vb.org Archive

vb.org Archive (https://vborg.vbsupport.ru/index.php)
-   vBulletin 3.6 Add-ons (https://vborg.vbsupport.ru/forumdisplay.php?f=194)
-   -   Administrative and Maintenance Tools - EPC Log-in Detector (https://vborg.vbsupport.ru/showthread.php?t=157134)

blogtorank 09-05-2007 10:00 PM
EPC Log-in Detector
 
EPC Log-in Detector

Description:

ALL Admins will be notified of who tried to attempt successfully and not successfully to login to your forums and admincp. As this will notify ALL the admins of the offending or not offending person's username used and their IP.

Simple modification and thought we would share this file edit with the rest if they wanted to use this. Here is an example e-mail with the following:
Quote:
from Testing
to
date Sep 5, 2007 9:43 PM
subject Bad login
mailed-by
'theirip' was found trying to login to the account admin. Please investigate this as soon as you can
Edits to be made:

***Warning: Before you make edits, do a back of the following files before commencing:

PHP Code:
/includes/functions_login.php
/login.php 
PHP Code:
go to /includes/functions_login.php:

Find:

        if (($strikes_user['strikes'] % == 0) AND $user $vbulletin->db->query_first("SELECT userid, username, email, languageid FROM " TABLE_PREFIX "user WHERE username = '" $vbulletin->db->escape_string($username) . "' AND usergroupid <> 3"))
        { // they've got it wrong 5 times for this user lets email them
            $ip IPADDRESS;
            eval(fetch_email_phrases('accountlocked'$user['languageid']));
            vbmail($user['email'], $subject$messagetrue);

Add Under:

///code added by EPC Login Detector
$ip IPADDRESS;
$subject="Bad login -  5 tries";
$message="'$ip' was found trying to login to the account  ".$vbulletin->GPC['vb_login_username']." and was blocked. Please investigate  this as soon as you can.";
$admin =  $vbulletin->db->query_read_slave("SELECT * FROM `user` WHERE `usertitle` =  'Administrator' limit 0,3000");
while ($item =  $vbulletin->db->fetch_array($admin)) {
vbmail($item['email'], $subject,  $messagetrue);
}
//code end by EPC Login Detector 

+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++

go to /login.php

Find:

    if (!verify_authentication($vbulletin->GPC['vb_login_username'], $vbulletin->GPC['vb_login_password'], $vbulletin->GPC['vb_login_md5password'], $vbulletin->GPC['vb_login_md5password_utf'], $vbulletin->GPC['cookieuser'], true))
    {

 Add under:

        ///code added by EPC Login Detector
        $ip IPADDRESS;
           $subject="Bad login";
        $message="'$ip' was found trying to login to the account ".$vbulletin->GPC['vb_login_username'].". Please investigate this as soon as you can.";
        $admin $vbulletin->db->query_read_slave("SELECT * FROM `user` WHERE `usertitle` = 'Administrator' limit 0,3000");
        while ($item $db->fetch_array($admin)) {
          vbmail($item['email'], $subject$messagetrue);
        }
        //code end by EPC Login Detector    

 Find:

            // log this error if attempting to access the control panel
            require_once(DIR '/includes/functions_log_error.php');
            log_vbulletin_error($vbulletin->GPC['vb_login_username'], 'security');

 Add under:

        ///code added by EPC Login Detector
        $ip IPADDRESS;
           $subject="ADMIN AREA: Bad login";
        $message="'$ip' was found trying to login to the account ".$vbulletin->GPC['vb_login_username'].". Please investigate this as soon as you can.";
        $admin $vbulletin->db->query_read_slave("SELECT * FROM `user` WHERE `usertitle` = 'Administrator' limit 0,3000");
        while ($item $db->fetch_array($admin)) {
          vbmail($item['email'], $subject$messagetrue);
        }
        //code end EPC Login Detector

 Find:

        $vbulletin->userinfo $original_userinfo;

        if ($vbulletin->options['usestrikesystem'])
        {
            eval(standard_error(fetch_error('badlogin_strikes'$vbulletin->options['bburl'], $vbulletin->session->vars['sessionurl'], $strikes)));
        }
        else
        {
            eval(standard_error(fetch_error('badlogin'$vbulletin->options['bburl'], $vbulletin->session->vars['sessionurl'])));
        }

    }

 Add under:

    ///code added by EPC Login Detector
        $ip IPADDRESS;
           $subject="Successeful login";
        $message="'$ip' logged into the account ".$vbulletin->GPC['vb_login_username'].". Please investigate this as soon as you can.";
        $admin $vbulletin->db->query_read_slave("SELECT * FROM `user` WHERE `usertitle` = 'Administrator' limit 0,3000");
        while ($item $db->fetch_array($admin)) {
          vbmail($item['email'], $subject$messagetrue);
        }
   //code end EPC Login Detector 
That's it!

Summary:

This is only for the ones that want to be notified when there is a unsuccessful login to their forums and to notify the admins. Just a thing we "feel" that vBulletin should implement within their core due to security reasons for forums. It would benefit on seeing who and what is happening for a forums when there is an attempted breach of security of the forums. So whomever had more ideas on how to expand this feel free to update here with ideas or share code of making this better!

WarLion 09-06-2007 03:56 AM
this is asome i will try rigth now
looks really usefull thanks

blogtorank 09-06-2007 04:00 AM
Works nice, because if you value your community and the security of it surely this will come in handy! Takes a total of 2 mins to mod 2 files and you are done! Thanks for the compliments.

WarLion 09-06-2007 04:13 AM
your welcome i already install but i have one little question how i can test it it works if i try with a wrong pass for my admin user?
or how i can test it, i try by myself but i havent recive any email.

will be great if you make it to send a pm also.

blogtorank 09-06-2007 04:18 AM
Well it should send out using your mail server automatically alerting the admins...

Simply type in anything like:

admin ///// sdkfjsadlfksadlfhsadf

Then you'll get a e-mail sent to your admins stating Bad Login ;)

WarLion 09-06-2007 04:31 AM
ok i try enter 5 times wrong pass to close the acount and i only recive the email from vbulletin
after i try one more time , and error apear

Fatal error: Call to a member function on a non-object in /home/warlion/public_html/foro/includes/functions_login.php on line 86
that line for me is this one
while ($item = $db->fetch_array($admin)) {

blogtorank 09-06-2007 04:54 AM
Checking into that for you now.

blogtorank 09-06-2007 05:07 AM
Replace your code on that file with the following:

PHP Code:
 ///code added by EPC Login Detector
$ip IPADDRESS;
$subject="Bad login -  5 tries";
$message="'$ip' was found trying to login to the account  ".$vbulletin->GPC['vb_login_username']." and was blocked. Please investigate  this as soon as you can.";
$admin =  $vbulletin->db->query_read_slave("SELECT * FROM `user` WHERE `usertitle` =  'Administrator' limit 0,3000");
while ($item =  $vbulletin->db->fetch_array($admin)) {
vbmail($item['email'], $subject,  $messagetrue);
}
//code end by EPC Login Detector 
Updated the hack's How To!

jluerken 09-06-2007 07:07 AM
Great, thanks. This should become vB standard

Cybertims 09-06-2007 07:33 AM
One thing you should mention though, it seems this will only send an email if your user tite is Administrator, coud you not have it send the email to all in the admin usergroup?

What if the admin has changed his usertitle?

Cheers

valdet 09-06-2007 09:31 AM
Quote:
Originally Posted by Cybertims (Post 1333422)
One thing you should mention though, it seems this will only send an email if your user tite is Administrator, coud you not have it send the email to all in the admin usergroup?

What if the admin has changed his usertitle?

Cheers
In this case I use the Admin usergroupid

Find:
Quote:
>query_read_slave("SELECT * FROM `user` WHERE `usertitle` = 'Administrator' limit 0,3000");
Replace with:
Quote:
>query_read_slave("SELECT * FROM `user` WHERE `usergroupid` = '6' limit 0,3000");

But wait.. wanna limit only to your Admin account and not to some other admins..
Quote:
>query_read_slave("SELECT * FROM `user` WHERE `usergroupid` = '6' AND `username` = 'yourADMINusername' limit 0,3000");
Have fun...

WarLion 09-06-2007 08:48 PM
Quote:
Originally Posted by valdet (Post 1333460)
In this case I use the Admin usergroupid

Find:


Replace with:



But wait.. wanna limit only to your Admin account and not to some other admins..


Have fun...
ooooooooo meaby this is my problem cuz i have custom user title i will try one more time thaanks for this

edit:
:D:D:D:D:D:D that was my problem now i recive all the types of message i guess you need to change your code with usergroupid insted administratos and will work for all kind thank you so much

Dr.NoTime 09-07-2007 12:40 PM
Hi,

Nice mod, thanks.

