Version: , by Admin (Coder)
Developer Last Online: Nov 2024
Version: 2.2.x
Rating:
Released: 11-25-2001
Last Update: Never
Installs: 233
No support by the author.
Here's my version:
In sessions.php find this code:
Code:
if (md5($loginpassword)!=$bbuserinfo[password]) {
right below it, add this code:
Code:
$ipaddress=iif(getenv("REMOTE_ADDR")!="",getenv("REMOTE_ADDR"),$HTTP_HOST);
$iphostname = @gethostbyaddr($ipaddress);
$message="Someone is trying to login using your admin account!\n\nUsername he tried to use: $loginusername\nPassword he tried to use: $loginpassword (".md5($loginpassword)." in encryption)\n\nThe IP address is: $ipaddress\nThe host is: $iphostname";
mail($webmasteremail,"Warning: vBulletin Admin Login Tried",$message,"From: \"$bbtitle Admin CP\" <$webmasteremail>");
You will get a message:
Quote:
Someone is trying to login using your admin account!
Username he tried to use: xxx
Password he tried to use: xxx (xxxxxxxxxxxxxxxxxxxx in encryption)
The IP address is: xx.xx.xx.xx
every time someone is trying to login to the admin cp with no success.
Have fun.
Show Your Support
This modification may not be copied, reproduced or published elsewhere without author's permission.
hey guys, great hack got it working on 2.2.8 with the following code
Quote:
// email alert
$ipaddress=iif(getenv("REMOTE_ADDR")!="",getenv("R EMOTE_ADDR"),$HTTP_HOST);
$iphostname = @gethostbyaddr($ipaddress);
if ($HTTP_COOKIE_VARS['bbuserid']) {
$realuserid = $HTTP_COOKIE_VARS['bbuserid'];
$realusername=$DB_site->query_first("SELECT username FROM user WHERE userid='$realuserid'");
$MessageAddon .= "\nThier cookie identifys them as ".addslashes($realusername[username]."\n");
}
if ($sessionids=$DB_site->query("SELECT userid FROM session WHERE host='$ipaddress' AND userid>0 GROUP BY userid")) {
while ($sessionid = $DB_site->fetch_array($sessionids)) {
$realusername=$DB_site->query_first("SELECT username FROM user WHERE userid='$sessionid[userid]'");
$MessageAddon .= "\nSessions identifys them as ".addslashes($realusername[username]);
}
}
$message="Someone is trying to login using your admin account!\nThe Script was : $PHP_SELF\n\nUsername they tried to use: $loginusername\nPassword they tried to use: $loginpassword (".md5($loginpassword)." in encryption)\n\nThe IP address is: $ipaddress\nThe host is: $iphostname\n\nSearch for members using this ip\n $bburl/admin/user.php?action=doips&s=&ipaddress=$ipaddress\n$Me ssageAddon";
mail($webmasteremail,"Warning: vBulletin Admin Login Attempted",$message,"From: \"$bbtitle Admin CP\" <$webmasteremail>");
// email alert
and it sends me a nice email like the following (when i tested it out myself)
Quote:
Someone is trying to login using your admin account!
The Script was : /forum/admin/index.php
Username they tried to use: XXX
Password they tried to use: XXX
The IP address is: 144.132.3.232
The host is: CPE-144-132-3-232.vic.bigpond.net.au
I would say I am fairly good with installing hacks and whatnot. But I could not get this to work with 2.2.5 and I got a parse error text at the top of my forums when i installed it. Very strange. Im confuseled