Download: MUDD - Multi UserAccount Detector v.1.0.1

[The Geek]

File Name: MUDD - Multi UserAccount Detector v.1.0.1
File Submitter: The Geek
File Submitted: 14 Feb 2010
File Updated: 18 Feb 2010
File Category: Hooks and Plugins

MUDD - Multiple Useraccount Detection Dinger v. 1.0.1
(Yes, I did work hard to make the acronym fit)

MUDD is an alarm system for users using multiple profiles from a specific computer. When a user is detected using multiple accounts from 1 machine, a report in the report centre is created. You can easily whitelist users and reports from the report centre.

It will also bust a good chunk of the people logging out, clearing their cookies and logging back in under another profile.

This is my first mod for IPS and as such have used it as a simple project to start getting used to the codebase.

Please follow the installation instructions in the package, otherwise you will have problems.

I look forward to comments, suggestions and small statuettes carved in my honour.

nJoy

Change log:

15/2/10 - v. 1.0.0

- Added star rating to show if match was made via cookie, or IP/Agent match. Basically 5 star means 100% positive, less stars mean less positive
- Removed report notifications as it needs some tweaking.
- Hadn't heard of any issues since beta so figured can't be any show stoppers. Am releasing as finished product now so I can bugger off to work on other things.

18/2/10 - v. 1.0.1

- Fixed notification bug. Notifications aren't set up, however it won't bug out now if you do have them active
- Fixed path for those who have admin folder renamed
- Fixed bug that prevented user being added to whitelist

Click here to download this file

[Collin1000]

Wow, great mod! I'll have to install this tonight! Thanks for sharing

[Tom Christian]

Great idea :)

[optrexnz]

good to see you modding under the IPB banner now geek :)

[The Geek]

Thanks guys, I'm up for any feedback as well. It sort of just occured to me to mention one TODO that will be done for the next beta because it does hold a slim chance of giving a false positive.

In the instance a cookie trip occurs, this is a 100% verfied trip. Those profiles are coming from the exact same computer.

However MUDD will also trip if the user logs out, deletes his cookies and logs in as another user. In that instance, it isn't 100% verifiable as its making best guess on IP addy, useragent details and timing. However right now it doesn't flag that to you, it just presents it as a trip. Just keep that in mind until next beta which pending feedback should be in a couple days.

[The Geek]

Updated main package with finished product. At this stage only thing I am aware of needing to work on are notifications (i.e. PM or email) of newly generated reports.

nJoy

[Planetby]

ok I'm a thicko, where do we actually view these 'trips'..................feel free to laff at me btw I know i'm a homer :lol:

[The Geek]

Hehe, they are found in the report centre. Make sure that are in a usergroup that can view the MUDD trips (admincp -> system tab -> Report Centre (plugin manager)

Then edit the MUDD settings and select the usergroups that should be able to view them).

HTHs :)

[Nityananda]

I for one am very glad to see you release a mod for invision ... its a good sign :) .............

Yours Truly,
Fellow vb ditcher ;)

[Collin1000]

aGeek you were a vb modder?

Got a link to your profile?

[The Geek]

Thanks Sonic

@Collin > http://www.vbulletin...ber.php?u=41852

Used to also own a vbmodding site, but sold it a couple years ago.

HTHs

[IP.iBaLLiN]

The Geek,

Great mod! May I suggest using Flash Cookies as well as some way to ban proxies? If you are able to add these in future versions, it would be great. If not, I still love this modification. It's great! +1!!!!!

[Nityananda]

/me awaits the real AME :P LOL

[A Walk in Faith]

Great job! :thumbsup:

That didn't take long for you to jump in and get a contributor badge!

Looking forward to what you can bring IPB!

Thanks!
Jamie

[The Geek]

The Geek,

Great mod! May I suggest using Flash Cookies as well as some way to ban proxies? If you are able to add these in future versions, it would be great. If not, I still love this modification. It's great! +1!!!!!

Thanks ' alt='' class='ipsImage' >

This will still catch proxies unless they clear cookies between logouts. I thought about flash cookies but didn't look too far into it as I am not really a flash master DJ so not sure how I would implement. Also - not that hard to get around - just use a different browser ' alt='' class='ipsImage' > They also have a bit of a bad wrap for privacy.

@Thanks everyone for your kind words. FWIW, I looked into AME but it currently isn't possible w/o file edits I think 3.1 should allow it. IPB has some level of support for uploading and configuring media tags already so it may be a pretty minor mod to do.

[Adam.S]

Got a question: will detection still work if you are using external database authentication?

[IP.iBaLLiN]

Thanks [img]

' alt='' class='ipsImage' >[/img]

This will still catch proxies unless they clear cookies between logouts. I thought about flash cookies but didn't look too far into it as I am not really a flash master DJ so not sure how I would implement. Also - not that hard to get around - just use a different browser [img]

' alt='' class='ipsImage' >[/img] They also have a bit of a bad wrap for privacy.

@Thanks everyone for your kind words. FWIW, I looked into AME but it currently isn't possible w/o file edits I think 3.1 should allow it. IPB has some level of support for uploading and configuring media tags already so it may be a pretty minor mod to do.

From what I have understood, if you use different browsers, the Flash Cookie will still be there.. But I understand none the less. Great mod and thanks a bunch!

[Planetby]

Pests back lol , I tried logging in under another account I keep for if a coder needs access and got a whitepage with these errors >>

Fatal error: Function name must be a string in /home/planetby/public_html/forums/admin/applications/core/sources/reportPlugins/mudd_report.php on line 242


Fatal error: Allowed memory size of 262144 bytes exhausted (tried to allocate 19456 bytes) in /home/planetby/public_html/forums/admin/sources/classes/itemmarking/classItemMarking.php on line 650

Any ideas ? it did however detect it in report center

[The Geek]

hmmm. Thats really odd, my line 242 is

return array();

I can't see how that would bork it. Can you edit the report plugin settings and make sure no one is set to recieve notifications? Notifications aren't set up right now and the line above is essentially there to stop notificaiton sending :D

HTHs!

Got a question: will detection still work if you are using external database authentication?

Not tested but it should do.

[Planetby]

Checked that m8 and it still does the same thing, I even removed it all and redid it to be certain

[The Geek]

So just to clarify, your line 242 of mud_reports.php is

return array(); ?

And you removed everyone from the notifications list?
Can you try changing the line 242 to:

return;

And let me know if that helps.

Really odd stuff.

[Planetby]

erm, line 242 on mine reads >> return $notify(); :unsure:

and is named mudd_report.php

[Tomato]

Surely line 290 of mudd_report.php should be:

require_once( IPS_ROOT_PATH . "sources/classes/member/mudd_functions.php");

Instead of:

require_once( DOC_IPS_ROOT_PATH . "admin/sources/classes/member/mudd_functions.php");

As people can rename the admin directory, so if they have then it will fail currently ;).

Same as lines 373 and 533 in the 'import_this_hook.xml' file.

Performing these edits makes it work on my install (with a relocated admin folder), otherwise it produces an error at login.

[Planetby]

Mine hasnt been renamed but I wonder if that would maybe still be the cause ?

[RonR]

Haven't checked the file, but I'm not seeing any errors ?