egghelp.org community Forum Index
[ egghelp.org home | forum home ]
egghelp.org community
Discussion of eggdrop bots, shell accounts and tcl scripts.
 
 FAQFAQ   SearchSearch   MemberlistMemberlist   UsergroupsUsergroups   RegisterRegister 
 ProfileProfile   Log in to check your private messagesLog in to check your private messages   Log inLog in 

Password required for connection to...

 
Post new topic   Reply to topic    egghelp.org community Forum Index -> Eggdrop Help
View previous topic :: View next topic  
Author Message
tascagao
Voice


Joined: 10 Sep 2016
Posts: 4

PostPosted: Sat Sep 10, 2016 7:08 am    Post subject: Password required for connection to... Reply with quote

I don't understand this when I try to build a botnet.

Help me please.


OLD-SHOT (hub bot)

[11:34:00] Telnet connection: site/55571
[11:34:00] Timeout/EOF ident connection
[11:34:00] Sent STARTTLS to OLD...
[11:34:00] Challenging OLD...
[11:34:00] Telnet connection: site/32977
[11:34:00] Timeout/EOF ident connection
[11:34:00] Sent STARTTLS to SHOT...
[11:34:00] Challenging SHOT...
[11:35:04] Lost dcc connection to SHOT (telnet@site/32977)
[11:35:08] Lost dcc connection to OLD (telnet@site/55571)


OLD & SHOT (leaf bots)

[11:32:00] Got STARTTLS from OLD-SHOT. Replying...
[11:32:00] Password required for connection to OLD-SHOT.
Back to top
View user's profile Send private message
willyw
Owner


Joined: 15 Jan 2009
Posts: 921

PostPosted: Sat Sep 10, 2016 9:48 am    Post subject: Re: Password required for connection to... Reply with quote

tascagao wrote:

... to build a botnet.

...


Summarizing what I did (very recently) to link two bots ( both v.1.8 ) using SSL:

Follow this: http://www.egghelp.org/enhance.htm#setupbotnet
understanding that it is does not cover SSL.
It is still helpful anyway.

Look in:
botdir/doc
for a file named TLS
Read it.

In eggdrop.conf, on the hub bot:
Find this section - ##### SSL SETTINGS #####
and read it carefully too.
There are two settings that you must enable in there:
set ssl-privatekey "eggdrop.key"
and
set ssl-certificate "eggdrop.crt"

In that same section of eggdrop.conf on the hub bot, there is also
set ssl-capath "/etc/ssl/"
It needs to be un-commented, and probably already is.

I created the files eggdrop.key and eggdrop.crt by following the directions for using
'make sslcert DEST=...'
that you have found by now, by reading both the TLS file and the SSL section of eggdrop.conf.

That's it. To get two bots to link, the above was all that was necessary.

I suggest that you do this first. Then if you wish, explore the other options in the SSL section of eggdrop.conf .

I did encounter two problems.
The first I helped myself by doing:
.console -d
on both bots, so I could see more of what was happening.
On the hub bot, I saw that some sort of DNS lookup was failing.
So I went to eggdrop.conf, and found the optional setting to tell that bot to use a different DNS server, and set it to use the google DNS servers.
That fixed that problem.
From your description, I don't think you have this problem. I'm noting it here for anyone else that happens to come along reading this.

The second problem was this:
Code:

 sockread(): SSL error = error:1408A0C1:SSL routines:SSL3_GET_CLIENT_HELLO:no shared cipher

(remember that I had done .console -d , so that I could see this)

It had me stumped. I tried a lot of combinations of settings and googling. Eventually I asked for, and got help from someone with a lot of experience. ( You know who you are: Thank you again for taking your time to chat with me about it. ) We went over my config, etc. and did not see anything wrong. We tried a few changes anyway, experimenting.
Somewhere along the way, I wanted to go back to the settings I had started with, so I made the edits, and did not simply .rehash.
I did .restart.
The link started working ! Smile

I still don't know what the error that I posted above means.

Apparently, somehow with the various things I tried, I did something that left the hub bot unable to do a SSL connection properly, and it was cleared out by the .restart .

I suggest that you be sure (on the hub bot) that you have the three settings that I've mentioned here. Then .restart the hub bot.
To be extra sure, you can .die it, and start totally fresh.
If you wish, do the same with the leaf bot (it can't hurt).

I thought it was much more complicated than it really is. It is not complicated at all.
Both bots are v.1.8.
Both bots have TLS enabled. (do .status to see this)
On hub bot, create .key and .crt file, and enable settings that point to them.
That's all.

Good luck with it.
I hope this helps.
Let us know.
_________________
For a fun (and popular) Trivia game, visit us at: irc.librairc.net #science-fiction . Over 300K Q & A to play in BogusTrivia !
Back to top
View user's profile Send private message
tascagao
Voice


Joined: 10 Sep 2016
Posts: 4

PostPosted: Sat Sep 10, 2016 11:18 am    Post subject: Reply with quote

I have do what you told me.

