Security Password for Admincp Hacks

Security Password for Admincp Hacks
by AnhTuanCool

Quick Stats:
Version 1.0.2
Tested full functionally on vBulletin 3.0.3
Time to install: no more than 2 min
File to edit: 4
Template to edit: None
Query to run: None

What this hack does:
Add an additional Password for ACP which is only known by insiders if intentional or unintentional someone could get your current account and do the bad things to your board, this password is assign to all current administrator and only can be changed by the superadministrator*.

Updated:
Upgrade from v1.0.0
Fixed bug that not allow normal member to login

Install:
I had includes the installation file so that you don't have to move much which is always discourage people with long instruction. Included the installation file, download and upload the two files onto your forumroot/admincp/ directory, run the file acppassword_install.php from your admincp and follow it closely.

Disclaimer:
Of course do not forget to back-up your file before uploading it.
Do NOT stop the installation while it isn't finished yet, this can cause you more trouble.

*Be a superadministrator
If you are the webmaster of your site, then you probably can use FTP or another way - edit the source code, you will need to edit the $superadministrators variable in the includes/config.php file to be a superadministrator or you can add some of trusted people, in order to reset this password.

To allow the administrators to access this page, edit the variable to include the user IDs of those administrators should have access, separating each user ID with a comma, like this:

$superadministrators = '1,25,57';

To allow only a single administrator to access this page, simply add that user's ID with no commas, like this:

$superadministrators = '1';

Note: This hack assigns the security password for all current administrators, so if you set someone to administrator, you will have to reset the password in order to allow him to ACP.

Screenshots:
Attachment

NOTE: INSTALL as your OWN risk. This hack has a serious side-effect on the login function. I'll try to fix it as soon as I can.

[Polo]

thanks for sharing with the community... I may use it

[AnhTuanCool]

I found a bug that prevent normal member to login, but it's fixed now. If you didn't install this hack then see the zip file, if you did and wish to upgrade to fix this bug, see the txt file.

This update re-allows normal members to login but administrators who have the password need to use the cookies from ACP to login to the board so if you are an administrator you will need to login to your ACP first (you will have noticed that the login in ACP appears twice) then return to your board. I'll try to fix for the admins soon. ^_^

[jugo]

Quote:

Originally Posted by AnhTuanCOol

I found a bug that prevent normal member to login, but it's fixed now. If you didn't install this hack then see the zip file, if you did and wish to upgrade to fix this bug, see the txt file.

This update re-allows normal members to login but administrators who have the password need to use the cookies from ACP to login to the board so if you are an administrator you will need to login to your ACP first (you will have noticed that the login in ACP appears twice) then return to your board. I'll try to fix for the admins soon. ^_^

Nothing....

Still cannot log in.

I need to uninstall this NOW..>How do I do it. Cause I'm getting overwhelmed with emails....

[AnhTuanCool]

K, use the install script (acppassword_install.php), choose for Click Here to Uninstall to remove phrase and field, then enter acppassword_install.php?do=editfiles and redo all the modification for the source code...

[k4is3r]

when you fix the administration login?

[outlaw621]

I am installing this on 3.0.3 and I have a small problem. After I get everyting installed, the admincp works as expected with the security key. The problem is it is also adding the security key requirement to the modcp. I only want it for admincp logons. I do not want the mods to have the security key. How do I fix this?

[Wapture]

Ok, problem...

The password works great for the admincp, but when a mod trys to login to modcp they are also shown a box saying "security password" I gave the mods the password but it is coming back as if it is wrong.

[LPTV]

Sorry, but now i don't remember security password. Can you help me?

[shadiguy1]

i did the install for some reason tho if u enter just the administrators passowrd it still allows you to loigin twithout the 2nd password what could have i done wrong?

[parajsa]

Quote:

Originally Posted by outlaw621

I am installing this on 3.0.3 and I have a small problem. After I get everyting installed, the admincp works as expected with the security key. The problem is it is also adding the security key requirement to the modcp. I only want it for admincp logons. I do not want the mods to have the security key. How do I fix this?

The same problem, is there any way to make this prob disappears?

Thank u in advanced,