This is the new home of the egghelp.org community forum.
All data has been migrated (including user logins/passwords) to a new phpBB version.


For more information, see this announcement post. Click the X in the top right-corner of this box to dismiss this message.

Password required for connection to...

General support and discussion of Eggdrop bots.
Post Reply
t
tascagao
Voice
Posts: 4
Joined: Sat Sep 10, 2016 3:55 am

Password required for connection to...

Post by tascagao »

I don't understand this when I try to build a botnet.

Help me please.


OLD-SHOT (hub bot)

[11:34:00] Telnet connection: site/55571
[11:34:00] Timeout/EOF ident connection
[11:34:00] Sent STARTTLS to OLD...
[11:34:00] Challenging OLD...
[11:34:00] Telnet connection: site/32977
[11:34:00] Timeout/EOF ident connection
[11:34:00] Sent STARTTLS to SHOT...
[11:34:00] Challenging SHOT...
[11:35:04] Lost dcc connection to SHOT (telnet@site/32977)
[11:35:08] Lost dcc connection to OLD (telnet@site/55571)


OLD & SHOT (leaf bots)

[11:32:00] Got STARTTLS from OLD-SHOT. Replying...
[11:32:00] Password required for connection to OLD-SHOT.
w
willyw
Revered One
Posts: 1196
Joined: Thu Jan 15, 2009 12:55 am

Re: Password required for connection to...

Post by willyw »

tascagao wrote: ... to build a botnet.

...
Summarizing what I did (very recently) to link two bots ( both v.1.8 ) using SSL:

Follow this: http://www.egghelp.org/enhance.htm#setupbotnet
understanding that it is does not cover SSL.
It is still helpful anyway.

Look in:
botdir/doc
for a file named TLS
Read it.

In eggdrop.conf, on the hub bot:
Find this section - ##### SSL SETTINGS #####
and read it carefully too.
There are two settings that you must enable in there:
set ssl-privatekey "eggdrop.key"
and
set ssl-certificate "eggdrop.crt"

In that same section of eggdrop.conf on the hub bot, there is also
set ssl-capath "/etc/ssl/"
It needs to be un-commented, and probably already is.

I created the files eggdrop.key and eggdrop.crt by following the directions for using
'make sslcert DEST=...'
that you have found by now, by reading both the TLS file and the SSL section of eggdrop.conf.

That's it. To get two bots to link, the above was all that was necessary.

I suggest that you do this first. Then if you wish, explore the other options in the SSL section of eggdrop.conf .

I did encounter two problems.
The first I helped myself by doing:
.console -d
on both bots, so I could see more of what was happening.
On the hub bot, I saw that some sort of DNS lookup was failing.
So I went to eggdrop.conf, and found the optional setting to tell that bot to use a different DNS server, and set it to use the google DNS servers.
That fixed that problem.
From your description, I don't think you have this problem. I'm noting it here for anyone else that happens to come along reading this.

The second problem was this:

Code: Select all

 sockread(): SSL error = error:1408A0C1:SSL routines:SSL3_GET_CLIENT_HELLO:no shared cipher
(remember that I had done .console -d , so that I could see this)

It had me stumped. I tried a lot of combinations of settings and googling. Eventually I asked for, and got help from someone with a lot of experience. ( You know who you are: Thank you again for taking your time to chat with me about it. ) We went over my config, etc. and did not see anything wrong. We tried a few changes anyway, experimenting.
Somewhere along the way, I wanted to go back to the settings I had started with, so I made the edits, and did not simply .rehash.
I did .restart.
The link started working ! :)

I still don't know what the error that I posted above means.

Apparently, somehow with the various things I tried, I did something that left the hub bot unable to do a SSL connection properly, and it was cleared out by the .restart .

I suggest that you be sure (on the hub bot) that you have the three settings that I've mentioned here. Then .restart the hub bot.
To be extra sure, you can .die it, and start totally fresh.
If you wish, do the same with the leaf bot (it can't hurt).

I thought it was much more complicated than it really is. It is not complicated at all.
Both bots are v.1.8.
Both bots have TLS enabled. (do .status to see this)
On hub bot, create .key and .crt file, and enable settings that point to them.
That's all.

