Bug in hack.log?
I think I found a potential bug in the hack.log output in testing my OSSEC integration.
Using SMTP's AUTH LOGIN, I generated the base64 information using: echo 'username' | base64
This yielded a result of the username having a \n at the end. When hack.log outputted this to the hack.log, it retained that \n literally, putting a newline in there on the hack.log at that spot at the end of the username, breaking up the 4-line format of the hack.log.
It's minor, but could break things watching that log, like OSSEC, which needs a consistent number of lines for multiline parsing.
)))[Psi-Jack -//- Decker] --- ■ Synchronet ■ Decker's Heaven -//- bbs.deckersheaven.com