Go Back   vb.org Archive > vBulletin Modifications > Archive > vB.org Archives > vBulletin 3.0 > vBulletin 3.0 Full Releases
FAQ Community Calendar Today's Posts Search

Reply
 
Thread Tools
Email notification if someone attempts to access your Admin CP Details »»
Email notification if someone attempts to access your Admin CP
Version: 1.1, by EvilLS1 EvilLS1 is offline
Developer Last Online: May 2021 Show Printable Version Email this Page

Version: 3.0.5 Rating:
Released: 04-28-2004 Last Update: 01-07-2005 Installs: 239
 
No support by the author.

This is my version of the hack that Firefly released for VB2.

VB3's standard log of failed admincp login attempts is a nice feature.. but since you get no instant notification, by the time you check the log it could be too late. Also, the log doesn't show which passwords the potential intruder is trying... If someone is close to guessing my password I wanna know about it!

What does it do? With this hack, when someone tries to login to your admincp or modcp you'll get an email that contains the username they tried, the password they tried, their ip address, hostname, # of strikes, referer, script, and the date & time of the attempt.

It will look something like this:

Quote:
--------------------------------------------------
WARNING: Failed admin logon in vBulletin 3.0.1
--------------------------------------------------
Someone is trying to login to your Admin CP!

Username tried: JimbobJoe
Password tried: aCcEsS
IP Address: 67.13.27.156
Host: asd691917124.whatever.com
Strikes: 1/5
Referer: http://www.yoursite.com/forums/admincp/
Script: http://www.yoursite.com/forums/login.php
Date: Wednesday 28th of April 2004 07:50:02 AM
--------------------------------------------------
If the person who is attempting to access your CP happens to be registered & logged in, this line will also be included in the email:
Quote:
vBulletin has identified this user as: (intruder's real username here)
(Thanks to AlexanderT for the idea for this addon.)


Update (1-4-05): A couple of users have expressed concern about this mod sending a plaintext password over http for all logins. This update (v1.1) addresses that concern by only sending the password for cplogins. To update just re-do the first step in the instructions for your vbulletin version (the first edit to adminfunctions.php). Or if you'd prefer that the attempted password not be sent at all simply skip the edits to adminfunctions.php.

If you don't recieve an email when testing, make sure you have the webmaster email set in the admincp (vBulletin Options + Site Name / URL / Contact Details). Also, sometimes it takes a while for the email to arrive. So give it plenty of time before screaming "it doesn't work"..

Still not working? Read this!

Credits: Thanks to the original creator of this hack (Chen) for the idea, and thanks to Boofo for helping me test it.

Show Your Support

  • This modification may not be copied, reproduced or published elsewhere without author's permission.

Comments
  #122  
Old 09-26-2004, 01:40 AM
theArchitect's Avatar
theArchitect theArchitect is offline
 
Join Date: Sep 2004
Location: Sydney
Posts: 417
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

Quote:
Originally Posted by EvilLS1
Hmmm.. Weird. Are you sure these users aren't trying to login through the admin section? In the emails that you get what does it say next to referer?
If it says: http://www.yoursite.com/forums/admincp/ then they are trying to login through the admincp.
Yep. The error is from http://www.mysite.com/forum/login.php.

As I said no worries.
Reply With Quote
  #123  
Old 10-20-2004, 07:46 PM
XrayHead's Avatar
XrayHead XrayHead is offline
 
Join Date: Oct 2002
Posts: 138
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

I use HT Access on my ADMINCP DIR as well, but I installed this and tested it.
It works really well.

Nice, Xrayhead
Reply With Quote
  #124  
Old 10-21-2004, 08:24 PM
hkvic hkvic is offline
 
Join Date: Oct 2004
Location: Sussex UK
Posts: 20
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

Excellent - thank you, works like a real charm. Clicked install
Reply With Quote
  #125  
Old 10-28-2004, 08:16 AM
bendigo-tech bendigo-tech is offline
 
Join Date: Aug 2004
Location: Australia
Posts: 78
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

Works well! Thanks a lot.

