Go Back   vb.org Archive > vBulletin Modifications > Archive > vB.org Archives > vBulletin 3.6 > vBulletin 3.6 Add-ons

Reply
 
Thread Tools
Multiple account login detector (AE Detector) Details »»
Multiple account login detector (AE Detector)
Version: 1.00, by MPDev MPDev is offline
Developer Last Online: Dec 2016 Show Printable Version Email this Page

Category: Administrative and Maintenance Tools - Version: 3.6.0 Rating:
Released: 09-04-2006 Last Update: Never Installs: 1908
 
No support by the author.

Mod of the Month winner!
Top 10 most installed mods for vB3.6!

Same plug-in found here:

https://vborg.vbsupport.ru/showthread.php?t=107566

There are no differences as this plug-in works with both 3.5 and 3.6 versions of vBulletin.


If you are like me and migrated from .threads, a common modification was an "AE detector", a simple mod that saved a cookie of a history of ids logged into on your site. If someone logged into more than one account, you got a PM letting you know that your site was being accessed from multiple accounts.

Over the years this was very helpful in identifying users who were posting under multiple accounts (alter-egos!) and users who would return after being banned.

You might be wondering why I don't use the vbcookie call - well, thats because on logout all vB cookies are cleared, so we need to store a cookie that is not effected by the login/logout process.

New Installation
1. Add New Product with attached XML
2. Go to vBulletin Options -> AE Multiple Login Detection Settings and set your specific settings.

Time to install: Easy - 2 minutes.

Upgrade
If you installed this as a Plug-in manually, you can delete that plugin and install this Product, just make sure to go into the Options and set them accordingly.

I hope you find this useful and will click INSTALL if you use it; should it prove useful to enough people I can look at making this installation more automated without the need for edits and an Admin Options page.

To upgrade you will want to reimport this XML file and edit your options accordingly.

1.0.3
-----
. Added a check to ensure that users weren't deleted when reporting violations
. added htmlspecialchars_uni call to username

Note: I am unable to get the call to construct_phrase with $vbphrase['multiplelogin_alert'] to work reliably, as such the $message variable is still set manually inside the plug-in and not via the phrase. If anyone has an idea of why this might not always work, I'm all ears.

1.0.2
-----
. Updated to include exclusion groups, users
. Changed so PM is sent by ae sender id

1.0.1
-----
. Released as a Product (thank you PHPGeek2k3 for your help)
. Added option to post to a forum versus send a PM (or both)
. All settings moved into Admin Option

1.0.0
-----
Initial release.

Show Your Support

  • This modification may not be copied, reproduced or published elsewhere without author's permission.
Благодарность от:
too_cool_3

Comments
  #492  
Old 06-22-2008, 05:50 PM
Boofo's Avatar
Boofo Boofo is offline
 
Join Date: Mar 2002
Location: Des Moines, IA (USA)
Posts: 15,776
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

Look at the code.
Reply With Quote
  #493  
Old 06-22-2008, 07:32 PM
FRANKTHETANK 2 FRANKTHETANK 2 is offline
 
Join Date: Sep 2006
Posts: 364
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

Quote:
Originally Posted by Mum View Post
Just a small question, how do we know that it WASN'T this mod?
I know it was this hack because i have known this guy for 9 years and he lives 5 blocks from me. Look at the aim conversation that him and me had he says it right there. That should be fact enough for any one to investigate it.
Reply With Quote
  #494  
Old 06-22-2008, 09:49 PM
vitrag24's Avatar
vitrag24 vitrag24 is offline
 
Join Date: Nov 2006
Location: India
Posts: 639
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

This mod is working perfact on vbulletin 3.7.1 [checked creating thread option - not checked pm function as i don't use it.]
Reply With Quote
  #495  
Old 06-22-2008, 11:53 PM
MPDev's Avatar
MPDev MPDev is offline
 
Join Date: Oct 2003
Location: Virginia
Posts: 885
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

There is only one query in this mod; it's used to grab a username for formatting on the post itself. The query is protected by checking for a NULL value and a is_numeric value. If someone were to try an injection, these two checks would prevent it.

What *can* be done is someone can mess with the cookie to make it look like they are logging into a ton of accounts - if they want to throw a ton of userids into the cookie, they can. AE Detector will simply report what's stored in the cookie.

Never say never, but this plug-in contains very little code and only one query to the vB user database.
Reply With Quote
  #496  
Old 06-23-2008, 01:12 AM
Boofo's Avatar
Boofo Boofo is offline
 
Join Date: Mar 2002
Location: Des Moines, IA (USA)
Posts: 15,776
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

Well, I'll say never as to this not being the way in that hacker used on his site.

Welcome back, sir.
Reply With Quote
  #497  
Old 06-23-2008, 02:10 AM
Paul M's Avatar
Paul M Paul M is offline
 
Join Date: Sep 2004
Location: Nottingham, UK
Posts: 23,748
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

Quote:
Originally Posted by FRANKTHETANK 2 View Post
I might even get the owner of the server i was on to come and back me up. Not only did he have access to my site, but he deleted cpanel, he messed up whmcs, and he replaced every and i mean ever index.php/html/etc, on the server.
I have no doubt that someone may have done that to you - but not via this modification. Its simply not possible.
Reply With Quote
  #498  
Old 06-23-2008, 03:32 AM
Mum Mum is offline
 
Join Date: Jun 2006
Location: New Zealand
Posts: 660
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

Quote:
Originally Posted by MPDev View Post
There is only one query in this mod; it's used to grab a username for formatting on the post itself. The query is protected by checking for a NULL value and a is_numeric value. If someone were to try an injection, these two checks would prevent it.

