Ravens PHP Scripts: Forums
 

 
  Forum Index  •  Forum FAQ  •  Search  •  Memberlist  •  Usergroups  •  Profile  •  Log in to check your private messages  •  Log in

How-To: communicate w/ untrusted-IP(s) accessing admin.php?
 View next topic
View previous topic
Post new topic   Reply to topic    Ravens PHP Scripts And Web Hosting Forum Index -> How To's
Author Message
beetraham
Regular
Regular



Joined: Dec 13, 2003
Posts: 94
Location: Finland (EU)
PostPosted: Thu Oct 07, 2004 1:52 am Reply with quote
How-To: communicate with *untrusted-IP(s)* accessing admin.php?

This add-on is an independent add-on/modification, which sole purpose is to *inform parties not considered trustworthy* about the resulting consequences due to *repeatedly performed non-relevant admin.php* accesses.

So, herein, we are mainly talking about aesthethics - however, depending on the point of view, the modification, as utilized, may be considered to add a certain amount of credibility/professionalism on your *already-sharp-dressed* PHP-Nuke site.

In this sense, this add-on does not explicitly target on enhanced security, but more likely to added credibility, as the modification will actively participate in information deliveries between the Site and parties considered untrustworthy to access the *admin.php*

This installation is straightforward, as the add-on will totally replace the *original* admin.php file associated *login function*.

The modification has been tested with PHP-Nuke 7.4 - should you possess an earlier or later version of PHP-Nuke, please examine closely the matching sections and perform the possibly required changes due to performed study.


Screenshots related to Add-On/Mod:
Quote:

* admin login - OK (normal general appearance)
: <URL> Only registered users can see links on this board! Get registered or login!
* admin login - NOT OK (dedicated information structure/massage delivered to user browser)
: <URL> : Only registered users can see links on this board! Get registered or login!



To utilize the modification, please proceed as follows;

|------------> FIND LINE :

<FILE> : "admin.php"

Quote:

function login() {


Now, as you have found the line, please replace the ENTIRE FUNCTION RELATED TO IT;

|------------> REPLACE THE ORIGINAL FUNCTION WITH NEXT MODIFIED FUNCTION :

<FILE> : "admin.php"

Quote:

/*********************************************************/
/* Login Function */
/*********************************************************/

function login() {
global $gfx_chk;
include ("header.php");
mt_srand ((double)microtime()*1000000);
$maxran = 1000000;
$random_num = mt_rand(0, $maxran);
OpenTable();
echo "<center><font class=\"title\"><b>"._ADMINLOGIN."</b></font></center>";
$ip=getenv("REMOTE_ADDR"); // this will be compared to trusted list of IP(s)
$ipadmin1="67.246.57.174"; // change according to your preferences
$ipadmin2="67.246.57.175"; // change according to your preferences
if($ip==$ipadmin1 || $ip==$ipadmin2) {
} else {
echo "<br><center><br>";
echo "You have now entered to restricted area - <b>proper authorization is required</b>.<br>";
echo "<br><br>";
echo "<b>Our security measures have detected that your IP - </b><br><br><a href=\"http://ws.arin.net/cgi-bin/whois.pl?queryinput=".$ip."\" target=\"_blank\">[ <b>".$ip."</b> ]</a><br><br><b>- is not in the Group of trusted Static IPs</b><br>";
echo "<br><br>";
echo "Should you not own Admistrative Priviledges, or should you have entered this page accidentally, please return back to Public Area.";
echo "<br><br>";
echo "<b>Consecutive attempts on accessing this page will be considered as *brute-force attempts*, further resulting to permanent IP ban(s) from this site.</b><br>";
echo "<br><br>";
echo "Thank you for your understanding.<br>";
echo "<br><br>";
echo "<b>Webmaster @ http://www.ec-clan.org - <a href=\"mailto:admin@ec-clan.org\">admin@ec-clan.org</a></b><br></center>";
echo "<br>";
echo "<br>";
}
CloseTable();
OpenTable();
echo "<form action=\"admin.php\" method=\"post\">"
."<table border=\"0\">"
."<tr><td>"._ADMINID."</td>"
."<td><input type=\"text\" NAME=\"aid\" SIZE=\"20\" MAXLENGTH=\"25\"></td></tr>"
."<tr><td>"._PASSWORD."</td>"
."<td><input type=\"password\" NAME=\"pwd\" SIZE=\"20\" MAXLENGTH=\"18\"></td></tr>";
if (extension_loaded("gd") AND ($gfx_chk == 1 OR $gfx_chk == 5 OR $gfx_chk == 6 OR $gfx_chk == 7)) {
echo "<tr><td colspan='2'>"._SECURITYCODE.": <img src='admin.php?op=gfx&random_num=$random_num' border='1' alt='"._SECURITYCODE."' title='"._SECURITYCODE."'></td></tr>"
."<tr><td colspan='2'>"._TYPESECCODE.": <input type=\"text\" NAME=\"gfx_check\" SIZE=\"7\" MAXLENGTH=\"6\"></td></tr>";
}
echo "<tr><td>"
."<input type=\"hidden\" NAME=\"random_num\" value=\"$random_num\">"
."<input type=\"hidden\" NAME=\"op\" value=\"login\">"
."<input type=\"submit\" VALUE=\""._LOGIN."\">"
."</td></tr></table>"
."</form>";
CloseTable();
include ("footer.php");
}


