ChallengeAuth
From Scriptwiki
; Original by doomie @ QuakeNet ; Modified by NaNg @ QuakeNet ; Version 2.0 ; Written and tested on mIRC 7.42 ; ; What does this script contains? ; ; * ChallengeAuth script based on $hmac and $sha256 which are available from mIRC v7.42. ; * No addon dll needed for mIRC on tested version. ; ; What is ChallengeAuth? ; ; ChallengeAuth is a safe way to auth to your Q account, without sending your password in plain ; text over the network. For more information, please read the following link: ; http://www.quakenet.org/development/challengeauth/ ; ; ***************************************************** ; What do I need to configure before using this script? ; ***************************************************** ; ; You don't need to configure ANYTHING! The scripts can work as is, by executing /ChallengeAuth. ; If you'd like for it to auto-auth on connect, use /ChallengeAuth.AutoAuth 1. ; The script will pop up windows asking your username (first time only) and password (every time). ; ; If you don't want it to pop the password window every time, follow these instructions: ; ; The ChallengeAuth.Username and ChallengeAuth.Password right under this documentation needs to ; be edited for your username and hashed password. ; To get the hashed password, after loading this script, use: ; /ChallengeAuth.CreateHash <User> <Pass> ; where User is your Q account name and Pass is your Q password, and you will be given the hashed ; password that corresponds to the given user which you should insert in the alias below, e.g: ; alias -l ChallengeAuth.Password { return <Hashed_Password> } ; ; Available commands: ; ; * ChallengeAuth ; To auth to the pre-set user and password using the challengeauth. ; * ChallengeAuth.AutoAuth [1|0] ; Set 1 to enable to auto-auth on connect or 0 to disable. ; * ChallengeAuth.CreateHash [<Authname>] [<Pass>] ; Creates a hashed request according to the given Q user and pass. ; CONFIGURE alias -l ChallengeAuth.Username { if (!%ChallengeAuth.User) { !set %ChallengeAuth.User $?="Q account name?" } return %ChallengeAuth.User } alias -l ChallengeAuth.Password { return $ChallengeAuth.CreateHash($ChallengeAuth.Username, $?*="Password for Q account name: $ChallengeAuth.Username ") } ; DONT CHANGE ANYTHING UNDER THIS LINE UNLESS YOU KNOW WHAT YOU ARE DOING alias -l ChallengeAuth.Q { return Q@CServe.quakenet.org } ; id = whether autoauth is on or not. ; $1 = 1 for autoauth or 0 for not. alias ChallengeAuth.AutoAuth { if ($isid) return %ChallengeAuth.AutoAuth if ($1 == $null) { echo -at ChallengeAuth: Not enough parameters. return } if ($1 !isin 01) { echo -at ChallengeAuth: Invalid parameter. Please enter 1 to enable or 0 to disable. return } set %ChallengeAuth.AutoAuth $1 echo -at ChallengeAuth: Automatic authentication is now $iif(%ChallengeAuth.AutoAuth, ON, OFF) } ; $1 = string to lower alias -l ChallengeAuth.IRCToLower { return $replacex($lower($1),$chr(91),$chr(123),$chr(93),$chr(125),$chr(92),$chr(124),$chr(94),$chr(126)) } ; $1 = Authname, $2 = Password alias ChallengeAuth.CreateHash { if (!$2) { echo -ta ChallengeAuth: Not enough values given. return } !var %ChallengeAuth.Hash = $sha256($+($ChallengeAuth.IRCToLower($1),:,$sha256($left($2,10)))) if ($isid) return %ChallengeAuth.Hash !echo -atg ChallengeAuth: Hashed user/pass: %ChallengeAuth.Hash } ; Unsets challengeauth vars alias -l ChallengeAuth.Clear { !unset %ChallengeAuth.Active !unset %ChallengeAuth.Pass } ; $1 = Challenge alias -l ChallengeAuth.Auth { !.msg $ChallengeAuth.Q CHALLENGEAUTH %ChallengeAuth.User $hmac($1, %ChallengeAuth.Pass, sha256) HMAC-SHA-256 } alias ChallengeAuth { ; If username and password weren't supplied, use the defaults. if (!$1) { tokenize 32 $ChallengeAuth.Username $ChallengeAuth.Password } if (!$2) { echo -at ChallengeAuth: No Password specified. return } !set %ChallengeAuth.Active $true !set %ChallengeAuth.User $1 !set %ChallengeAuth.Pass $2 echo -at ChallengeAuth: ChallengeAuth is beginning. !.msg $ChallengeAuth.Q challenge } on *:CONNECT: { if (($ChallengeAuth.AutoAuth) && ($network == QuakeNet) && ($right($server, 13) === .quakenet.org)) { ChallengeAuth $ChallengeAuth.Username $ChallengeAuth.Password } } on ^*:NOTICE:*:?: { ChallengeAuth.ExecuteInput $1- } on ^*:TEXT:*:?: { ChallengeAuth.ExecuteInput $1- } alias -l ChallengeAuth.ExecuteInput { if ($fulladdress === Q!TheQBot@CServe.quakenet.org) && ($network === QuakeNet) && ($right($server, 13) === .quakenet.org) { if ($1 === CHALLENGE) && ($len($2) == 32) && (%ChallengeAuth.Active) { if ($istok($3-, HMAC-SHA-256, 32)) { .timer 1 0 ChallengeAuth.Auth $2 } else { echo -ts ChallengeAuth: HMAC-SHA-256 is not supported. ChallengeAuth is NOT continuing. ChallengeAuth.Clear } } elseif ($1- == CHALLENGE is not available once you have authed.) && (%ChallengeAuth.Active) { echo -ts ChallengeAuth: You are already authed! ChallengeAuth.Clear } elseif ($1-6 == You are now logged in as) && (%ChallengeAuth.Active) { echo -ts ChallengeAuth: You are now authed as *** ChallengeAuth.Clear } elseif ($1- == Username or password incorrect.) && (%ChallengeAuth.Active) { echo -ts ChallengeAuth: Username or password incorrect. ChallengeAuth.Clear } } } raw 401:*: { if ($1- == $me $ChallengeAuth.Q No such nick) && (%ChallengeAuth.Active) { echo -ts ChallengeAuth: Q is currently not reachable. Please try again later. ChallengeAuth.Clear haltdef } }
See also
- Challenge auth (the old script, works on versions older than v7.42)
- Joining channels after hiding your address
