Go Back   vb.org Archive > vBulletin Modifications > Archive > vB.org Archives > vBulletin 3.5 > vBulletin 3.5 Add-ons

Reply
 
Thread Tools
Cracker Tracker Details »»
Cracker Tracker
Version: 1.0.2, by Onur Onur is offline
Developer Last Online: Apr 2015 Show Printable Version Email this Page

Version: 3.5.4 Rating:
Released: 03-09-2006 Last Update: 05-15-2006 Installs: 84
Uses Plugins
Additional Files  
No support by the author.

CrackerTracker

this is a port from the standalone system of the Cback.de CrackerTracker (was original made for phpBB) to an Product for vB
  • Description
    this hack search in the requeststring for definied codeparts, is found any hit the skript was die and send a little massage
    in addition of security this simply skript discharged the server by automatic attacks from botskripts if the definations have a hit in the requests
  • Instructions
    Install
    • upload the /elog/ directory and set the CHMOD of counter.txt and logfile_injects.txt to 666, this is only to log blocked requests
      if you not want to have writeable files on youre server this hack works without logging too and you can leave this part
    • at last install the CrackerTracker100-product.xml
    Update
    • uninstall product of v100
    • reinstall new product of v101
    Uninstall
    • uninstall the CrackerTracker100-product.xml
    • upload thedelete /elog/ directory
  • Credits & Information
    i have only port this hack to a Plugin
    Authorof the Hack is Cback from www.cback.de
    only restraint of Cback is the Copyright in the footer

    (i hope my english was understandable )


  • History
    • 10/03/06 Release 1.0.0
    • 15/05/06 Release 1.0.1
      • new searchpattern and handfull old replaced
      • little codemodifications
    • 15/05/06 Release 1.0.2
      • one typo in list (missing ",")

Show Your Support

  • This modification may not be copied, reproduced or published elsewhere without author's permission.

Comments
  #2  
Old 03-10-2006, 08:57 PM
XtremeOffroad XtremeOffroad is offline
 
Join Date: Jul 2005
Posts: 236
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

What does this do? Sorry didnt quite understand.
Reply With Quote
  #3  
Old 03-10-2006, 09:08 PM
Highendfreak Highendfreak is offline
 
Join Date: Nov 2005
Posts: 10
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

Quote:
Originally Posted by XtremeOffroad
What does this do? Sorry didnt quite understand.
This hack protecs your board against people who wants to '(cr)hack your forum. Original coded by CBack for phpBB and now ported to vb. One of the best hacks ever...
Reply With Quote
  #4  
Old 03-10-2006, 09:09 PM
Onur Onur is offline
 
Join Date: Oct 2005
Posts: 13
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

phpBB have any problems with automated hacking attacks by botskripts was found her victim over google and send many requets to the board

this skript search for a lot of requets how '<skript>' and died the request, so the server has a littel less of load and an bad request can block befor he does work

is an similar way like the $_global handling of vb in begin of ini.php
Reply With Quote
  #5  
Old 03-10-2006, 09:43 PM
redlabour's Avatar
redlabour redlabour is offline
 
Join Date: Mar 2004
Location: Wuppertal, NRW, Germany
Posts: 1,541
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

The best Hack from cBack in the whole phpBB World. Thx Onur - absolut excellent work !

If anyone does not know cBack : http://www.community.cback.de/viewforum.php?f=52

@Onur - please edit a Link to cBack and the Title of this Hack to cBack CrackerTracker. And do not forget a link to vbhacks-germany etc.

And sorry - but no one can understand your english description here.

Quote:
This is a complete security system for phpBB2 Forums. It protects against session cracks, floods, search overloads, worm attacks, BruteForce Attacks, Mass Mailing and much more to reduce Traffic and to protect Board and other MODs.
http://sourceforge.net/project/showf...roup_id=154972
Reply With Quote
  #6  
Old 03-10-2006, 09:47 PM
puertoblack2003's Avatar
puertoblack2003 puertoblack2003 is offline
 
Join Date: Aug 2005
Location: Philadelphia
Posts: 1,073
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

ok trying to understand, what this hack do is if someone or something tried to hack your board it will keep a log and then what slow server respond or what?????
Reply With Quote
  #7  
Old 03-11-2006, 05:52 AM
Onur Onur is offline
 
Join Date: Oct 2005
Posts: 13
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

Quote:
Originally Posted by puertoblack2003
ok trying to understand, what this hack do is if someone or something tried to hack your board it will keep a log and then what slow server respond or what?????
i mean, comes a automated hackingskript (santy-webworm) who sending many requets to youre board, this skript end the bulid and delivery of the requestet site and save so cputime and traffic
some hackingrequests have no chance to do there work on patched boards, but you have a lot of traffic
Reply With Quote
  #8  
Old 03-11-2006, 06:13 AM
Trigunflame's Avatar
Trigunflame Trigunflame is offline
 
Join Date: Aug 2002
Posts: 742
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

What this guys trying to say is that his "addition" to your forum will kill the script if it notices any potential "bad request" are being sent to the forum.