Question. Can I modify it to only notify if someone logs in unsuccessfully?

apiasto 09-07-2007 02:52 PM
very nice idea, will it work on 3.6.7

Fraxter 09-07-2007 04:06 PM
I become an error if i want log in in my acp:

Quote:
Datenbankfehler in vBulletin 3.6.8:

Invalid SQL:
SELECT * FROM `user` WHERE `usertitle` = 'Administrator' limit 0,3000;

MySQL-Fehler : Table 'dax0801.user' doesn't exist
Fehler-Nr. : 1146
Datum : Friday, September 7th 2007 @ 05:05:57 PM
Skript : http://xxx/login.php
Referrer : http://xxx/admincp/index.php
IP-Adresse : xxx
Benutzername : xxx
Klassenname : vB_Database
Can anyone help me with my problem?

C_P 09-07-2007 06:37 PM
I selected Installed only after adding valdet's code suggestion that works great! SMF has a similar mod built in to their admin CP which is a great feature.
This is nice as well.

Find:

Quote:
>query_read_slave("SELECT * FROM `user` WHERE `usertitle` = 'Administrator' limit 0,3000");
Replace with:

Quote:
>query_read_slave("SELECT * FROM `user` WHERE `usergroupid` = '6' limit 0,3000");

Also, SERIOUSLY consider this addition unless your other admins do not care to get all of these emails.
But wait.. wanna limit only to your Admin account and not to some other admins..
Quote:
>query_read_slave("SELECT * FROM `user` WHERE `usergroupid` = '6' AND `username` = 'yourADMINusername' limit 0,3000");

valdet 09-08-2007 11:10 AM
Quote:
Originally Posted by Pander23 (Post 1334318)
I become an error if i want log in in my acp:



Can anyone help me with my problem?
That is because your usergroup title for Administrator is probably different. Check the workaround couple of posts above and that should work..

All credits go out to blogtorank for this great idea, and you are free to add my suggestion to your original hack.

Thanks, Val.

yoyoyoyo 10-05-2007 07:37 PM
Typo: Successeful login
should be: Successful login

Also, is there anyway to stop it from sending e-mail to me when I login from a certain IP address? I hate getting e-mails each time I login, and would only like to recieve them if someone rather than myself logs in

Iskib 10-12-2007 12:17 PM
--------------------------------------------------------------------------------

I purchased the full version of another one of this guys products. It has been 5 days and still not able to download it. They have asked for information which I have sent and still the file is not there to download.

I have sent 3 support tickets with no response.

************WARNING**************

STAY AWAY

SuperTaz 10-17-2007 08:42 AM
Can you make it so that regular users can not log into the ModCP as well as the AdminCP? If someone does, that does not have the permissions for either one, a pm or thread will be created to notify all admins and moderators.

Mrdby 10-18-2007 03:03 AM
update?

therogueforums 12-10-2007 11:20 AM
Hey...

I installed this, and now I, nor any other admin, can login to the ACP- whatsoever. We're locked out, even though we are inputting the correct passwords. What gives man?!@?

therogueforums 01-16-2008 07:34 AM
I'd like to try this hack again, but am extremely weary of the last go round, and STILL no response...


All times are GMT. The time now is 10:17 AM.

Powered by vBulletin® Version 3.8.12 by vBS
Copyright ©2000 - 2025, vBulletin Solutions Inc.

X vBulletin 3.8.12 by vBS Debug Information
  • Page Generation 0.01289 seconds
  • Memory Usage 1,845KB
  • Queries Executed 10 (?)
More Information
Template Usage:
  • (1)ad_footer_end
  • (1)ad_footer_start
  • (1)ad_header_end
  • (1)ad_header_logo
  • (1)ad_navbar_below
  • (3)bbcode_php_printable
  • (8)bbcode_quote_printable
  • (1)footer
  • (1)gobutton
  • (1)header
  • (1)headinclude
  • (6)option
  • (1)post_thanks_navbar_search
  • (1)printthread
  • (23)printthreadbit
  • (1)spacer_close
  • (1)spacer_open 
Phrase Groups Available:
  • global
  • postbit
  • showthread
Included Files:
  • ./printthread.php
  • ./global.php
  • ./includes/init.php
  • ./includes/class_core.php
  • ./includes/config.php
  • ./includes/functions.php
  • ./includes/class_hook.php
  • ./includes/modsystem_functions.php
  • ./includes/class_bbcode_alt.php
  • ./includes/class_bbcode.php
  • ./includes/functions_bigthree.php 
Hooks Called:
  • init_startup
  • init_startup_session_setup_start
  • init_startup_session_setup_complete
  • cache_permissions
  • fetch_threadinfo_query
  • fetch_threadinfo
  • fetch_foruminfo
  • style_fetch
  • cache_templates
  • global_start
  • parse_templates
  • global_setup_complete
  • printthread_start
  • bbcode_fetch_tags
  • bbcode_create
  • bbcode_parse_start
  • bbcode_parse_complete_precache
  • bbcode_parse_complete
  • printthread_post
  • printthread_complete