vb.org Archive
Page 4 of 5 « First 23 4 5
Show 40 post(s) from this thread on one page

vb.org Archive (https://vborg.vbsupport.ru/index.php)
-   vBulletin 3.0 Full Releases (https://vborg.vbsupport.ru/forumdisplay.php?f=33)
-   -   Email notification if someone attempts to access your Admin CP (https://vborg.vbsupport.ru/showthread.php?t=64519)

theArchitect 09-26-2004 01:40 AM
Quote:
Originally Posted by EvilLS1
Hmmm.. Weird. Are you sure these users aren't trying to login through the admin section? In the emails that you get what does it say next to referer?
If it says: http://www.yoursite.com/forums/admincp/ then they are trying to login through the admincp.
Yep. The error is from http://www.mysite.com/forum/login.php.

As I said no worries.

XrayHead 10-20-2004 07:46 PM
I use HT Access on my ADMINCP DIR as well, but I installed this and tested it.
It works really well.

Nice, Xrayhead

hkvic 10-21-2004 08:24 PM
Excellent - thank you, works like a real charm. Clicked install

bendigo-tech 10-28-2004 08:16 AM
Works well! Thanks a lot.

*Clicks Install*

HackMaster3d 10-30-2004 08:19 PM
Simply wonderful. I've always wondered about a hack like this. loe and behold it's here. I LOVE THIS PLACE>

wirewolf 11-01-2004 04:25 PM
Clicked Installed! Tested OK on v3.0.3. Works like a charm! Asked a couple of friends (close) to try and log in (after I tested it first), and got the emails within 5 minutes. Now if we could only have it send out a message to your cellphone or pager, locate the user attempting to get into your Admincp, drag them before the "Court of Board Administrators", pronouce sentence on them, and string them up by their thumbs. :banana:
Great little hack EvilLS1! Thanks

Scott MacVicar 11-03-2004 04:24 PM
Quote:
Originally Posted by EvilLS1
This is my version of the hack that Firefly released for VB2.

VB3's standard log of failed admincp login attempts is a nice feature.. but since you get no instant notification, by the time you check the log it could be too late. Also, the log doesn't show which passwords the potential intruder is trying... If someone is close to guessing my password I wanna know about it!

What does it do? With this hack, when someone tries to login to your admincp or modcp you'll get an email that contains the username they tried, the password they tried, their ip address, hostname, # of strikes, referer, script, and the date & time of the attempt.

It will look something like this:



If the person who is attempting to access your CP happens to be registered & logged in, this line will also be included in the email:

(Thanks to AlexanderT for the idea for this addon.)


Note: If you don't recieve an email when testing, make sure you have the webmaster email set in the admincp (vBulletin Options + Site Name / URL / Contact Details). Also, sometimes it takes a while for the email to arrive. So give it plenty of time before screaming "it doesn't work".. ;)

Still not working? Read this!

Credits: Thanks to the original creator of this hack (Chen) for the idea, and thanks to Boofo for helping me test it. :)
I just came accross this at someones site i was helping at. I'd mistyped my username and well it sent them my password anyway. So i had a look at the code and I noticed it sent the password in plaintext ALL of the time.

What this really does is remove security from vBulletin, instead of just sending the md5 hash which at least hides the original password. I modified this version of the hack and removed the reference to the password used from this version I was working on and I think the hack author should consider adjusting the version posted.

Xenon 11-03-2004 05:29 PM
Well, actually from what i read inthe description is that, it shold send the tried password:

Quote:
If someone is close to guessing my password I wanna know about it!
So instead of removing the whole password sending (as this was the sense behind the hack) it should be changed, to just send the email to the username tried, but then with the password.

so if you just mistyped your username, then no mail would be sent, as this user doesn't exist or is no admin, but if someone tries to hack into a real admin account, sending the passwords to this' accounts email wouldn't hurt.

EvilLS1 11-03-2004 07:20 PM
Yes, its supposed to send the password with any failed cp logins attempted. If the username is mistyped it will still send the password but again this is only for cp logins. Only staff members should be trying to login from here anyway. It doesn't send anything for regular logins. If you'd rather have it send an encrypted password instead simply skip the edits to adminfunctions.php and use the vb_login_md5password variable instead of the one added with the hack.

Scott MacVicar 11-03-2004 07:58 PM
Well I at least think it should be mentioned in the first post and the install file. I wasn't really bothered about it emailing the admin, its the fact it went through a proxy server and travelled about on the net unencrypted.

I went out of my way for vB3 to remove all cases of plain text passwords being sent over the network and I was just a bit shocked to find this out. I automatically assumed that my password was fine since i saw it clear the input boxes onsubmit as expected.

