The Arcive of Official vBulletin Modifications Site.

vB Dummy ACP 1.0.0 · **Released**: 12-23-2008

vB Dummy ACP

This addon will allow you to create as many dummy acps as you like. The dummy acp acts exactly like your true admincp, but it will not allow anyone to login through it, even if the username and password provided are correct.

Features

Acts just like real admincp login
Can automatically defend against detection (explained below)
Won't even allow real admin logins
Easily create as many dummy acps as you like
Will work without plugins enabled (partially)

Defense Against Detection

In order for the dummy acp to be of any use, I've made it impossible to detect being a "dummy". This is done through the following methods:

1. File Check
The dummy acp checks the file being requested to see if it exists in the true admincp directory, so if a user requested dummyacp/plugin.php, they would see a login despite there being no plugin.php in the dummyacp folder. If they request a file that is not in the true admincp directory, a 404 error is shown.

2. Login Validation
You may know, that normal forum members who try to login to the acp will see the successfully logged in page, but then redirect back to the login page. The dummy acp keeps this functionality instead of completely blocking all logins. It will only show the login error page under two circumstances:

1. The login provided is actually wrong
2. The login provided is real, but an administration login

Note
While this will work without plugins enabled, if plugins are not enabled then the dummy acp will show users who login successfully with an admin login a successful login page, but -still- redirect them to the login page. So while they may not actually gain access to your admincp, someone trying to get into your forum would know your login works.

Deceptor · #2 12-24-2008, 06:45 AM

Reserved

dtv100 · #3 12-24-2008, 07:01 AM

thanks you becoming one of my favorite coder.
gone try it with 3.7.4 and report later

all that secure a website is love by me.

F0xy · #4 12-24-2008, 09:19 AM

what a brilliant idea, thanks

dtv100 · #5 12-24-2008, 09:42 AM

so far seen to work with 3.7.4 thanks

Deceptor · #6 12-24-2008, 09:49 AM

Glad to hear it dtv100, I'll probably release it in the 3.7 section too then

Megatr0n · #7 12-24-2008, 01:54 PM

Deceptor, what's the purpose of this hack?

I am confused.

Deceptor · #8 12-24-2008, 01:59 PM

In short, a trick, for security

One of the things you can do to secure your vBulletin install is change the admincp/ directory to something else, so no one knows where your admincp URL is. With this, you can put up a dummy acp in its place, making people believe this dummy is the real one, and no matter what, not be able to log in

TheLastSuperman · #9 12-24-2008, 02:09 PM

Very nice Deceptor, I was getting ready to do this:

https://vborg.vbsupport.ru/showthread.php?t=197510

And this will help! took some of the work out of it and I like how you mentioned it's pretty much untraceable as a fake... Nice!

Thanks for all the recent mods and look for an install shortly

Plus... loved to see the names Deceptor and Megatron back to back... ohh the memories of autobots and deceptacons lol! WHAT?!?!? lol

Megatr0n · #10 12-24-2008, 02:11 PM

Quote:

Originally Posted by Deceptor

In short, a trick, for security

One of the things you can do to secure your vBulletin install is change the admincp/ directory to something else, so no one knows where your admincp URL is. With this, you can put up a dummy acp in its place, making people believe this dummy is the real one, and no matter what, not be able to log in

Awesome!!

X vBulletin 3.8.12 by vBS Debug Information
Page Generation 0.07298 seconds Memory Usage 2,316KB Queries Executed 24 (?)
More Information
Template Usage: (1)SHOWTHREAD (1)ad_footer_end (1)ad_footer_start (1)ad_header_end (1)ad_header_logo (1)ad_navbar_below (1)ad_showthread_beforeqr (1)bbcode_quote (1)footer (1)forumjump (1)forumrules (1)gobutton (1)header (1)headinclude (1)modsystem_post (1)navbar (4)navbar_link (120)option (1)pagenav (1)pagenav_curpage (2)pagenav_pagelink (10)post_thanks_box (10)post_thanks_button (1)post_thanks_javascript (1)post_thanks_navbar_search (10)post_thanks_postbit_info (9)postbit (1)postbit_attachment (10)postbit_onlinestatus (10)postbit_wrapper (1)spacer_close (1)spacer_open (1)tagbit_wrapper Phrase Groups Available: global inlinemod postbit posting reputationlevel showthread	Included Files: ./showthread.php ./global.php ./includes/init.php ./includes/class_core.php ./includes/config.php ./includes/functions.php ./includes/class_hook.php ./includes/modsystem_functions.php ./includes/functions_bigthree.php ./includes/class_postbit.php ./includes/class_bbcode.php ./includes/functions_reputation.php ./includes/functions_post_thanks.php Hooks Called: init_startup init_startup_session_setup_start init_startup_session_setup_complete cache_permissions fetch_threadinfo_query fetch_threadinfo fetch_foruminfo style_fetch cache_templates global_start parse_templates global_setup_complete showthread_start showthread_getinfo forumjump showthread_post_start showthread_query_postids showthread_query bbcode_fetch_tags bbcode_create showthread_postbit_create postbit_factory postbit_display_start post_thanks_function_post_thanks_off_start post_thanks_function_post_thanks_off_end post_thanks_function_fetch_thanks_start post_thanks_function_fetch_thanks_end post_thanks_function_thanked_already_start post_thanks_function_thanked_already_end fetch_musername postbit_imicons bbcode_parse_start bbcode_parse_complete_precache bbcode_parse_complete postbit_attachment postbit_display_complete post_thanks_function_can_thank_this_post_start pagenav_page pagenav_complete tag_fetchbit_complete forumrules navbits navbits_complete showthread_complete
Messages:

The Arcive of Official vBulletin Modifications Site.

It is not a VB3 engine, just a parsed copy!