have you read up on how CHAP (Challenge Handshake Authentication Protocol) worked for dialup authentication? IIRC it was designed to allow secure-enough authentication over a sniffable channel (modem traffic) at the cost of forcing plaintext password storage on the server side.
http://en.wikipedia.org/wiki/Challenge-handshake_authentication_protocol and http://www.rootsecure.net/content/downloads/pdf/cheating_chap.pdf suggests stealing injecting challenges received on a second connection into an existing up connection in order to steal credentials The microsoft extensions http://en.wikipedia.org/wiki/MS-CHAP may be useful. RFC numbers are listed in the wikticles. -- sub ONCE(&){ # only one ONCE on any LOC my %x if 0; $x{caller()}++ or &{$_[0]}; }