I create files with

openssl genrsa -out eggdrop.key 2048

&

openssl req -new -key eggdrop.key -x509 -out eggdrop.crt -days 365


and placed in bot hub directory

and I have edited eggdrop.conf modifying you told me too. Rehash hub bot and seems to be the same, Not working.
Back to top
View user's profile Send private message
willyw
Owner


Joined: 15 Jan 2009
Posts: 921

PostPosted: Sat Sep 10, 2016 11:45 am    Post subject: Reply with quote

tascagao wrote:
I have do what you told me.

I create files with

openssl genrsa -out eggdrop.key 2048

&

openssl req -new -key eggdrop.key -x509 -out eggdrop.crt -days 365



huh?

I said that I used:
Quote:

'make sslcert DEST=...'


But ok. I can't say about your method, as I didn't even look into it at all.


Quote:

Rehash hub bot and seems to be the same, Not working.


Ok.

But I said:
Quote:

Then .restart the hub bot.
To be extra sure, you can .die it, and start totally fresh.
If you wish, do the same with the leaf bot (it can't hurt).

_________________
For a fun (and popular) Trivia game, visit us at: irc.librairc.net #science-fiction . Over 300K Q & A to play in BogusTrivia !
Back to top
View user's profile Send private message
willyw
Owner


Joined: 15 Jan 2009
Posts: 921

PostPosted: Sat Sep 10, 2016 11:46 am    Post subject: Re: Password required for connection to... Reply with quote

willyw wrote:


...
The first I helped myself by doing:
.console -d
on both bots, so I could see more of what was happening.

...

_________________
For a fun (and popular) Trivia game, visit us at: irc.librairc.net #science-fiction . Over 300K Q & A to play in BogusTrivia !
Back to top
View user's profile Send private message
tascagao
Voice


Joined: 10 Sep 2016
Posts: 4

PostPosted: Sat Sep 10, 2016 12:34 pm    Post subject: Reply with quote

.status
[18:31:13] #tascagao# status
I am OLD-SHOT, running eggdrop v1.8.0+infiniteinfo: 4 users (mem: 105k).
Online for 18:07 (background) - CPU: 00:23.95 - Cache hit: 31.6%
Configured with:
Admin: Lamer <email: lamer@lamest.lame.org>
Config file: eggdrop.conf
OS: Linux 3.16.0-4-amd64
Process ID: 46114 (parent 1)
Tcl library: /usr/local/lib/tcl8.6
Tcl version: 8.6.6 (header version 8.5.19)
Tcl is threaded.
TLS support is enabled.
TLS library: OpenSSL 1.0.1t 3 May 2016
IPv6 support is enabled.
Socket table: 20/100
Memory table: 3272/25000 (13.1% full)
Memory table itself occupies an additional 976k static
Loaded module information:
Channels: #OLD-SHOT (need ops)
Online as: OLD-SHOT!~lamest@90.71.256.256 (OLD-SHOT)
Server [irc.link-net.org]:+7000 (connected for 00:40)
#OLD-SHOT : 7 members, enforcing "+tn" (greet)
Back to top
View user's profile Send private message
tascagao
Voice


Joined: 10 Sep 2016
Posts: 4

PostPosted: Sat Sep 10, 2016 12:35 pm    Post subject: Reply with quote

a leaf bot


[18:35:14] #trexus# status
I am OLD, running eggdrop v1.8.0+infiniteinfo: 5 users (mem: 96k).
Online for 17:37 (background) - CPU: 00:13.01 - Cache hit: 92.9%
Configured with:
Admin: Lamer <email: lamer@lamest.lame.org>
Config file: eggdrop.conf
OS: Linux 3.16.0-4-amd64
Process ID: 56520 (parent 1)
Tcl library: /usr/local/lib/tcl8.6
Tcl version: 8.6.6 (header version 8.5.19)
Tcl is threaded.
TLS support is enabled.
TLS library: OpenSSL 1.0.1t 3 May 2016
IPv6 support is enabled.
Socket table: 20/100
Memory table: 3091/25000 (12.4% full)
Memory table itself occupies an additional 976k static
Loaded module information:
Channels: #OLD-SHOT (need ops)
Online as: OLD!~lamest@90.71.256.256 (OLD)
Server [eu.link-net.org]:+7000 (connected for 00:43)
#OLD-SHOT : 7 members, enforcing "+tn" (greet)
Back to top
View user's profile Send private message
Display posts from previous:   
Post new topic   Reply to topic    egghelp.org community Forum Index -> Eggdrop Help All times are GMT - 4 Hours
Page 1 of 1

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum


Forum hosting provided by Reverse.net

Powered by phpBB © 2001, 2005 phpBB Group
subGreen style by ktauber