Secure command line chat using netcat and openssl
Instant messaging networks are practical and simple to use. Though most of the people use themĀ without worries, they do in fact bring up a major concern, privacy. Not only your messages are transmitted in plain text over the internet so somebody in between can sniff them, they are not sent directly to the recipient. Instead, they are sent to the IM provider’s server and then delivered to the recipient. What this means is that you are trusting wharever you communicate over IM to your IM provider which can log all your messages and do whatever it wants with them.
If you use an UNIX based operative system, this little shell script implements a simple and secure way to chat. It’s more of a proof of concept than a every-day usable script. Despite that is fully functional and fun.
It works simply by sending encrypted text over a TCP socket created with netcat. The text is encrypted using openssh.
#!/bin/sh
#change this if your port is busy
port=3004
usage () {
echo "******************** SSSLCHAT ********************"
echo "U S A G E"
echo "SERVER: ssslchat.sh server [password]"
echo "CLIENT: ssslchat.sh client [password] [ip|hostname]"
exit 1
}
mode=$1
pass=$2
ip_or_host=$3
encode(){
password=$1
while [ True ]
do
read userinput
encodedmessage=`echo "$userinput" | openssl enc -rc4 -k $password | openssl enc -a`
echo "$encodedmessage"
done
}
decode(){
password=$1
while [ True ]
do
read encodedinput
decodedmessage=`echo "$encodedinput" | openssl enc -d -a | openssl enc -d -rc4 -k $password`
echo "+$decodedmessage"
done
}
case $mode in
"server") encode $pass | nc -l -p $port | decode $pass ;;
"client") encode $pass | nc $ip_or_host $port | decode $pass ;;
*) usage ;;
esac
Both the server and the client need to use the same password for it to work.
Tags: chat, command line, netcat, openssl, shellscript, ssl, unix
