To create new wiki account, please join us on #znc at Libera.Chat and ask admins to create a wiki account for you. You can say thanks to spambots for this inconvenience.
Fish: Difference between revisions
m →KVIrc script for ZNC fish: This script does a '/msg *fish keyx $target' rather than how it was shown initially. |
new fish |
||
Line 2: | Line 2: | ||
{{External Module}} | {{External Module}} | ||
'''fish''' is a module | '''fish''' is a module that adds the ability to encrypt all your outgoing messages with the blowfish block-cipher. This way you can do the decryption/encryption on the bouncer instead of your irc client - it supports '''ECB''' and '''CBC''' mode. | ||
== | == Usage == | ||
{{Module arguments | |||
| count = no | |||
}} | |||
== Commands == | |||
Output of '''/msg *fish help''': | |||
<pre> | |||
+------------+----------------+-------------------------------------------------------------------------------------+ | |||
| Command | Arguments | Description | | |||
+------------+----------------+-------------------------------------------------------------------------------------+ | |||
| SetKey | <target> <key> | Sets <target>'s FiSH encryption key | | |||
| DelKey | <target> | Removes <target>'s FiSH encryption key | | |||
| ShowKey | <target> | Show the encryption key of <target>, if it has one set | | |||
| ListKeys | | Print out all of our keys | | |||
| SetConfig | <name> <value> | Set config option <name> to <value>. Set option to empty if no <value> is specified | | |||
| ListConfig | | Print out all of our config options | | |||
| KeyX | <target> | Start a key exchange with <target> | | |||
| Help | | Display this message | | |||
| Version | | Show the version of this module | | |||
+------------+----------------+-------------------------------------------------------------------------------------+ | |||
</pre> | |||
== Download == | |||
'''ZarTek-Creole Github''' : [https://raw.githubusercontent.com/ZarTek-Creole/znc-fish/master/fish.cpp fish.cpp] | |||
Build with <code>znc-buildmod fish.cpp </code> | |||
=== Security considerations === | === Security considerations === | ||
Line 160: | Line 178: | ||
* encrypted keydatabase (user password) | * encrypted keydatabase (user password) | ||
Latest revision as of 05:55, 23 June 2023
This is an external module. Please note that it may or may not work with the current release (1.9.1). This module is not included in the default ZNC installation, and you will need to manually compile it before you can load this module. Contact the author if you have any questions, but feel free to ask in #znc on Libera.Chat. Someone might be able to help you there. |
fish is a module that adds the ability to encrypt all your outgoing messages with the blowfish block-cipher. This way you can do the decryption/encryption on the bouncer instead of your irc client - it supports ECB and CBC mode.
Usage
Arguments
This user module takes no arguments.
Read loading modules to learn more about loading modules.
Commands
Output of /msg *fish help:
+------------+----------------+-------------------------------------------------------------------------------------+ | Command | Arguments | Description | +------------+----------------+-------------------------------------------------------------------------------------+ | SetKey | <target> <key> | Sets <target>'s FiSH encryption key | | DelKey | <target> | Removes <target>'s FiSH encryption key | | ShowKey | <target> | Show the encryption key of <target>, if it has one set | | ListKeys | | Print out all of our keys | | SetConfig | <name> <value> | Set config option <name> to <value>. Set option to empty if no <value> is specified | | ListConfig | | Print out all of our config options | | KeyX | <target> | Start a key exchange with <target> | | Help | | Display this message | | Version | | Show the version of this module | +------------+----------------+-------------------------------------------------------------------------------------+
Download
ZarTek-Creole Github : fish.cpp
Build with znc-buildmod fish.cpp
Security considerations
Before using this module you should consider the following:
- If someone gets access to your bouncer box, he will obtain all your encryption keys, which can even be used to decrypt previously logged encrypted conversations. Make sure your bouncer box is secured by using firewalls, encrypted filesystems etc. Keep in mind that if you are using a Virtual Private Server (often called VServer), your hoster always has full access to your system via the hostsystem.
- If your connection to the bouncer isn't encrypted with SSL, the whole thing is pointless, since the bouncer sends you clearly readable, unencrypted text. This gives the chance to an attacker to sniff your traffic and read conversations.
