To create new wiki account, please join us on #znc at Libera.Chat and ask admins to create a wiki account for you. You can say thanks to spambots for this inconvenience.
fish
This is an external module. Please note that it may or may not work with the current release (1.9.1). This module is not included in the default ZNC installation, and you will need to manually compile it before you can load this module. Contact the author if you have any questions, but feel free to ask in #znc on Libera.Chat. Someone might be able to help you there. |
fish is a module developed by crox and porki. It adds the ability to encrypt all your outgoing messages with the blowfish block-cipher. This way you can do the decryption/encryption on the bouncer instead of your irc client. Currently it supports ECB mode, CBC may be added in the future.
Getting the Code
At the moment this module is only available in the crox SVN branch.
You can directly download it here or here (mirror).
NOT RECOMMENDED, fish.cpp edited to work on older openssl versions(shell host?) by using the SHA256 included with newer ZNC versions pastebin.
Usage
Security considerations
Before using this module you should consider the following:
- If someone gets access to your bouncer box, he will obtain all your encryption keys, which can even be used to decrypt previously logged encrypted conversations. Make sure your bouncer box is secured by using firewalls, encrypted filesystems etc. Keep in mind that if you are using a Virtual Private Server (often called VServer), your hoster always has full access to your system via the hostsystem.
- If your connection to the bouncer isn't encrypted with SSL, the whole thing is pointless, since the bouncer sends you clearly readable, unencrypted text. This gives the chance to an attacker to sniff your traffic and read conversations.
- Keep in mind that by disregarding the security measures above, you also lower your chatting partners' security, not just your own!
- Just turn off "prepend timestamps" Your client will decrypt it as usual after that. You can turn on "append timestamps" but mIRC fish doesn't support it,other clients do.
on *:text:Target key is*:?:{ if ($nick == *fish) && (%samkeyfish == 1) { set %samkeyfish 0 .msg *fish setkey %fishput $gettok($1-,4,32) close -m $nick } if ($nick == *fish) && (%nickchange == 1) { set %nickchange 0 .msg *fish setkey %nickchangenewnick $gettok($1-,4,32) close -m $nick } if ($nick == *fish) && (%fishshowkey == 1) { set %fishshowkey 0 window -dCo +l @Blowcrypt-Key -1 -1 500 80 aline @Blowcrypt-Key �Key for %fishcontact �: aline -p @Blowcrypt-Key $gettok($1-,4,32) close -m $nick } } on *:text:Target not found*:?:{ if ($nick == *fish) { set %fishshowkey 0 echo $color(Mode text) -atm *** FiSH: No valid key for %fishcontact found close -m $nick } } on *:text:*:?:{ if ($nick == *fish) && (%samkeyfish != 1) && (%fishshowkey != 1) && (%fishshowkey != 1) { echo $color(Mode text) -atm $1- close -m $nick } } on *:NICK:{ if (($nick == $me) || ($upper($newnick) == $upper($nick))) { return } if (($query($newnick) == $null) || (%NickTrack != [On])) { return } .msg *fish showkey $nick set %nickchange 1 set %nickchangenewnick $newnick } alias FiSH.setkey { if ($1 == /query) var %cur_contact = $active else var %cur_contact = $1 if ($2- == $null) return .msg *fish setkey %cur_contact $2- } alias FiSH.usechankey { set %samkeyfish 1 .msg *fish showkey $2 set %fishput $1 } alias FiSH.showkey { if ($1 == /query) var %cur_contact = $active else var %cur_contact = $1 set %fishshowkey 1 set %fishcontact %cur_contact .msg *fish showkey %cur_contact } alias FiSH.removekey { if ($1 == /query) var %cur_contact = $active else var %cur_contact = $1 .msg *fish delkey %cur_contact } alias keyx { .msg *fish keyx $1 } alias FiSH.DH1080_INIT { if ( ($1 == /query) || ($1 == $null) ) var %cur_contact = $active else var %cur_contact = $1 .msg *fish keyx $1 } menu channel { - FiSH .Show key :FiSH.showkey $chan .Set new key :FiSH.setkey $chan $? .Remove key :FiSH.removekey $chan } menu query { - FiSH .DH1080 keyXchange: FiSH.DH1080_INIT $1 .- .Show key :FiSH.showkey $1 .Set new key :FiSH.setkey $1 $? .Remove key :FiSH.removekey $1 } menu nicklist { - FiSH .DH1080 keyXchange: FiSH.DH1080_INIT $1 .- .Show key :FiSH.showkey $1 .Set new key :FiSH.setkey $1 $? .Remove key :FiSH.removekey $1 .Use same key as $chan :FiSH.usechankey $1 $chan } menu status,channel,nicklist,query { FiSH .- .NickTracker $+ $chr(32) $+ %NickTrack ...Enable :set %NickTrack [On] ...Disable :set %NickTrack [Off] }
KVIrc script for ZNC fish
This script does a /msg keyx *fish $target everytime a query is opened on KVIrc
Go to the menu "Scripting" then "Edit Events" then right click on "OnQueryWindowCreated" and select "New Handler". Name it as you wish then add this code and click "Apply":
if(($context.networkname == "NETWORK1" || $context.networkname == "NETWORK2") && $str.left($target, 1) != "*")msg *fish keyx $target;
Notes:
- Replace NETWORK# by the name of the network you want it to be done as a default
- $str.left($target, 1) != "*" avoids using fish with znc specific users. Replace "*" by whatever status prefix you've set in your znc configuration.
ToDo
- encrypted keydatabase (user password)
--80.152.196.214 11:04, 3 November 2008 (UTC)