a login.php hack that emails multiple addresses upon success

bpd@darb.net

Joined: 2002-08-20
Posts: 101

Posted: Wed, 2003-03-12 09:33

it also displays to the remote user their IP address, and includes their IP in the email sent to the gallery owner when they login, or get the login wrong. You can see at http://darb.net/ ... good to know if someones trying to guess your login, and also probably an OK deterrent in the first place

i cant be bothered explaining where ive chopped and changed ... its pretty simple, so ill paste my entire login.php instead. (you have to add the get ip address vars at the bottom) ... here goes ;

<?php
/*
* Gallery - a web based photo album viewer and editor
* Copyright (C) 2000-2002 Bharat Mediratta
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or (at
* your option) any later version.
*
* This program is distributed in the hope that it will be useful, but
* WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
* General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
*/
?>
<?php
// Hack prevention.
if (!empty($HTTP_GET_VARS["GALLERY_BASEDIR"]) ||
!empty($HTTP_POST_VARS["GALLERY_BASEDIR"]) ||
!empty($HTTP_COOKIE_VARS["GALLERY_BASEDIR"])) {
print "Security violationn";
exit;
}
?>
<?php require($GALLERY_BASEDIR . "init.php"); ?>

<?php
// Security check.
$uname = removeTags($uname);
?>

<html>
<head>
<title>Login to <?php echo $gallery->app->galleryTitle?></title>
<?php echo getStyleSheetLink() ?>
</head>
<body>

<center>
<span class="popuphead">Login to <?php echo $gallery->app->galleryTitle?></span>
<br>
<br>
<?php
if ($submit) {
if ($uname && $gallerypassword) {
$tmpUser = $gallery->userDB->getUserByUsername($uname);
if ($tmpUser && $tmpUser->isCorrectPassword($gallerypassword)) {
$gallery->session->username = $uname;
$toaddress = "bpd@bekkersit.com";
$toaddress2 = "bpd@darb.net";
$subject = "A successful login has been made";
$headers .= "From: darb.net Gallery <bpd@darb.net>n";
$headers .= "X-Sender: <bpd@darb.net>n";
$headers .= "X-Mailer: PHPn";
$headers .= "Return-Path: <bpd@darb.net>n";
$message .= "A login was made to darb.net by :";
$message .= "$uname";
$message .= "nn";
$message .= "IP Address: $IPNumbern";
mail($toaddress,$subject,$message, $headers);
mail($toaddress2,$subject,$message, $headers);
dismissAndReload();
} else {
$invalid = 1;
$gallerypassword = null;
$toaddress = "bpd@bekkersit.com";
$toaddress2 = "bpd@darb.net";
$subject = "An UNSUCCESSFUL login attempt was made";
$headers .= "From: darb.net Gallery <bpd@darb.net>n";
$headers .= "X-Sender: <bpd@darb.net>n";
$headers .= "X-Mailer: PHPn";
$headers .= "X-Priority: 1n"; // Urgent message!
$headers .= "Return-Path: <bpd@darb.net>n";
$message .= "A failed login was made to darb.net by :";
$message .= "$uname";
$message .= "nn";
$message .= "IP Address: $IPNumbern";
mail($toaddress,$subject,$message, $headers);
mail($toaddress2,$subject,$message, $headers);
}
} else {
$error = 1;
}
}
?>
<br>
<br>
<span class=error>
Your IP address is :
<?php echo $HTTP_SERVER_VARS['REMOTE_ADDR'] ?>
</span>
<?php echo makeFormIntro("login.php", array("name" => "login_form", "method" => "POST")); ?>
Logging in gives you greater permission to
<br>
view, create, modify and delete albums.
<p>
<table>
<?php if ($invalid) { ?>
<tr>
<td colspan=2>
<?php echo gallery_error("Invalid username or password - site owner has been emailed");?>
</td>
</tr>
<?php } ?>

