hidding bot passwords

[YooHoo]

thanks tho, netbots is a nice botnet script, i wish there were more ..

have you ever taken a look at Johoho's netbots scripts? He adds a lil somethin extra to an already kick-ass script

[nml375]

I was asking something more like NickServ to hide passwords replacing the giving password with asterix ****.. the user can't see his own password. You ever seen this on a nickserv bot ? i dont know how well this will work on eggdrop tho.. maybe looking at the nickserv bot source code will reveal the answer.

In, say mIRC, you'd just do something like this to "hide" the password along with the rest of the command line...

Code: Select all

//.msg chanserv $?="Command?"

Opens up a textbox for you to enther whatever command you'd like to send to chanserv, making sure the secret does'nt remain in the command history either..

Once again I must emphasis there really is'nt much you as an eggdrop scripter to force the client to mask the passwd. Best bet would probably be to write some script for whatever client platform is used, that looks for keywords such as "PASS", and tries to keep track of dcc sessions asking for passwd:s aswell. Whatever password is written in your client's window, it's generated locally, eggdrop won't ever send the passwd back.. And as such, you should start there (the client).

It would seem you are looking for something like the "Telnet Suppress Local Echo", which is a standard for telnet clients. There is however no such standard for irc clients.

[BoaR]

nickserv does it.. nickserv is an eggdrop too right ?

i understand your point of view, and thanks for getting to the bottom of this.. good info.

[Alchera]

nickserv does it.. nickserv is an eggdrop too right ?

Not the last time I looked.

[nml375]

nickserv does it.. nickserv is an eggdrop too right ?

Last time I checked dalnet (5mins ago), using mIRC, passwords were fully visible, and would also remain in the command history. So please, accept the fact that it is your client that has some "feature" to hide what it thinks is a password. This has nothing at all to do with chanserv or such, other than perhaps your client checks wether the recipent of the message is chanserv or such..

And no, chanserv is most certainly not an eggdrop.

[BoaR]

It's not my client, i use XChat and it has nothing to do with hidding passwords.

It's a feature on NickServ end of story.


>NickServ< identify ****
-NickServ- Password Incorrect
>NickServ< identify ****
-NickServ- Password Incorrect
-NickServ- Password accepted - you are now recognized.

Server FreeNode

[nml375]

Well then, by all means, continue to believe so...
I however find it very amusing that xchat has speciffic code for handling commands such as "nickserv identify" and "nickserv ghost", aswell as mechanisms to determine wether it's connected to dalnet, freenode or other networks to decide wether to use "/msg nickserv", "/nickserv", "/msg ns", or "/ns" syntax...

Oh, btw, just tested the same thing on FreeNode... guess what... password is shown in cleartext in my query-window...
And as the evil bastard I am, I even started a packet sniffer... guess what... no special controlcodes whatsoever was found...

Now, if this feature really was in nickserv, and not your irc-client, would'nt it work on pretty much any client?

[BoaR]

you win.

since this doesnt work on all servers, i thought it was nothing to do with Xchat client because if it was in my client it would be working with all servers.

ps. you dont have to get mad, there's no reason for that. enjoy life you'll live longer.

[nml375]

Angry? me? Naah...
Mad? Always

[BoaR]

lol

[Alchera]

BoaR: A scripting solution would be required in any of the languages X-Chat uses (Perl probably being the better one) but be aware that the X-Chat logs (if enabled) would not necessarily encrypt anything.

¿ LinuxIRC would be a good place to start looking for a script.

¿ Script requests could be made on xchat.org.

If you grovel enough, Khisanth (#xchat on Freenode) may feel a need to help OR you could discuss a feature request with zed_ himself.