Skip to content

Instantly share code, notes, and snippets.

@b1nary
Created January 24, 2012 00:30
  • Star 6 You must be signed in to star a gist
  • Fork 1 You must be signed in to fork a gist
Star You must be signed in to star a gist
Save b1nary/1666901 to your computer and use it in GitHub Desktop.
AES and some more encryptions over IRC

AES over IRC

In this experiment i use Ruby and OpenSSL to create secure crypted conversations over irc.

  • Uses key files
  • Multiple users can chat together
  • supports any decryption ssl supports

Those are viewable in the watch out for the "modules" variable. Note that note that not every OS/ssl version/installation has the same modul set

Yes, you need to modify the source to use it

#!/usr/bin/env ruby
require 'socket'
require 'openssl'
require "base64"
server = "some-irc.tld"
port = "6667"
nick = "Nickname#{rand(5000)}"
channel = "#channel"
module Crypt
def Crypt.ccc(m,k,t,o)
(ccc = OpenSSL::Cipher::Cipher.new(o).send(m)).key = Digest::SHA256.digest(k)
ccc.update(t) << ccc.final
end
def Crypt.encrypt(mode, key, text)
Crypt.ccc(:encrypt, key, text, mode)
end
def Crypt.decrypt(mode, key, text)
Crypt.ccc(:decrypt, key, text, mode)
end
end
modules = ['aes-128-cbc','aes-128-ecb','aes-192-cbc','aes-192-ecb','aes-256-cbc','aes-256-ecb','bf','bf-cbc','bf-cfb','bf-ecb','bf-ofb','camellia-128-cbc','camellia-128-ecb','camellia-192-cbc','camellia-192-ecb','camellia-256-cbc','camellia-256-ecb','cast','cast-cbc','cast5-cbc','cast5-cfb','cast5-ecb','cast5-ofb','des','des-cbc','des-cfb','des-ecb','des-ede','des-ede-cbc','des-ede-cfb','des-ede-ofb','des-ede3','des-ede3-cbc','des-ede3-cfb','des-ede3-ofb','des-ofb','des3','desx','rc2','rc2-40-cbc','rc2-64-cbc','rc2-cbc','rc2-cfb','rc2-ecb','rc2-ofb','rc4','rc4-40','seed','seed-cbc','seed-cfb','seed-ecb','seed-ofb']
keyfile = File.open("mah.key").read
circle = keyfile.split("CIRCLE:")[1].split("\n")[0].split(",")
puts "Read Modes from keyfile..."
circle.each do |c|
puts " > #{c}"
end
$key = keyfile.split("KEY:")[1]
puts "Read key..."
puts $key
puts ""
$s = TCPSocket.open(server, port)
print("addr: ", $s.addr.join(":"), "\n")
print("peer: ", $s.peeraddr.join(":"), "\n")
$s.puts "USER testing 0 * Testing"
$s.puts "NICK #{nick}"
$s.puts "JOIN #{channel}"
$s.puts "PRIVMSG #{channel} :Hello from IRB Bot"
Thread.new {
until $s.eof? do
msg = $s.gets
msx = msg.split(" ")
mse = msg.split("#{channel} :")[1]
if msx[1] == "PRIVMSG"
if mse.match(/^[~]/)
mse = mse.gsub('[~]','').chomp()
mse = [mse].pack('H*')
puts mse
circle.reverse.each do |co|
mse = Crypt.decrypt(co,$key,mse)
end
end
puts "> #{mse}"
end
if msx[1] == "396"
$s.puts "JOIN #{channel}"
end
end
}
while true
inp = gets.chomp()
circle.each do |c|
inp = Crypt.encrypt(c,$key,inp)
end
inp = inp.unpack('H*')[0]
$s.puts "PRIVMSG #{channel} :[~]#{inp}"
end
*------------------------------[ AES-IRC KeyFile 0.1 ]---------*
# Example KeyFile order however you want :3
CIRCLE:aes-192-cbc,aes-128-ecb,rc2-ofb,seed,seed-cfb,cast5-cbc
KEY:SomeSecureKey
@postmodern
Copy link

Need to support PING commands. Still pretty damn cool.

@ctshh
Copy link

ctshh commented Jun 15, 2012

Does not decode out of the box; a pointer towards what needs to be edited (besides server and nickname) would be nice.
The ciphertext is unsalted, that should not be the case except for testing.
Very sweet idea, though.

@b1nary
Copy link
Author

b1nary commented Jun 25, 2012

Yes its more a proof of concept than anything else.
I'm bashful i forgot ping... but have no idea why it should not decode right? I ment only row 7-10 to be edited.

But ey, the concept is proven. The rest is the creativity of your own ;)
(The Interface isnt very useful anyway)

@ctshh
Copy link

ctshh commented Jun 26, 2012 via email

@b1nary
Copy link
Author

b1nary commented Jun 27, 2012

No problem at all ;)
i will try to make something more usable out of this, may directly a local proxy, dunno.
But i still plan to make something awesome xD

Anyway, i encountered similar problems when i used not supported encryption types, which are very different on different machines (i think the SSL packages differ there) try to use only keys listen in:

puts OpenSSL::Cipher.ciphers

Hopefully this helps

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment