Go Back   vb.org Archive > vBulletin Modifications > vBulletin 4.x Modifications > vBulletin 4.x Add-ons
Reload this Page Administrative and Maintenance Tools - vt.Lai VBB Anti CSRF 1.2 - Anti CSRF Attack To AdminCP vBulletin
FAQ Community Calendar Today's Posts Search

Reply
 
Thread Tools
vt.Lai VBB Anti CSRF 1.2 - Anti CSRF Attack To AdminCP vBulletin Details »»
vt.Lai VBB Anti CSRF 1.2 - Anti CSRF Attack To AdminCP vBulletin
MOD Information
The Developer
 
Version: 1.2, by VuThanhLai VuThanhLai is offline
Developer Last Online: Jul 2016 Show Printable Version Email this Page
Category: Administrative and Maintenance Tools - Version: 4.2.0 Rating:
Released: 12-10-2012 Last Update: 12-13-2012 Installs: 12
Uses Plugins
 
No support by the author.

How to attack:

http://www.youtube.com/watch?v=0W8KW...layer_embedded

How to Fix ?

+ First solution:
Rename admincp dir. This is simple solution. However, when used in this way, will be some mod is not working or error.
In another case, if you have sub forum Admin, when you change the AdminCP dir, you must inform them of this. => They still know where is admincp folder.

+ Second solution:
Use this add on



Options:



Applies to all vbulletin versions

Change log:
v1.2: Fix some issue if admincp folder name has special char
v1.1: Fix loop error + Add some options

Source:
vt.Lai VBB Anti CSRF 1.0
vt.Lai VBB Anti CSRF 1.1
vt.Lai VBB Anti CSRF 1.2

Download Now

File Type: xml product-vtlai_anti_csrf_1.0.xml (1.7 KB, 17 views)
File Type: xml product-vtlai_anti_csrf_1.1.xml (3.4 KB, 20 views)
File Type: xml product-vtlai_anti_csrf_1.2.xml (3.6 KB, 37 views)

Show Your Support

  • This modification may not be copied, reproduced or published elsewhere without author's permission.

Comments
  #2  
Old 12-11-2012, 03:50 PM
ramesh_umk3 ramesh_umk3 is offline
 
Join Date: Jul 2010
Location: Earth
Posts: 194
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default
I don't take chance so installed thanks for predicting this loop whole mate
Reply With Quote
Благодарность от:
VuThanhLai
Reply

« Previous Thread | Next Thread »

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Forum Jump


All times are GMT. The time now is 03:55 PM.

Contact Us - Archive - Top

Powered by vBulletin® Version 3.8.12 by vBS
Copyright ©2000 - 2024, vBulletin Solutions Inc.
X vBulletin 3.8.12 by vBS Debug Information
  • Page Generation 0.04831 seconds
  • Memory Usage 2,222KB
  • Queries Executed 16 (?)
More Information
Template Usage:
  • (1)SHOWTHREAD
  • (1)ad_footer_end
  • (1)ad_footer_start
  • (1)ad_header_end
  • (1)ad_header_logo
  • (1)ad_navbar_below
  • (1)ad_showthread_beforeqr
  • (1)footer
  • (1)forumjump
  • (1)forumrules
  • (1)gobutton
  • (1)header
  • (1)headinclude
  • (1)modsystem_post
  • (1)navbar
  • (4)navbar_link
  • (120)option
  • (2)post_thanks_box
  • (1)post_thanks_box_bit
  • (2)post_thanks_button
  • (1)post_thanks_javascript
  • (1)post_thanks_navbar_search
  • (1)post_thanks_postbit
  • (2)post_thanks_postbit_info
  • (1)postbit
  • (3)postbit_attachment
  • (2)postbit_onlinestatus
  • (2)postbit_wrapper
  • (1)spacer_close
  • (1)spacer_open
  • (1)tagbit_wrapper 
Phrase Groups Available:
  • global
  • inlinemod
  • postbit
  • posting
  • reputationlevel
  • showthread
Included Files:
  • ./showthread.php
  • ./global.php
  • ./includes/init.php
  • ./includes/class_core.php
  • ./includes/config.php
  • ./includes/functions.php
  • ./includes/class_hook.php
  • ./includes/modsystem_functions.php
  • ./includes/functions_bigthree.php
  • ./includes/class_postbit.php
  • ./includes/class_bbcode.php
  • ./includes/functions_reputation.php
  • ./includes/functions_post_thanks.php 
Hooks Called:
  • init_startup
  • init_startup_session_setup_start
  • init_startup_session_setup_complete
  • cache_permissions
  • fetch_threadinfo_query
  • fetch_threadinfo
  • fetch_foruminfo
  • style_fetch
  • cache_templates
  • global_start
  • parse_templates
  • global_setup_complete
  • showthread_start
  • showthread_getinfo
  • forumjump
  • showthread_post_start
  • showthread_query_postids
  • showthread_query
  • bbcode_fetch_tags
  • bbcode_create
  • showthread_postbit_create
  • postbit_factory
  • postbit_display_start
  • post_thanks_function_post_thanks_off_start
  • post_thanks_function_post_thanks_off_end
  • post_thanks_function_fetch_thanks_start
  • fetch_musername
  • post_thanks_function_fetch_thanks_end
  • post_thanks_function_thanked_already_start
  • post_thanks_function_thanked_already_end
  • postbit_imicons
  • bbcode_parse_start
  • bbcode_parse_complete_precache
  • bbcode_parse_complete
  • postbit_attachment
  • postbit_display_complete
  • post_thanks_function_can_thank_this_post_start
  • post_thanks_function_fetch_thanks_bit_start
  • post_thanks_function_show_thanks_date_start
  • post_thanks_function_show_thanks_date_end
  • post_thanks_function_fetch_thanks_bit_end
  • post_thanks_function_fetch_post_thanks_template_start
  • post_thanks_function_fetch_post_thanks_template_end
  • tag_fetchbit_complete
  • forumrules
  • navbits
  • navbits_complete
  • showthread_complete