<tr>
<td>
Username
</td>
<td>
<input type=hidden name="IPNumber" value="<?php echo $HTTP_SERVER_VARS['REMOTE_ADDR'] ?>">
<input type=text name="uname" value=<?php echo $uname?>>
</td>
</tr>

<?php if ($error && !$uname) { ?>
<tr>
<td colspan=2 align=center>
<?php echo gallery_error("You must specify a username"); ?>
</td>
</tr>
<?php } ?>

<tr>
<td>
Password
</td>
<td>
<input type=password name="gallerypassword">
</td>
</tr>

<?php if ($error && !$gallerypassword) { ?>
<tr>
<td colspan=2 align=center>
<?php echo gallery_error("You must specify a password"); ?>
</td>
</tr>
<?php } ?>

</table>
<p>
<input type=submit name="submit" value="Login">
<input type=submit name="submit" value="Cancel" onclick='parent.close()'>
</form>

</body>
</html>

discusws

Joined: 2003-03-09
Posts: 5

Posted: Wed, 2003-03-12 10:30

Hello BPD,

great hack and working too :smile:

regards Walter

bpd@darb.net

Joined: 2002-08-20
Posts: 101

Posted: Sun, 2003-03-16 11:12

hmmmmm someone has used my hack and not changed the email address ! ... just aswell it doesnt send your password aswell :smile:

they also have rewritten the code to change "darb.net"

discusws

Joined: 2003-03-09
Posts: 5

Posted: Sun, 2003-03-16 16:15

Quote:

hmmmmm someone has used my hack and not changed the email address ! ... just aswell it doesnt send your password aswell :smile:

Hi Thats what I wanted to say to you remove those things in the hack otherwise you wll get a lot of emails :wink:

jacksdad

Joined: 2002-08-24
Posts: 95

Posted: Sun, 2003-03-16 21:09

bdp, Very nice hack...

I did get it to work the 1st time, however I missed a few lines with your info.

I would second, discusws's , suggestion, remove your info.

Thanks again.

