Version: 1.00, by Scott MacVicar
Developer Last Online: Mar 2016
Version: 2.2.x
Rating:
Released: 05-11-2002
Last Update: Never
Installs: 4
No support by the author.
Someone requested this on vBulletin.com real quick hack not really a major thing but I'll do it anyway.
open global.php and find
PHP Code:
// check that board is active - if not admin, then display error
if (!$bbactive) {
if (!$permissions['cancontrolpanel']) {
eval("standarderror(\"".str_replace("\'", "'", addslashes($bbclosedreason))."\");");
exit;
}
}
change to
PHP Code:
unset($board_closed);
// check that board is active - if not admin, then display error
if (!$bbactive) {
if (!$permissions['cancontrolpanel']) {
eval("standarderror(\"".str_replace("\'", "'", addslashes($bbclosedreason))."\");");
exit;
}
else {
$board_closed = "<center><b>The board is currently closed to non admins</b></center>";
}
}
then in whatever template you want add $board_closed, i just added it to the header template at the very top.
Show Your Support
This modification may not be copied, reproduced or published elsewhere without author's permission.
no i dont...
and yes it is true im not a stupid newb that would run around with a keylogger/trojan on my computer and i kinda run a big gaming site that used to have to do with hacking games.
and this guy is just using a exploit in the php i believe he says he doesnt even have to use the admin panel and he doesnt use it. He leaves no logs in the admin panel and no admin can prune the admin panel and we have no hacks that allow you to edit thephp files within the panel. its just one of vbb's many bugs...the first time this happened it was with the cookie hack...which they supposely fixed with the new db_sql.php file but from what i hear you can still access the accounts threw the usercp..i havent done any testing. But i still do notunderstand how he could admin hisself....unban people and even deadmin everyone and demod everyone without being admin. but today he took a bold step and admined himself thats how i figured out who it was and then i had a long talk with his isp....he shouldnt be online much longer.
and one more thing vbb is a bad ass forum way better then phpbb2...but has a few security issues that need to be delt with...but i guess any forum will have htem no mater what....it just takes some time to find them.
edit:spelling
oh and one more thing ian...i had a look at your forums and how you say i got a problems and yes i do...with big forums you get more problems...lemme tell you how many members weve had...5k from phpbb2 2.5k from first version of vbb we ran..then we decided to get a new db and have a hole new outlook on the forums and so far since sunday night 700 members
Yes, our forum is still small because we havn't got the mainpage up yet...
What's your php version? If it''s lower than 4.12 you should consider upgrading to patch that security hole. Also, are you sure he doesn't have direct access to the database? This is most likely because than he wouldn't have to go through the control panel... You really post this problem at the vBulletin.com forums, they could probably help you more.
its 4.0.6 php and no he has no access to the phpmyadmin i change the directory a few times a day to make sure and it has .htaccess on it they are once again threating me to take my site down but i have no plans on retaliating on them...im just going to report them and leave it at that...this [better wash my mouth][better wash my mouth][better wash my mouth][better wash my mouth] is getting old mad fast im thinking about closing down my site completely....im tired of this [better wash my mouth][better wash my mouth][better wash my mouth][better wash my mouth].
Reminder to admin when the board is off Details »»
About Developer
Visit Web Site
No support by the author.
05-18-2002, 12:40 AM
