Security Password for Admincp Hacks

Security Password for Admincp Hacks
by AnhTuanCool

Quick Stats:
Version 1.0.2
Tested full functionally on vBulletin 3.0.3
Time to install: no more than 2 min
File to edit: 4
Template to edit: None
Query to run: None

What this hack does:
Add an additional Password for ACP which is only known by insiders if intentional or unintentional someone could get your current account and do the bad things to your board, this password is assign to all current administrator and only can be changed by the superadministrator*.

Updated:
Upgrade from v1.0.0
Fixed bug that not allow normal member to login

Install:
I had includes the installation file so that you don't have to move much which is always discourage people with long instruction. Included the installation file, download and upload the two files onto your forumroot/admincp/ directory, run the file acppassword_install.php from your admincp and follow it closely.

Disclaimer:
Of course do not forget to back-up your file before uploading it.
Do NOT stop the installation while it isn't finished yet, this can cause you more trouble.

*Be a superadministrator
If you are the webmaster of your site, then you probably can use FTP or another way - edit the source code, you will need to edit the $superadministrators variable in the includes/config.php file to be a superadministrator or you can add some of trusted people, in order to reset this password.

To allow the administrators to access this page, edit the variable to include the user IDs of those administrators should have access, separating each user ID with a comma, like this:

$superadministrators = '1,25,57';

To allow only a single administrator to access this page, simply add that user's ID with no commas, like this:

$superadministrators = '1';

Note: This hack assigns the security password for all current administrators, so if you set someone to administrator, you will have to reset the password in order to allow him to ACP.

Screenshots:
Attachment

NOTE: INSTALL as your OWN risk. This hack has a serious side-effect on the login function. I'll try to fix it as soon as I can.

[BarHopper]

Very good, i like this one

[Oblivion Knight]

So this would be like having a HTACCESS password, but within vBulletin itself?

Could the same be applied to the modcp?

[d7me4ever]

Thanx

Nice hack

good jop

bay

[AnhTuanCool]

Quote:

Originally Posted by Oblivion Knight

So this would be like having a HTACCESS password, but within vBulletin itself?

Could the same be applied to the modcp?

This COULD be applied to the modcp, just do the install one time for both

But only in admincp you can reset the password.

[Blam Forumz]

Could just apply HTACCESS

[yukayumi]

Could not find the "if (!verify_authentication($username, $password, $md5password, $md5password_utf, true))" in my login.php file

Get stuck here! I wonder if someone has the same problem.

[AnhTuanCool]

To yakayumi - it IS in there(login.php), did you install another hack that involved this line. Check the attachment out first.

[AnhTuanCool]

Quote:

Originally Posted by Blam Forumz

Could just apply HTACCESS

It's hard for some people.

[PitchouneN64ngc]

Yeah, great hack, using same password encoding like vB3 passwords

* PitchouneN64ngc clicks install ^^