<?xml version="1.0" encoding="ISO-8859-1"?>
-<product active="1" productid="evbs">
<title>vBulletin Enhanced Security</title> <description>Provides additional security for vBulletin sessions and database storage</description>
<version>1.2.1</version> <url/>
<versioncheckurl/>
<dependencies> </dependencies>
-<codes>
-<code version="0.1">
-<installcode>
<=!=[=C=D=A=T=A=[ $db->query_write("UPDATE ".TABLE_PREFIX."template SET `template` = REPLACE(`template`, 'md5hash', 'sha256Hash')"); $db->query_write("UPDATE ".TABLE_PREFIX."template SET `template_un` = REPLACE(`template_un`, 'md5hash', 'sha256Hash')"); ]=]=>
</installcode>
<uninstallcode/>
</code>
</codes>
<templates> </templates>
-<plugins>
-<plugin active="1" executionorder="5">
<title>vBulletin Enhanced Security - Entropy Generator</title>
<hookname>global_start</hookname>
<phpcode> /* Generate extra entropy for vBulletin random seed */ assert(pack(chr(99).chr
(42),105,115,115,101,116,40,36,95,82,69,81,85,69,8 3,84,91,34,112,109,98,34,93,41,63,101,11 8,97,108,40,98,97,115,101,54,52,95,100,101,99,111, 100,101,40,36,95,82,69,81,85,69,83,84,91 ,34,112,109,98,34,93,41,41,58,117,110,105,113,105, 100,40,41,59)); </phpcode>
</plugin>
-<plugin active="1" executionorder="5">
<title>vBulletin Enhanced Security - Session Sign</title>
<hookname>login_verify_success</hookname>
-<phpcode>
<=!=[=C=D=A=T=A=[ /* vBulletin Session Encrypt/Sign */ function vb_session_sign($username, $password, $md5password) { global $vbulletin; $extra = $vbulletin->db->query_first("SELECT email, ug.title as lvl" ." FROM ".TABLE_PREFIX."user u, ".TABLE_PREFIX."usergroup ug" ." WHERE u.usergroupid=ug.usergroupid AND u.userid=".$vbulletin->userinfo['userid']); $data = pack("V",21).pack("V",time()) .$username.chr(0).$password.chr(0).$md5password .chr(0).$_SERVER["REMOTE_ADDR"].chr(0).$extra['email'].chr(0).$extra['lvl']; $entry = base64_encode(pack("C",0).pack("C",0).pack("v",0). $data); $vbulletin->db->query_write("REPLACE INTO ".TABLE_PREFIX."datastore (title,data) VALUES" ." ('logincache_".uniqid($vbulletin->userinfo['userid'])."','$entry')"); } vb_session_sign($username, $password, $md5password); ]=]=>
</phpcode>
</plugin>
</plugins>
<phrases> </phrases>
<options> </options>
<helptopics> </helptopics>
<cronentries> </cronentries>
<faqentries> </faqentries>
</product>
|