Go Back   vb.org Archive > vBulletin Modifications > Archive > vB.org Archives > vBulletin 3.0 > vBulletin 3.0 Full Releases
FAQ Community Calendar Today's Posts Search

Reply
 
Thread Tools
Email notification if someone attempts to access your Admin CP Details »»
Email notification if someone attempts to access your Admin CP
Version: 1.1, by EvilLS1 EvilLS1 is offline
Developer Last Online: May 2021 Show Printable Version Email this Page

Version: 3.0.5 Rating:
Released: 04-28-2004 Last Update: 01-07-2005 Installs: 239
 
No support by the author.

This is my version of the hack that Firefly released for VB2.

VB3's standard log of failed admincp login attempts is a nice feature.. but since you get no instant notification, by the time you check the log it could be too late. Also, the log doesn't show which passwords the potential intruder is trying... If someone is close to guessing my password I wanna know about it!

What does it do? With this hack, when someone tries to login to your admincp or modcp you'll get an email that contains the username they tried, the password they tried, their ip address, hostname, # of strikes, referer, script, and the date & time of the attempt.

It will look something like this:

Quote:
--------------------------------------------------
WARNING: Failed admin logon in vBulletin 3.0.1
--------------------------------------------------
Someone is trying to login to your Admin CP!

Username tried: JimbobJoe
Password tried: aCcEsS
IP Address: 67.13.27.156
Host: asd691917124.whatever.com
Strikes: 1/5
Referer: http://www.yoursite.com/forums/admincp/
Script: http://www.yoursite.com/forums/login.php
Date: Wednesday 28th of April 2004 07:50:02 AM
--------------------------------------------------
If the person who is attempting to access your CP happens to be registered & logged in, this line will also be included in the email:
Quote:
vBulletin has identified this user as: (intruder's real username here)
(Thanks to AlexanderT for the idea for this addon.)


Update (1-4-05): A couple of users have expressed concern about this mod sending a plaintext password over http for all logins. This update (v1.1) addresses that concern by only sending the password for cplogins. To update just re-do the first step in the instructions for your vbulletin version (the first edit to adminfunctions.php). Or if you'd prefer that the attempted password not be sent at all simply skip the edits to adminfunctions.php.

If you don't recieve an email when testing, make sure you have the webmaster email set in the admincp (vBulletin Options + Site Name / URL / Contact Details). Also, sometimes it takes a while for the email to arrive. So give it plenty of time before screaming "it doesn't work"..

Still not working? Read this!

Credits: Thanks to the original creator of this hack (Chen) for the idea, and thanks to Boofo for helping me test it.

Show Your Support

  • This modification may not be copied, reproduced or published elsewhere without author's permission.

Comments
  #42  
Old 05-10-2004, 05:27 AM
Logikos Logikos is offline
 
Join Date: Jan 2003
Posts: 2,924
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

works perfect, thanks!
Reply With Quote
  #43  
Old 05-12-2004, 01:16 PM
AlexanderT's Avatar
AlexanderT AlexanderT is offline
 
Join Date: Mar 2003
Posts: 294
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

Ok stupid me. I had the administrator email set to a wrong email that I don't check regularly. That is why I didn't get any notification from this hack (beside not getting like 200 other emails from people who tried to contact me :nervous: )

Greets
Reply With Quote
  #44  
Old 05-12-2004, 04:07 PM
Boofo's Avatar
Boofo Boofo is offline
 
Join Date: Mar 2002
Location: Des Moines, IA (USA)
Posts: 15,776
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

Quote:
Originally Posted by AlexanderT
Ok stupid me. I had the administrator email set to a wrong email that I don't check regularly. That is why I didn't get any notification from this hack (beside not getting like 200 other emails from people who tried to contact me :nervous: )

Greets
I had the same thing happen when I was helping him test it. That's why the note about checking that in his instructions. LOL
Reply With Quote
  #45  
Old 05-13-2004, 05:03 AM
EvilLS1's Avatar
EvilLS1 EvilLS1 is offline
 
Join Date: Apr 2002
Location: Georgia, USA
Posts: 987
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

Quote:
Originally Posted by AlexanderT
Ok stupid me. I had the administrator email set to a wrong email that I don't check regularly. That is why I didn't get any notification from this hack (beside not getting like 200 other emails from people who tried to contact me :nervous: )

Greets
Heh.. Same thing happened to me when I was making the hack. I couldn't figure out why I wasn't getting an email so I changed the code about 5 times before noticing that I didn't have the webmaster's email set in the CP. Doh! Anyway, glad its workin' for ya.
Reply With Quote
  #46  
Old 05-14-2004, 10:06 AM
Mu5icMan Mu5icMan is offline
 
Join Date: Aug 2003
Posts: 55
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

can this hack be modded to get an email if someone tries to log in with an incorrect username or password to the normal board not admin
Reply With Quote
  #47  
Old 05-14-2004, 08:35 PM
EvilLS1's Avatar
EvilLS1 EvilLS1 is offline
 
Join Date: Apr 2002
Location: Georgia, USA
Posts: 987
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

