[quote="lordares"]guppy:
Some people DO brute force blowfish passwords. Happend to me last month. Some guy brute forced a password of an owner on a leaf bot shell he hacked into, then used it to gain hub access.[/quote]
k, so people who brute force passwords are just dumb since just changing the password is a lot easier.
This is the new home of the egghelp.org community forum.
All data has been migrated (including user logins/passwords) to a new phpBB version.
For more information, see this announcement post. Click the X in the top right-corner of this box to dismiss this message.
All data has been migrated (including user logins/passwords) to a new phpBB version.
For more information, see this announcement post. Click the X in the top right-corner of this box to dismiss this message.
Userfile encryption with MD5
You missed his point. He said the password was obtained from a leaf server, and used to access the hub. There should be no way to change the password on the hub from a leaf, if the hub is set to not accept userfile changes from leaf bots. Cracking someone's password is the cracker's "best" option in that case, especially if he wants to remain undetected for as long as possible.guppy wrote:k, so people who brute force passwords are just dumb since just changing the password is a lot easier.
Besides that, if you're able to read passwords from a userfile, you're not necessarily also able to write passwords into it (or at least with the same ease).
And yes, eggdrop userfile cracking has been common practise in the IRC warlords world for years.
hence encrypting the leaf's files, OR having the leaf not save/load any files (including a .tcl). 
Option 2 works out best. That is my solution to the whole thing, with this, the hub would just be on a secure shell with yourself as admin, all ports blocked except the port to the bot (and ssh open), so no way to hack the shell.
Option 2 works out best. That is my solution to the whole thing, with this, the hub would just be on a secure shell with yourself as admin, all ports blocked except the port to the bot (and ssh open), so no way to hack the shell.
In response (late) to the original post, the problem is that most applications use hex encoding of the hash data, and it's 32 chars long (2 hex chars for each of 16 bytes) plus a null byte. Eggdrop has hard-coded a smaller buffer size to store the password hash. So you can't just drop in a module to change to that sort of hash. Not easily anyway.