public
Last active

AES and some more encryptions over IRC

  • Download Gist
AES_over_IRC.rb
Ruby
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80
#!/usr/bin/env ruby
 
require 'socket'
require 'openssl'
require "base64"
 
server = "some-irc.tld"
port = "6667"
nick = "Nickname#{rand(5000)}"
channel = "#channel"
 
module Crypt
def Crypt.ccc(m,k,t,o)
(ccc = OpenSSL::Cipher::Cipher.new(o).send(m)).key = Digest::SHA256.digest(k)
ccc.update(t) << ccc.final
end
 
def Crypt.encrypt(mode, key, text)
Crypt.ccc(:encrypt, key, text, mode)
end
 
def Crypt.decrypt(mode, key, text)
Crypt.ccc(:decrypt, key, text, mode)
end
end
 
modules = ['aes-128-cbc','aes-128-ecb','aes-192-cbc','aes-192-ecb','aes-256-cbc','aes-256-ecb','bf','bf-cbc','bf-cfb','bf-ecb','bf-ofb','camellia-128-cbc','camellia-128-ecb','camellia-192-cbc','camellia-192-ecb','camellia-256-cbc','camellia-256-ecb','cast','cast-cbc','cast5-cbc','cast5-cfb','cast5-ecb','cast5-ofb','des','des-cbc','des-cfb','des-ecb','des-ede','des-ede-cbc','des-ede-cfb','des-ede-ofb','des-ede3','des-ede3-cbc','des-ede3-cfb','des-ede3-ofb','des-ofb','des3','desx','rc2','rc2-40-cbc','rc2-64-cbc','rc2-cbc','rc2-cfb','rc2-ecb','rc2-ofb','rc4','rc4-40','seed','seed-cbc','seed-cfb','seed-ecb','seed-ofb']
 
keyfile = File.open("mah.key").read
circle = keyfile.split("CIRCLE:")[1].split("\n")[0].split(",")
 
puts "Read Modes from keyfile..."
circle.each do |c|
puts " > #{c}"
end
 
$key = keyfile.split("KEY:")[1]
puts "Read key..."
puts $key
 
puts ""
 
$s = TCPSocket.open(server, port)
print("addr: ", $s.addr.join(":"), "\n")
print("peer: ", $s.peeraddr.join(":"), "\n")
$s.puts "USER testing 0 * Testing"
$s.puts "NICK #{nick}"
$s.puts "JOIN #{channel}"
$s.puts "PRIVMSG #{channel} :Hello from IRB Bot"
 
Thread.new {
until $s.eof? do
msg = $s.gets
msx = msg.split(" ")
mse = msg.split("#{channel} :")[1]
if msx[1] == "PRIVMSG"
if mse.match(/^[~]/)
mse = mse.gsub('[~]','').chomp()
mse = [mse].pack('H*')
puts mse
circle.reverse.each do |co|
mse = Crypt.decrypt(co,$key,mse)
end
end
puts "> #{mse}"
end
if msx[1] == "396"
$s.puts "JOIN #{channel}"
end
end
}
 
while true
inp = gets.chomp()
circle.each do |c|
inp = Crypt.encrypt(c,$key,inp)
end
inp = inp.unpack('H*')[0]
$s.puts "PRIVMSG #{channel} :[~]#{inp}"
end
_.markdown
Markdown

AES over IRC

In this experiment i use Ruby and OpenSSL to create secure crypted conversations over irc.

  • Uses key files
  • Multiple users can chat together
  • supports any decryption ssl supports

Those are viewable in the watch out for the "modules" variable. Note that note that not every OS/ssl version/installation has the same modul set

Yes, you need to modify the source to use it

mah.key
1 2 3 4
*------------------------------[ AES-IRC KeyFile 0.1 ]---------*
# Example KeyFile order however you want :3
CIRCLE:aes-192-cbc,aes-128-ecb,rc2-ofb,seed,seed-cfb,cast5-cbc
KEY:SomeSecureKey

Need to support PING commands. Still pretty damn cool.

Does not decode out of the box; a pointer towards what needs to be edited (besides server and nickname) would be nice.
The ciphertext is unsalted, that should not be the case except for testing.
Very sweet idea, though.

Yes its more a proof of concept than anything else.
I'm bashful i forgot ping... but have no idea why it should not decode right? I ment only row 7-10 to be edited.

But ey, the concept is proven. The rest is the creativity of your own ;)
(The Interface isnt very useful anyway)

Hi Roman,

thanks for pointing that out - I didn't mean to critcize, it's just that if
I start two instances, both with the same key, they only "see" (and thus
show) an encoded string, nothing "readable". Am I doing something wrong?

Thanks,
Christian.

On Mon, Jun 25, 2012 at 11:58 PM, Roman Pramberger <
reply@reply.github.com

wrote:

Yes its more a proof of concept than anything else.
I'm bashful i forgot ping... but have no idea why it should not decode
right? I ment only row 7-10 to be edited.

But ey, conecpt is proven. The rest is the creativity from your own ;)


Reply to this email directly or view it on GitHub:
https://gist.github.com/1666901

No problem at all ;)
i will try to make something more usable out of this, may directly a local proxy, dunno.
But i still plan to make something awesome xD

Anyway, i encountered similar problems when i used not supported encryption types, which are very different on different machines (i think the SSL packages differ there) try to use only keys listen in:

puts OpenSSL::Cipher.ciphers

Hopefully this helps

Please sign in to comment on this gist.

Something went wrong with that request. Please try again.