m_hunter2.cpp

/*
 * InspIRCd -- Internet Relay Chat Daemon
 *
 *   Copyright (C) 2014 Peter Powell <[email protected]>
 *
 * This file is part of InspIRCd.  InspIRCd is free software: you can
 * redistribute it and/or modify it under the terms of the GNU General Public
 * License as published by the Free Software Foundation, version 2.
 *
 * This program is distributed in the hope that it will be useful, but WITHOUT
 * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS
 * FOR A PARTICULAR PURPOSE.  See the GNU General Public License for more
 * details.
 *
 * You should have received a copy of the GNU General Public License
 * along with this program.  If not, see <http://www.gnu.org/licenses/>.
 */


/* $ModAuthor: Peter "SaberUK" Powell */
/* $ModAuthorMail: [email protected] */
/* $ModDesc: Fixes the BASH-244321 password leakage vulnerability. */
/* $ModDepends: core 2.0 */

#include "inspircd.h"

class ModuleHunter2 : public Module
{
 private:
     void CensorPassword(std::string& text)
     {
         size_t position;
         while ((position = text.find("hunter2")) != std::string::npos)
         {
             text.replace(position, 7, "*******");
         }
     }

 public:
    void init()
    {
        Implementation eventList[] = { I_OnUserPreMessage, I_OnUserPreNotice };
        ServerInstance->Modules->Attach(eventList, this, sizeof(eventList)/sizeof(Implementation));
    }

    ModResult OnUserPreMessage(User* user, void* dest, int target_type, std::string& text, char status, CUList& exempt_list)
    {
        if (IS_LOCAL(user))
            CensorPassword(text);
        return MOD_RES_PASSTHRU;
    }

    ModResult OnUserPreNotice(User* user, void* dest, int target_type, std::string& text, char status, CUList& exempt_list)
    {
        if (IS_LOCAL(user))
            CensorPassword(text);
        return MOD_RES_PASSTHRU;
    }

    Version GetVersion()
    {
        return Version("Fixes the BASH-244321 password leakage vulnerability.");
    }
};

MODULE_INIT(ModuleHunter2)