egghelp/eggheads community Discussion of eggdrop bots, shell accounts and tcl scripts. 2003-01-30T10:26:17-04:00 https://forum.eggheads.org/app.php/feed/topic/3561 2003-01-30T10:26:17-04:00 2003-01-30T10:26:17-04:00 https://forum.eggheads.org/viewtopic.php?p=15967#p15967 <![CDATA[Login ...]]> The syntax would be /msg botnick <handle> <pass>
It will not check if the host is correct or not, just if the password matches the handle. It will disable your host to login for 3 days when you do an incorrect login 3 times on 1 day (stored in a file). The code so far is below:

Code: 

bind msg - login loginproc login {nick uhost hand rest} {  global botnick hosttype  set handle [lindex $rest 0] ; set pass [lindex $rest 1]  if {[login:ignore ign $handle $uhost]} { return 0 }  if {$handle == "" || $pass == ""} {    putnotc $nick "Usage: /msg $botnick login <handle> <password>" ; return 0 }  if {[passwdok $handle $pass]} {  chattr $handle +Q  putnotc $nick "Authentication successful!"  if {$hand != $handle} {    setuser $handle HOSTS [spmaskhost $nick $uhost $hosttype]    # spmaskhost just another proc I made, not pasted in here ;-)    putlog "\($nick!$uhost\) !$hand! AUTHED as $handle"  }  login:ignore rem $handle $uhost  setuser $handle XTRA SECNICK $nick  setuser $handle XTRA SECHOST $uhost  # I've seen this SECNICK/HOST trick in another script, although I can't remember which one it was  } else {  putnotc $nick "Authentication failed!"  login:ignore inc $handle $uhost  return 0}  }proc login:ignore {cmd handle uhost} {  set file "login.ign" ; set host [lindex [split $uhost @] 1] ; set tmplist {} ; set fnd 0  if {![file exists $file]} {set fd [open $file w] ; close $fd}  switch $cmd {  # increase failed login attempts  "inc" { set fd [open $file r]           while { ![eof $fd] } {           set tmpline [gets $fd]           if {[lrange [split $tmpline] 0 1] != "$handle $host"} { lappend tmplist $tmpline           } else {lappend tmplist "$handle $host [expr [lindex [split $tmpline] 2] + 1] [unixtime]"           set fnd 1}          }          close $fd          if { $fnd == "0" } {lappend tmplist "$handle $host 1 [unixtime]"}          set fd [open $file w] ; foreach line $tmplist {puts $fd "$line"} ; close $fd }  # check if user is on ignore  (handle host pare)  "ign" { set fd [open $file r]          while { ![eof $fd] } {           set tmpline [split [gets $fd]] ; set utime [lindex $tmpline 3]           if {$utime == "" || ![string is integer $utime]} {set utime 0}           if {[lrange $tmpline 0 1] != "$handle $host" || [lindex $tmpline 2] < 3} {           if {[expr [unixtime] - $utime] < 86400} { lappend tmplist $tmpline } else { set fnd 1 }           } else { if {[expr [unixtime] - $utime] < 259200} { return 1 } }          }          # 86400 sec = 1 day, 259200 = 3 days          close $fd          if {$fnd == 1} {set fd [open $file w] ; foreach line $tmplist {puts $fd "$line"} ; close $fd}          return 0 }  # remove login attempts when succesfull login  "rem" { set fd [open $file r]          while { ![eof $fd] } {           set tmpline [split [gets $fd]]           if {[lrange $tmpline 0 1] != "$handle $host"} {lappend tmplist $tmpline} else { set fnd 1 }          }          close $fd          if {$fnd == 1} {set fd [open $file w] ; foreach line $tmplist {puts $fd "$line"} ; close $fd} }    }  return 0}
the check to see if user is logged in would look like this:

Code: 

proc loggedin {nick host handle} {  global botnick  if {![matchattr $handle +Q] || [getuser $handle XTRA SECNICK] != $nick || [getuser $handle XTRA SECHOST] != $host} { return 0}  return 1}
I would like to know how some of you think about this. E.g. how "bad" is it that this does not check your ip/host? And does anyone see something vulnerable or bad code in it? Or what more would you like to see in it? (dcc command to get someone unignored and deauth comming ;-))

greetings

Statistics: Posted by Guest — Thu Jan 30, 2003 10:26 am

]]>