EDIT, For up-to-date information on connecting to IRC: https://0x00sec.org/faq#irc
Not sure if this is where I should post this, but couldn’t really pick an appropriate sub category of how-to and figured that this was best to be seen by every 0x00sec member as soon as they join so they can be part of the non-stop discussions, how-to’s, philosophical debates, and the random antics and banter that naturally comes along with having a massive non-stop sausage party with all the other hackers you’ve come to love and respect!
What is IRC?
Internet Relay Chat Protocol (IRCP) is an application layer protocol that facilitates communication in the form of text. The chat process works on a client/server networking model. IRC clients are computer programs that a user can install on their system. These clients communicate with chat servers to transfer messages to other IRC clients. IRC is mainly designed for group communication in discussion forums referred to as channels, but also allows one-on-one communication via private messages (PMs), chat and data transfer, and file sharing.
Why use IRC
On top of being an amazing place to chat with everyone and ask/answer questions etc, etc… IRC is also something most hackers will need to become intimately familiar with if they plan on playing with any older botnet malware (though still widely used and in some instances still modern), as lots of botnets use IRC servers/channels as their C&C (Command and Control) servers which tell them what to do.
Which IRC client should I use to connect to 0x00sec’s IRC channel?
Just like there are many browsers to surf the web, there are many IRC clients to choose from out there, and I encourage you to do some research of your own and see which one suits you best. Off the top of my head, some IRC clients and their benefits/pitfalls are:
mIRC - Probably the easiest IRC client to use besides web-based IRC clients. Windows only and constantly bugs you to purchase it after first 30 days as a “trial”.
xChat - Also very easy to use, installed on some *nix distros out of the box. Lots of support for plug-ins for integrating with other chat programs.
Mibbit - Website which proxies traffic to/from IRC channels. Very, very minimal/bare functionality with little to no integrity/authenticity… would only use short-term or in an emergency.
irrsi - Command line interface/terminal chat client. Extremely customizable and makes scripting IRC tasks easier than any other client ever could. Started on *nix systems thus very *nix friendly.
Quassel - Client/Server architecture allows connections from anywhere, increases anonymity, helps bypass workplace firewalls, and ensures you never miss anything said!!
I am going to be using that last one, Quassel.
For all the more senior/experienced 0x00sec members reading this, I’ve written a tutorial on how to setup a Quassel Core server on an Amazon EC2 instance of Ubuntu 14.04 LTS. Doing this means that you are always connected to every server and channel you want to be, and when you use the Quassel Client to connect to the Quassel Core, it pulls all the backlogs since the last time it connected to the core, so you never miss a moment of IRC glory. This also gives you an added layer of anonymity, as you connect to everything as ircNick@amazon-aws-ec2-adf89fsdf834-east/west and the IP from which your Quassel Client is connected is never revealed. Finally, you can customize the port which the Core will listen on, which has the added benefit of making it a bit easier to bypass WAFs/IPSes/IDSes that likely have common IRC ports (6667, 6669, 7000, 9999, etc) blocked entirely.
For our beginners though, Quassel offers a stand-alone client which works just like any other IRC client, and that’s what we’re going to get you up and running on.
Installing Quassel on Linux or Windows
Go ahead and download and install Quassel 0.12.4 Windows Installer if you’re on a Windows platform.
For my linux users, quassel is in most *nix repositories, so just go ahead and do
root@debain:~# sudo apt-cache search quassel
and verify the name of the quassel archive that is labeled as a ‘monolithic client’ which includes ‘core+client’ as one program. On debain it’s just quassel, so just apt-get install quassel quick.
##Run and configure Networks and Identities
Once installed, go ahead and start Quassel. On linux just type “quassel” in a terminal (bonus points if you put a space and ‘&’ after it though, which frees your terminal back up so it’s not now locked to a GUI application). In windows, find and run Quassel as well, but make sure not to run Quassel-Client or Quassel-Core, they all have the same icon. Once up and running, it should look like this, and there shouldn’t be any more differences between Windows or Linux versions.
