I have written a win32 service socket server to listen for connections and do a little authentication (this is not a security question) and issue some commands.
I don't want to have to connect with any particular telnet client ala putty or CRT etc.. so it should work for native win32 telnet.exe as well as the others.
I ask for the username and password like so..(please, I know it's plain text.. I haven't got to that yet...)
The &AuthUser sub look like sowhile ($new_remote = $sock->accept) { $new_remote->autoflush(1); print $new_remote "Welcome to MyListenSvc v$VERSIO +N\r\n"; print $new_remote "Please enter your username: \r\ +n"; chomp ($usrname = <$new_remote>); print $new_remote "Please enter your password: \r\ +n"; chomp ($password = <$new_remote>); while (length($password) < 8) { print $new_remote "Password is too short.(Must + be at least 8 characters).\r\n"; print $new_remote "Please enter your password: + \r\n"; chomp ($password = <$new_remote>); } unless (&AuthUser($usrname, $password)) { print $new_remote "Authentication Errors - Che +ck your username and password.\n"; &Update_Log("... Login FAILED\n"); close ($new_remote); last; } else { print $new_remote "Authenticated Successfully +"; print $new_remote "(Type help for a list of co +mmands)\r\n"; print $new_remote "Command: "; $sel->add($new_remote) if ($new_remote); last; } }
sub AuthUser { my ($user, $pass) = @_; $user = substr($user, 0, -1); $pass = substr($pass, 0, -1); &Update_Log("Attempting to login as $usrname with $password... "); $auth_rc = 0; my $cipher = Crypt::CBC->new( { 'key' => "$pass", 'cipher' => 'Blowfish', 'iv' => '$KJh#(}q', 'regenerate_key' => 0, # default tr +ue 'padding' => 'space', 'prepend_iv' => 0 }); my $ciphertext = $cipher->encrypt("$user"); open PWD, "C:/MyListenSvc/bin/passwd" or return ($auth_rc); while (<PWD>) { if (m#\Q$ciphertext\E#) { &Update_Log("... Login OK\n"); $auth_rc = 1; last; } } close (PWD); return ($auth_rc); }
If I don't do this the authentication never works. When I printed the username and password to a log file I saw that a little square appears after the username and password.. I think it comes from the return that is entered. I tried to chomp the username and password but that never worked. So after beating my head for far too long I just tried to remove the last character...$user = substr($user, 0, -1); $pass = substr($pass, 0, -1);
Can anyone tell me why this happens and also if there is a better way to rectify this than what I have in the above code.
BTW. I havent tried to telnet from any *nix boxes yet..
-----In reply to Extra Character from telnet by AcidHawk
| For: | Use: | ||
| & | & | ||
| < | < | ||
| > | > | ||
| [ | [ | ||
| ] | ] |