Quote:
Originally Posted by Mu5icMan
can this hack be modded to get an email if someone tries to log in with an incorrect username or password to the normal board not admin
Yeah it could, but I'd rather not release a hack like that b/c it could easily be changed to send the user's correct password. Alot of people use the same password on several different sites so its not a good idea IMO. Not saying that you would use it for that, but theres some people out there who would abuse it.
Reply With Quote
  #48  
Old 05-15-2004, 04:02 AM
Logikos Logikos is offline
 
Join Date: Jan 2003
Posts: 2,924
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

Quote:
Originally Posted by EvilLS1
Yeah it could, but I'd rather not release a hack like that b/c it could easily be changed to send the user's correct password. Alot of people use the same password on several different sites so its not a good idea IMO. Not saying that you would use it for that, but theres some people out there who would abuse it.
Agreed, i don't have any rights knowing there passwords, just like they don't have any rights if i was a member of there site.
Reply With Quote
  #49  
Old 05-17-2004, 07:18 AM
Mu5icMan Mu5icMan is offline
 
Join Date: Aug 2003
Posts: 55
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

Could you possibly do one without the password part but just the username, just so i know if anyone is trying to get into our site without permission.

Regards
Rob
Reply With Quote
  #50  
Old 05-18-2004, 05:39 AM
EvilLS1's Avatar
EvilLS1 EvilLS1 is offline
 
Join Date: Apr 2002
Location: Georgia, USA
Posts: 987
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

Rob,
For regular logins it would probably be better to store failed attempts in the db and make a log rather than email them b/c if you have alot of members your inbox would be full due to users making typos when logging in. I might look into making a hack for that a little later when I get some free time.
Reply With Quote
  #51  
Old 05-19-2004, 01:42 PM
Loyalty4Life's Avatar
Loyalty4Life Loyalty4Life is offline
 
Join Date: Oct 2003
Location: Eugene, OR
Posts: 91
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

Installed - thanks.
Reply With Quote
Reply


Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump


All times are GMT. The time now is 06:34 AM.


Powered by vBulletin® Version 3.8.12 by vBS
Copyright ©2000 - 2024, vBulletin Solutions Inc.
X vBulletin 3.8.12 by vBS Debug Information
  • Page Generation 0.05134 seconds
  • Memory Usage 2,312KB
  • Queries Executed 25 (?)
More Information
Template Usage:
  • (1)SHOWTHREAD
  • (1)ad_footer_end
  • (1)ad_footer_start
  • (1)ad_header_end
  • (1)ad_header_logo
  • (1)ad_navbar_below
  • (1)ad_showthread_beforeqr
  • (6)bbcode_quote
  • (1)footer
  • (1)forumjump
  • (1)forumrules
  • (1)gobutton
  • (1)header
  • (1)headinclude
  • (1)modsystem_post
  • (1)navbar
  • (6)navbar_link
  • (120)option
  • (1)pagenav
  • (1)pagenav_curpage
  • (4)pagenav_pagelink
  • (1)pagenav_pagelinkrel
  • (11)post_thanks_box
  • (11)post_thanks_button
  • (1)post_thanks_javascript
  • (1)post_thanks_navbar_search
  • (11)post_thanks_postbit_info
  • (10)postbit
  • (11)postbit_onlinestatus
  • (11)postbit_wrapper
  • (1)spacer_close
  • (1)spacer_open
  • (1)tagbit_wrapper 

Phrase Groups Available:
  • global
  • inlinemod
  • postbit
  • posting
  • reputationlevel
  • showthread
Included Files:
  • ./showthread.php
  • ./global.php
  • ./includes/init.php
  • ./includes/class_core.php
  • ./includes/config.php
  • ./includes/functions.php
  • ./includes/class_hook.php
  • ./includes/modsystem_functions.php
  • ./includes/functions_bigthree.php
  • ./includes/class_postbit.php
  • ./includes/class_bbcode.php
  • ./includes/functions_reputation.php
  • ./includes/functions_post_thanks.php 

Hooks Called:
  • init_startup
  • init_startup_session_setup_start
  • init_startup_session_setup_complete
  • cache_permissions
  • fetch_threadinfo_query
  • fetch_threadinfo
  • fetch_foruminfo
  • style_fetch
  • cache_templates
  • global_start
  • parse_templates
  • global_setup_complete
  • showthread_start
  • showthread_getinfo
  • forumjump
  • showthread_post_start
  • showthread_query_postids
  • showthread_query
  • bbcode_fetch_tags
  • bbcode_create
  • showthread_postbit_create
  • postbit_factory
  • postbit_display_start
  • post_thanks_function_post_thanks_off_start
  • post_thanks_function_post_thanks_off_end
  • post_thanks_function_fetch_thanks_start
  • post_thanks_function_fetch_thanks_end
  • post_thanks_function_thanked_already_start
  • post_thanks_function_thanked_already_end
  • fetch_musername
  • postbit_imicons
  • bbcode_parse_start
  • bbcode_parse_complete_precache
  • bbcode_parse_complete
  • postbit_display_complete
  • post_thanks_function_can_thank_this_post_start
  • pagenav_page
  • pagenav_complete
  • tag_fetchbit_complete
  • forumrules
  • navbits
  • navbits_complete
  • showthread_complete