*Clicks Install*
Reply With Quote
  #126  
Old 10-30-2004, 08:19 PM
HackMaster3d HackMaster3d is offline
 
Join Date: Nov 2002
Posts: 7
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

Simply wonderful. I've always wondered about a hack like this. loe and behold it's here. I LOVE THIS PLACE>
Reply With Quote
  #127  
Old 11-01-2004, 04:25 PM
wirewolf's Avatar
wirewolf wirewolf is offline
 
Join Date: Jun 2004
Location: New York City
Posts: 74
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

Clicked Installed! Tested OK on v3.0.3. Works like a charm! Asked a couple of friends (close) to try and log in (after I tested it first), and got the emails within 5 minutes. Now if we could only have it send out a message to your cellphone or pager, locate the user attempting to get into your Admincp, drag them before the "Court of Board Administrators", pronouce sentence on them, and string them up by their thumbs. :banana:
Great little hack EvilLS1! Thanks
Reply With Quote
  #128  
Old 11-03-2004, 04:24 PM
Scott MacVicar Scott MacVicar is offline
 
Join Date: Oct 2001
Location: Glasgow, Scotland
Posts: 1,199
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

Quote:
Originally Posted by EvilLS1
This is my version of the hack that Firefly released for VB2.

VB3's standard log of failed admincp login attempts is a nice feature.. but since you get no instant notification, by the time you check the log it could be too late. Also, the log doesn't show which passwords the potential intruder is trying... If someone is close to guessing my password I wanna know about it!

What does it do? With this hack, when someone tries to login to your admincp or modcp you'll get an email that contains the username they tried, the password they tried, their ip address, hostname, # of strikes, referer, script, and the date & time of the attempt.

It will look something like this:



If the person who is attempting to access your CP happens to be registered & logged in, this line will also be included in the email:

(Thanks to AlexanderT for the idea for this addon.)


Note: If you don't recieve an email when testing, make sure you have the webmaster email set in the admincp (vBulletin Options + Site Name / URL / Contact Details). Also, sometimes it takes a while for the email to arrive. So give it plenty of time before screaming "it doesn't work"..

Still not working? Read this!

Credits: Thanks to the original creator of this hack (Chen) for the idea, and thanks to Boofo for helping me test it.
I just came accross this at someones site i was helping at. I'd mistyped my username and well it sent them my password anyway. So i had a look at the code and I noticed it sent the password in plaintext ALL of the time.

What this really does is remove security from vBulletin, instead of just sending the md5 hash which at least hides the original password. I modified this version of the hack and removed the reference to the password used from this version I was working on and I think the hack author should consider adjusting the version posted.
Reply With Quote
  #129  
Old 11-03-2004, 05:29 PM
Xenon's Avatar
Xenon Xenon is offline
 
Join Date: Oct 2001
Location: Bavaria
Posts: 12,878
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

Well, actually from what i read inthe description is that, it shold send the tried password:

Quote:
If someone is close to guessing my password I wanna know about it!
So instead of removing the whole password sending (as this was the sense behind the hack) it should be changed, to just send the email to the username tried, but then with the password.

so if you just mistyped your username, then no mail would be sent, as this user doesn't exist or is no admin, but if someone tries to hack into a real admin account, sending the passwords to this' accounts email wouldn't hurt.
Reply With Quote
  #130  
Old 11-03-2004, 07:20 PM
EvilLS1's Avatar
EvilLS1 EvilLS1 is offline
 
Join Date: Apr 2002
Location: Georgia, USA
Posts: 987
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

Yes, its supposed to send the password with any failed cp logins attempted. If the username is mistyped it will still send the password but again this is only for cp logins. Only staff members should be trying to login from here anyway. It doesn't send anything for regular logins. If you'd rather have it send an encrypted password instead simply skip the edits to adminfunctions.php and use the vb_login_md5password variable instead of the one added with the hack.
Reply With Quote
  #131  
Old 11-03-2004, 07:58 PM
Scott MacVicar Scott MacVicar is offline
 
Join Date: Oct 2001
Location: Glasgow, Scotland
Posts: 1,199
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

Well I at least think it should be mentioned in the first post and the install file. I wasn't really bothered about it emailing the admin, its the fact it went through a proxy server and travelled about on the net unencrypted.

