Go Back   vb.org Archive > vBulletin 3 Discussion > vB3 General Discussions
FAQ Community Calendar Today's Posts Search

Closed Thread
 
Thread Tools Display Modes
  #1  
Old 12-14-2013, 06:14 AM
blastme blastme is offline
 
Join Date: Nov 2006
Posts: 31
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default What Does This Code Mean ?

A member did a page source view of a post on my site and took a screenshot of it. Its the one I have attached.

This member claims the code means I have the admin log in as user hack installed on my site. But its not installed nor has it ever been. So now this member is spreading rumors that an admin on my site has been logging in as a user and making posts.

So was wondering if someone could shed some light on this.

TIA
Attached Images
File Type: png vbsetcookie.png (84.8 KB, 0 views)
  #2  
Old 12-14-2013, 06:24 AM
ozzy47's Avatar
ozzy47 ozzy47 is offline
 
Join Date: Jul 2009
Location: USA
Posts: 10,929
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

If that code is in your source code, then it is from this mod, https://vborg.vbsupport.ru/showthread.php?t=168819
  #3  
Old 12-14-2013, 06:36 AM
ForceHSS ForceHSS is offline
 
Join Date: Apr 2008
Posts: 6,357
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

I would ban the user or at least give him a warning after all he is a member you are the owner
Благодарность от:
blastme
  #4  
Old 12-14-2013, 09:31 AM
ShawneyJ's Avatar
ShawneyJ ShawneyJ is offline
 
Join Date: Jul 2006
Location: Australia
Posts: 1,758
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

Quote:
Originally Posted by ozzy47 View Post
If that code is in your source code, then it is from this mod, https://vborg.vbsupport.ru/showthread.php?t=168819
yes, indeed that is the hack the source code is from. in my option, theres one place you can see this source code, (only if hack is installed) and thats in "Admin Log In As User" "fetch_userinfo_query" in plug in section Plugin Manager. which im guessing built into xml.

if a guest/member was to view the source of this members admin profile without the plug in installed. all they will see is:

Code:
<!-- Start Admin Log In As User -->
<li class="thead"><a href="index.php?u=26971&amp;admin_log_in_as_user=+++">Log In As This User</a></li>
<!-- End Admin Log In As User -->
correct me if im wrong.

because i did see an option to edit memberinfo template to add:
Code:
<!-- Start Admin Log In As User -->
$admin_log_in_as_user_link
<!-- End Admin Log In As User -->
blastme, it really is easy for a member to stir trouble on a forum and say take a screen cap of example this: see in attachment. which i got from: http://pastebin.com/9HJw2W31 thx to google. also if this hack did let the public see its source, you would think google would paste it all over the net in search example "!$processed_admin_log_in_as_user" :erm:

maybe double check in Plugin Manager for any tracers. but sure do believe you. can you find where this source if found like on what page of your forum?
Attached Images
File Type: jpg log.JPG (8.4 KB, 0 views)
2 благодарности(ей) от:
blastme, tbworld
  #5  
Old 12-14-2013, 02:54 PM
blastme blastme is offline
 
Join Date: Nov 2006
Posts: 31
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

Quote:
Originally Posted by ShawneyJ View Post
yes, indeed that is the hack the source code is from. in my option, theres one place you can see this source code, (only if hack is installed) and thats in "Admin Log In As User" "fetch_userinfo_query" in plug in section Plugin Manager. which im guessing built into xml.

if a guest/member was to view the source of this members admin profile without the plug in installed. all they will see is:

Code:
<!-- Start Admin Log In As User -->
<li class="thead"><a href="index.php?u=26971&amp;admin_log_in_as_user=+++">Log In As This User</a></li>
<!-- End Admin Log In As User -->
correct me if im wrong.

because i did see an option to edit memberinfo template to add:
Code:
<!-- Start Admin Log In As User -->
$admin_log_in_as_user_link
<!-- End Admin Log In As User -->
blastme, it really is easy for a member to stir trouble on a forum and say take a screen cap of example this: see in attachment. which i got from: http://pastebin.com/9HJw2W31 thx to google. also if this hack did let the public see its source, you would think google would paste it all over the net in search example "!$processed_admin_log_in_as_user" :erm:

maybe double check in Plugin Manager for any tracers. but sure do believe you. can you find where this source if found like on what page of your forum?


Guess I am not understanding because the hack is not installed. I do not have log in as this user in the drop down menu of quick user links and never have. It does not show up as an option in administrator permissions.


How would I double check in plugin manager for any tracers. ? The member said that he right clicked on a post on my site, click on view source code and that is where the code came from. I don't see it when I try it but than he'll say I had it installed and removed it.


I never even knew there was a hack like this.
  #6  
Old 12-14-2013, 02:56 PM
ozzy47's Avatar
ozzy47 ozzy47 is offline
 
Join Date: Jul 2009
Location: USA
Posts: 10,929
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

If you want PM me a admin account and a link to the site and I can check it out for you.
Благодарность от:
blastme
  #7  
Old 12-14-2013, 03:42 PM
Max Taxable's Avatar
Max Taxable Max Taxable is offline
 
Join Date: Feb 2011
Posts: 3,134
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

Quote:
Originally Posted by blastme View Post
Guess I am not understanding because the hack is not installed. I do not have log in as this user in the drop down menu of quick user links and never have. It does not show up as an option in administrator permissions.


