egghelp.org community

geek · Halfop Joined: 24 Oct 2008 Posts: 47

hi,
I use the well-known netbots.tcl v4.10 of 8/8/2005 from slennox
but I'm not a good tcl writer

netbots uses the "nb_key" variable to make bots of the botnet recognize each other

the encrypted remote "nb_key" variable is decrypted and compared with the local "nb_key"

I'm not sure but by analyzing the code I figured out that netbots use the encrypt/decrypt functions that are contained in the blowfish module

in eggdrop 1.9.x I already use the new PBKDF2 module for userfile, but I still have to load blowfish module only for encrypt/decrypt functions

blowfish module is planned to be removed in Eggdrop 2.0

the question is:
How can I replace these 2 functions?

I read about the md5 package for tcl, could it possibly be useful for the purpose?

CrazyCat · Posted: Sat Jan 14, 2023 12:02 pm Post subject:

The encryption module is alway existing, so you can alway use encrypt and decrypt, even if blowfish is not loaded.
_________________
Eggdrop community - French IRC network

geek · Halfop Joined: 24 Oct 2008 Posts: 47

I think encrypt/decrypt are provided by this module

from eggdrop.conf:

CrazyCat · Posted: Sat Jan 14, 2023 4:03 pm Post subject:

geek · Halfop Joined: 24 Oct 2008 Posts: 47

ok, thanks

so the eggdrop documentation is wrong

CrazyCat · Posted: Sun Jan 15, 2023 9:39 am Post subject:

Peharps that the doc is true: I just saw that blowfish is loaded but not shown in modules list.

BTW, you can probably choose, for next version, to use pbkdf2 and use its utilities
_________________
Eggdrop community - French IRC network

geek · Halfop Joined: 24 Oct 2008 Posts: 47

ok I understand thanks

CrazyCat · Posted: Tue Jan 17, 2023 4:11 am Post subject:

Looking at netbots.tcl, it will be hard to adapt it to work without blowfish: pbkdf2 is not reversible, so some utilities cannot be used, as the nb_netpass proc (changement of bot password) or nb_autopass.

Proc using just the key (nb_checkbot) can easily be adapted
_________________
Eggdrop community - French IRC network

geek · Halfop Joined: 24 Oct 2008 Posts: 47

CrazyCat · Posted: Tue Jan 17, 2023 11:46 am Post subject:

No.
netbot encrypt all the command sent, so you can't guess what you receive, and cannot compare with anything.

The purpose of netbot is to encrypt the most things as possible.
encryption can be decrypted, but MD5 (and others) are not encryption, they are hashing, so impossible to "unhash" them.

The only way I can see is to use base64 (which is encryption), but it's really easy to decode, unless you create an algorythm to add salt in it.
_________________
Eggdrop community - French IRC network

geek · Halfop Joined: 24 Oct 2008 Posts: 47

oh

so ALL the commands are encrypted... I thought only "nb_key" variable and only one time Confused

this is a problem

CrazyCat · Posted: Wed Jan 18, 2023 9:03 am Post subject:

I had a short chat with Geo: blowfish will stay in eggdrop until they have a replacement plan, so don't worry about the encrypt/decrypt functionnalities.

Just keep in mind that blowfish won't be loaded by default in next versions of eggdrop, so you'll have to check your config or simply modify the script to make it loading the module (with a check to know if it is not already loaded)
_________________
Eggdrop community - French IRC network

geek · Halfop Joined: 24 Oct 2008 Posts: 47

perfect CrazyCat

very thanks