Login ...

[Exploited]

I'm making a login in addition to pub commands.
The syntax would be /msg botnick <handle> <pass>
It will not check if the host is correct or not, just if the password matches the handle. It will disable your host to login for 3 days when you do an incorrect login 3 times on 1 day (stored in a file). The code so far is below:

Code: Select all

bind msg - login login
proc login {nick uhost hand rest} {
  global botnick hosttype
  set handle [lindex $rest 0] ; set pass [lindex $rest 1]
  if {[login:ignore ign $handle $uhost]} { return 0 }
  if {$handle == "" || $pass == ""} {
    putnotc $nick "Usage: /msg $botnick login <handle> <password>" ; return 0 }
  if {[passwdok $handle $pass]} {
  chattr $handle +Q
  putnotc $nick "Authentication successful!"
  if {$hand != $handle} {
    setuser $handle HOSTS [spmaskhost $nick $uhost $hosttype]
    # spmaskhost just another proc I made, not pasted in here ;-)
    putlog "\($nick!$uhost\) !$hand! AUTHED as $handle"
  }
  login:ignore rem $handle $uhost
  setuser $handle XTRA SECNICK $nick
  setuser $handle XTRA SECHOST $uhost
  # I've seen this SECNICK/HOST trick in another script, although I can't remember which one it was
  } else {
  putnotc $nick "Authentication failed!"
  login:ignore inc $handle $uhost
  return 0}  
}
proc login:ignore {cmd handle uhost} {
  set file "login.ign" ; set host [lindex [split $uhost @] 1] ; set tmplist {} ; set fnd 0
  if {![file exists $file]} {set fd [open $file w] ; close $fd}
  switch $cmd {
  # increase failed login attempts
  "inc" { set fd [open $file r] 
          while { ![eof $fd] } {
           set tmpline [gets $fd]
           if {[lrange [split $tmpline] 0 1] != "$handle $host"} { lappend tmplist $tmpline
           } else {lappend tmplist "$handle $host [expr [lindex [split $tmpline] 2] + 1] [unixtime]"
           set fnd 1}
          }
          close $fd
          if { $fnd == "0" } {lappend tmplist "$handle $host 1 [unixtime]"}
          set fd [open $file w] ; foreach line $tmplist {puts $fd "$line"} ; close $fd }
  # check if user is on ignore  (handle host pare)
  "ign" { set fd [open $file r]
          while { ![eof $fd] } {
           set tmpline [split [gets $fd]] ; set utime [lindex $tmpline 3]
           if {$utime == "" || ![string is integer $utime]} {set utime 0}
           if {[lrange $tmpline 0 1] != "$handle $host" || [lindex $tmpline 2] < 3} {
           if {[expr [unixtime] - $utime] < 86400} { lappend tmplist $tmpline } else { set fnd 1 }
           } else { if {[expr [unixtime] - $utime] < 259200} { return 1 } }
          }
          # 86400 sec = 1 day, 259200 = 3 days
          close $fd
          if {$fnd == 1} {set fd [open $file w] ; foreach line $tmplist {puts $fd "$line"} ; close $fd}
          return 0 }
  # remove login attempts when succesfull login
  "rem" { set fd [open $file r]
          while { ![eof $fd] } {
           set tmpline [split [gets $fd]]
           if {[lrange $tmpline 0 1] != "$handle $host"} {lappend tmplist $tmpline} else { set fnd 1 }
          }
          close $fd
          if {$fnd == 1} {set fd [open $file w] ; foreach line $tmplist {puts $fd "$line"} ; close $fd} }  
  }
  return 0
}

the check to see if user is logged in would look like this:

Code: Select all

proc loggedin {nick host handle} {
  global botnick
  if {![matchattr $handle +Q] || [getuser $handle XTRA SECNICK] != $nick || [getuser $handle XTRA SECHOST] != $host} { return 0}
  return 1
}

I would like to know how some of you think about this. E.g. how "bad" is it that this does not check your ip/host? And does anyone see something vulnerable or bad code in it? Or what more would you like to see in it? (dcc command to get someone unignored and deauth comming )

greetings