|
- Readme First! -
Read and follow the rules, otherwise your posts will be closed |
|
|
|
|
|
There are currently, 377 guest(s) and 0 member(s) that are online.
You are Anonymous user. You can register for free by clicking here |
|
|
|
|
|
phpbbmyadmin hack added to Nuke Cops bundle |
|
 This hack by Armin Altorffer has been ported into the phpnuke bundle. Only full admins can view it.
phpBBMyAdmin is an SQL administration tool for use in the Admin Control Panel. You can use it to easily enter SQL queries into the database or view/browse/manage existing tables.
Compatibility with MySQL is 100% confirmed. Uncertain on other SQL servers.
To install, either run the CVS update command for your bundle site, or download these files and simply place them here:
modules/Forums/admin/admin_phpbbmyadmin.php
modules/Forums/language/lang_english/lang_phpbbmyadmin.php
modules/Forums/templates/subSilver/admin/phpbbmyadmin.tpl
Forget myphpadmin, this hack is awesome!
|
|
Posted on Saturday, August 23 @ 00:11:10 CEST by Zhen-Xjell |
|
|
|
|
| |
|
Average Score: 5
Votes: 1
|
|
|
|
|
|
|
| | The comments are owned by the poster. We aren't responsible for their content. |
| | | | |
| No Comments Allowed for Anonymous, please register | | | | |
Re: phpbbmyadmin hack added to Nuke Cops bundle (Score: 1)
by jimmyjimjim on Saturday, August 23 @ 16:24:11 CEST
(User Info | Send a Message) | | Bummer... This is what I get when I try to use this hack... "You are not allowed to access phpBBMyAdmin!" I'm accessing it through the forums admin panel. :-( |
Re: phpbbmyadmin hack added to Nuke Cops bundle (Score: 1)
by Zhen-Xjell on Saturday, August 23 @ 17:02:00 CEST
(User Info | Send a Message) http://castlecops.com | | Edit your own forum member permissions. There is a drop down item for your name, either "User" or "Admin". Ensure you are set to "Admin". |
]
]
Re: phpbbmyadmin hack added to Nuke Cops bundle (Score: 1)
by bmoler (bmoler@brianmoler.com) on Saturday, August 23 @ 18:13:41 CEST
(User Info | Send a Message) http://www.brianmoler.com | I am getting the same message, even though I am setup as an administrator.
I have run the analyzer and it shows me as Admin/Author and user_id = 2.
|
]
Re: phpbbmyadmin hack added to Nuke Cops bundle (Score: 1)
by Zhen-Xjell on Saturday, August 23 @ 18:23:30 CEST
(User Info | Send a Message) http://castlecops.com | | Go into your phpbb forums admin. Under user management, go to permissions. Enter your username. What does it say in the drop down box? |
]
Re: phpbbmyadmin hack added to Nuke Cops bundle (Score: 1)
by bmoler (bmoler@brianmoler.com) on Saturday, August 23 @ 18:49:42 CEST
(User Info | Send a Message) http://www.brianmoler.com | Hi,
I had tried that just before running the analyzer.
The dropdown has me as 'Administrator'.
Looking at the code, it would appear that this should be working. To humor myself, I put an echo statement in the code to output the user_id value. It always shows as a '1', even though I am signed on using my ID. For some reason, the code is returning me as an anonymous user, even though I am signed-on as an administrator. |
]
Re: phpbbmyadmin hack added to Nuke Cops bundle (Score: 1)
by bmoler (bmoler@brianmoler.com) on Saturday, August 23 @ 18:54:07 CEST
(User Info | Send a Message) http://www.brianmoler.com | One more thing I forgot to mention....
I am not running the bundle, but I am running 6.5 with all the security patches that you have released.
|
]
Re: phpbbmyadmin hack added to Nuke Cops bundle (Score: 1)
by Zhen-Xjell on Saturday, August 23 @ 18:54:50 CEST
(User Info | Send a Message) http://castlecops.com | Hi you may need to tweak the path for this:
$phpbb_root_path = "./../";^M
require($phpbb_root_path . 'extension.inc');^M
require('./pagestart.' . $phpEx);^M
include("../../../includes/functions_selects.php");^M
include($phpbb_root_path . 'language/lang_' . $board_config['default_lang'] . '/lang_phpbbmyadmin.' . $phpEx);^M
Check what the other admin scripts have and match. |
]
| | | | |
Re: phpbbmyadmin hack added to Nuke Cops bundle (Score: 1)
by Zhen-Xjell on Saturday, August 23 @ 19:53:23 CEST
(User Info | Send a Message) http://castlecops.com | I ran some tests on an external server and found the following from a fresh betaNC installation:
- nukesql.php was missing a closing parens that caused the nuke_board_message table to never be created. this is now fixed in the CVS.
- i found that in the admin | forums | user management | permissions were not correctly displaying user_id as "administrator". rather user_id 2 showed up as "user". mysql for user_level was indeed a number "2". so why was this incorrectly showing up? here's what i tried...
a) tried to add user to moderator group via forums usergroups. instead received an error. turns out, the moderator group leader had to be entered. after that, i was able to view the moderator user group without error. then under admin | forums | user permissions the user_id 2 account was shown correctly as an "administrator".
b) after following "a" above, i was then able to successfully enter the phpbbmyadmin forum module. please note that only user_id number 2 is allowed to access this module. here is the code check:
// Main Admin or not?
if ($userdata['user_id'] != 2)
{
message_die(GENERAL_MESSAGE, $lang['SQL_Admin_No_Access']);
}
So, that's some food for thought.
|
| | | | |
Re: phpbbmyadmin hack added to Nuke Cops bundle (Score: 1)
by Moon- on Sunday, August 24 @ 20:34:28 CEST
(User Info | Send a Message) | So is it a bug in the BB2 port that makes this not work?
I am a full admin of my site level 2 as shown in analyzer, also a full forums admin and a moderator of the forums.
But this just gives me the same thing "You are not allowed to access phpBBMyAdmin!" |
| | | | | |
