The Arcive of Official vBulletin Modifications Site.It is not a VB3 engine, just a parsed copy! |
|
Email notification if someone attempts to access your Admin CP Details »» | |||||||||||||||||||||||||||||
Email notification if someone attempts to access your Admin CP
Developer Last Online: May 2021
This is my version of the hack that Firefly released for VB2.
VB3's standard log of failed admincp login attempts is a nice feature.. but since you get no instant notification, by the time you check the log it could be too late. Also, the log doesn't show which passwords the potential intruder is trying... If someone is close to guessing my password I wanna know about it! What does it do? With this hack, when someone tries to login to your admincp or modcp you'll get an email that contains the username they tried, the password they tried, their ip address, hostname, # of strikes, referer, script, and the date & time of the attempt. It will look something like this: Quote:
Quote:
Update (1-4-05): A couple of users have expressed concern about this mod sending a plaintext password over http for all logins. This update (v1.1) addresses that concern by only sending the password for cplogins. To update just re-do the first step in the instructions for your vbulletin version (the first edit to adminfunctions.php). Or if you'd prefer that the attempted password not be sent at all simply skip the edits to adminfunctions.php. If you don't recieve an email when testing, make sure you have the webmaster email set in the admincp (vBulletin Options + Site Name / URL / Contact Details). Also, sometimes it takes a while for the email to arrive. So give it plenty of time before screaming "it doesn't work".. Still not working? Read this! Credits: Thanks to the original creator of this hack (Chen) for the idea, and thanks to Boofo for helping me test it. Show Your Support
|
Comments |
#152
|
||||
|
||||
Excellent Hack!
Install Button > Click! |
#153
|
|||
|
|||
Worked beautifully on my vB 3.0.5. I accidentally locked myself out for 15 minutes though. Any chance of making a hack, or an addon, that makes it so user id 1 cannot be locked out? Someone could go to your forum and try to log in 6 times and then you have to wait 15 minutes.
My idea would be that the hack would stop the person trying to login from continuing to attempt to login, but to NOT lock out the admin's account. It may seem stupid, but someone with your talent should be able to work something out? |
#154
|
||||
|
||||
Quote:
You could do something like this, so that it doesn't give the admin strikes or lock him out when trying to login to the control panel as long as he's already logged into the board: In includes/functions_login.php find: Code:
function verify_strike_status($username = '') { global $DB_site, $vboptions; $DB_site->query("DELETE FROM " . TABLE_PREFIX . "strikes WHERE striketime < " . (TIMENOW - 3600)); if (!$vboptions['usestrikesystem']) { return 0; } Code:
function verify_strike_status($username = '') { global $DB_site, $vboptions, $bbuserinfo; $DB_site->query("DELETE FROM " . TABLE_PREFIX . "strikes WHERE striketime < " . (TIMENOW - 3600)); if (!$vboptions['usestrikesystem'] OR $bbuserinfo[usergroupid]==6) { return 0; } Code:
// ###################### Start exec_strike_user ####################### function exec_strike_user($username = '', $strikes = 0) { global $DB_site, $strikes, $vboptions; if (!$vboptions['usestrikesystem']) { return 0; } Code:
// ###################### Start exec_strike_user ####################### function exec_strike_user($username = '', $strikes = 0) { global $DB_site, $strikes, $vboptions, $bbuserinfo; if (!$vboptions['usestrikesystem'] OR $bbuserinfo[usergroupid]==6) { return 0; } If you're not logged into the forum you'll still get a strike. I didn't test it but it should work. Thanks for verifying that this hack works with 3.0.5 btw. |
#155
|
|||
|
|||
Quote:
|
#156
|
|||
|
|||
well,
this hack works fine except for one little thing Code:
Script: http://www.yoursite.com/forums/login.php |
#157
|
||||
|
||||
Quote:
|
#158
|
||||
|
||||
Installed. Not working.
1. Version 3.0.3 (patched init.php - twice) 2. vBadvanced hack 3. IBProarcade hack 4. vBquiz hack Checked and tried everything (twice) listed in the "Checklist"... still no luck? I have a question: my administrator folder IS NOT named "admincp", could this be the cause? Thanks. mm :nervous: |
#159
|
||||
|
||||
Mechanical Mind,
I don't think the name of the folder would have any effect on it but I could be wrong. The only other thing I can think of is maybe one of the other hacks changes something which effects this hack. Since I don't use any of those myself I can't say for sure. You could try applying this hack to fresh un-modified files and see what happens. |
#160
|
||||
|
||||
Quote:
1) Its not meant to be clicked on. That line is only there to show you where the intruder is attempting to login from.. i.e. your site or a remote script. 2) Not all email clients support HTML. |
#161
|
|||
|
|||
oooh so i didn't do anything wrong i thought i did something wrong ok so i didn't anyway your hack worked fine with vb 3.0.3 & 3.04 & 3.0.5 i don't use any of those other either
|
|
|
X vBulletin 3.8.12 by vBS Debug Information | |
---|---|
|
|
More Information | |
Template Usage:
Phrase Groups Available:
|
Included Files:
Hooks Called:
|