From the context menu at the very top select “Settings” and choose “Configure Quassel…”
On the left hand tree, under “IRC” choose “Identity” and go ahead and all several nicknames/aliases that you want to use as your handle in IRC. Use the arrows on the right to order them from highest to lowest preference, with highest being at the top. You will only ever connect as one of these handles… but sometimes if you disconnect, you may reconnect faster than the IRC server has registered you’ve left, and your past self is still connected and using your primary handle… in this case Quassel would connect with your secondary handle. This is also called “Ghosting”. In this example you just ghosted yourself on accident… but unless your Nickname is registered, anyone can pretend to be you by simply changing their nickname to yours… More on that later.
In the same window, at the top, go ahead and rename the overall Identity you’ve created from something other than the name that Quassel has set - “Default Identity”.
Now in the tree on the left, right below “Identities” choose “Networks” and add a new IRC server/network. Once you’ve clicked “Networks” click “Add”, and you can choose “Freenode” from the list of preset IRC servers, which fills out the server name and port for you.
Unfortunately, this information isn’t correct… or at least it kept refusing to let me connect with the default hostname and port provided by quassel. Go ahead and edit the information accordingly after selecting it from the dropdown list. For me, this was irc.freenode.net as the host (server address here), and 6667 as the port.
Go ahead and click “Connect” -> “Freenode”. Or “Connect to all” since that’s all there is…
##Register and Verify your nickname on Freenode’s IRC servers
Now you need to register your nicknamehttps://freenode.net/kb/answer/sasl. Registering your nickname is how you can prove that you are You, and somebody didn’t just change their name to your name… in order to do this, we interact with the NickServ bot(?)… w/e… go ahead and type "/msg NickServ register "
Ignore me just butcheringTF out of the process every single line above the one I’m about to hit Enter on lol… but alas, it did work. Well, technically right there it didn’t… It didn’t like my mailinator email for this tutorial, so I gave it a legit one that ya’ll don’t get to see. And then it will tell you it has sent you an email. Go check your email, and it will have a command with a special token that it wants you to send back to NickServ in order to verify your email and finish registering your nickname.
Once you’ve verified your email and nickname, now you can “/msg nickserv identify yourpassword”
and you will be identified as being the rightful owner of the nickname you’ve chosen (note: this gives you an (i) or (+i) next to your name in the IRC channel to verify your authenticity.
##Join 0x00sec IRC channel and say hello!
Now you can type “/join ##00x0sec” or “/j ##0x00sec” in the very bottom middle window and join our IRC channel!!
##Setup automatic channel joining per-server
Finally, go back into “Settings” -> “Configure Quassel…” and choose “Networks” under “IRC” on the left. Then notice the 5 tabs in the “Network Details” area and click on the “Commands” tab. This will execute whatever commands you tell it to immediately upon joining the irc.freenode.net server. Typically this is used to auto-join all the channels you want to connect to automatically, so go ahead and type “/j ##0x00sec” in the white box under the “command” tab.
##Setup automated identifying
And lastly, click on the “Auto Identify” tab and fill out your information to automatically identify yourself each time that you connect to Freenode rather than having to type everything out each time. Having to type-out the command to identify yourself every time is risky because if you mistype “/msg” and are in a public channel already, you will type all that information out as a message to everyone in the channel, and everyone will know your password, and you’ll have to make a new nickname and act like you ran away and are a new person, cause we’d never let you live that down… just like that time you pissed your pants in 5th grade… People Don’t Forget!!! (Superbad ftw).
Ok, I know I said I was doing these tutorials in tandem, but I can’t… Will edit this later tonight or tomorrow with links to other one and post it… I’ve already got all the screenshots n shit, just need to whip it together. Oh, and Amazon EC2 AMIs are Free!! Well, there’s a free tier grade assuming you don’t go over a certain amount of bandwidth, which is ideal for just running an IRC server.
Note: conversely, yes it would be just about just as beneficial to just have the AWS EC2 AMI a machine that you can just ssh tunnel your traffic through as a proxy for anonymity, or have it itself always running like irssi to always have back-logs, but I prefer Quassel. It’s pretty boss.