Bravo List
Register
Go Back   > Bravo List > Source Code > Archived Trackers > TBDev
Reply
  #1  
Old 4th August 2019, 11:54
Elena's Avatar
Elena Elena is offline
Member
 
Join Date: Sep 2010
Ukraine
Posts: 12
Thumbs up Admin password with ban and account disconnection
This script puts the login password on the administrator file. If entered incorrectly once - ban and disable the account with an entry in the site log file.
Change here in this data your password and login! And remember yourself in a text file on your computer.
Code:
$conf['login'] = "Login";
$conf['password'] = "Password";
Replace completely everything that you have in admin.php with this code (changing to your password and login).

PHP Code:
<? require "include/bittorrent.php";dbconn();if ($CURUSER && get_user_class() >= UC_SYSOP) {
$conf['login'] = "Login";$conf['password'] = "Password";  
header("Content-type: text/html; charset=utf-8");mysql_query("set names 'utf8'");
function auth() {  
global $confsp, $CURUSER; 
$ip=getenv("REMOTE_ADDR"); 
$ag=getenv("HTTP_USER_AGENT");  
$host=getenv("REQUEST_URI");
$modcomment = get_date_time()." - Disabled for life by System user. Do you consider yourself a hacker? Congratulations! You are banned forever! Contact the administration and explain why you entered the prohibited part of the site.";
Header('WWW-Authenticate: Basic realm="OnlyAdmin"');  
Header('HTTP/1.0 401 Unauthorized');
$date = sqlesc(get_date_time());
$dateline = sqlesc(time());
$userid = (int) $CURUSER['id'];
$disuntil = "'0000-00-00 00:00:00'";
$disreason = "Do you consider yourself a hacker? Congratulations! You are banned forever! Contact the administration and explain why you entered the prohibited part of the site.";
mysql_query('INSERT INTO users_ban (userid, disuntil, disby, reason) VALUES ('.implode(', ', array_map('sqlesc', array($userid, $disuntil, 2, $disreason))).')') or sqlerr(__FILE__,__LINE__);
mysql_query("UPDATE users SET enabled='no', modcomment='$modcomment' WHERE id = ".$CURUSER["id"]."");
write_log("User hacking attempt ".$CURUSER["username"]." с $ip. I tried to get into the admin panel!","5DDB6E","error");
die("Your IP is added to police/security database. Do you consider yourself a hacker? Congratulations! You are banned forever! Contact the administration and explain why you entered the prohibited part of the site.<html><head><meta http-equiv=refresh content='10;url=/'></head></html>");}
function auth2() {  
global $confsp, $CURUSER; 
$ip=getenv("REMOTE_ADDR"); 
$ag=getenv("HTTP_USER_AGENT");  
$host=getenv("REQUEST_URI"); 
$date = date("d.m.y"); 
$time= date("H:i:s"); 
Header('WWW-Authenticate: Basic realm="OnlyAdmin"');  
Header('HTTP/1.0 401 Unauthorized');
write_log("User hacking attempt ".$CURUSER["username"]." с $ip. I tried to get into the admin panel!","5DDB6E","error");
die("Your IP is added to police/security database. Do you consider yourself a hacker? Congratulations! You are banned forever! Contact the administration and explain why you entered the prohibited part of the site.<html><head><meta http-equiv=refresh content='10;url=/'></head></html>");}
if ($conf['login'] != "" && $conf['password'] != "") {  
if (!isset($_SERVER['PHP_AUTH_USER']) || !isset($_SERVER['PHP_AUTH_PW'])) auth2();
if (!(($_SERVER['PHP_AUTH_USER'] == $conf['login']) && ($_SERVER['PHP_AUTH_PW'] == $conf['password']))) auth();}
define("ADMIN_FILE", 1);
$admin_file = "admin.php";
include_once("admin/acp.php");
}else{print("<html><head><meta http-equiv=refresh content='0;url=/'></head></html>"); } ?>
In request:
Code:
mysql_query('INSERT INTO users_ban (userid, disuntil, disby, reason) VALUES ('.implode(', ', array_map('sqlesc', array($userid, $disuntil, 2, $disreason))).')') or sqlerr(__FILE__,__LINE__);
The number 2 is responsible for the id of the site bot. If you do not have a bot, change to the id of any administrator.
Reply With Quote
Reply

Thread Tools

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump



All times are GMT +2. The time now is 09:37. vBulletin skin by ForumMonkeys. Powered by vBulletin® Version 3.8.11 Beta 3
Copyright ©2000 - 2019, vBulletin Solutions Inc.