Is there a real purpose to telling them what the password is? Someone logged in with an admin username you have their IP and everything else, why does it matter if they typed in "bob" as the password.

EvilLS1 11-03-2004 08:03 PM
Quote:
Originally Posted by Scott MacVicar
Well I at least think it should be mentioned in the first post and the install file. I wasn't really bothered about it emailing the admin, its the fact it went through a proxy server and travelled about on the net unencrypted.
It is mentioned in the first post. It clearly states that it will send the password.
Quote:
Is there a real purpose to telling them what the password is? Someone logged in with an admin username you have their IP and everything else, why does it matter if they typed in "bob" as the password.
Yes, if someone is close to guessing your (the admins) password you will know about it.

Scott MacVicar 11-04-2004 12:25 AM
Quote:
Originally Posted by EvilLS1
It is mentioned in the first post. It clearly states that it will send the password.

Yes, if someone is close to guessing your (the admins) password you will know about it.
Yeah i know it says the password is sent but does the average user thats installed this know that its went from not sending the plaintext password over http when you login to sending it?

Most people seem to appreciate this hack but I doubt they know that it weakens security, if they were really that bothered they'd just rename the admin panel to something totally unguessable and put a http authentication box on top of the directory.

EvilLS1 11-04-2004 02:59 AM
Alright, As you suggested I placed a note about this in the first post along with instructions on how to (optionally) make it send the encrypted password instead.

Eagle Creek 12-04-2004 11:49 PM
Quote:
Originally Posted by EvilLS1
$fapassword = &$vbpassword;

..with this:

$fapassword = &$md5password;
I can't find that??

rh2004 12-05-2004 07:48 PM
Hi works great thanks, how could you add Proxy IP too, as if someone is trying
to access your admin panel there will more than likely be using a proxy ...

EvilLS1 12-05-2004 08:08 PM
Quote:
Originally Posted by Eagle Creek
I can't find that??
Its in the hack instructions. 2nd edit to login.php



Quote:
Originally Posted by Eagle Creek
Nice hack but I get from EVERYONE who has made an wrong login an error. Not only for the ACP but on the whole forum.

As you can see he's running a script/page that has nothing to do with ACP.

From the hack instructions, 3rd edit to login.php, make sure you added the code below this section of code:
Code:
                if ($logintype === 'cplogin' OR $logintype === 'modcplogin')
                {
                        // log this error if attempting to access the control panel
                        require_once('./includes/functions_log_error.php');
As you can see in the code above, as long as the call to the vbmail() function is placed inside the $logintype === 'cplogin' if statement it should only send the email on cp logins.

Only one other person had that problem (emailing on all logins) so if the suggestions above don't fix it my only guess is that maybe its conflicting with another hack.

EvilLS1 12-05-2004 08:09 PM
Quote:
Originally Posted by rh2004
Hi works great thanks, how could you add Proxy IP too, as if someone is trying
to access your admin panel there will more than likely be using a proxy ...
I'll look into it when I get some free time.

Eagle Creek 12-05-2004 08:33 PM
Quote:
Originally Posted by EvilLS1
Its in the hack instructions. 2nd edit to login.php






From the hack instructions, 3rd edit to login.php, make sure you added the code below this section of code:
Code:
                if ($logintype === 'cplogin' OR $logintype === 'modcplogin')
                {
                        // log this error if attempting to access the control panel
                        require_once('./includes/functions_log_error.php');
As you can see in the code above, as long as the call to the vbmail() function is placed inside the $logintype === 'cplogin' if statement it should only send the email on cp logins.

Only one other person had that problem (emailing on all logins) so if the suggestions above don't fix it my only guess is that maybe its conflicting with another hack.
Ill take a look at that.

rh2004 12-05-2004 09:03 PM
Quote:
Originally Posted by EvilLS1
I'll look into it when I get some free time.

Thanks

EvilLS1 12-07-2004 06:43 AM
Quote:
Originally Posted by rh2004
Hi works great thanks, how could you add Proxy IP too, as if someone is trying
to access your admin panel there will more than likely be using a proxy ...
rh2004,
After looking at this hack it appears that with it installed along with this one it would send the actual IP even if the person is using a proxy.

passionboss 12-08-2004 08:27 PM
boss clicks install :cool:

Delphiprogrammi 12-12-2004 07:22 PM
installed and working right now i'll hit that "install" button

this mod works fine but i wonder why it takes so long to deliver the mail ? by that time the intruder is already gone .... all you could do is ban him (if it is a guest) and disable his account if he is regged

YabbaDabba 12-15-2004 02:58 AM
YabbaDabba clicks install (w/encrypted pwd)

biggkay 12-15-2004 05:54 PM
/me clicks install...works very nicely

trevelyn1015 12-15-2004 06:25 PM
clicks install

Ocean 01-03-2005 09:03 PM
I just upgraded my board from vB 3.0.3 to vB 3.0.4, and that seems to have affected this hack.

