicking the poor sap since there can be a slight delay in updating myinfo on NMDC and for that matter ADC since i know the idiocy is gonna continue.
I help those who help themselves! – Zoidberg (Futurama)
Well in an attempt to get user to understand how to use ADCH++ ive made a simple user guide that will show the basics of using ADCH++
http://builds.adcportal.com/index.php?folder=YWRjaHBwL3VzZXJfZ3VpZGU=
Hopefully this guide will end up in the repository for ADCH++ and suggestions on missing features or details needing more explanation are always welcome just post about it in the blog post or at DCDev Public
Hi
Well a new version of ADCH++ is out due to the fact that we kinda messed up the 2.3 release so for all of you that are out there running 2.3 update to 2.4 and you will be fine.
We also added documentation from ADCH++ on the website for any developer wanting to help out by making plugins or lua scripts.
changelog:
Hey people back again doing a monolog here on the blog this time its about ADCH++ 2.3
We all know that the last release wasn’t a big success but i wanna show of the new features in ADCH++ , it was more then a year ago since we had a release on ADCH++ and much new stuff has been added into it.
So what are the new features:
User Commands, ADCS (preliminary implementation), more scripts for the soft.
There is also a doxygen included in the BZR repo at launchpad for anyone that wants to make a plugin in C++ or make lua scripts or python script all you have to do is download Doxygen to make the documentation we will host the documentation at ADCH++ webspace on Sourceforge also.
I really wanna commend poy for his efforts put into this version of ADCH++ and listening to input and feedback with this version things can only get better in the future of ADCH++
We are still looking for a GUI maker so if your out there and think you got what it takes drop into DCDev Public and talk to us or drop the source of at launchpad.
and we hope that suggestions for ADCH++ will come up at our tracker on Launchpad so we can get your input for what your missing in ADCH++ or possible bugs thats giving your problems.
So people out there give it a go and say what you think about it 
ADCH++ 2.3 Source Code (both Windows and Linux)
Hi everyone we just wanted to tell everyone that we are online again with another hubsoft so all regs are lost so if your missing your account at DCDev just contact me at the hub and we will re-register your account
Well just wanted to give out a heads up on DCDev public we had some recent problems with hubsofts and crashes we are currently trying to resolve the issue so when we are done DCDev Public will be online again
As some of you may know, ADCPortal is for some time a part of DCDev. ADCPortal provides the following for the normal user: latest news about the protocol and all the main software that is available on the market, ideas and comments about the future of the network ( what’s coming up and more ), information about all the protocol features including all the known extensions. One can also register and ask questions or propose his/her own extension.
ADCPortal also provides a full wiki that can be consulted to get all the required information about ADC.
The interested developer also has the opportunity to get in touch with the protocol designers and also people who worked around ADC, or created pieces of software for it.
We strongly encourage everybody interested in ADC to visit ADCPortal in order to get more information. Lately I heard that the main reason people are reticent about ADC is the lack of information. ADCPortal has been around for nearly two years, but people still wouldn’t come and ask. So please, come around, ask whatever question you like, don’t be shy, we will be very happy to answer you. We also hope you will find the site useful and we wait for you to join us.
