The Arcive of Official vBulletin Modifications Site.

blastme · #1 12-14-2013, 06:14 AM

A member did a page source view of a post on my site and took a screenshot of it. Its the one I have attached.

This member claims the code means I have the admin log in as user hack installed on my site. But its not installed nor has it ever been. So now this member is spreading rumors that an admin on my site has been logging in as a user and making posts.

So was wondering if someone could shed some light on this.

TIA

ozzy47 · #2 12-14-2013, 06:24 AM

If that code is in your source code, then it is from this mod, https://vborg.vbsupport.ru/showthread.php?t=168819

ForceHSS · #3 12-14-2013, 06:36 AM

I would ban the user or at least give him a warning after all he is a member you are the owner

ShawneyJ · #4 12-14-2013, 09:31 AM

Quote:

Originally Posted by ozzy47

If that code is in your source code, then it is from this mod, https://vborg.vbsupport.ru/showthread.php?t=168819

yes, indeed that is the hack the source code is from. in my option, theres one place you can see this source code, (only if hack is installed) and thats in "Admin Log In As User" "fetch_userinfo_query" in plug in section Plugin Manager. which im guessing built into xml.

if a guest/member was to view the source of this members admin profile without the plug in installed. all they will see is:

Code:

<!-- Start Admin Log In As User -->
<li class="thead"><a href="index.php?u=26971&amp;admin_log_in_as_user=+++">Log In As This User</a></li>
<!-- End Admin Log In As User -->

correct me if im wrong.

because i did see an option to edit memberinfo template to add:

Code:

<!-- Start Admin Log In As User -->
$admin_log_in_as_user_link
<!-- End Admin Log In As User -->

blastme, it really is easy for a member to stir trouble on a forum and say take a screen cap of example this: see in attachment. which i got from: http://pastebin.com/9HJw2W31 thx to google. also if this hack did let the public see its source, you would think google would paste it all over the net in search example "!$processed_admin_log_in_as_user" :erm:

maybe double check in Plugin Manager for any tracers. but sure do believe you. can you find where this source if found like on what page of your forum?

blastme · #5 12-14-2013, 02:54 PM

Quote:

Originally Posted by ShawneyJ

yes, indeed that is the hack the source code is from. in my option, theres one place you can see this source code, (only if hack is installed) and thats in "Admin Log In As User" "fetch_userinfo_query" in plug in section Plugin Manager. which im guessing built into xml.

if a guest/member was to view the source of this members admin profile without the plug in installed. all they will see is:

Code:

<!-- Start Admin Log In As User -->
<li class="thead"><a href="index.php?u=26971&amp;admin_log_in_as_user=+++">Log In As This User</a></li>
<!-- End Admin Log In As User -->

correct me if im wrong.

because i did see an option to edit memberinfo template to add:

Code:

<!-- Start Admin Log In As User -->
$admin_log_in_as_user_link
<!-- End Admin Log In As User -->

blastme, it really is easy for a member to stir trouble on a forum and say take a screen cap of example this: see in attachment. which i got from: http://pastebin.com/9HJw2W31 thx to google. also if this hack did let the public see its source, you would think google would paste it all over the net in search example "!$processed_admin_log_in_as_user" :erm:

maybe double check in Plugin Manager for any tracers. but sure do believe you. can you find where this source if found like on what page of your forum?

Guess I am not understanding because the hack is not installed. I do not have log in as this user in the drop down menu of quick user links and never have. It does not show up as an option in administrator permissions.

How would I double check in plugin manager for any tracers. ? The member said that he right clicked on a post on my site, click on view source code and that is where the code came from. I don't see it when I try it but than he'll say I had it installed and removed it.

I never even knew there was a hack like this.

ozzy47 · #6 12-14-2013, 02:56 PM

If you want PM me a admin account and a link to the site and I can check it out for you.

Max Taxable · #7 12-14-2013, 03:42 PM

Quote:

Originally Posted by blastme

Guess I am not understanding because the hack is not installed. I do not have log in as this user in the drop down menu of quick user links and never have. It does not show up as an option in administrator permissions.