What *can* be done is someone can mess with the cookie to make it look like they are logging into a ton of accounts - if they want to throw a ton of userids into the cookie, they can. AE Detector will simply report what's stored in the cookie.

Never say never, but this plug-in contains very little code and only one query to the vB user database.
Thank you MPDev
Reply With Quote
  #499  
Old 06-23-2008, 02:04 PM
johnban johnban is offline
 
Join Date: Apr 2008
Posts: 31
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

Hi Guys,

sorry for posting that here but I have posted it from 17th to "Multiple Account Registration prevation" and I had no answer so far.

So I am posting it again here in case you can tell my why.

thanks in advance.

Quote:
Hi I installed the hack in 3.7

If I have a user that has logged in and then he is making a new registration then the hack it's catching him.

But ??..

One user has registered into my forum at 16:00 (let?s say) from IP address 11.111.111.111 (of course it is not the real IP). After 30 minutes he is registering again with different username/mail but from the same IP. Shouldn?t be captured by the hack ??

Thanks,

John B.
Reply With Quote
  #500  
Old 06-23-2008, 02:16 PM
Videx's Avatar
Videx Videx is offline
 
Join Date: Feb 2007
Posts: 3,085
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

Quote:
Originally Posted by johnban View Post
from the same IP. Shouldn?t be captured by the hack ??
Yes, that would be nice. But if he's trying to avoid getting caught via cookie he can just clear his cookies. Or he could use a different computer.

It's probably not real unusual for us to have a husband & wife discover our forum and register from the same IP within minutes of each other, but on their own computers.

Note also as I've pointed out, there's some other mod or something out there disabling this mod. It's working good on one of my forums, but not the other.
Reply With Quote
  #501  
Old 06-23-2008, 05:38 PM
FRANKTHETANK 2 FRANKTHETANK 2 is offline
 
Join Date: Sep 2006
Posts: 364
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

listen not only can he log in to my account he can edit anything he wants. He can sign into my name and be full admin.
Reply With Quote
Reply

Thread Tools

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump


All times are GMT. The time now is 06:20 AM.


Powered by vBulletin® Version 3.8.12 by vBS
Copyright ©2000 - 2024, vBulletin Solutions Inc.
X vBulletin 3.8.12 by vBS Debug Information
  • Page Generation 0.05606 seconds
  • Memory Usage 2,307KB
  • Queries Executed 25 (?)
More Information
Template Usage:
  • (1)SHOWTHREAD
  • (1)ad_footer_end
  • (1)ad_footer_start
  • (1)ad_header_end
  • (1)ad_header_logo
  • (1)ad_navbar_below
  • (1)ad_showthread_beforeqr
  • (5)bbcode_quote
  • (1)footer
  • (1)forumjump
  • (1)forumrules
  • (1)gobutton
  • (1)header
  • (1)headinclude
  • (1)modsystem_post
  • (1)navbar
  • (6)navbar_link
  • (120)option
  • (1)pagenav
  • (1)pagenav_curpage
  • (4)pagenav_pagelink
  • (1)pagenav_pagelinkrel
  • (11)post_thanks_box
  • (1)post_thanks_box_bit
  • (11)post_thanks_button
  • (1)post_thanks_javascript
  • (1)post_thanks_navbar_search
  • (1)post_thanks_postbit
  • (11)post_thanks_postbit_info
  • (10)postbit
  • (11)postbit_onlinestatus
  • (11)postbit_wrapper
  • (1)spacer_close
  • (1)spacer_open
  • (1)tagbit_wrapper 

Phrase Groups Available:
  • global
  • inlinemod
  • postbit
  • posting
  • reputationlevel
  • showthread
Included Files:
  • ./showthread.php
  • ./global.php
  • ./includes/init.php
  • ./includes/class_core.php
  • ./includes/config.php
  • ./includes/functions.php
  • ./includes/class_hook.php
  • ./includes/modsystem_functions.php
  • ./includes/functions_bigthree.php
  • ./includes/class_postbit.php
  • ./includes/class_bbcode.php
  • ./includes/functions_reputation.php
  • ./includes/functions_post_thanks.php 

Hooks Called:
  • init_startup
  • init_startup_session_setup_start
  • init_startup_session_setup_complete
  • cache_permissions
  • fetch_threadinfo_query
  • fetch_threadinfo
  • fetch_foruminfo
  • style_fetch
  • cache_templates
  • global_start
  • parse_templates
  • global_setup_complete
  • showthread_start
  • showthread_getinfo
  • forumjump
  • showthread_post_start
  • showthread_query_postids
  • showthread_query
  • bbcode_fetch_tags
  • bbcode_create
  • showthread_postbit_create
  • postbit_factory
  • postbit_display_start
  • post_thanks_function_post_thanks_off_start
  • post_thanks_function_post_thanks_off_end
  • post_thanks_function_fetch_thanks_start
  • fetch_musername
  • post_thanks_function_fetch_thanks_end
  • post_thanks_function_thanked_already_start
  • post_thanks_function_thanked_already_end
  • post_thanks_function_fetch_thanks_bit_start
  • post_thanks_function_show_thanks_date_start
  • post_thanks_function_show_thanks_date_end
  • post_thanks_function_fetch_thanks_bit_end
  • post_thanks_function_fetch_post_thanks_template_start
  • post_thanks_function_fetch_post_thanks_template_end
  • postbit_imicons
  • bbcode_parse_start
  • bbcode_parse_complete_precache
  • bbcode_parse_complete
  • postbit_display_complete
  • post_thanks_function_can_thank_this_post_start
  • pagenav_page
  • pagenav_complete
  • tag_fetchbit_complete
  • forumrules
  • navbits
  • navbits_complete
  • showthread_complete