The sections that need be changed to match with your preferences have been tagged with colour code BLUE.

You may additionally wish to change the used phrases to match better with your needs.

Tested, actively used, no complaints.

Hope that someone will find the mod usable.

Thanks,

-beetraham
 
View user's profile Send private message
VinDSL
Life Cycles Becoming CPU Cycles



Joined: Jul 11, 2004
Posts: 614
Location: Arizona (USA) Admin: NukeCops.com Admin: Disipal Designs Admin: Lenon.com
PostPosted: Sun Aug 28, 2005 11:30 pm Reply with quote
I know this is an old thread -- but it's a timeless concept! Very Happy

I ran across this hack accidently, while helping someone else out, and decided to try it myself. You can NEVER be too safe, yes?

The only thing I don't like about it is, IMHO, it treats snoopy ppl, hackers, script kiddies, search bots, et cetera, too nicely. 'Communicating' is fine, but if you know these 'untrusted-IP(s)' are untrustworthy, why give them a login block to fiddle with?

After playing around with this hack for a little while, this is what I came up with.

Give it a try and see what you think... Here's a working Only registered users can see links on this board! Get registered or login!.

Code:



/*********************************************************/


/* Login Function                                        */


/*********************************************************/





function login() {


    // Displays admin login block to trusted-IP(s) only


    // Original concept by beetraham (http://www.ec-clan.org/}


    // Tweaked by VinDSL (http://www.Lenon.com/)


    global $gfx_chk, $user;


    include ("header.php");


    mt_srand ((double)microtime()*1000000);


    $maxran = 1000000;


    $random_num = mt_rand(0, $maxran);


    OpenTable();


    echo "<center><font class=\"title\"><b>"._ADMINLOGIN."</b></font></center>";


    CloseTable();


    $ip=getenv("REMOTE_ADDR");      // This will be compared to trusted list of IP(s)


    $ipadmin1="xxx.xxx.xxx.xxx";    // Change according to your preferences


    $ipadmin2="xxx.xxx.xxx.xxx";    // Change according to your preferences


    if($ip==$ipadmin1 || $ip==$ipadmin2) {


    } else {


    OpenTable();


    echo "<div align=\"center\">"


        ."<table border=\"0\" width=\"100%\" cellpadding=\"10\" cellspacing=\"0\"><tr><td align=\"center\">"


        ."<h4><b>You have entered a restricted area</b></h4>"


        ."<table border=\"1\" width=\"400\" cellpadding=\"10\" cellspacing=\"0\"><tr><td>"


        ."<center>The security system has detected that your IP<br><br><a href=\"http://www.whois.sc/".$ip."\" target=\"_blank\"><b><font size=\"+1\">".$ip."</font></b></a><br><br>is not listed in my Group of Trusted Static IPs<br><br><hr><br></center>"


        ."<b><font color=\"#FFFFFF\">Consecutive attempts at accessing this page will result in the permanent ban and public display of your IP address !</font></b><br><br>"


        ."If you do not have Administrative Privileges or entered this page accidentally, please return to the <a href=\"/\">Public Area</a> of this web site.<br><br>~VinDSL<br>"


        ."</tr></td></table></tr></td></table></div>";


    // This link will be display only for anonymous users...


    // If you would like to see future works, let it remain.


    // It's a copyright.  Don't don't remove it!


    if (!isset($user)){


    echo "<br><div align=\"right\"><a href=\"http://www.lenon.com/modules.php?name=Docs&file=terms\"><font style=\"font:10px,Arial\">" . ucfirst(_BY) . "&nbsp;VinDSL&nbsp;&copy;</font>&nbsp;&nbsp;</a></div>\n";


    }


    CloseTable();


    include ("footer.php");


    die();


    }


    OpenTable();


    echo "<form action=\"admin.php\" method=\"post\">"


        ."<table border=\"0\">"


        ."<tr><td>"._ADMINID."</td>"


        ."<td><input type=\"text\" NAME=\"aid\" SIZE=\"20\" MAXLENGTH=\"25\"></td></tr>"


        ."<tr><td>"._PASSWORD."</td>"


        ."<td><input type=\"password\" NAME=\"pwd\" SIZE=\"20\" MAXLENGTH=\"18\"></td></tr>";


    if (extension_loaded("gd") AND ($gfx_chk == 1 OR $gfx_chk == 5 OR $gfx_chk == 6 OR $gfx_chk == 7)) {


    echo "<tr><td colspan='2'>"._SECURITYCODE.": <img src='admin.php?op=gfx&random_num=$random_num' border='1' alt='"._SECURITYCODE."' title='"._SECURITYCODE."'></td></tr>"


        ."<tr><td colspan='2'>"._TYPESECCODE.": <input type=\"text\" NAME=\"gfx_check\" SIZE=\"7\" MAXLENGTH=\"6\"></td></tr>";


    }


    echo "<tr><td>"


        ."<input type=\"hidden\" NAME=\"random_num\" value=\"$random_num\">"


        ."<input type=\"hidden\" NAME=\"op\" value=\"login\">"


        ."<input type=\"submit\" VALUE=\""._LOGIN."\">"


        ."</td></tr></table></form>";


    CloseTable();


    include ("footer.php");


}





function gfx($random_num) {


    global $prefix, $db;


    require("config.php");


    $datekey = date("F j");


    $rcode = hexdec(md5($_SERVER[HTTP_USER_AGENT] . $sitekey . $random_num . $datekey));


    $code = substr($rcode, 2, 6);


    $image = ImageCreateFromJPEG("images/admin/code_bg.jpg");


    $text_color = ImageColorAllocate($image, 80, 80, 80);


    Header("Content-type: image/jpeg");


    ImageString ($image, 5, 12, 2, $code, $text_color);





    ImageJPEG($image, '', 75);


    ImageDestroy($image);


    die();


}





function deleteNotice($id) { 


    global $prefix, $db; 


    $id = intval($id); 


    $db->sql_query("DELETE FROM ".$prefix."_reviews_add WHERE id = '$id'"); 


    Header("Location: admin.php?op=reviews"); 


}





/*********************************************************/


/* Administration Menu Function                          */


/*********************************************************/


One thing I might mention -- In this code you will see a '<h4>' tag. I have a custom '<h4>' tag in my CSS file for these special occasions. This will give you the idea...

Code:



H4 {


    background-color: transparent;


    color: #DCDCDC;


    font-family: Arial, Helvetica, sans-serif;


    font-size: 15px;


    font-weight: bold;


    letter-spacing: 5px;


    text-decoration: none;


}


Have fun! And thanks, beetraham, if you're still around! Wink

_________________
.:: "The further in you go, the bigger it gets!" ::.
.:: Only registered users can see links on this board! Get registered or login! | Only registered users can see links on this board! Get registered or login! ::. 
View user's profile Send private message Visit poster's website ICQ Number
beetraham
PostPosted: Thu Sep 01, 2005 7:44 am Reply with quote
Quote:

Have fun! And thanks, beetraham, if you're still around! Wink


VinDSL,

Great job - thanks a lot for the very nice suggestions and enhancements upon the hack - gives it another perspective too Smile

BTW, when it comes to being around, it seems that my personal real-life profession has lately dominated the time allocation issues in a dictating sense - keeping me out of the scene with a determined grip. But, as I feel it, there comma a day, there comma day... Wink Very Happy

Kind Regards to you VinDSL and to all the people that I have come across around the great concept of coding enthusiasm,

Take care,

-beetraham
 
pinkbeef
Client



Joined: Jul 19, 2005
Posts: 68
PostPosted: Tue Sep 06, 2005 1:30 am Reply with quote
I just put it onto a Nuke 7.6 patched 3.1 no problems, very cool hack. I like the message
 
View user's profile Send private message
Display posts from previous:       
Post new topic   Reply to topic    Ravens PHP Scripts And Web Hosting Forum Index -> How To's


 Jump to:   




View next topic
View previous topic
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You can attach files in this forum
You can download files in this forum


Powered by phpBB © 2001-2007 phpBB Group
All times are GMT - 6 Hours
 
Forums ©