How would I double check in plugin manager for any tracers. ? The member said that he right clicked on a post on my site, click on view source code and that is where the code came from. I don't see it when I try it but than he'll say I had it installed and removed it.

I never even knew there was a hack like this.

Dude might be just making it up in a attempt to discredit you.

ozzy47 · #8 12-14-2013, 03:56 PM

It's entirely possible, that's why I want to have a look around.

blastme · #9 12-14-2013, 09:46 PM

This is the screen shot that member posted on another site with saying it proves I have that hack installed.

blastme · #10 12-14-2013, 09:56 PM

Quote:

Originally Posted by ozzy47

If you want PM me a admin account and a link to the site and I can check it out for you.

Sent you a PM.

X vBulletin 3.8.12 by vBS Debug Information
Page Generation 0.04424 seconds Memory Usage 2,297KB Queries Executed 14 (?)
More Information
Template Usage: (1)SHOWTHREAD (1)ad_footer_end (1)ad_footer_start (1)ad_header_end (1)ad_header_logo (1)ad_navbar_below (1)ad_showthread_beforeqr (1)ad_showthread_firstpost (1)ad_showthread_firstpost_sig (1)ad_showthread_firstpost_start (4)bbcode_code (4)bbcode_quote (1)footer (1)forumjump (1)forumrules (1)gobutton (1)header (1)headinclude (1)navbar (3)navbar_link (120)option (1)pagenav (1)pagenav_curpage (2)pagenav_pagelink (10)post_thanks_box (5)post_thanks_box_bit (10)post_thanks_button (1)post_thanks_javascript (1)post_thanks_navbar_search (4)post_thanks_postbit (10)post_thanks_postbit_info (10)postbit (3)postbit_attachment (10)postbit_onlinestatus (10)postbit_wrapper (1)spacer_close (1)spacer_open (1)tagbit_wrapper Phrase Groups Available: global inlinemod postbit posting reputationlevel showthread	Included Files: ./showthread.php ./global.php ./includes/init.php ./includes/class_core.php ./includes/config.php ./includes/functions.php ./includes/class_hook.php ./includes/modsystem_functions.php ./includes/functions_bigthree.php ./includes/class_postbit.php ./includes/class_bbcode.php ./includes/functions_reputation.php ./includes/functions_post_thanks.php Hooks Called: init_startup init_startup_session_setup_start init_startup_session_setup_complete cache_permissions fetch_postinfo_query fetch_postinfo fetch_threadinfo_query fetch_threadinfo fetch_foruminfo style_fetch cache_templates global_start parse_templates global_setup_complete showthread_start showthread_getinfo forumjump showthread_post_start showthread_query_postids showthread_query bbcode_fetch_tags bbcode_create showthread_postbit_create postbit_factory postbit_display_start post_thanks_function_post_thanks_off_start post_thanks_function_post_thanks_off_end post_thanks_function_fetch_thanks_start fetch_musername post_thanks_function_fetch_thanks_end post_thanks_function_thanked_already_start post_thanks_function_thanked_already_end postbit_imicons bbcode_parse_start bbcode_parse_complete_precache bbcode_parse_complete postbit_attachment postbit_display_complete post_thanks_function_can_thank_this_post_start post_thanks_function_fetch_thanks_bit_start post_thanks_function_show_thanks_date_start post_thanks_function_show_thanks_date_end post_thanks_function_fetch_thanks_bit_end post_thanks_function_fetch_post_thanks_template_start post_thanks_function_fetch_post_thanks_template_end pagenav_page pagenav_complete tag_fetchbit_complete forumrules navbits navbits_complete showthread_complete
Messages:

2 благодарности(ей) от:
blastme, tbworld

Благодарность от:
blastme

Благодарность от:
blastme

The Arcive of Official vBulletin Modifications Site.

It is not a VB3 engine, just a parsed copy!