<?phpinclude('boxydb.php');$eusername = mysqli_real_escape_string($con, html

1. <?php
2. include('boxydb.php');
3. $eusername = mysqli_real_escape_string($con, htmlspecialchars($_GET['g']));
4. $epassword = mysqli_real_escape_string($con, htmlspecialchars($_GET['w']));
5. $ekey = mysqli_real_escape_string($con, htmlspecialchars($_GET['r']));
6. $ehwid = mysqli_real_escape_string($con, htmlspecialchars($_GET['o']));
7. $ecomputername = mysqli_real_escape_string($con, htmlspecialchars($_GET['k']));
8.  
9. //DECRYPT USERNAME
10. exec("./ed.out d $eusername",$dusername);
11. $username = $dusername[0];
12. //echo "Decrypted username: ".$username;
13.  
14. // DECRYPT PASSWORD
15. exec("./ed.out d $epassword",$dpassword);
16. $password = $dpassword[0];
17. //echo "<br>Decrypted password: ".$password;
18.  
19. // DECRYPT KEY
20. exec("./ed.out d $ekey",$dkey);
21. $key = $dkey[0];
22. //echo "<br>Decrypted Key: ".$key;
23.  
24. // DECRYPT HWID
25. exec("./ed.out d $ehwid",$dhwid);
26. $hwid = $dhwid[0];
27. //echo "<br>Decrypted Key: ".$key;
28.  
29. // DECRYPT COMPUTERNAME
30. exec("./ed.out d $ecomputername",$dcomputername);
31. $computername = $dcomputername[0];
32. //echo "<br>Decrypted Key: ".$key;
33.  
34. // HWID CHECK
35. $url="http://fanta.club/a/ver.php?COMPUTERNAME=".$computername."&HWID=".$hwid."&BUILDNUMBER=".$username."";
36. $ver = file_get_contents($url);
37.  
38. if($ver == "L.") {
39. exec("./ed.out e FAIL",$final2);
40. $final = $final2[0];
41. echo $final;
42. die();
43. }
44.  
45. // SUB CHECK
46. $result = mysqli_query($con, "SELECT * FROM `users` WHERE `username` = '$username'");
47. while ($row = mysqli_fetch_assoc($result)) {
48. $subscription = $row["subscription"];
49. }
50.  
51. $count = mysqli_num_rows($result);
52. if($count <= 0){
53. exec("./ed.out e FAIL",$final2);
54. $final = $final2[0];
55. echo $final;
56. die();
57. }
58.  
59.  
60. // Check if client [[KEY]] matches server [[KEY]]
61.  
62. //exec('g++ skey.cpp -o skey.out -std=c++11',$result);
63. //print_r($result);
64. exec("./skey.out $username",$result);
65. $skey = $result[0];
66. //echo "<br>";
67. //echo("Server key is: ".$skey);
68. //echo("<br>Client key is: ".$key);
69. if ($key == $skey) {
70. $password = md5($password);
71. $result = mysqli_query($con, "SELECT * FROM `users` WHERE BINARY `username` = '$username' AND `password` = '$password'") or die(mysqli_error($con));
72. $exist = mysqli_num_rows($result);
73. if($exist >= 1) {
74.  
75. exec("./ed.out e GOOD",$final2);
76. $final = $final2[0];
77. echo $final;
78. die();
79. }
80. } else {
81. exec("./ed.out e FAIL",$final2);
82. $final = $final2[0];
83. echo $final;
84. die();
85. }
86.  
87.  
88.  
89. ?>