Fake AdminCP & ModCP [Archive]

View Full Version : Fake AdminCP & ModCP

Parabellum

05-31-2008, 11:12 PM

I tried searching for this mod for vBulletin but cant find one.

Got this idea from the WHMCS client software forum here http://forum.whmcs.com/showthread.php?p=55959#post55959 this link is to the original whmcs thread and has the attached files for you coders to get some ideas so you can convert to vBulletin. Note: I can also send the files to coders if you need them for evaluation. Just pm me.

Basically its a fake adminCP that looks real and allows would be hackers to try and login but they end up getting a fake database error. It also records the username, IP address, and password they used and emails it to the email address you specify. Hopefully they just think your forum is screwed up and they quit trying.

This would be great for all of us that have changed the location of the original admin and mod CP folders.

Thanks :D

iogames

05-31-2008, 11:17 PM

Screenshots or info because the link doesn't show nothing :down:

Parabellum

05-31-2008, 11:34 PM

Sorry about that it does require a registration to view.

Well the screen shots would be the same as if you were to login to your admin CP at /forum/admincp. The fake database error would also look the same as the real one. If you need the files for evaluation just pm me and I'll send them to you.

GameWizard

06-01-2008, 03:38 AM

You can easily created this yourself. Just get a standard email form and create a page that looks exactly like the login page. And regardless of the login they type in, they will be forwarded to a page which looks like a DB error.

Shazz

06-01-2008, 03:39 AM

Big time waister, its a nice idea though

GameWizard

06-01-2008, 03:40 AM

Indeed, its easier to just use htaccess to block any IPs besides the ones you actually want to have access to the admincp.

Lynne

06-01-2008, 03:50 AM

Indeed, its easier to just use htaccess to block any IPs besides the ones you actually want to have access to the admincp.
Sometimes that is a bit difficult to do if you have a dynamic IP. (Not the htaccess protection, but the part about block all IPs but the ones for your admins/mods.)

edit: There was a mod for 3.0 that would grab the IP of anyone who tried to login to the admin cp and goofed. It would sent the username and IP to the email you specify.

KURTZ

06-01-2008, 08:39 AM

also you can check THIS (https://vborg.vbsupport.ru/showthread.php?t=169376) made by Bobby (Boofo) :)

Parabellum

06-01-2008, 08:27 PM

also you can check THIS (https://vborg.vbsupport.ru/showthread.php?t=169376) made by Bobby (Boofo) :)

Cool, this will do the trick. Thanks for the link :)