How would I double check in plugin manager for any tracers. ? The member said that he right clicked on a post on my site, click on view source code and that is where the code came from. I don't see it when I try it but than he'll say I had it installed and removed it.


I never even knew there was a hack like this.
Dude might be just making it up in a attempt to discredit you.
  #8  
Old 12-14-2013, 03:56 PM
ozzy47's Avatar
ozzy47 ozzy47 is offline
 
Join Date: Jul 2009
Location: USA
Posts: 10,929
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

It's entirely possible, that's why I want to have a look around.
Благодарность от:
Max Taxable
  #9  
Old 12-14-2013, 09:46 PM
blastme blastme is offline
 
Join Date: Nov 2006
Posts: 31
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

This is the screen shot that member posted on another site with saying it proves I have that hack installed.
Attached Images
File Type: jpg NCN-AdminLoginAsUserA.jpg (102.5 KB, 0 views)
  #10  
Old 12-14-2013, 09:56 PM
blastme blastme is offline
 
Join Date: Nov 2006
Posts: 31
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

Quote:
Originally Posted by ozzy47 View Post
If you want PM me a admin account and a link to the site and I can check it out for you.

Sent you a PM.
Closed Thread


Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump


All times are GMT. The time now is 05:28 AM.


Powered by vBulletin® Version 3.8.12 by vBS
Copyright ©2000 - 2024, vBulletin Solutions Inc.
X vBulletin 3.8.12 by vBS Debug Information
  • Page Generation 0.05568 seconds
  • Memory Usage 2,297KB
  • Queries Executed 14 (?)
More Information
Template Usage:
  • (1)SHOWTHREAD
  • (1)ad_footer_end
  • (1)ad_footer_start
  • (1)ad_header_end
  • (1)ad_header_logo
  • (1)ad_navbar_below
  • (1)ad_showthread_beforeqr
  • (1)ad_showthread_firstpost
  • (1)ad_showthread_firstpost_sig
  • (1)ad_showthread_firstpost_start
  • (4)bbcode_code
  • (4)bbcode_quote
  • (1)footer
  • (1)forumjump
  • (1)forumrules
  • (1)gobutton
  • (1)header
  • (1)headinclude
  • (1)navbar
  • (3)navbar_link
  • (120)option
  • (1)pagenav
  • (1)pagenav_curpage
  • (2)pagenav_pagelink
  • (10)post_thanks_box
  • (5)post_thanks_box_bit
  • (10)post_thanks_button
  • (1)post_thanks_javascript
  • (1)post_thanks_navbar_search
  • (4)post_thanks_postbit
  • (10)post_thanks_postbit_info
  • (10)postbit
  • (3)postbit_attachment
  • (10)postbit_onlinestatus
  • (10)postbit_wrapper
  • (1)spacer_close
  • (1)spacer_open
  • (1)tagbit_wrapper 

Phrase Groups Available:
  • global
  • inlinemod
  • postbit
  • posting
  • reputationlevel
  • showthread
Included Files:
  • ./showthread.php
  • ./global.php
  • ./includes/init.php
  • ./includes/class_core.php
  • ./includes/config.php
  • ./includes/functions.php
  • ./includes/class_hook.php
  • ./includes/modsystem_functions.php
  • ./includes/functions_bigthree.php
  • ./includes/class_postbit.php
  • ./includes/class_bbcode.php
  • ./includes/functions_reputation.php
  • ./includes/functions_post_thanks.php 

Hooks Called:
  • init_startup
  • init_startup_session_setup_start
  • init_startup_session_setup_complete
  • cache_permissions
  • fetch_postinfo_query
  • fetch_postinfo
  • fetch_threadinfo_query
  • fetch_threadinfo
  • fetch_foruminfo
  • style_fetch
  • cache_templates
  • global_start
  • parse_templates
  • global_setup_complete
  • showthread_start
  • showthread_getinfo
  • forumjump
  • showthread_post_start
  • showthread_query_postids
  • showthread_query
  • bbcode_fetch_tags
  • bbcode_create
  • showthread_postbit_create
  • postbit_factory
  • postbit_display_start
  • post_thanks_function_post_thanks_off_start
  • post_thanks_function_post_thanks_off_end
  • post_thanks_function_fetch_thanks_start
  • fetch_musername
  • post_thanks_function_fetch_thanks_end
  • post_thanks_function_thanked_already_start
  • post_thanks_function_thanked_already_end
  • postbit_imicons
  • bbcode_parse_start
  • bbcode_parse_complete_precache
  • bbcode_parse_complete
  • postbit_attachment
  • postbit_display_complete
  • post_thanks_function_can_thank_this_post_start
  • post_thanks_function_fetch_thanks_bit_start
  • post_thanks_function_show_thanks_date_start
  • post_thanks_function_show_thanks_date_end
  • post_thanks_function_fetch_thanks_bit_end
  • post_thanks_function_fetch_post_thanks_template_start
  • post_thanks_function_fetch_post_thanks_template_end
  • pagenav_page
  • pagenav_complete
  • tag_fetchbit_complete
  • forumrules
  • navbits
  • navbits_complete
  • showthread_complete