- Keep in mind that by disregarding the security measures above, you also lower your chatting partners' security, not just your own!
- Just turn off "prepend timestamps" Your client will decrypt it as usual after that. You can turn on "append timestamps" but mIRC fish doesn't support it,other clients do.
on *:text:Target key is*:?:{ if ($nick == *fish) && (%samkeyfish == 1) { set %samkeyfish 0 .msg *fish setkey %fishput $gettok($1-,4,32) close -m $nick } if ($nick == *fish) && (%nickchange == 1) { set %nickchange 0 .msg *fish setkey %nickchangenewnick $gettok($1-,4,32) close -m $nick } if ($nick == *fish) && (%fishshowkey == 1) { set %fishshowkey 0 window -dCo +l @Blowcrypt-Key -1 -1 500 80 aline @Blowcrypt-Key �Key for %fishcontact �: aline -p @Blowcrypt-Key $gettok($1-,4,32) close -m $nick } } on *:text:Target not found*:?:{ if ($nick == *fish) { set %fishshowkey 0 echo $color(Mode text) -atm *** FiSH: No valid key for %fishcontact found close -m $nick } } on *:text:*:?:{ if ($nick == *fish) && (%samkeyfish != 1) && (%fishshowkey != 1) && (%fishshowkey != 1) { echo $color(Mode text) -atm $1- close -m $nick } } on *:NICK:{ if (($nick == $me) || ($upper($newnick) == $upper($nick))) { return } if (($query($newnick) == $null) || (%NickTrack != [On])) { return } .msg *fish showkey $nick set %nickchange 1 set %nickchangenewnick $newnick } alias FiSH.setkey { if ($1 == /query) var %cur_contact = $active else var %cur_contact = $1 if ($2- == $null) return .msg *fish setkey %cur_contact $2- } alias FiSH.usechankey { set %samkeyfish 1 .msg *fish showkey $2 set %fishput $1 } alias FiSH.showkey { if ($1 == /query) var %cur_contact = $active else var %cur_contact = $1 set %fishshowkey 1 set %fishcontact %cur_contact .msg *fish showkey %cur_contact } alias FiSH.removekey { if ($1 == /query) var %cur_contact = $active else var %cur_contact = $1 .msg *fish delkey %cur_contact } alias keyx { .msg *fish keyx $1 } alias FiSH.DH1080_INIT { if ( ($1 == /query) || ($1 == $null) ) var %cur_contact = $active else var %cur_contact = $1 .msg *fish keyx $1 } menu channel { - FiSH .Show key :FiSH.showkey $chan .Set new key :FiSH.setkey $chan $? .Remove key :FiSH.removekey $chan } menu query { - FiSH .DH1080 keyXchange: FiSH.DH1080_INIT $1 .- .Show key :FiSH.showkey $1 .Set new key :FiSH.setkey $1 $? .Remove key :FiSH.removekey $1 } menu nicklist { - FiSH .DH1080 keyXchange: FiSH.DH1080_INIT $1 .- .Show key :FiSH.showkey $1 .Set new key :FiSH.setkey $1 $? .Remove key :FiSH.removekey $1 .Use same key as $chan :FiSH.usechankey $1 $chan } menu status,channel,nicklist,query { FiSH .- .NickTracker $+ $chr(32) $+ %NickTrack ...Enable :set %NickTrack [On] ...Disable :set %NickTrack [Off] }
KVIrc script for ZNC fish
This script does a /msg *fish keyx $target everytime a query is opened on KVIrc
Go to the menu "Scripting" then "Edit Events" then right click on "OnQueryWindowCreated" and select "New Handler". Name it as you wish then add this code and click "Apply":
if(($context.networkname == "NETWORK1" || $context.networkname == "NETWORK2") && $str.left($target, 1) != "*")msg *fish keyx $target;
Notes:
- Replace NETWORK# by the name of the network you want it to be done as a default
- $str.left($target, 1) != "*" avoids using fish with znc specific users. Replace "*" by whatever status prefix you've set in your znc configuration.
ToDo
- encrypted keydatabase (user password)