mIRC Home    About    Download    Register    News    Help

Print Thread
enciphered host name #266543 24/12/19 08:46 PM
Joined: Dec 2019
Posts: 3
F
furriner67 Offline OP
Self-satisified door
OP Offline
Self-satisified door
F
Joined: Dec 2019
Posts: 3
On a particular chatroom, we have;

[20:38] Rudolf is Mibbit@F106E8CA.CF432A26.70DE1124.IP * http://www.mibbit.com

How do I decipher this to produce an IPv4 or IPv6 IP address?

Thanks for help.

Re: enciphered host name [Re: furriner67] #266546 25/12/19 04:48 PM
Joined: Feb 2009
Posts: 21
W
WKN Offline
Ameglian cow
Offline
Ameglian cow
W
Joined: Feb 2009
Posts: 21
The hostname is masked/cloaked to NOT provide the IP/DNS information to public. Real IP/DNS information only accessible by network staff (admins and ircops) on those networks.

Re: enciphered host name [Re: furriner67] #266547 25/12/19 06:36 PM
Joined: Jan 2004
Posts: 1,281
maroon Offline
Hoopy frood
Offline
Hoopy frood
Joined: Jan 2004
Posts: 1,281
I'm not sure of the exact scheme, but it's something like, where the ipv4 address is a.b.c.d the scramble is hex1.hex2.hex3.IP and the hex are created like

hex3 = md5(c.d secret)
hex2 = md5(b.c.d secret)
hex1 = md5(a.b.c.d secret)

The md5 is longer, and they only return 8 of the hex digits, i'm not sure which 8. Not sure if they would have updated to sha1, because of the need to perform this hash so frequently. Once you know the exact format for the input to the md5, you'd still need to know the secret, and it's not necessarily the same secret for each function.

md5 is a one-way hash, so it's not like encryption where you just decrypt it if you know the key. Also, because they hide 24 of the 32 hex digits, there are lots of secrets which would create those matching 8 hex digits.

Probably the best you're going to do is know that everyone who has the same hex3.IP string as you have is going to have the same a.b portion of their ipv4 matching.

I don't know how they scramble ipv6's.

Re: enciphered host name [Re: maroon] #266548 26/12/19 01:00 AM
Joined: Feb 2003
Posts: 2,681
Raccoon Offline
Hoopy frood
Offline
Hoopy frood
Joined: Feb 2003
Posts: 2,681
the parts are probably (a.b.c.d) . (a.b.c) . (a.b) . IP
as opposed to the a.b.c.d + b.c.d + c.d model you suggested.

there's also no reason they necessarily stick to 8-bit boundaries; they could also be using 12x.12y.8z bit boundaries.
(x.y.z) . (x.y) . (x) . IP

Last edited by Raccoon; 26/12/19 01:05 AM.

Well. At least I won lunch.
Good philosophy, see good in bad, I like!
Re: enciphered host name [Re: Raccoon] #266551 26/12/19 09:11 AM
Joined: Dec 2019
Posts: 3
F
furriner67 Offline OP
Self-satisified door
OP Offline
Self-satisified door
F
Joined: Dec 2019
Posts: 3
If I understand you correctly, you are going from IP to a.b.c.IP

What if I want to go the other way, from a.b.c.IP to IP?

Is there an algorithm for that?

Thanks.

Re: enciphered host name [Re: furriner67] #266552 26/12/19 09:24 AM
Joined: Apr 2010
Posts: 939
F
FroggieDaFrog Offline
Hoopy frood
Offline
Hoopy frood
F
Joined: Apr 2010
Posts: 939
There is not a way to decipher the host address to an IP. The server/service is obscuring the IP. For purposes of channel bans, ignores, etc the address will remain the same for a specific ip.

That is, for example, if the IP address is 0.1.2.3 then the resulting masked host will always be a.b.c.ip

Last edited by FroggieDaFrog; 26/12/19 09:25 AM.

I am SReject
My Stuff