vb.org Archive
Page 2 of 4 1 2 34
Show 40 post(s) from this thread on one page

vb.org Archive (https://vborg.vbsupport.ru/index.php)
-   vBulletin 2.x Beta Releases (https://vborg.vbsupport.ru/forumdisplay.php?f=5)
-   -   PasswordHack (https://vborg.vbsupport.ru/showthread.php?t=25845)

Afterburner 08-30-2001 02:59 PM
@ pipi

What kind of error ? I need the error message.
I dont have this problem on my board

pipi 08-30-2001 03:07 PM
Quote:
Originally posted by Afterburner
@ pipi

What kind of error ? I need the error message.
I dont have this problem on my board
error message as below, thanks

Database error in vBulletin: Invalid SQL: UPDATE userfield SET userspezial43=1
WHERE userid='2'
mysql error: Unknown column 'userspezial43' in 'field list'
mysql error number: 1054
Date: Thursday 30th of August 2001 12:29:46 AM
Script: /forums/forumdisplay.php

Afterburner 08-30-2001 06:10 PM
ok, here is the fix:

open the user.php from your admin folder, look for this code:

PHP Code:
$sql "";
  $profilefields=$DB_site->query("SELECT profilefieldid,title FROM profilefield");
  while ($profilefield=$DB_site->fetch_array($profilefields)) {
    $varname="field$profilefield[profilefieldid]";
    $sql.=",'".addslashes($$varname)."'";
  }
  $DB_site->query("INSERT INTO userfield VALUES ($userid$sql)");

  $action="modify";

  echo "<p>Record added</p>";



and replace the code with this code:

PHP Code:
$sql "";
  $userfieldsnames="(userid";
  $profilefields=$DB_site->query("SELECT profilefieldid,title FROM profilefield");
  while ($profilefield=$DB_site->fetch_array($profilefields)) {
      $userfieldsnames.=",field$profilefield[profilefieldid]";
    $varname="field$profilefield[profilefieldid]";
    $sql.=",'".addslashes($$varname)."'";
  }
    $userfieldsnames.=')';
  $DB_site->query("INSERT INTO userfield $userfieldsnames VALUES ($userid$sql)");

  $action="modify";

  echo "<p>Record added</p>";



Afterburner 08-30-2001 06:26 PM
I uploaded the new version, if you have installed BETA 2 you can update with the steps in the post before

Clueless 08-31-2001 08:06 PM
Hmmm slight prob i've added the hack without any errors, i ran the passwordhack.php first and deleted it after. and it said that it had completed the tables and to carry on with the Hack itself, so now i've finished it the board looks no different at all ????? there's no options in the control panel that i can see where you enter the password ?? Or an i missing something here :))))))))

Kengan 08-31-2001 10:01 PM
any demo please ! thanks !

Clueless 08-31-2001 10:18 PM
there's a demo on the first Post :) and that's what i can't see :) :)

Afterburner 09-02-2001 09:06 AM
go to your control panel
click on modify (Forums and Moderators)
choose a board and insert a password, up to now this board is password protected

drives_fast 10-24-2001 06:01 AM
Is it just me or is this the most un-secure password protect set-up around?

Please don't think me rude.......I installed this and there are holes everywhere.

First of all I have vbportal installed. Understandably....this was not written to accomidate that but aside fro those holes in the vb forum itself there is the link at the top of the main forum page "Active Posts" (or something like that).........then there is the little button by the membername in the table on the main forum page for "last post" (or something).....then there is the search feature.......do a search on the membername you see as the last poster in the forum nad with the results you are in......plus...once someone gets in.....if they never log out.....you can't get them out.....they will be able to waltz right in without any logins or anything.....and let's not forget about clicking on the membername of the last poster on the front of that forum and in his profile there is the link to a post inside and you are in again.

Is there any updates to this hack that will close all these holes?

I really want this to work because I don't want to make the forum private...it is too much work to add all the names

Thanks in advance....drives

Afterburner 10-24-2001 09:47 AM
You can see the titel of the postings but you can´t access the boards wich are protected. This is only a "see the topic title hole"


All times are GMT. The time now is 06:11 AM.
Page 2 of 4 1 2 34
Show 40 post(s) from this thread on one page

Powered by vBulletin® Version 3.8.12 by vBS
Copyright ©2000 - 2025, vBulletin Solutions Inc.

X vBulletin 3.8.12 by vBS Debug Information
  • Page Generation 0.01733 seconds
  • Memory Usage 1,755KB
  • Queries Executed 10 (?)
More Information
Template Usage:
  • (1)ad_footer_end
  • (1)ad_footer_start
  • (1)ad_header_end
  • (1)ad_header_logo
  • (1)ad_navbar_below
  • (2)bbcode_php_printable
  • (1)bbcode_quote_printable
  • (1)footer
  • (1)gobutton
  • (1)header
  • (1)headinclude
  • (6)option
  • (1)pagenav
  • (1)pagenav_curpage
  • (3)pagenav_pagelink
  • (1)post_thanks_navbar_search
  • (1)printthread
  • (10)printthreadbit
  • (1)spacer_close
  • (1)spacer_open 
Phrase Groups Available:
  • global
  • postbit
  • showthread
Included Files:
  • ./printthread.php
  • ./global.php
  • ./includes/init.php
  • ./includes/class_core.php
  • ./includes/config.php
  • ./includes/functions.php
  • ./includes/class_hook.php
  • ./includes/modsystem_functions.php
  • ./includes/class_bbcode_alt.php
  • ./includes/class_bbcode.php
  • ./includes/functions_bigthree.php 
Hooks Called:
  • init_startup
  • init_startup_session_setup_start
  • init_startup_session_setup_complete
  • cache_permissions
  • fetch_threadinfo_query
  • fetch_threadinfo
  • fetch_foruminfo
  • style_fetch
  • cache_templates
  • global_start
  • parse_templates
  • global_setup_complete
  • printthread_start
  • pagenav_page
  • pagenav_complete
  • bbcode_fetch_tags
  • bbcode_create
  • bbcode_parse_start
  • bbcode_parse_complete_precache
  • bbcode_parse_complete
  • printthread_post
  • printthread_complete