vb.org Archive
Page 25 of 26 « First 152324 25 26
Show 40 post(s) from this thread on one page

vb.org Archive (https://vborg.vbsupport.ru/index.php)
-   vBulletin 2.x Full Releases (https://vborg.vbsupport.ru/forumdisplay.php?f=4)
-   -   Get an e-mail if someone is trying to access your Admin CP (With IP address) (https://vborg.vbsupport.ru/showthread.php?t=32707)

glo 02-24-2004 07:57 PM
[QUOTE=Mutt]firefly, I've added alittle to your hack

Here's the chunk of code that needs to be added to 2 files

PHP Code:
            // email alert
            $ipaddress=iif(getenv("REMOTE_ADDR")!="",getenv("REMOTE_ADDR"),$HTTP_HOST);
            $iphostname = @gethostbyaddr($ipaddress);
            if ($HTTP_COOKIE_VARS['bbuserid']) {
                $realuserid $HTTP_COOKIE_VARS['bbuserid'];
                $realusername=$DB_site->query_first("SELECT username FROM user WHERE userid='$realuserid'");
                $MessageAddon .= "\nThier cookie identifys them as ".addslashes($realusername[username]."\n");
            }
            if ($sessionids=$DB_site->query("SELECT userid FROM session WHERE host='$ipaddress' AND userid>0 GROUP BY userid")) {
                while ($sessionid $DB_site->fetch_array($sessionids)) {
                    $realusername=$DB_site->query_first("SELECT username FROM user WHERE userid='$sessionid[userid]'");
                    $MessageAddon .= "\nSessions identifys them as ".addslashes($realusername[username]);
                }
            }
            $message="Someone is trying to login to the $bbtitle control panel!\nThe Script was : $PHP_SELF\n\nUsername they tried to use: $loginusername\nPassword they tried to use: $loginpassword (".md5($loginpassword)." in encryption)\n\nThe IP address is: $ipaddress\nThe host is: $iphostname\n\nSearch for members using this ip\n $bburl/admin/user.php?action=doips&s=&ipaddress=$ipaddress\n$MessageAddon";
            mail($webmasteremail,"Warning: vBulletin Admin Login Attempted",$message,"From: \"$bbtitle Admin CP\" <$webmasteremail>");
            // email alert 

the first addition is in sessions.php as instructed by firefly

it goes right after

PHP Code:
 if (md5($loginpassword)!=$bbuserinfo[password]) { 


then second additon is in adim/global.php

and it goes right after

PHP Code:
$getperms=$DB_site->query_first("SELECT cancontrolpanel FROM user,usergroup WHERE user.usergroupid=usergroup.usergroupid AND user.userid='$bbuserinfo[userid]'");
if ($getperms[cancontrolpanel]!=1) { 
now you'll get an email like this



now the email gets sent for any incorect login instead of just ones with a correct username and wrong password. If they are somehow listed in sessions under multiple userids, (logged on and then logged on again under a second account) you'll get them all.

Firefly, thanks for this. I really like it and plan to keept expanding it. Security is key. I have a bunch of jerkoffs at my Stern site and have been pushing off upgrading it to VB until I had lots of admin tools like this little email notice.

I'll be doing something very similar to this which will be used to track multiple accounts.

Hey people, let me know if you have any problems with this

tHe Rk 05-03-2004 08:36 PM
Excellent Hack, Works like a charm!

MeTaL_oRgY 05-08-2004 07:41 PM
hmmm... could someone modify this one to work by sending a PM instead of an e-mail?

TonTon 05-08-2004 09:19 PM
ban thier IP lol.

MRGTB 08-19-2005 02:58 PM
Installed in seconds and very useful indeed to keep an eye on members and hackers trying to hack access to your admin panel.

Very nice! :rolleyes:

Talisman 08-19-2005 10:02 PM
That's an old thread.. does this hack really still work with current versions?

MRGTB 08-19-2005 10:58 PM
Yeh, the code to find was exactly the same in vb 2.3.7 and it works perfect.

Talisman 08-20-2005 02:49 AM
Thanks, Gary. I closed down my old site some time ago and am planning to set up a new community soon. This old hack of Chen's was quite helpful to us. Happy to hear it's still usable.

Cheers!

mr. visual 08-28-2005 12:11 AM
works like a charm, thanks.

/me clicks install.

Saskia 10-22-2005 08:33 PM
Try this one, worked excellent for me!

https://vborg.vbsupport.ru/showpost....&postcount=202


All times are GMT. The time now is 08:02 AM.
Page 25 of 26 « First 152324 25 26
Show 40 post(s) from this thread on one page

Powered by vBulletin® Version 3.8.12 by vBS
Copyright ©2000 - 2025, vBulletin Solutions Inc.

X vBulletin 3.8.12 by vBS Debug Information
  • Page Generation 0.01359 seconds
  • Memory Usage 1,756KB
  • Queries Executed 10 (?)
More Information
Template Usage:
  • (1)ad_footer_end
  • (1)ad_footer_start
  • (1)ad_header_end
  • (1)ad_header_logo
  • (1)ad_navbar_below
  • (3)bbcode_php_printable
  • (1)footer
  • (1)gobutton
  • (1)header
  • (1)headinclude
  • (6)option
  • (1)pagenav
  • (1)pagenav_curpage
  • (3)pagenav_pagelink
  • (1)pagenav_pagelinkrel
  • (1)post_thanks_navbar_search
  • (1)printthread
  • (10)printthreadbit
  • (1)spacer_close
  • (1)spacer_open 
Phrase Groups Available:
  • global
  • postbit
  • showthread
Included Files:
  • ./printthread.php
  • ./global.php
  • ./includes/init.php
  • ./includes/class_core.php
  • ./includes/config.php
  • ./includes/functions.php
  • ./includes/class_hook.php
  • ./includes/modsystem_functions.php
  • ./includes/class_bbcode_alt.php
  • ./includes/class_bbcode.php
  • ./includes/functions_bigthree.php 
Hooks Called:
  • init_startup
  • init_startup_session_setup_start
  • init_startup_session_setup_complete
  • cache_permissions
  • fetch_threadinfo_query
  • fetch_threadinfo
  • fetch_foruminfo
  • style_fetch
  • cache_templates
  • global_start
  • parse_templates
  • global_setup_complete
  • printthread_start
  • pagenav_page
  • pagenav_complete
  • bbcode_fetch_tags
  • bbcode_create
  • bbcode_parse_start
  • bbcode_parse_complete_precache
  • bbcode_parse_complete
  • printthread_post
  • printthread_complete