IRC eXtender Pro ================ version 1.07 BETA ABSTRACT -------- Some people started using IRX, so here is new version (IRXP). Code completely rewritten. Now it is not WSOCK32.DLL, but local proxy. As such, IRC client is connecting to IRC servers through IRXP. Such scheme is much more reliable, it doesnt depends on windows version, and has good perspectives to add cool things in future. IRXP is to be installed on the same machine where Mirc and hax0r are running. ;-) It is possible to connect to IRXP from local machine only, not from outside. Source and algorithm was simplified, and became better. Ecryption algorithm changed to AES (Rijndael). There is no public-keys anymore, but only single private key for each channel. Knowing this key, it is possible to encrypt/decrypt any (including sniffed) messages to/from corresponding channel. Encryption of private chats doesnt requires any static keys anymore. CHANNEL ENCRYPTION ------------------ 1. Create PGP (or other crypto) disk. 2. Install Mirc to PGP disk (other clients has not been tested). 3. Copy IRXP.EXE to PGP disk\IRXP directory. 4. Before using Irc, run IRXP; or create batch file to run IRXP before Mirc. 5. In the Mirc settings, enable firewall; set firewall type to PROXY or SOCKS5, use 'localhost' or 127.0.0.1 as firewall address, and IRXP port as firewall port. (port can be specified in cmdline) To use IRX encryption within DCC chats, you should set firewall type to SOCKS5. 6. Create special secured irc channel #chan. 7. Create corresponding key using 'IRXP -kg #chan' 8. Place that key into IRXP directory (where IRXP.EXE is located), using file name equal to channel name, including '#'. 9. Share key between channel users (hint: Dont cut/paste key data on Irc. Dont send by email as plain text.) N.B.: at least one of the chan users will pass key to feds immediately. 10. Verify that messages decrypted by IRXP are prefixed with DE_PREFIX (search for '#define DE_PREFIX' within IRXP.CPP). Default setting is black on gray. PRIVATE CHAT (QUERY) & DCC CHAT ENCRYPTION ------------------------------------------ Private chat encryption works the same as channel encryption: it operates in AES ECB mode, but session key is established using Diffie-Hellman key agreement protocol. Here is how encrypted private chat is established: +-------- A -----------+ +----------- B --------+ | MIRC <-----> IRXP <--|----> IRC server <----|--> IRXP <-----> MIRC | +----------------------+ +----------------------+ | | | | (1) A> irx? ---> 'irx?12..34' ------> 'irx?12..34' A> irx? (2) B> irx! <--- 'irx!56..78' <------ 'irx!56..78' <--- B> irx! While private chat (query), no one side should change its nick; if it does, other side will be unable to decrypt encrypted messages. Note, that such key establishing protocol is vulnerable to man-in-the-middle attack. Also, using multiple IRX? requests under different nicknames, it is possible to perform kinda dos, since half-established key entries are not deallocated yet. Note, that DCC SEND sessions are not encrypted. COMMAND LINE PARAMETERS ----------------------- IRXP.EXE [port] -- run/unload IRXP.EXE [port] -run -- run (exit silently if already running) IRXP.EXE [port] -unload -- unload (exit silently if already unloaded) IRXP.EXE -kg #chan -- generate channel key NOTE: on unload, unsent log messages are shown as msgboxes. specifies local port, on which IRXP is working as proxy. Default value (60666) is defined within IRXP.CPP. IRC COMMANDS ------------ /IRX -- version & other info (processed internally) IRX? -- offer to establish encrypted session (private chat, dcc chat) IRX! -- acknowledgement (private chat, dcc chat) TODO (in the near future; depends on beer) - Proxy and/or proxy-chaining support (between IRXP and IRC servers) - free key list entries - check invalid SOCKS5 requests * * *