This is the new home of the egghelp.org community forum.
All data has been migrated (including user logins/passwords) to a new phpBB version.


For more information, see this announcement post. Click the X in the top right-corner of this box to dismiss this message.

Userfile encryption with MD5

Old posts that have not been replied to for several years.
g
guppy
eggdrop engineer
Posts: 199
Joined: Mon Sep 24, 2001 8:00 pm
Location: Canada
Contact:

Post by guppy »

[quote="lordares"]guppy:
Some people DO brute force blowfish passwords. Happend to me last month. Some guy brute forced a password of an owner on a leaf bot shell he hacked into, then used it to gain hub access.[/quote]

k, so people who brute force passwords are just dumb since just changing the password is a lot easier.
R
RedAlert
Voice
Posts: 17
Joined: Mon Nov 19, 2001 8:00 pm

Post by RedAlert »

guppy wrote:k, so people who brute force passwords are just dumb since just changing the password is a lot easier.
You missed his point. He said the password was obtained from a leaf server, and used to access the hub. There should be no way to change the password on the hub from a leaf, if the hub is set to not accept userfile changes from leaf bots. Cracking someone's password is the cracker's "best" option in that case, especially if he wants to remain undetected for as long as possible.

Besides that, if you're able to read passwords from a userfile, you're not necessarily also able to write passwords into it (or at least with the same ease).

And yes, eggdrop userfile cracking has been common practise in the IRC warlords world for years.
l
lordares
Voice
Posts: 15
Joined: Fri Dec 20, 2002 4:47 am

Post by lordares »

hence encrypting the leaf's files, OR having the leaf not save/load any files (including a .tcl). :) Option 2 works out best. That is my solution to the whole thing, with this, the hub would just be on a secure shell with yourself as admin, all ports blocked except the port to the bot (and ssh open), so no way to hack the shell.
User avatar
stdragon
Owner
Posts: 959
Joined: Sun Sep 23, 2001 8:00 pm
Contact:

Post by stdragon »

In response (late) to the original post, the problem is that most applications use hex encoding of the hash data, and it's 32 chars long (2 hex chars for each of 16 bytes) plus a null byte. Eggdrop has hard-coded a smaller buffer size to store the password hash. So you can't just drop in a module to change to that sort of hash. Not easily anyway.
Locked