Ravens PHP Scripts: Forums
 

 

View next topic
View previous topic
Post new topic   Reply to topic    Ravens PHP Scripts And Web Hosting Forum Index -> Security - PHP Nuke
Author Message
ring_c
Involved
Involved


Joined: Dec 28, 2003
Posts: 276
Location: Israel

PostPosted: Wed Jan 04, 2006 4:33 am Reply with quote

I just had an issue with one of my co-admins. he logged into the site in a public place, and couldn't log out properly, as the control of the computer has been taken remotely.

Now his cookie is still in that copmuter, meaning, anyone can now log into the site, and have (almost) full control over it.

Is there a way to make phpnuke disregard this user till the next time he logs in with his name and pwd? maybe something in the nuke_users could be changed for this?

TIA!


Last edited by ring_c on Wed Jan 18, 2006 8:00 am; edited 2 times in total 
View user's profile Send private message Visit poster's website
Raven
Site Admin/Owner


Joined: Aug 27, 2002
Posts: 17077

PostPosted: Wed Jan 04, 2006 4:36 am Reply with quote

Use phpmyadmin and change the admin's name.
 
View user's profile Send private message
ring_c
PostPosted: Wed Jan 04, 2006 5:23 am Reply with quote

Raven wrote:
Use phpmyadmin and change the admin's name.

Hmmm... that's a bit brute, isn't it?
Just wanted to clarify, that he didn't log in using his admin user/pwd, but his username alone has full control in all forums (edit/delete/ip etc...).

Changing the name of the user, will create a fuss in the site. isn't there any other solution? changing the user's session time or something?
 
Guardian2003
Site Admin


Joined: Aug 28, 2003
Posts: 6792
Location: Ha Noi, Viet Nam

PostPosted: Wed Jan 04, 2006 5:46 am Reply with quote

You might be able to remove the session from bb_session table - not tested but just a thought.
How about tracing the IP he used and placing a temp block on it till the session expires naturally - that would be my course of action.
 
View user's profile Send private message Send e-mail
ring_c
PostPosted: Wed Jan 04, 2006 7:51 am Reply with quote

Quote:

How about tracing the IP he used and placing a temp block on it till the session expires naturally - that would be my course of action.

Now, THAT'S a great idea! and I was going to take it into effect. BUt! and that's weird... I couldn't find the user's IP.

Let me clear things up. I asked him for his pwd, and logged in and out in order to at least remove his name from the connected members. I thought maybe this will disable future logs in, till his name and pwd are put in again (you tell me if this is correct).

So, now I tried finding his IP using Nukesentinel, but the last IP logged today was actually MINE! His last IP recorded is from December 28th. how can THAT be?
 
ring_c
PostPosted: Wed Jan 04, 2006 7:57 am Reply with quote

Oh, darn!!!
I just saw I missed his last IP logged today, since the list is not sorted by the date, but by... hmmm... by what actually???

Raven, could this be fixed in future versions? here's a screen capture helping you understand.

Image
 
Raven
PostPosted: Wed Jan 04, 2006 8:46 am Reply with quote

I have no idea what that screen capture is from.
 
Guardian2003
PostPosted: Wed Jan 04, 2006 8:49 am Reply with quote

ring_c there is yet aother way to determine a user IP in your situation. Search for forum posts made by that user then you can grab the IP from his last post - usually.
 
ring_c
PostPosted: Wed Jan 04, 2006 9:35 am Reply with quote

Raven, it's from NukeSentinel's tracked IP:
/admin.php?op=ABTrackedUsers
 
Raven
PostPosted: Wed Jan 04, 2006 9:43 am Reply with quote

Tracked users are in username order which makes sense, right? It says that right in the drop down box. You can resort them as you need to. Tracked IP's are in IP order as one would expect.
 
ring_c
PostPosted: Thu Jan 05, 2006 5:31 am Reply with quote

Raven, the screen I showed here is the user's screen itself. not the list of all users. all these IPs are from the same user.

Also, I've no idea where you see a drop down box.
 
Guardian2003
PostPosted: Thu Jan 05, 2006 6:01 am Reply with quote

ring_c which version of Sentinel are you using?
 
ring_c
PostPosted: Thu Jan 05, 2006 7:48 am Reply with quote

Guardian2003, 2.4.2. But your question made me look it up again, and I've found what Raven refered to in NukeSentinel General Settings screen.
 
Display posts from previous:       
Post new topic   Reply to topic    Ravens PHP Scripts And Web Hosting Forum Index -> Security - PHP Nuke

View next topic
View previous topic
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You can attach files in this forum
You can download files in this forum


Powered by phpBB © 2001-2007 phpBB Group
All times are GMT - 6 Hours
 
Forums ©