Get an e-mail if someone is trying to access your Admin CP (With IP address)

Here's my version:

In sessions.php find this code:

Code:

    if (md5($loginpassword)!=$bbuserinfo[password]) {

right below it, add this code:

Code:

			$ipaddress=iif(getenv("REMOTE_ADDR")!="",getenv("REMOTE_ADDR"),$HTTP_HOST);
			$iphostname = @gethostbyaddr($ipaddress);
			$message="Someone is trying to login using your admin account!\n\nUsername he tried to use: $loginusername\nPassword he tried to use: $loginpassword (".md5($loginpassword)." in encryption)\n\nThe IP address is: $ipaddress\nThe host is: $iphostname";
			mail($webmasteremail,"Warning: vBulletin Admin Login Tried",$message,"From: \"$bbtitle Admin CP\" <$webmasteremail>");

You will get a message:

Quote:

Someone is trying to login using your admin account!

Username he tried to use: xxx
Password he tried to use: xxx (xxxxxxxxxxxxxxxxxxxx in encryption)

The IP address is: xx.xx.xx.xx

every time someone is trying to login to the admin cp with no success.

Have fun.

[Baratator]

goooooooooood idea but here is my problem : the mailing function is not supported by my host so I had to desactivate it...

Can it send adminitrators PMs instead of emails?

thx

[Kumaro]

Excellent hack for my board. People always trying to get get into my admin panel.

[Admin]

[QUOTE]Originally posted by Mincer
Run around your office screaming, grab your nearest workmate, shake them by the shoulders and shout "They're after us, we're DOOOOOOOMED!!!!"

[xug]

Great hack FireFly, just what I needed !

[Mincer]

I seem be experienceing what you may call a 'minor problem' with this hack in the updated form. (I have reverted back to the original release now)

If someone tries to login as another user with any password, it rejects it, but I get no email.

If I try to log in as the admin WITH ANY PASSWORD, IT LETS ME IN!!! (I do get the email saying failed lonin though. )

Just thought it's let you know before I start hacking all ya boards. (j/k)

[JJR512]

I tried to duplicate Mincer's problems.

I tried to login to the admin cp using my name and an incorrect password. I was not successful; I got the wrong password message, and received the email from this hack. So I could not duplicate that aspect of Mincer's problem.

I tried to login as a regular member with that member's correct password, and was simply rejected (the login form reappeared). I received no email from that attempt. So I was able to duplicate this aspect of Mincer's complaint; however, I do not believe this is a problem. I don't believe this hack was designed to send you the email in this situation, although an argument could be made that perhaps it should.

[Prezident]

I also tried some bogus usernames that did not exist. I got no email. Tried using my username with a bad password, and was notified promptly.

I think it would be better suited for this hack to send ANY information regarding failed logon attempts to the admin CP.

Is it possible to make that happen?

[Kathy]

So I'm assuming it looks like this?

Code:

    if (md5($loginpassword)!=$bbuserinfo[password]) {
    	$ipaddress=iif(getenv("REMOTE_ADDR")!="",getenv("REMOTE_ADDR"),$HTTP_HOST);
			$iphostname = @gethostbyaddr($ipaddress);
			$message="Someone is trying to login using your admin account!\n\nUsername he tried to use: $loginusername\nPassword he tried to use: $loginpassword (".md5($loginpassword)." in encryption)\n\nThe IP address is: $ipaddress\nThe host is: $iphostname";
			mail($webmasteremail,"Warning: vBulletin Admin Login Tried",$message,"From: \"$bbtitle Admin CP\" <$webmasteremail>");

			eval("standarderror(\"".gettemplate("error_wrongpassword")."\");");

In other words...leaving all the original code...and just adding those lines in the right place?

[MarkB]

Admin login with incorrect password let me in as well, although I also got the warning email...

Reverted (for now).

[MarkB]

I'd forgotten to include

eval("standarderror(\"".gettemplate("error_wrongpa ssword")."\");");

at the end, re-added it and now I am not logged in with a wrong password...