vb.org Archive
Page 3 of 4 12 3 4
Show 40 post(s) from this thread on one page

vb.org Archive (https://vborg.vbsupport.ru/index.php)
-   vBulletin 2.x Beta Releases (https://vborg.vbsupport.ru/forumdisplay.php?f=5)
-   -   PasswordHack (https://vborg.vbsupport.ru/showthread.php?t=25845)

drives_fast 10-24-2001 11:09 AM
then is it a cookie thing that allows me to get in that forum from all these links everywhere?

I cleared all cookies, temp internet files, everything but all I have to do is login to my board and go to that forum and I am in.

The only time I can't get in is if I am not logged into the board

Afterburner 10-24-2001 11:14 AM
Quote:
Originally posted by drives_fast
then is it a cookie thing that allows me to get in that forum from all these links everywhere?

I cleared all cookies, temp internet files, everything but all I have to do is login to my board and go to that forum and I am in.

The only time I can't get in is if I am not logged into the board
yes this is right, if you insert the correct password you are able to access the board every time, this settings are in your profile in the database, see in the instruction file from the hack there you can find my suggestions for the next version:
unsubscribe a password protected board.

drives_fast 10-24-2001 11:27 AM
is there any way to get those that have already gotten in through a hole out?

is it possible to code in that the cookie not be set for access to the protected forum?

in other words.....make it so everyone with the password have to put it in every time they visit that forum?

I have some that got in.......I need to be able to get them out

drives_fast 10-24-2001 11:24 PM
Well....after further investigation....there are definately holes in this.

I registered a name and then tried to access the protected forum......could not get in.....good.

I removed all instances of "view new posts" or anything similar

went to the search feature.....typed in a name of someone that posted in the protected forum.....boom...there are the links and yes.....you can click them and get in. (mind you that I never entered a password to access the protected forum before trying these things)

backed out of that and went to that members profile and clicked on the last post (in the protected forum) and boom.....in again

So I say....there are holes in this.

I tried these thing on your board (afterburner) and they did not work......maybe some tweaks you did to yours that aren't documented in the installation file?

I really want this to work but need some help to make it either not search and list threads in protected forums from every angle or something......

anybody....please?

Afterburner 10-25-2001 06:22 AM
did you modified the showtopic.php correctly ? I have the same code in the description of the hack than in my board.


PHP Code:
download the showthread.php and make a backup of this file

look for this code (ca 205):

if (!$thread['visible']) {
  $idname="thread";
  eval("standarderror(\"".gettemplate("error_invalidid")."\");");
  exit;
}

$forum=getforuminfo($thread['forumid']);

add below this code:

// Password-Hack-by Afterburner-Start 
if ($forum['password']) {
$boardid="userspezial$thread[forumid]";
if ($bbuserinfo[$boardid] != 1) { 
eval("standarderror(\"".gettemplate('fehler_password_showtopic')."\");"); 
exit; 

}
// Password-Hack-by Afterburner-End

upload the showthread.php

drives_fast 10-25-2001 11:10 AM
yes...I have that in there exactly as you shoed it

do you think it could be this:....."userspezial$thread" instead of spelled "userspecial$thread" that is causing the problem?

My board is in english

Afterburner 10-25-2001 02:13 PM
userspezial$thread is the correct version
with z not with c

drives fast 11-04-2001 07:22 AM
I am still looking for a working version of this hack. I am willing to pay for it as long as it doesn't have any holes in it.

I tried the same tactics on afterberners site and the holes aren't there but on my board they are. I followed the instructions to the tee and even removed the hack and re-installed it but if I click on the name of the last poster in that forum and then clicl the last post they made (in the protected forum) I can get right in.

If someone has a "Secure" version of this and wants some bucks, please contact me.

I will however need refrences from the people that run this site because I am still dealing with one person that has not followed through with what I payed him for.

Thanks in advance......drives

Snake~eyes 11-09-2001 06:11 PM
Is it possible to make this hack work for version 2.2.0?

Bedhead 11-10-2001 07:44 AM
I would be interested in hole free password protection as well.


All times are GMT. The time now is 01:42 AM.
Page 3 of 4 12 3 4
Show 40 post(s) from this thread on one page

Powered by vBulletin® Version 3.8.12 by vBS
Copyright ©2000 - 2025, vBulletin Solutions Inc.

X vBulletin 3.8.12 by vBS Debug Information
  • Page Generation 0.01083 seconds
  • Memory Usage 1,745KB
  • Queries Executed 10 (?)
More Information
Template Usage:
  • (1)ad_footer_end
  • (1)ad_footer_start
  • (1)ad_header_end
  • (1)ad_header_logo
  • (1)ad_navbar_below
  • (1)bbcode_php_printable
  • (1)bbcode_quote_printable
  • (1)footer
  • (1)gobutton
  • (1)header
  • (1)headinclude
  • (6)option
  • (1)pagenav
  • (1)pagenav_curpage
  • (3)pagenav_pagelink
  • (1)post_thanks_navbar_search
  • (1)printthread
  • (10)printthreadbit
  • (1)spacer_close
  • (1)spacer_open 
Phrase Groups Available:
  • global
  • postbit
  • showthread
Included Files:
  • ./printthread.php
  • ./global.php
  • ./includes/init.php
  • ./includes/class_core.php
  • ./includes/config.php
  • ./includes/functions.php
  • ./includes/class_hook.php
  • ./includes/modsystem_functions.php
  • ./includes/class_bbcode_alt.php
  • ./includes/class_bbcode.php
  • ./includes/functions_bigthree.php 
Hooks Called:
  • init_startup
  • init_startup_session_setup_start
  • init_startup_session_setup_complete
  • cache_permissions
  • fetch_threadinfo_query
  • fetch_threadinfo
  • fetch_foruminfo
  • style_fetch
  • cache_templates
  • global_start
  • parse_templates
  • global_setup_complete
  • printthread_start
  • pagenav_page
  • pagenav_complete
  • bbcode_fetch_tags
  • bbcode_create
  • bbcode_parse_start
  • bbcode_parse_complete_precache
  • bbcode_parse_complete
  • printthread_post
  • printthread_complete