Go Back   vb.org Archive > vBulletin Modifications > Archive > vB.org Archives > vBulletin 3.0 > vBulletin 3.0 Full Releases

Reply
 
Thread Tools
Email notification if someone attempts to access your Admin CP Details »»
Email notification if someone attempts to access your Admin CP
Version: 1.1, by EvilLS1 EvilLS1 is offline
Developer Last Online: May 2021 Show Printable Version Email this Page

Version: 3.0.5 Rating:
Released: 04-28-2004 Last Update: 01-07-2005 Installs: 239
 
No support by the author.

This is my version of the hack that Firefly released for VB2.

VB3's standard log of failed admincp login attempts is a nice feature.. but since you get no instant notification, by the time you check the log it could be too late. Also, the log doesn't show which passwords the potential intruder is trying... If someone is close to guessing my password I wanna know about it!

What does it do? With this hack, when someone tries to login to your admincp or modcp you'll get an email that contains the username they tried, the password they tried, their ip address, hostname, # of strikes, referer, script, and the date & time of the attempt.

It will look something like this:

Quote:
--------------------------------------------------
WARNING: Failed admin logon in vBulletin 3.0.1
--------------------------------------------------
Someone is trying to login to your Admin CP!

Username tried: JimbobJoe
Password tried: aCcEsS
IP Address: 67.13.27.156
Host: asd691917124.whatever.com
Strikes: 1/5
Referer: http://www.yoursite.com/forums/admincp/
Script: http://www.yoursite.com/forums/login.php
Date: Wednesday 28th of April 2004 07:50:02 AM
--------------------------------------------------
If the person who is attempting to access your CP happens to be registered & logged in, this line will also be included in the email:
Quote:
vBulletin has identified this user as: (intruder's real username here)
(Thanks to AlexanderT for the idea for this addon.)


Update (1-4-05): A couple of users have expressed concern about this mod sending a plaintext password over http for all logins. This update (v1.1) addresses that concern by only sending the password for cplogins. To update just re-do the first step in the instructions for your vbulletin version (the first edit to adminfunctions.php). Or if you'd prefer that the attempted password not be sent at all simply skip the edits to adminfunctions.php.

If you don't recieve an email when testing, make sure you have the webmaster email set in the admincp (vBulletin Options + Site Name / URL / Contact Details). Also, sometimes it takes a while for the email to arrive. So give it plenty of time before screaming "it doesn't work"..

Still not working? Read this!

Credits: Thanks to the original creator of this hack (Chen) for the idea, and thanks to Boofo for helping me test it.

Show Your Support

  • This modification may not be copied, reproduced or published elsewhere without author's permission.

Comments
  #72  
Old 07-04-2004, 05:57 PM
Natch's Avatar
Natch Natch is offline
 
Join Date: Nov 2002
Location: Australia
Posts: 851
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

Great job EvilLS1

[high]* Natch installed and it works a charm![/high]
Reply With Quote
  #73  
Old 07-05-2004, 06:10 AM
EvilLS1's Avatar
EvilLS1 EvilLS1 is offline
 
Join Date: Apr 2002
Location: Georgia, USA
Posts: 987
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

Thanks Natch.
Reply With Quote
  #74  
Old 07-05-2004, 07:49 AM
LeonHartHVA LeonHartHVA is offline
 
Join Date: Jul 2003
Posts: 33
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

I set "Use Login "Strikes" System" to "No". So does it work?
Reply With Quote
  #75  
Old 07-05-2004, 06:58 PM
EvilLS1's Avatar
EvilLS1 EvilLS1 is offline
 
Join Date: Apr 2002
Location: Georgia, USA
Posts: 987
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

Quote:
Originally Posted by LeonHartHVA
I set "Use Login "Strikes" System" to "No". So does it work?
Yes it should work either way.
Reply With Quote
  #76  
Old 07-13-2004, 07:53 PM
Wifey Wifey is offline
 
Join Date: Mar 2004
Posts: 250
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

Quote:
Originally Posted by babolo
I caught someone with this hack and pm'd them and they were like im sorry and crap and they tried alot of times
Funny you should say that considering I caught YOU trying to log into my admincp the other day. Not very fun, is it?

I think it was the other way around babolo, you tried on MY site and I caught you and pmed you asking why to which you replied you thought you'd try to hack because people use stupid passwords...unless you installed this hack between yesterday and today and had someone try to log into your account "alot of times."

Or we're all living in an alternate universe. One of the three. I have the logs if anyone cares to see this hack in action.
Reply With Quote
  #77  
Old 07-14-2004, 09:26 PM
WEForums WEForums is offline
 
Join Date: Apr 2003
Location: Jacksonville, Florida
Posts: 195
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

This is cool. Doubt anyone tries to login, but it's good just in case. Had the vB2 one installed as well. Obviously this one is better, though.
Reply With Quote
  #78  
Old 07-16-2004, 02:16 AM
Yahhoon23 Yahhoon23 is offline
 
Join Date: Dec 2003
Posts: 59
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

I know that this may not be the best place for this. But I have and love this admincp hack.

