vb.org Archive

vb.org Archive (https://vborg.vbsupport.ru/index.php)
-   vB3 Programming Discussions (https://vborg.vbsupport.ru/forumdisplay.php?f=15)
-   -   Weak password getting hack (https://vborg.vbsupport.ru/showthread.php?t=309752)

PAKIDIL 03-21-2014 07:03 AM
Weak password getting hack
 
Hi,

I am noticing some activities in my forum from a person. What I have seen is he is hacking those password which is set to weak and couldn't hack strong password.

What I wanted to know, how come he is hacking the weak password if my site is not being hacked? how can I diagnose this thing?

Also what is the strong password length?

Kindly help thanks

ForceHSS 03-21-2014 08:23 AM
tell your uses to users this http://strongpasswordgenerator.com

ozzy47 03-21-2014 10:56 AM
What I would do is install this mod, which will require your members to use stronger passwords, Minimum Password Length

Then follow the instructions here, to force users to reset their passwords, Force Password Reset

Max Taxable 03-21-2014 11:02 AM
AdminCP>Users>Check Vulnerable Passwords

Will at least catch all accounts that may have same password as username.

PAKIDIL 03-21-2014 12:04 PM
Quote:
Originally Posted by ozzy47 (Post 2488711)
What I would do is install this mod, which will require your members to use stronger passwords, Minimum Password Length

Then follow the instructions here, to force users to reset their passwords, Force Password Reset
Thanks One question is

Code:
UPDATE `usergroup` SET `passwordexpires` = '730' WHERE `usergroup`.`usergroupid` !=6;
how to run this query in ACP ?

ozzy47 03-21-2014 12:16 PM
ACP --> Maintenance --> Execute SQL Query

Make sure your userid is set to be able to run queries via the config file.

Code:
        //        ****** USERS WITH QUERY RUNNING PERMISSIONS ******
        //        The users specified here will be allowed to run queries from the control panel.
        //        See the above entries for more information on the format.
        //        Please note that the ability to run queries is quite powerful. You may wish
        //        to remove all user IDs from this list for security reasons.
$config['SpecialUsers']['canrunqueries'] = 'X';


All times are GMT. The time now is 01:09 AM.

Powered by vBulletin® Version 3.8.12 by vBS
Copyright ©2000 - 2025, vBulletin Solutions Inc.

X vBulletin 3.8.12 by vBS Debug Information
  • Page Generation 0.01584 seconds
  • Memory Usage 1,720KB
  • Queries Executed 10 (?)
More Information
Template Usage:
  • (1)ad_footer_end
  • (1)ad_footer_start
  • (1)ad_header_end
  • (1)ad_header_logo
  • (1)ad_navbar_below
  • (2)bbcode_code_printable
  • (1)bbcode_quote_printable
  • (1)footer
  • (1)gobutton
  • (1)header
  • (1)headinclude
  • (6)option
  • (1)post_thanks_navbar_search
  • (1)printthread
  • (6)printthreadbit
  • (1)spacer_close
  • (1)spacer_open 
Phrase Groups Available:
  • global
  • postbit
  • showthread
Included Files:
  • ./printthread.php
  • ./global.php
  • ./includes/init.php
  • ./includes/class_core.php
  • ./includes/config.php
  • ./includes/functions.php
  • ./includes/class_hook.php
  • ./includes/modsystem_functions.php
  • ./includes/class_bbcode_alt.php
  • ./includes/class_bbcode.php
  • ./includes/functions_bigthree.php 
Hooks Called:
  • init_startup
  • init_startup_session_setup_start
  • init_startup_session_setup_complete
  • cache_permissions
  • fetch_threadinfo_query
  • fetch_threadinfo
  • fetch_foruminfo
  • style_fetch
  • cache_templates
  • global_start
  • parse_templates
  • global_setup_complete
  • printthread_start
  • bbcode_fetch_tags
  • bbcode_create
  • bbcode_parse_start
  • bbcode_parse_complete_precache
  • bbcode_parse_complete
  • printthread_post
  • printthread_complete