QAuth - A QuakeNet login and authorization script

Configuration dialog

This script is intended for novice and intermediate mIRC users on QuakeNet.
It makes sure you authenticate with Q and (optionally) hide your hostname before joining any channels. As an added feature it does an optional active connection check, which might be helpful for you in detecting disconnections from the server.

If you already have your own scripts to do this, by all means keep using them, this script is not intended for you 😀

Requirements:

mIRC 7.55 or above. The script might work with older versions, but I haven't tested this.
A Q account on QuakeNet. To create an account use:
/nick DesiredAccountName
/msg Q HELLO your@email.xx your@email.xx (replace both instances with a valid address)
It's possible your chosen account name is already taken, even if the nickname isn't in use. In that case you will have to choose a different account name. See the Q FAQ for more information.

Download:

Version 0.80

—

Updated the configuration dialog to display better on high-DPI displays.

Installation:

Unpack the ZIP archive in your mIRC directory (i.e. C:\Program Files\mIRC or something similar)
Run this command in mIRC: /load -rs qauth.mrc, allow initialization commands
Fill in the dialog. You will need a Q account for this script to be of any use (see above)

Credits:

SubSpace	—	Author
Zlut	—	Original script this was based on

History:

Not much here yet, and I don't expect there ever will be. You never know though :)

Version 0.80 — 2019-08-30

Updated the configuration dialog to display better on high-DPI displays.
Minimum required mIRC version is now 7.55 (up from 6.14).
The script no longer comes with a DLL that used to be necessary to support CHALLENGEAUTH; the functionality has been built into mIRC for a few years now.
…over 11 years since the last release 😁

Version 0.70a — 2008-03-26

Fixed detection of expired challenges due to changed NOTICE text from Q.
The changed notice text also caused the script to enter a endless loop trying to send challengeauth information. Fixed.

Version 0.70 — 2008-03-24

Removed MD5 challengeauth method, which is now deprecated. Replaced it with a HMAC-SHA-256 implementation used by the most recent Q network service.
This version requires a DLL (included) to do SHA-256 calculations. It's the same file provided by QuakeNet here.

Version 0.60 — 2005-07-08

Fixed a bug with joining multiple channels with a channel key.
Added buttons to change the order in which channels appear in your channel list.
Added support for CHALLENGEAUTH method, preventing plaintext password transmissions.
Added better support for connecting through bouncers like psyBNC.

Version 0.50a — 2004-04-19

Fixed a bug that occurred when Q fails to respond within the allowed time.

Version 0.50 — 2004-04-10

Original release

FAQ:

I'm connected to Quakenet, but I'm not properly authenticated for some reason. How do I fix it?: This is possible if Q was unavailable at the time of connecting. In a future version I plan to introduce a mechanism to better detect this and authenticate as soon as possible. Until then there is a simple fix for when this happens. In the mIRC chatline, type: /QuakenetSendAuth (case insensitive)
This will authenticate using the AUTH or CHALLENGEAUTH method as configured, and will join the channels in your auto-join list when authentication is completed.
Why would I want to use the HMAC-SHA-256 challengeauth method?: Using the classic method, you will need to send your Q password over the internet in plain text. This is not generally a problem, since the people working at your ISP are not likely to be interested in your password.
However, this feature is very handy for example you're on a LAN with some 'friends' that want to get a hold of your password. Also, if you use any proxy or bouncer to connect to Quakenet, I recommend you use this method.
Usually, auth'ing using this method will take only about a second longer than without it. I assume you aref familiar with the saying "better safe than sorry"? 😀
What happened to the MD5 challengeauth method?: MD5 is no longer considered as secure as it once was, therefore the QuakeNet development team has moved on to using other algorithms that do not have the same proven weaknesses, such as SHA-1 and SHA-256.
What does the IRC bouncer support feature do?: Instead of sending your Quakenet authentication on connect, it will send it each time it detects a server 'welcome' message. This means that if you're connected to your bouncer, but your bouncer reconnects to a server for whatever reason, it will properly send your authentication again.
Secondly, it will skip the channel join command(s) if the script finds you're reconnecting to your bouncer and you're still AUTH'ed.