vb.org Archive

vb.org Archive (https://vborg.vbsupport.ru/index.php)
-   vBulletin 3.0 Beta Releases (https://vborg.vbsupport.ru/forumdisplay.php?f=34)
-   -   Security Password for Admincp Hacks (https://vborg.vbsupport.ru/showthread.php?t=70412)

AnhTuanCool 10-09-2004 10:00 PM

Security Password for Admincp Hacks
 
Security Password for Admincp Hacks
by AnhTuanCool

Quick Stats:
Version 1.0.2
Tested full functionally on vBulletin 3.0.3
Time to install: no more than 2 min
File to edit: 4
Template to edit: None
Query to run: None

What this hack does:
Add an additional Password for ACP which is only known by insiders if intentional or unintentional someone could get your current account and do the bad things to your board, this password is assign to all current administrator and only can be changed by the superadministrator*.

Updated:
Upgrade from v1.0.0
Fixed bug that not allow normal member to login

Install:
I had includes the installation file so that you don't have to move much which is always discourage people with long instruction. Included the installation file, download and upload the two files onto your forumroot/admincp/ directory, run the file acppassword_install.php from your admincp and follow it closely.

Disclaimer:
Of course do not forget to back-up your file before uploading it.
Do NOT stop the installation while it isn't finished yet, this can cause you more trouble.

*Be a superadministrator
If you are the webmaster of your site, then you probably can use FTP or another way - edit the source code, you will need to edit the $superadministrators variable in the includes/config.php file to be a superadministrator or you can add some of trusted people, in order to reset this password.

To allow the administrators to access this page, edit the variable to include the user IDs of those administrators should have access, separating each user ID with a comma, like this:

$superadministrators = '1,25,57';

To allow only a single administrator to access this page, simply add that user's ID with no commas, like this:

$superadministrators = '1';

Note: This hack assigns the security password for all current administrators, so if you set someone to administrator, you will have to reset the password in order to allow him to ACP.

Screenshots:
Attachment

NOTE: INSTALL as your OWN risk. This hack has a serious side-effect on the login function. I'll try to fix it as soon as I can.

BarHopper 10-10-2004 02:09 PM

Very good, i like this one

Oblivion Knight 10-10-2004 02:28 PM

So this would be like having a HTACCESS password, but within vBulletin itself?

Could the same be applied to the modcp?

d7me4ever 10-10-2004 03:54 PM

Thanx

Nice hack

good jop

bay

AnhTuanCool 10-10-2004 06:59 PM

Quote:

Originally Posted by Oblivion Knight
So this would be like having a HTACCESS password, but within vBulletin itself?

Could the same be applied to the modcp?

This COULD be applied to the modcp, just do the install one time for both ;)

But only in admincp you can reset the password.

Blam Forumz 10-10-2004 08:17 PM

Could just apply HTACCESS ;)

yukayumi 10-10-2004 08:20 PM

Could not find the "if (!verify_authentication($username, $password, $md5password, $md5password_utf, true))" in my login.php file

Get stuck here! I wonder if someone has the same problem.

AnhTuanCool 10-10-2004 08:31 PM

To yakayumi - it IS in there(login.php), did you install another hack that involved this line. Check the attachment out first.

AnhTuanCool 10-10-2004 08:37 PM

Quote:

Originally Posted by Blam Forumz
Could just apply HTACCESS ;)

It's hard for some people. :)

PitchouneN64ngc 10-10-2004 08:50 PM

Yeah, great hack, using same password encoding like vB3 passwords ;)

* PitchouneN64ngc clicks install ^^


All times are GMT. The time now is 10:59 AM.

Powered by vBulletin® Version 3.8.12 by vBS
Copyright ©2000 - 2025, vBulletin Solutions Inc.

X vBulletin 3.8.12 by vBS Debug Information
  • Page Generation 0.01130 seconds
  • Memory Usage 1,738KB
  • Queries Executed 10 (?)
More Information
Template Usage:
  • (1)ad_footer_end
  • (1)ad_footer_start
  • (1)ad_header_end
  • (1)ad_header_logo
  • (1)ad_navbar_below
  • (2)bbcode_quote_printable
  • (1)footer
  • (1)gobutton
  • (1)header
  • (1)headinclude
  • (6)option
  • (1)pagenav
  • (1)pagenav_curpage
  • (2)pagenav_pagelink
  • (1)post_thanks_navbar_search
  • (1)printthread
  • (10)printthreadbit
  • (1)spacer_close
  • (1)spacer_open 

Phrase Groups Available:
  • global
  • postbit
  • showthread
Included Files:
  • ./printthread.php
  • ./global.php
  • ./includes/init.php
  • ./includes/class_core.php
  • ./includes/config.php
  • ./includes/functions.php
  • ./includes/class_hook.php
  • ./includes/modsystem_functions.php
  • ./includes/class_bbcode_alt.php
  • ./includes/class_bbcode.php
  • ./includes/functions_bigthree.php 

Hooks Called:
  • init_startup
  • init_startup_session_setup_start
  • init_startup_session_setup_complete
  • cache_permissions
  • fetch_threadinfo_query
  • fetch_threadinfo
  • fetch_foruminfo
  • style_fetch
  • cache_templates
  • global_start
  • parse_templates
  • global_setup_complete
  • printthread_start
  • pagenav_page
  • pagenav_complete
  • bbcode_fetch_tags
  • bbcode_create
  • bbcode_parse_start
  • bbcode_parse_complete_precache
  • bbcode_parse_complete
  • printthread_post
  • printthread_complete