Administrative and Maintenance Tools - Multiple account login detector (AE Detector)

Mod of the Month winner!
Top 10 most installed mods for vB3.6!

Same plug-in found here:

https://vborg.vbsupport.ru/showthread.php?t=107566

There are no differences as this plug-in works with both 3.5 and 3.6 versions of vBulletin.

If you are like me and migrated from .threads, a common modification was an "AE detector", a simple mod that saved a cookie of a history of ids logged into on your site. If someone logged into more than one account, you got a PM letting you know that your site was being accessed from multiple accounts.

Over the years this was very helpful in identifying users who were posting under multiple accounts (alter-egos!) and users who would return after being banned.

You might be wondering why I don't use the vbcookie call - well, thats because on logout all vB cookies are cleared, so we need to store a cookie that is not effected by the login/logout process.

New Installation
1. Add New Product with attached XML
2. Go to vBulletin Options -> AE Multiple Login Detection Settings and set your specific settings.

Time to install: Easy - 2 minutes.

Upgrade
If you installed this as a Plug-in manually, you can delete that plugin and install this Product, just make sure to go into the Options and set them accordingly.

I hope you find this useful and will click INSTALL if you use it; should it prove useful to enough people I can look at making this installation more automated without the need for edits and an Admin Options page.

To upgrade you will want to reimport this XML file and edit your options accordingly.

1.0.3
-----
. Added a check to ensure that users weren't deleted when reporting violations
. added htmlspecialchars_uni call to username

Note: I am unable to get the call to construct_phrase with $vbphrase['multiplelogin_alert'] to work reliably, as such the $message variable is still set manually inside the plug-in and not via the phrase. If anyone has an idea of why this might not always work, I'm all ears.

1.0.2
-----
. Updated to include exclusion groups, users
. Changed so PM is sent by ae sender id

1.0.1
-----
. Released as a Product (thank you PHPGeek2k3 for your help)
. Added option to post to a forum versus send a PM (or both)
. All settings moved into Admin Option

1.0.0
-----
Initial release.

[FRANKTHETANK 2]

I have posted a picture of a regular member logging into a ton of accounts. We had a page up saying hacked by RootX@hotmail.com. I am not pulling cords and i'm not playing a joke. I am offended that someone would go this extent to tear my name down even when i posted proof. Like i said he won't give me the exploit. Part of the reason he won't give it to me is because i banned him for 7 days. I'm sorry but if you don't believe me then find out the hard way one day.

[Boofo]

You are blaming a hack that only caught what was going on, not causing it. That picture is not proof of any kind. It is only proof that this hack is working as intended. Do you honestly believe this clown is going to steer you in the right direction of the actual exploit so you can block it? Wise up, man.

[FRANKTHETANK 2]

I might even get the owner of the server i was on to come and back me up. Not only did he have access to my site, but he deleted cpanel, he messed up whmcs, and he replaced every and i mean ever index.php/html/etc, on the server.

[FRANKTHETANK 2]

all it takes is one shell to be uploaded and he can take over everything and i mean everything.

[KURTZ]

lol i'm without any words about this ... so 2 thousand users that have already installed this add-on are lucky or idiots? c'on ....

[FRANKTHETANK 2]

I have changed his name to a friendly name on aim so no one can pm him telling him that i mentioned that he had an exploit for this. But this is the conversation i had with him it's 1:22 central time as i post this.

NEO (1:11:12 PM): lolz
soulweaver2006 (1:11:18 PM): ok
NEO (1:11:22 PM): Thats german
NEO (1:11:29 PM): to that song
NEO (1:11:30 PM): fortuna
iDeVoUrEdu1337 (1:11:42 PM): very nice man that kids a ++++ing jackass glad you took it down
NEO (1:11:55 PM): lolz
NEO (1:12:00 PM): kid was a 16 year old wannabe
NEO (1:12:09 PM): that ran his mouth a little to much
iDeVoUrEdu1337 (1:12:10 PM): lol yea i hear that
iDeVoUrEdu1337 (1:13:35 PM): i am going to school for networking and all that good stuff and i have been hacking for awhile
NEO (1:13:44 PM): lolz
NEO (1:13:53 PM): I don't hack for serious notes, i hack to prove i can "/>
NEO (1:13:55 PM): for fun
soulweaver2006 (1:14:00 PM): lol
soulweaver2006 (1:14:01 PM): ass hole
NEO (1:14:02 PM): Ruining peoples lives in my main goal
NEO (1:14:06 PM): is*
NEO (1:14:26 PM): btw soul
NEO (1:14:38 PM): Chmod my deeznuts, and you can execute them "/>
iDeVoUrEdu1337 (1:14:42 PM): yea i got banned from my friends house for hacking his older brothers network b/c he thought i was talking out of my ass
soulweaver2006 (1:15:06 PM): yo
soulweaver2006 (1:15:08 PM): neo
NEO (1:15:15 PM): i hack my own site to find vulns
NEO (1:15:16 PM): and shit
soulweaver2006 (1:15:25 PM): can we have that exploit for the ae detector
NEO (1:15:30 PM): Lolz..
NEO (1:15:33 PM): Naw dawgy
soulweaver2006 (1:15:41 PM): come on lol
NEO (1:15:49 PM): It's unreleased, And i would like to keep it that way.
soulweaver2006 (1:15:50 PM): i wanna do it to some one
NEO (1:16:12 PM): lol
NEO (1:16:15 PM): if my exploit gets out
NEO (1:16:18 PM): sites all over the world
NEO (1:16:20 PM): will go down
soulweaver2006 (1:16:30 PM): i won't release it dude
soulweaver2006 (1:16:32 PM): if i do
soulweaver2006 (1:16:37 PM): you know you can own me
NEO (1:16:37 PM): You can still log into admin accounts and shit
NEO (1:16:41 PM): even if the mod is disabled
NEO (1:16:41 PM): cause
NEO (1:16:44 PM): its still installed "/>
NEO (1:17:11 PM): I only did it to prove my point to you "/>
NEO (1:17:16 PM): Point proven, Subject closed.
soulweaver2006 (1:19:39 PM): eh
soulweaver2006 (1:19:40 PM): u suck
NEO (1:19:47 PM): sorry
NEO (1:19:49 PM): im stingy
soulweaver2006 (1:19:52 PM): it's cool
soulweaver2006 (1:19:55 PM): i understand
soulweaver2006 (1:19:56 PM): but
soulweaver2006 (1:19:58 PM): you do know
soulweaver2006 (1:20:03 PM): if i released it
soulweaver2006 (1:20:13 PM): you would be able to rip my site apart

[Videx]

Quote:

Originally Posted by FRANKTHETANK 2

I might even get the owner of the server i was on to come and back me up.

You don't need 'backing up'. We all believe you're getting screwed. Anyway, now that you've uninstalled this mod, let us know if he gets back in.

[FRANKTHETANK 2]

Quote:

Originally Posted by KURTZ

lol i'm without any words about this ... so 2 thousand users that have already installed this add-on are lucky or idiots? c'on ....

New exploits come out every day. Look even vbulletin has exploits in there software every now and then. It's not impossible. I just hope someone actually looks into this. This was a major pain to fix and I don't want anyone else to go through it.

[Boofo]

I'm not saying you weren't hacked, you clearly were. I'm saying it was not because of this hack that it happened. There is no possible way that I can see that he could have done it with this hack. He got in another way, that's the only explanation. If he keeps you busy in the kitchen, he can steal you blind in the living room.

[Mum]

Just a small question, how do we know that it WASN'T this mod?