Is there anyway I can be notified when regular accounts are tried to break into as well?

Last night, my admin area was targeted and I was notified.

My Co-Admin was targeted but not thru the admin area. They tried accessing his account through the regular forum.

But without him telling me I'd have no idea if people were trying to break in etc and I don't need the wrong people trying to access other accounts. Especially when not everyone uses a secure password.
Reply With Quote
  #79  
Old 07-17-2004, 06:43 PM
mackers8923 mackers8923 is offline
 
Join Date: Dec 2002
Location: Belfast, N Ireland
Posts: 71
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

cool hack, *clicks install*
Reply With Quote
  #80  
Old 07-18-2004, 12:11 AM
EvilLS1's Avatar
EvilLS1 EvilLS1 is offline
 
Join Date: Apr 2002
Location: Georgia, USA
Posts: 987
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

Quote:
Originally Posted by Yahhoon23

Is there anyway I can be notified when regular accounts are tried to break into as well?
Its possible but not practical b/c your inbox would be filled with notifications due to regular members mis-typing their password or username. To do something like that it would be a better idea to store failed logins in the database and let the admin view them in the control panel.
Reply With Quote
  #81  
Old 07-18-2004, 06:44 PM
Yahhoon23 Yahhoon23 is offline
 
Join Date: Dec 2003
Posts: 59
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

Yeah, that is true. Good Point.

I just was trying to think of a way so I am notified if there is someone trying to break in other accounts.

Due to the fact that my admincp account was targeted, and my co-admins regular forum account were targeted, I was trying to think of a viable way for me to know that said people are trying to break into various accounts other than the admincp.
Reply With Quote
Reply

Thread Tools

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump


All times are GMT. The time now is 10:23 AM.


Powered by vBulletin® Version 3.8.12 by vBS
Copyright ©2000 - 2024, vBulletin Solutions Inc.
X vBulletin 3.8.12 by vBS Debug Information
  • Page Generation 0.06054 seconds
  • Memory Usage 2,304KB
  • Queries Executed 25 (?)
More Information
Template Usage:
  • (1)SHOWTHREAD
  • (1)ad_footer_end
  • (1)ad_footer_start
  • (1)ad_header_end
  • (1)ad_header_logo
  • (1)ad_navbar_below
  • (1)ad_showthread_beforeqr
  • (5)bbcode_quote
  • (1)footer
  • (1)forumjump
  • (1)forumrules
  • (1)gobutton
  • (1)header
  • (1)headinclude
  • (1)modsystem_post
  • (1)navbar
  • (6)navbar_link
  • (120)option
  • (1)pagenav
  • (1)pagenav_curpage
  • (4)pagenav_pagelink
  • (1)pagenav_pagelinkrel
  • (11)post_thanks_box
  • (11)post_thanks_button
  • (1)post_thanks_javascript
  • (1)post_thanks_navbar_search
  • (11)post_thanks_postbit_info
  • (10)postbit
  • (11)postbit_onlinestatus
  • (11)postbit_wrapper
  • (1)spacer_close
  • (1)spacer_open
  • (1)tagbit_wrapper 

Phrase Groups Available:
  • global
  • inlinemod
  • postbit
  • posting
  • reputationlevel
  • showthread
Included Files:
  • ./showthread.php
  • ./global.php
  • ./includes/init.php
  • ./includes/class_core.php
  • ./includes/config.php
  • ./includes/functions.php
  • ./includes/class_hook.php
  • ./includes/modsystem_functions.php
  • ./includes/functions_bigthree.php
  • ./includes/class_postbit.php
  • ./includes/class_bbcode.php
  • ./includes/functions_reputation.php
  • ./includes/functions_post_thanks.php 

Hooks Called:
  • init_startup
  • init_startup_session_setup_start
  • init_startup_session_setup_complete
  • cache_permissions
  • fetch_threadinfo_query
  • fetch_threadinfo
  • fetch_foruminfo
  • style_fetch
  • cache_templates
  • global_start
  • parse_templates
  • global_setup_complete
  • showthread_start
  • showthread_getinfo
  • forumjump
  • showthread_post_start
  • showthread_query_postids
  • showthread_query
  • bbcode_fetch_tags
  • bbcode_create
  • showthread_postbit_create
  • postbit_factory
  • postbit_display_start
  • post_thanks_function_post_thanks_off_start
  • post_thanks_function_post_thanks_off_end
  • post_thanks_function_fetch_thanks_start
  • post_thanks_function_fetch_thanks_end
  • post_thanks_function_thanked_already_start
  • post_thanks_function_thanked_already_end
  • fetch_musername
  • postbit_imicons
  • bbcode_parse_start
  • bbcode_parse_complete_precache
  • bbcode_parse_complete
  • postbit_display_complete
  • post_thanks_function_can_thank_this_post_start
  • pagenav_page
  • pagenav_complete
  • tag_fetchbit_complete
  • forumrules
  • navbits
  • navbits_complete
  • showthread_complete