bpd@darb.net Joined: 2002-08-20 Posts: 101	Posted: Wed, 2003-03-12 09:33
	it also displays to the remote user their IP address, and includes their IP in the email sent to the gallery owner when they login, or get the login wrong. You can see at http://darb.net/ ... good to know if someones trying to guess your login, and also probably an OK deterrent in the first place i cant be bothered explaining where ive chopped and changed ... its pretty simple, so ill paste my entire login.php instead. (you have to add the get ip address vars at the bottom) ... here goes ; <?php /* * Gallery - a web based photo album viewer and editor * Copyright (C) 2000-2002 Bharat Mediratta * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by * the Free Software Foundation; either version 2 of the License, or (at * your option) any later version. * * This program is distributed in the hope that it will be useful, but * WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU * General Public License for more details. * * You should have received a copy of the GNU General Public License * along with this program; if not, write to the Free Software * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. */ ?> <?php // Hack prevention. if (!empty($HTTP_GET_VARS["GALLERY_BASEDIR"]) \|\| !empty($HTTP_POST_VARS["GALLERY_BASEDIR"]) \|\| !empty($HTTP_COOKIE_VARS["GALLERY_BASEDIR"])) { print "Security violationn"; exit; } ?> <?php require($GALLERY_BASEDIR . "init.php"); ?> <?php // Security check. $uname = removeTags($uname); ?> <html> <head> <title>Login to <?php echo $gallery->app->galleryTitle?></title> <?php echo getStyleSheetLink() ?> </head> <body> <center> <span class="popuphead">Login to <?php echo $gallery->app->galleryTitle?></span> <br> <br> <?php if ($submit) { if ($uname && $gallerypassword) { $tmpUser = $gallery->userDB->getUserByUsername($uname); if ($tmpUser && $tmpUser->isCorrectPassword($gallerypassword)) { $gallery->session->username = $uname; $toaddress = "bpd@bekkersit.com"; $toaddress2 = "bpd@darb.net"; $subject = "A successful login has been made"; $headers .= "From: darb.net Gallery <bpd@darb.net>n"; $headers .= "X-Sender: <bpd@darb.net>n"; $headers .= "X-Mailer: PHPn"; $headers .= "Return-Path: <bpd@darb.net>n"; $message .= "A login was made to darb.net by :"; $message .= "$uname"; $message .= "nn"; $message .= "IP Address: $IPNumbern"; mail($toaddress,$subject,$message, $headers); mail($toaddress2,$subject,$message, $headers); dismissAndReload(); } else { $invalid = 1; $gallerypassword = null; $toaddress = "bpd@bekkersit.com"; $toaddress2 = "bpd@darb.net"; $subject = "An UNSUCCESSFUL login attempt was made"; $headers .= "From: darb.net Gallery <bpd@darb.net>n"; $headers .= "X-Sender: <bpd@darb.net>n"; $headers .= "X-Mailer: PHPn"; $headers .= "X-Priority: 1n"; // Urgent message! $headers .= "Return-Path: <bpd@darb.net>n"; $message .= "A failed login was made to darb.net by :"; $message .= "$uname"; $message .= "nn"; $message .= "IP Address: $IPNumbern"; mail($toaddress,$subject,$message, $headers); mail($toaddress2,$subject,$message, $headers); } } else { $error = 1; } } ?> <br> <br> <span class=error> Your IP address is : <?php echo $HTTP_SERVER_VARS['REMOTE_ADDR'] ?> </span> <?php echo makeFormIntro("login.php", array("name" => "login_form", "method" => "POST")); ?> Logging in gives you greater permission to <br> view, create, modify and delete albums. <p> <table> <?php if ($invalid) { ?> <tr> <td colspan=2> <?php echo gallery_error("Invalid username or password - site owner has been emailed");?> </td> </tr> <?php } ?> <tr> <td> Username </td> <td> <input type=hidden name="IPNumber" value="<?php echo $HTTP_SERVER_VARS['REMOTE_ADDR'] ?>"> <input type=text name="uname" value=<?php echo $uname?>> </td> </tr> <?php if ($error && !$uname) { ?> <tr> <td colspan=2 align=center> <?php echo gallery_error("You must specify a username"); ?> </td> </tr> <?php } ?> <tr> <td> Password </td> <td> <input type=password name="gallerypassword"> </td> </tr> <?php if ($error && !$gallerypassword) { ?> <tr> <td colspan=2 align=center> <?php echo gallery_error("You must specify a password"); ?> </td> </tr> <?php } ?> </table> <p> <input type=submit name="submit" value="Login"> <input type=submit name="submit" value="Cancel" onclick='parent.close()'> </form> <script language="javascript1.2"> <!-- // position cursor in top form field document.login_form.uname.focus(); //--> </script> </body> </html>
	XUser login Username: * Password: * Create new account Request new password
discusws Joined: 2003-03-09 Posts: 5	Posted: Wed, 2003-03-12 10:30
	Hello BPD, great hack and working too :smile: regards Walter

bpd@darb.net Joined: 2002-08-20 Posts: 101	Posted: Sun, 2003-03-16 11:12
	hmmmmm someone has used my hack and not changed the email address ! ... just aswell it doesnt send your password aswell :smile: they also have rewritten the code to change "darb.net"

discusws Joined: 2003-03-09 Posts: 5	Posted: Sun, 2003-03-16 16:15
	Quote: hmmmmm someone has used my hack and not changed the email address ! ... just aswell it doesnt send your password aswell :smile: Hi Thats what I wanted to say to you remove those things in the hack otherwise you wll get a lot of emails :wink:

jacksdad Joined: 2002-08-24 Posts: 95	Posted: Sun, 2003-03-16 21:09
	bdp, Very nice hack... I did get it to work the 1st time, however I missed a few lines with your info. I would second, discusws's , suggestion, remove your info. Thanks again.

a login.php hack that emails multiple addresses upon success

XUser login