PoiNtEr->: How To Encrypt Plain text Password Of Telnet Protocol ??

                             Difference between a dream and an aim. A dream requires soundless sleep, whereas an aim requires sleepless efforts.

Search This Blog

Monday, September 10, 2012

How To Encrypt Plain text Password Of Telnet Protocol ??

How To Encrypt Plain text Password Of Telnet Protocol ??

 The purpose of the TELNET Protocol is to provide a fairly general,    bi-directional, eight-bit byte oriented communications facility.  Its    primary goal is to allow a standard method of interfacing terminal    devices and terminal-oriented processes to each other.  It is    envisioned that the protocol may also be used for terminal-terminal    communication ("linking") and process-process communication    (distributed computation).
 A TELNET connection is a Transmission Control Protocol (TCP)    connection used to transmit data with interspersed TELNET control    information.     The TELNET Protocol is built upon three main ideas:
  • the    concept of a "Network Virtual Terminal"; 
  • the principle of    negotiated options; and 
  • a symmetric view of terminals and    processes.

static void c_write(Telnet telnet, char *buf, int len)
    int backlog;
    backlog = from_backend(telnet->frontend, 0, buf, len);
    sk_set_frozen(telnet->s, backlog > TELNET_MAX_BACKLOG);

static void send_opt(Telnet telnet, int cmd, int option)
    unsigned char b[3];

    b[0] = IAC;
    b[1] = cmd;
    b[2] = option;
    telnet->bufsize = sk_write(telnet->s, (char *)b, 3);
    log_option(telnet, "client", cmd, option);

Above are two function used by a telnet client to send buffer over network .Well what we really want to achieve  is that the password should go encrypted in network not in stripped out form.
Approaches possible:

1:Possible that we can make our very own encryption and decryption function and do encryption on whole buffer sent over wire,and decrypt that on server side.But this approach will be specific to client and  server used and we also have to make changes in server and client source code of telnet daemon.

2:possible that we use a standard encryption algo and set bit in server  for that.

3:We can use user fingerprinting techniques to make connection such that without any password we can login if alice have key then make connection with bob,no password required.Special attention need to be paid for encrypting key and sending it over naked wire.

4:Use own write function for socket communication...
   int (*write) (Socket s, const char *data, int len);
   int (*write_oob) (Socket s, const char *data, int len);
   void (*write_eof) (Socket s)
define in a connect.h file

Soon be uploading code of this Secure Telnet  here

No comments:

Post a Comment