vim/ubot
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Check against sender ID

Browse Source 
This addresses a security vulnerability in the userbot.
This commit is contained in:
Michael De Roover 2021-04-09 20:57:58 +02:00
parent 1fc9329259
commit d55af1b501
Signed by: vim
GPG Key ID: 075496E232CE04CB
2 changed files with 5 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
install
View File

@ -5,6 +5,7 @@ mkconfig(){
echo "Please get your credentials from https://my.telegram.org." echo "Please get your credentials from https://my.telegram.org."
read -p "App API ID (api_id): " api_id read -p "App API ID (api_id): " api_id
read -p "App API hash (api_hash): " api_hash read -p "App API hash (api_hash): " api_hash
read -p "Your user ID: " myid
read -p "Do you wish to use a log chat? (y/n): " logrpl read -p "Do you wish to use a log chat? (y/n): " logrpl
if [ "$logrpl" = "y" ] if [ "$logrpl" = "y" ]
then then
@ -14,6 +15,7 @@ mkconfig(){
fi fi
echo "api_id = $api_id" >> config.py echo "api_id = $api_id" >> config.py
echo "api_hash = '$api_hash'" >> config.py echo "api_hash = '$api_hash'" >> config.py
echo "myid = $myid" >> config.py
echo "logchat = $logchat" >> config.py echo "logchat = $logchat" >> config.py
} }

3
ubot.py
View File

@ -8,6 +8,9 @@ client = TelegramClient('ubot', api_id, api_hash)
async def edit(event): async def edit(event):
msg = event.raw_text msg = event.raw_text
if event.sender_id != myid:
return
if msg.startswith('.alive'): if msg.startswith('.alive'):
rpl = "Userbot alive and well!" rpl = "Userbot alive and well!"
await event.edit(rpl) await event.edit(rpl)