The Arcive of Official vBulletin Modifications Site.

About Developer · **Released**: 11-25-2001

Here's my version:

In sessions.php find this code:

Code:

    if (md5($loginpassword)!=$bbuserinfo[password]) {

right below it, add this code:

Code:

			$ipaddress=iif(getenv("REMOTE_ADDR")!="",getenv("REMOTE_ADDR"),$HTTP_HOST);
			$iphostname = @gethostbyaddr($ipaddress);
			$message="Someone is trying to login using your admin account!\n\nUsername he tried to use: $loginusername\nPassword he tried to use: $loginpassword (".md5($loginpassword)." in encryption)\n\nThe IP address is: $ipaddress\nThe host is: $iphostname";
			mail($webmasteremail,"Warning: vBulletin Admin Login Tried",$message,"From: \"$bbtitle Admin CP\" <$webmasteremail>");

You will get a message:

Quote:

Someone is trying to login using your admin account!

Username he tried to use: xxx
Password he tried to use: xxx (xxxxxxxxxxxxxxxxxxxx in encryption)

The IP address is: xx.xx.xx.xx

every time someone is trying to login to the admin cp with no success.

Have fun.

digitalJE5U5 · #**182** 10-09-2002, 07:59 AM

Ive tried this "simple" hack 25 times. All from fresh copies of sessions.php. I've tried to log into admin CP using real names/wrong pass and using wrong names/passes. I've never got a single email.

Whats up?

Runnin version 2.2.7

/DJ

#**183** 10-11-2002, 07:46 PM

Works great. 2.2.7

digitalJE5U5....are you sure your webmaster email address is correct in your admin cp?

digitalJE5U5 · #**184** 10-11-2002, 11:09 PM

Im positive. Using this on 2.2.7. But, I've read it works on that too.

:cry:

/DJ

Talisman · #**185** 10-13-2002, 03:56 PM

Love the hack. Just caught myself trying to sneak into my Admin CP.... whew!

And when I checked who was up to no good ...... sure enough, it was me!!

(BTW, I'm getting two copies of the email notice, but that's not a problem.)

Thanks for all the great hacks, everyone. :banana:

ravenshadow · #**186** 10-25-2002, 02:33 PM

Works great.. 2.2.8

Thank you

Littlebit · #**187** 10-27-2002, 03:42 PM

Working great with 2.2.8 for me too. Thanks Firefly :bunny:

sklwer · #**188** 10-27-2002, 10:12 PM

I tried to use Matts ( post 107 ) but I am having dificculy understanding.. The first Hack is easy to understand but the second Hack says "then second additon is in adim/global.php

and it goes right after

PHP:

$getperms=$DB_site->query_first("SELECT cancontrolpanel FROM user,usergroup WHERE user.usergroupid=usergroup.usergroupid AND user.userid='$bbuserinfo[userid]'");
if ($getperms[cancontrolpanel]!=1) {

So the second hack go right after what??? what am i missing?

Erwin · #**189** 10-27-2002, 10:28 PM

It's Mutt, not Matt.

https://vborg.vbsupport.ru/showthrea...079#post232079

In the second part, he is saying to open admin/global.php and FIND:

PHP Code:


			
$getperms=$DB_site->query_first("SELECT cancontrolpanel FROM user,usergroup WHERE user.usergroupid=usergroup.usergroupid AND user.userid='$bbuserinfo[userid]'");

Then after that, PASTE THE SAME CODE you used in the first part.

Hope that clears it up a bit.
if ($getperms[cancontrolpanel]!=1) {

sklwer · #**190** 10-27-2002, 10:39 PM

There is no " $getperms=$DB_site->query_first("SELECT cancontrolpanel FROM user,usergroup WHERE user.usergroupid=usergroup.usergroupid AND user.userid='$bbuserinfo[userid]'"); on Version 2.28 Global.php

sklwer · #**191** 10-27-2002, 10:40 PM

Soory I was looking at /Global NOT admin/global sorry

X vBulletin 3.8.12 by vBS Debug Information
Page Generation 0.05765 seconds Memory Usage 2,304KB Queries Executed 25 (?)
More Information
Template Usage: (1)SHOWTHREAD (1)ad_footer_end (1)ad_footer_start (1)ad_header_end (1)ad_header_logo (1)ad_navbar_below (1)ad_showthread_beforeqr (2)bbcode_code (1)bbcode_php (1)bbcode_quote (1)footer (1)forumjump (1)forumrules (1)gobutton (1)header (1)headinclude (1)modsystem_post (1)navbar (6)navbar_link (120)option (1)pagenav (1)pagenav_curpage (4)pagenav_pagelink (1)pagenav_pagelinkrel (11)post_thanks_box (11)post_thanks_button (1)post_thanks_javascript (1)post_thanks_navbar_search (11)post_thanks_postbit_info (10)postbit (10)postbit_onlinestatus (11)postbit_wrapper (1)spacer_close (1)spacer_open (1)tagbit_wrapper Phrase Groups Available: global inlinemod postbit posting reputationlevel showthread	Included Files: ./showthread.php ./global.php ./includes/init.php ./includes/class_core.php ./includes/config.php ./includes/functions.php ./includes/class_hook.php ./includes/modsystem_functions.php ./includes/functions_bigthree.php ./includes/class_postbit.php ./includes/class_bbcode.php ./includes/functions_reputation.php ./includes/functions_post_thanks.php Hooks Called: init_startup init_startup_session_setup_start init_startup_session_setup_complete cache_permissions fetch_threadinfo_query fetch_threadinfo fetch_foruminfo style_fetch cache_templates global_start parse_templates global_setup_complete showthread_start showthread_getinfo forumjump showthread_post_start showthread_query_postids showthread_query bbcode_fetch_tags bbcode_create showthread_postbit_create postbit_factory postbit_display_start post_thanks_function_post_thanks_off_start post_thanks_function_post_thanks_off_end post_thanks_function_fetch_thanks_start post_thanks_function_fetch_thanks_end post_thanks_function_thanked_already_start post_thanks_function_thanked_already_end fetch_musername postbit_imicons bbcode_parse_start bbcode_parse_complete_precache bbcode_parse_complete postbit_display_complete post_thanks_function_can_thank_this_post_start pagenav_page pagenav_complete tag_fetchbit_complete forumrules navbits navbits_complete showthread_complete
Messages:

The Arcive of Official vBulletin Modifications Site.

It is not a VB3 engine, just a parsed copy!