Good luck with it.
I hope this helps.
Let us know.
For a fun (and popular) Trivia game, visit us at: irc.librairc.net #science-fiction . Over 300K Q & A to play in BogusTrivia !
t
tascagao
Voice
Posts: 4
Joined: Sat Sep 10, 2016 3:55 am

Post by tascagao »

I have do what you told me.

I create files with

openssl genrsa -out eggdrop.key 2048

&

openssl req -new -key eggdrop.key -x509 -out eggdrop.crt -days 365


and placed in bot hub directory

and I have edited eggdrop.conf modifying you told me too. Rehash hub bot and seems to be the same, Not working.
w
willyw
Revered One
Posts: 1196
Joined: Thu Jan 15, 2009 12:55 am

Post by willyw »

tascagao wrote:I have do what you told me.

I create files with

openssl genrsa -out eggdrop.key 2048

&

openssl req -new -key eggdrop.key -x509 -out eggdrop.crt -days 365
huh?

I said that I used:
'make sslcert DEST=...'
But ok. I can't say about your method, as I didn't even look into it at all.

Rehash hub bot and seems to be the same, Not working.
Ok.

But I said:
Then .restart the hub bot.
To be extra sure, you can .die it, and start totally fresh.
If you wish, do the same with the leaf bot (it can't hurt).
For a fun (and popular) Trivia game, visit us at: irc.librairc.net #science-fiction . Over 300K Q & A to play in BogusTrivia !
w
willyw
Revered One
Posts: 1196
Joined: Thu Jan 15, 2009 12:55 am

Re: Password required for connection to...

Post by willyw »

willyw wrote:
...
The first I helped myself by doing:
.console -d
on both bots, so I could see more of what was happening.

...
For a fun (and popular) Trivia game, visit us at: irc.librairc.net #science-fiction . Over 300K Q & A to play in BogusTrivia !
t
tascagao
Voice
Posts: 4
Joined: Sat Sep 10, 2016 3:55 am

Post by tascagao »

.status
[18:31:13] #tascagao# status
I am OLD-SHOT, running eggdrop v1.8.0+infiniteinfo: 4 users (mem: 105k).
Online for 18:07 (background) - CPU: 00:23.95 - Cache hit: 31.6%
Configured with:
Admin: Lamer <email: lamer@lamest.lame.org>
Config file: eggdrop.conf
OS: Linux 3.16.0-4-amd64
Process ID: 46114 (parent 1)
Tcl library: /usr/local/lib/tcl8.6
Tcl version: 8.6.6 (header version 8.5.19)
Tcl is threaded.
TLS support is enabled.
TLS library: OpenSSL 1.0.1t 3 May 2016
IPv6 support is enabled.
Socket table: 20/100
Memory table: 3272/25000 (13.1% full)
Memory table itself occupies an additional 976k static
Loaded module information:
Channels: #OLD-SHOT (need ops)
Online as: OLD-SHOT!~lamest@90.71.256.256 (OLD-SHOT)
Server [irc.link-net.org]:+7000 (connected for 00:40)
#OLD-SHOT : 7 members, enforcing "+tn" (greet)
t
tascagao
Voice
Posts: 4
Joined: Sat Sep 10, 2016 3:55 am

Post by tascagao »

a leaf bot


[18:35:14] #trexus# status
I am OLD, running eggdrop v1.8.0+infiniteinfo: 5 users (mem: 96k).
Online for 17:37 (background) - CPU: 00:13.01 - Cache hit: 92.9%
Configured with:
Admin: Lamer <email: lamer@lamest.lame.org>
Config file: eggdrop.conf
OS: Linux 3.16.0-4-amd64
Process ID: 56520 (parent 1)
Tcl library: /usr/local/lib/tcl8.6
Tcl version: 8.6.6 (header version 8.5.19)
Tcl is threaded.
TLS support is enabled.
TLS library: OpenSSL 1.0.1t 3 May 2016
IPv6 support is enabled.
Socket table: 20/100
Memory table: 3091/25000 (12.4% full)
Memory table itself occupies an additional 976k static
Loaded module information:
Channels: #OLD-SHOT (need ops)
Online as: OLD!~lamest@90.71.256.256 (OLD)
Server [eu.link-net.org]:+7000 (connected for 00:43)
#OLD-SHOT : 7 members, enforcing "+tn" (greet)
Post Reply