E_NO_SUCH_BLOG

Programming, philosophy, pedaling.


Identifying and Enumerating IRC bots with IBIP

Mar 20, 2015

Tags: programming, security, irc

If you’ve been on IRC for any substantial period of time, you will have encountered an IRC bot. Whether it was NickServ or ChanServ or your favorite channel’s operator’s pet bot, you will have interacted with an automated client designed to ease and simplify your IRC experience.

This should come as no surprise. Constructing and running an IRC bot has been a programming rite of passage for decades, and isn’t going away anytime soon. As a consequence of this there are tens of thousands of unique IRC bots, many of which are still running unused and undetected.

This isn’t a huge problem in and of itself (apart from bugs and security holes in the bots themselves), but it would be nice if channel operators and users alike had a way to easily identify bots in their channel(s).

IBIP makes that possible.

What is IBIP?

IBIP, or the IRC Bot Identification Protocol, is exactly what it sounds like: a protocol for identifying IRC bots.

It standardizes two things: a trigger, listened for by all IBIP-compliant bots, and a PRIVMSG sent by all IBIP-compliant bots in response to the trigger.

The trigger is simple:

.bots

Or, as a complete PRIVMSG:

PRIVMSG target :.bots

Where target is a channel or nickname.

In response, IBIP-compliant bots are expected to send a response like this:

Reporting in! [language] information

Once again as a complete PRIVMSG:

PRIVMSG target :Reporting in! [language] information

Where:

The two optional sections may be used without their partner, but the information section may not be surrounded by brackets in any circumstance.

Therefore, a complete response would look like this:

Reporting in! [Ruby] See my !help command for a list of commands.

Usage and rationale

These two simple rules quickly become very useful for finding and enumerating bots. A sample session might look like this:

Talking on #channel.
<john_doe> .bots
<bot1> Reporting in! [C]
<bot2> Reporting in!
<bot3> Reporting in! [Java] http://example.com
<bot4> Reporting in! Version 2.8.56 running on Debian GNU/Linux x86_64

Each of those responses was valid, making each bot IBIP-compliant.

Although this might seem like a source of spam, it can be very useful for channel operators and users alike. If an operator would like to keep a cap on the number of IRC bots in the channel at any given point, they can simply issue the .bots command and manage all enumerated bots with a script that matches “Reporting in!”.

Similarly, channel users will be able to issue .bots and ascertain which (if any) bots can be used to perform channel tasks.

Drawbacks and conclusions

There are two large drawbacks to IBIP’s modus operandi:

With an administrative bot and occasional intervention by human operators, both of these pitfalls can be avoided.

In summary, IBIP can be a very good thing for the Wild West of IRC and IRC bots. If enough large frameworks/bot authors add compliance (a very simple affair, by any measure), every user will be just one message away from accessing otherwise hidden services.

If you are an IRC bot author, please consider adding it to your bot. It’ll make me very happy.

- William