I went out of my way for vB3 to remove all cases of plain text passwords being sent over the network and I was just a bit shocked to find this out. I automatically assumed that my password was fine since i saw it clear the input boxes onsubmit as expected.

Is there a real purpose to telling them what the password is? Someone logged in with an admin username you have their IP and everything else, why does it matter if they typed in "bob" as the password.
Reply With Quote
Reply


Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump


All times are GMT. The time now is 01:56 AM.


Powered by vBulletin® Version 3.8.12 by vBS
Copyright ©2000 - 2024, vBulletin Solutions Inc.
X vBulletin 3.8.12 by vBS Debug Information
  • Page Generation 0.08655 seconds
  • Memory Usage 2,320KB
  • Queries Executed 25 (?)
More Information
Template Usage:
  • (1)SHOWTHREAD
  • (1)ad_footer_end
  • (1)ad_footer_start
  • (1)ad_header_end
  • (1)ad_header_logo
  • (1)ad_navbar_below
  • (1)ad_showthread_beforeqr
  • (5)bbcode_quote
  • (1)footer
  • (1)forumjump
  • (1)forumrules
  • (1)gobutton
  • (1)header
  • (1)headinclude
  • (1)modsystem_post
  • (1)navbar
  • (6)navbar_link
  • (120)option
  • (1)pagenav
  • (1)pagenav_curpage
  • (4)pagenav_pagelink
  • (1)pagenav_pagelinkrel
  • (11)post_thanks_box
  • (11)post_thanks_button
  • (1)post_thanks_javascript
  • (1)post_thanks_navbar_search
  • (11)post_thanks_postbit_info
  • (10)postbit
  • (11)postbit_onlinestatus
  • (11)postbit_wrapper
  • (1)spacer_close
  • (1)spacer_open
  • (1)tagbit_wrapper 

Phrase Groups Available:
  • global
  • inlinemod
  • postbit
  • posting
  • reputationlevel
  • showthread
Included Files:
  • ./showthread.php
  • ./global.php
  • ./includes/init.php
  • ./includes/class_core.php
  • ./includes/config.php
  • ./includes/functions.php
  • ./includes/class_hook.php
  • ./includes/modsystem_functions.php
  • ./includes/functions_bigthree.php
  • ./includes/class_postbit.php
  • ./includes/class_bbcode.php
  • ./includes/functions_reputation.php
  • ./includes/functions_post_thanks.php 

Hooks Called:
  • init_startup
  • init_startup_session_setup_start
  • init_startup_session_setup_complete
  • cache_permissions
  • fetch_threadinfo_query
  • fetch_threadinfo
  • fetch_foruminfo
  • style_fetch
  • cache_templates
  • global_start
  • parse_templates
  • global_setup_complete
  • showthread_start
  • showthread_getinfo
  • forumjump
  • showthread_post_start
  • showthread_query_postids
  • showthread_query
  • bbcode_fetch_tags
  • bbcode_create
  • showthread_postbit_create
  • postbit_factory
  • postbit_display_start
  • post_thanks_function_post_thanks_off_start
  • post_thanks_function_post_thanks_off_end
  • post_thanks_function_fetch_thanks_start
  • post_thanks_function_fetch_thanks_end
  • post_thanks_function_thanked_already_start
  • post_thanks_function_thanked_already_end
  • fetch_musername
  • postbit_imicons
  • bbcode_parse_start
  • bbcode_parse_complete_precache
  • bbcode_parse_complete
  • postbit_display_complete
  • post_thanks_function_can_thank_this_post_start
  • pagenav_page
  • pagenav_complete
  • tag_fetchbit_complete
  • forumrules
  • navbits
  • navbits_complete
  • showthread_complete