1. Most of these request differ in "what they can do", showing phpinfo() is not going to help anyone own your server.
2. Vbulletin is not phpbb, and does not suffer from any of these problems to date.
3. If the request is being sent through a vbulletin php file they are not going to get executed anyway, this hack is Worthless on a Vbulletin Forum.
Reply With Quote
  #9  
Old 03-11-2006, 10:44 AM
Motoman Motoman is offline
 
Join Date: Nov 2005
Posts: 6
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

Acording to our phpbb specialist (on "my" board) :

Quote:
Originally Posted by abcde
Just a note about the CrackerTracker by CBACK.DE, some staff members of phpbb.com have looked at this mod and say there are some serious security problems, the automatic update-system is according to them unsafe. This is the stand-alone of that phpBB mdo so I think you should look at this issue.

Edit: I don't know if this is ported version of the phpBB mod, my German isn't fluent.
Will this hack have any negative effects on vB through the "automatic update-system" or was this problem fixed when you ported it?
Reply With Quote
  #10  
Old 03-11-2006, 11:01 AM
Motoman Motoman is offline
 
Join Date: Nov 2005
Posts: 6
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

Quote:
Originally Posted by Motoman
Acording to our phpbb specialist (on "my" board) :



Will this hack have any negative effects on vB through the "automatic update-system" or was this problem fixed when you ported it?
oops, I didnt see the edit note, but I'd still like to know it that "automatic update-system will cause any trouble...
Reply With Quote
Reply

Thread Tools

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump


All times are GMT. The time now is 11:39 PM.


Powered by vBulletin® Version 3.8.12 by vBS
Copyright ©2000 - 2024, vBulletin Solutions Inc.
X vBulletin 3.8.12 by vBS Debug Information
  • Page Generation 0.07909 seconds
  • Memory Usage 2,293KB
  • Queries Executed 23 (?)
More Information
Template Usage:
  • (1)SHOWTHREAD
  • (1)ad_footer_end
  • (1)ad_footer_start
  • (1)ad_header_end
  • (1)ad_header_logo
  • (1)ad_navbar_below
  • (1)ad_showthread_beforeqr
  • (5)bbcode_quote
  • (1)footer
  • (1)forumjump
  • (1)forumrules
  • (1)gobutton
  • (1)header
  • (1)headinclude
  • (1)modsystem_post
  • (1)navbar
  • (6)navbar_link
  • (120)option
  • (1)pagenav
  • (1)pagenav_curpage
  • (2)pagenav_pagelink
  • (10)post_thanks_box
  • (10)post_thanks_button
  • (1)post_thanks_javascript
  • (1)post_thanks_navbar_search
  • (10)post_thanks_postbit_info
  • (9)postbit
  • (10)postbit_onlinestatus
  • (10)postbit_wrapper
  • (1)spacer_close
  • (1)spacer_open
  • (1)tagbit_wrapper 

Phrase Groups Available:
  • global
  • inlinemod
  • postbit
  • posting
  • reputationlevel
  • showthread
Included Files:
  • ./showthread.php
  • ./global.php
  • ./includes/init.php
  • ./includes/class_core.php
  • ./includes/config.php
  • ./includes/functions.php
  • ./includes/class_hook.php
  • ./includes/modsystem_functions.php
  • ./includes/functions_bigthree.php
  • ./includes/class_postbit.php
  • ./includes/class_bbcode.php
  • ./includes/functions_reputation.php
  • ./includes/functions_post_thanks.php 

Hooks Called:
  • init_startup
  • init_startup_session_setup_start
  • init_startup_session_setup_complete
  • cache_permissions
  • fetch_threadinfo_query
  • fetch_threadinfo
  • fetch_foruminfo
  • style_fetch
  • cache_templates
  • global_start
  • parse_templates
  • global_setup_complete
  • showthread_start
  • showthread_getinfo
  • forumjump
  • showthread_post_start
  • showthread_query_postids
  • showthread_query
  • bbcode_fetch_tags
  • bbcode_create
  • showthread_postbit_create
  • postbit_factory
  • postbit_display_start
  • post_thanks_function_post_thanks_off_start
  • post_thanks_function_post_thanks_off_end
  • post_thanks_function_fetch_thanks_start
  • post_thanks_function_fetch_thanks_end
  • post_thanks_function_thanked_already_start
  • post_thanks_function_thanked_already_end
  • fetch_musername
  • postbit_imicons
  • bbcode_parse_start
  • bbcode_parse_complete_precache
  • bbcode_parse_complete
  • postbit_display_complete
  • post_thanks_function_can_thank_this_post_start
  • pagenav_page
  • pagenav_complete
  • tag_fetchbit_complete
  • forumrules
  • navbits
  • navbits_complete
  • showthread_complete