I still get the email - but the Attempted Password now shows up as an empty field.


Any idea what's changed and what needs to be altered for this hack in order to make this work?

Eagle Creek 01-03-2005 10:26 PM
Same problem overhere..

EvilLS1 01-04-2005 04:55 AM
Quote:
Originally Posted by Ocean
I just upgraded my board from vB 3.0.3 to vB 3.0.4, and that seems to have affected this hack.

I still get the email - but the Attempted Password now shows up as an empty field.


Any idea what's changed and what needs to be altered for this hack in order to make this work?
I have no way of testing this as I haven't upgraded yet, but these instructions should work for v3.0.4.

https://vborg.vbsupport.ru/attachmen...chmentid=22849

If you're using a browser other than internet exploror and it still doesn't send the attempted password try it again with internet explorer and see if it works.

Slapp3r 01-05-2005 12:01 AM
Brilliant hack

Ocean 01-05-2005 01:12 AM
Quote:
Originally Posted by EvilLS1

I have no way of testing this as I haven't upgraded yet, but these instructions should work for v3.0.4.

https://vborg.vbsupport.ru/attachmen...chmentid=22718

If you're using a browser other than internet exploror and it still doesn't send the attempted password try it again with internet explorer and see if it works.
I was using IE - but I'll give your new instructions a shot and see if it works. :)

ozmazdaclub 01-08-2005 03:42 AM
Excellent Hack!

Install Button > Click!

therczone 01-09-2005 05:22 AM
Worked beautifully on my vB 3.0.5. I accidentally locked myself out for 15 minutes though. Any chance of making a hack, or an addon, that makes it so user id 1 cannot be locked out? Someone could go to your forum and try to log in 6 times and then you have to wait 15 minutes.

My idea would be that the hack would stop the person trying to login from continuing to attempt to login, but to NOT lock out the admin's account. It may seem stupid, but someone with your talent should be able to work something out? :)

EvilLS1 01-09-2005 01:58 PM
Quote:
Originally Posted by therczone
Worked beautifully on my vB 3.0.5. I accidentally locked myself out for 15 minutes though. Any chance of making a hack, or an addon, that makes it so user id 1 cannot be locked out? Someone could go to your forum and try to log in 6 times and then you have to wait 15 minutes.

My idea would be that the hack would stop the person trying to login from continuing to attempt to login, but to NOT lock out the admin's account. It may seem stupid, but someone with your talent should be able to work something out? :)
You could bypass it for the admins account but that would defeat the whole purpose of the strike system b/c if your not logged in it has no way of knowing if you're the admin or not.

You could do something like this, so that it doesn't give the admin strikes or lock him out when trying to login to the control panel as long as he's already logged into the board:

In includes/functions_login.php find:
Code:
function verify_strike_status($username = '')
{
        global $DB_site, $vboptions;

        $DB_site->query("DELETE FROM " . TABLE_PREFIX . "strikes WHERE striketime < " . (TIMENOW - 3600));

        if (!$vboptions['usestrikesystem'])
        {
                return 0;
        }
Replace it with:
Code:
function verify_strike_status($username = '')
{
        global $DB_site, $vboptions, $bbuserinfo;

        $DB_site->query("DELETE FROM " . TABLE_PREFIX . "strikes WHERE striketime < " . (TIMENOW - 3600));

        if (!$vboptions['usestrikesystem'] OR $bbuserinfo[usergroupid]==6)
        {
                return 0;
        }
Find:
Code:
// ###################### Start exec_strike_user #######################
function exec_strike_user($username = '', $strikes = 0)
{
        global $DB_site, $strikes, $vboptions;

        if (!$vboptions['usestrikesystem'])
        {
                return 0;
        }
Replace it with:
Code:
// ###################### Start exec_strike_user #######################
function exec_strike_user($username = '', $strikes = 0)
{
        global $DB_site, $strikes, $vboptions, $bbuserinfo;

        if (!$vboptions['usestrikesystem'] OR $bbuserinfo[usergroupid]==6)
        {
                return 0;
        }
With that change, if the admin is logged in to the forum but not the control panel it will not give him a strike for an incorrect cp login and shouldn't lock him out even if someone else has 5 strikes with his username. All other usergroups will still get a strike.

If you're not logged into the forum you'll still get a strike.

I didn't test it but it should work.

Thanks for verifying that this hack works with 3.0.5 btw. :)

YabbaDabba 01-11-2005 03:50 PM
Quote:
Originally Posted by therczone
Worked beautifully on my vB 3.0.5. I accidentally locked myself out for 15 minutes though. Any chance of making a hack, or an addon, that makes it so user id 1 cannot be locked out? Someone could go to your forum and try to log in 6 times and then you have to wait 15 minutes.

My idea would be that the hack would stop the person trying to login from continuing to attempt to login, but to NOT lock out the admin's account. It may seem stupid, but someone with your talent should be able to work something out? :)
Just set up a second admin account for yourself. I use 2 so that if one has a problem, I have a back door.

Delphiprogrammi 01-17-2005 08:41 PM
well,

this hack works fine except for one little thing

Code:
Script: http://www.yoursite.com/forums/login.php
why isn't this line hypperlinked ?? this is bugging me i know just a rediculious detail but it's bugging me

Eagle Creek 01-17-2005 08:47 PM
Quote:
Originally Posted by Delphiprogrammi
well,

this hack works fine except for one little thing

Code:
Script: http://www.yoursite.com/forums/login.php
why isn't this line hypperlinked ?? this is bugging me i know just a rediculious detail but it's bugging me
Uuhm then get it hyperlinked? <a href=...

Mechanical Mind 01-17-2005 10:56 PM
Installed. Not working.

1. Version 3.0.3 (patched init.php - twice)
2. vBadvanced hack
3. IBProarcade hack
4. vBquiz hack

Checked and tried everything (twice) listed in the "Checklist"... still no luck?

I have a question: my administrator folder IS NOT named "admincp", could this be the cause?

Thanks.
mm :nervous:

EvilLS1 01-18-2005 03:17 AM
Mechanical Mind,
I don't think the name of the folder would have any effect on it but I could be wrong.

The only other thing I can think of is maybe one of the other hacks changes something which effects this hack. Since I don't use any of those myself I can't say for sure. You could try applying this hack to fresh un-modified files and see what happens.

EvilLS1 01-18-2005 03:20 AM
Quote:
Originally Posted by Delphiprogrammi
well,

this hack works fine except for one little thing

Code:
Script: http://www.yoursite.com/forums/login.php
why isn't this line hypperlinked ?? this is bugging me i know just a rediculious detail but it's bugging me
Its not hyperlinked for two reasons:
1) Its not meant to be clicked on. That line is only there to show you where the intruder is attempting to login from.. i.e. your site or a remote script.
2) Not all email clients support HTML.

Delphiprogrammi 01-18-2005 08:32 AM
oooh so i didn't do anything wrong i thought i did something wrong ok so i didn't anyway your hack worked fine with vb 3.0.3 & 3.04 & 3.0.5 i don't use any of those other either


All times are GMT. The time now is 07:43 PM.
Page 4 of 5 « First 23 4 5
Show 40 post(s) from this thread on one page

Powered by vBulletin® Version 3.8.12 by vBS
Copyright ©2000 - 2025, vBulletin Solutions Inc.

X vBulletin 3.8.12 by vBS Debug Information
  • Page Generation 0.01483 seconds
  • Memory Usage 1,857KB
  • Queries Executed 10 (?)
More Information
Template Usage:
  • (1)ad_footer_end
  • (1)ad_footer_start
  • (1)ad_header_end
  • (1)ad_header_logo
  • (1)ad_navbar_below
  • (9)bbcode_code_printable
  • (19)bbcode_quote_printable
  • (1)footer
  • (1)gobutton
  • (1)header
  • (1)headinclude
  • (6)option
  • (1)pagenav
  • (1)pagenav_curpage
  • (3)pagenav_pagelink
  • (1)post_thanks_navbar_search
  • (1)printthread
  • (40)printthreadbit
  • (1)spacer_close
  • (1)spacer_open 
Phrase Groups Available:
  • global
  • postbit
  • showthread
Included Files:
  • ./printthread.php
  • ./global.php
  • ./includes/init.php
  • ./includes/class_core.php
  • ./includes/config.php
  • ./includes/functions.php
  • ./includes/class_hook.php
  • ./includes/modsystem_functions.php
  • ./includes/class_bbcode_alt.php
  • ./includes/class_bbcode.php
  • ./includes/functions_bigthree.php 
Hooks Called:
  • init_startup
  • init_startup_session_setup_start
  • init_startup_session_setup_complete
  • cache_permissions
  • fetch_threadinfo_query
  • fetch_threadinfo
  • fetch_foruminfo
  • style_fetch
  • cache_templates
  • global_start
  • parse_templates
  • global_setup_complete
  • printthread_start
  • pagenav_page
  • pagenav_complete
  • bbcode_fetch_tags
  • bbcode_create
  • bbcode_parse_start
  • bbcode_parse_complete_precache
  • bbcode_parse_complete
  • printthread_post
  • printthread_complete