Skip to content

Instantly share code, notes, and snippets.

@Moudoux

Moudoux/auth.php

Last active February 19, 2017 19:40
Show Gist options
  • Star 0 You must be signed in to star a gist
  • Fork 0 You must be signed in to fork a gist
  • Save Moudoux/9c633ed451a74c380c39e7158233d897 to your computer and use it in GitHub Desktop.
Save Moudoux/9c633ed451a74c380c39e7158233d897 to your computer and use it in GitHub Desktop.
Download ZIP
Raw
auth.php
<?php
/*
Copyright (C) OpenTexon 2017 All Rights Reserved
This file also exists on GitHub @ https://gist.github.com/Moudoux/9c633ed451a74c380c39e7158233d897
*/
session_start();
require_once('memcached.php');
if (strpos(strtolower($_SERVER['REQUEST_URI']),'?source') !== false) {
$source = file_get_contents(__FILE__);
$source = htmlspecialchars($source);
die('<pre>'.$source.'</pre>');
}
$user_key = $_SERVER['REMOTE_ADDR'];
$user_key = str_replace('.','_',$user_key);
$user_key .= '_AUTH_COOLDOWN';
if (isset($_POST['email']) && isset($_POST['password']) && getMemCached($user_key) == '' && $_SESSION['mc_login'] == '') {
$email = $_POST['email'];
$password = $_POST['password'];
setMemCached($user_key,time(),600);
// Data is sent over SSL, the username and password is sent via POST headers which are encrypted since it's SSL.
$url = 'https://authserver.mojang.com/authenticate';
$agent = array('name' => 'Minecraft','version' => 1);
$data = array('agent' => $agent, 'username' => $email,'password' => $password);
$options = array(
'http' => array(
'header' => "Content-type: application/json\r\n",
'method' => 'POST',
'content' => json_encode($data)
)
);
$context = stream_context_create($options);
$result = @file_get_contents($url, false, $context);
if ($http_response_header[0] == 'HTTP/1.1 200 OK') {
$username = json_decode($result);
$username = $username->selectedProfile->name;
$_SESSION['mc_login'] = trim($username);
$id = json_decode($result);
$id = $id->selectedProfile->id;
$_SESSION['mc_login_id'] = trim($id);
}
}
?>
<!DOCTYPE HTML>
<html lang="en" prefix="og: http://ogp.me/ns#">
<head>
<title>Aristois | Minecraft Hacked Client - Minecraft Login</title>
<meta charset="utf-8" />
<!-- Facebook -->
<meta property="og:title" content="Aristois Minecraft Hacked client - Login to continue" />
<meta property="og:image" content="https://aristois.opentexon.com/img/Aristois.png" />
<meta property="og:description" content="We need to confirm you own the account, please login to continue." />
<meta property="og:url" content="https://aristois.opentexon.com/" />
<meta property="og:type" content="website" />
<!-- Twitter -->
<meta name="twitter:card" content="summary" />
<meta name="twitter:site" content="@cobrish200" />
<meta name="twitter:title" content="Aristois Minecraft Hacked client - Login to continue" />
<meta name="twitter:description" content="We need to confirm you own the account, please login to continue." />
<meta name="twitter:image" content="https://aristois.opentexon.com/img/Aristois.png" />
<!-- SEO -->
<meta name="description" content="We need to confirm you own the account, please login to continue.">
<meta name="title" content="Aristois | Minecraft Hacked Client - Login to continue">
<?php require_once('meta.php'); ?>
<meta name="viewport" content="width=device-width, initial-scale=1" />
<link rel="stylesheet" href="assets/css/main.css" />
</head>
<body>
<div id="wrapper">
<?php require_once('menu.php'); ?>
<div id="main">
<section id="one">
<div class="inner">
<header class="major">
<h1>Please login</h1>
</header>
<?php if ($_SESSION['mc_login'] == '' && getMemCached($user_key) == '') { ?>
<?php if (isset($_POST['email']) || isset($_POST['password'])) { ?>
<code>Error: Invalid username or password, please try again.<br>
System might also be on cooldown, please try again in a few minutes.</code>
<?php } ?>
<p><br>We need to make sure you own the account,<br>
please fill out the form below and press "Login"</p>
<form method="POST">
<div class="row uniform">
<div class="6u 12u$(xsmall)">
<input type="text" required id="email" name="email" value="" placeholder="Username/Email">
</div>
<div class="6u$ 12u$(xsmall)">
<input type="password" required id="password" name="password" value="" placeholder="Password">
</div>
<div class="12u$">
<ul class="actions">
<li><button type="submit" class="special">Login</button></li>
</ul>
</div>
</div>
<br>
</form>
<?php } else if ($_SESSION['mc_login'] == '' && getMemCached($user_key) != '') { ?>
<?php if (isset($_POST['email']) || isset($_POST['password'])) { ?>
<code>Error: Invalid username or password, please try again.<br>
System might also be on cooldown, please try again in a few minutes.</code>
<?php } ?>
<p><br>To prevent abuse, you can only login every 10 minutes, please try again later.</p>
<?php } else { ?>
<p>
<br>Welcome <?php echo $_SESSION['mc_login']; ?>, what do you want to do now ?<br><br>
<a href="/prefix">Set a prefix</a><br>
<a href="/cape">Set a cape</a>
</p>
<?php } ?>
<p>We <code>understand your privacy concerns</code>, therefore <code>this entire page is 100% open source</code>.<br>
<code>You can view the entire source code <a href="?source">here</a></code>. We <code>only use this page to verify you own the account</code>.<br>
If you do not feel comfortable entering your credentials here, <code>please change your password</code>, login here then change it back.<br><br>
We <strong>NEVER</strong> store any of your data entered here.</p>
</div>
</section>
</div>
<?php require_once('footer.php'); ?>
</div>
<script src="assets/js/jquery.min.js"></script>
<script src="assets/js/jquery.scrolly.min.js"></script>
<script src="assets/js/jquery.scrollex.min.js"></script>
<script src="assets/js/skel.min.js"></script>
<script src="assets/js/util.js"></script>
<script src="assets/js/main.js"></script>
<script src='https://www.google.com/recaptcha/api.js'></script>
</body>
</html>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment