ROOTPLOIT
Server: LiteSpeed
System: Linux in-mum-web1878.main-hosting.eu 5.14.0-570.21.1.el9_6.x86_64 #1 SMP PREEMPT_DYNAMIC Wed Jun 11 07:22:35 EDT 2025 x86_64
User: u435929562 (435929562)
PHP: 7.4.33
Disabled: system, exec, shell_exec, passthru, mysql_list_dbs, ini_alter, dl, symlink, link, chgrp, leak, popen, apache_child_terminate, virtual, mb_send_mail
$ pwd: /opt/go/pkg/mod/go.mongodb.org/[email protected]/etc/gen-ec-certs/
Upload Files
File: //opt/go/pkg/mod/go.mongodb.org/[email protected]/etc/gen-ec-certs/gen-ec-certs.sh
#!/usr/bin/env bash
# This script is used to generate Elliptic Curve (EC) certificates.
# The EC certificates are used for testing the Go driver with PyKMIP.
# PyKMIP does not support Go's default TLS cipher suites with RSA.
# See: GODRIVER-2239.
set -euo pipefail
CA_SERIAL=$RANDOM
SERVER_SERIAL=$RANDOM
CLIENT_SERIAL=$RANDOM
DAYS=14600

# Generate CA certificate ... begin
# Generate an EC private key.
openssl ecparam -name prime256v1 -genkey -out ca-ec.key -noout
# Generate a certificate signing request.
openssl req -new -key ca-ec.key -out ca-ec.csr -subj "/C=US/ST=New York/L=New York City/O=MongoDB/OU=DBX/CN=ca/" -config empty.cnf -sha256
# Self-sign the request.
openssl x509 -in ca-ec.csr -out ca-ec.pem -req -signkey ca-ec.key -days $DAYS -sha256 -set_serial $CA_SERIAL
# Generate CA certificate ... end

# Generate Server certificate ... begin
# Generate an EC private key.
openssl ecparam -name prime256v1 -genkey -out server-ec.key -noout
# Generate a certificate signing request.
openssl req -new -key server-ec.key -out server-ec.csr -subj "/C=US/ST=New York/L=New York City/O=MongoDB/OU=DBX/CN=server/" -config empty.cnf -sha256
# Sign the request with the CA. Add server extensions.
openssl x509 -in server-ec.csr -out server-ec.pem -req -CA ca-ec.pem -CAkey ca-ec.key -days $DAYS -sha256 -set_serial $SERVER_SERIAL -extfile server.ext
# Append private key to .pem file.
cat server-ec.key >> server-ec.pem
# Generate Server certificate ... end

# Generate Client certificate ... begin
# Generate an EC private key.
openssl ecparam -name prime256v1 -genkey -out client-ec.key -noout
# Generate a certificate signing request.
# Use the Common Name (CN) of "client". PyKMIP identifies the client by the CN. The test server expects the identity of "client".
openssl req -new -key client-ec.key -out client-ec.csr -subj "/C=US/ST=New York/L=New York City/O=MongoDB/OU=DBX/CN=client/" -config empty.cnf -sha256
# Sign the request with the CA. Add client extensions.
openssl x509 -in client-ec.csr -out client-ec.pem -req -CA ca-ec.pem -CAkey ca-ec.key -days $DAYS -sha256 -set_serial $CLIENT_SERIAL -extfile client.ext
# Append private key to .pem file.
cat client-ec.key >> client-ec.pem
# Generate Client certificate ... end

# Clean-up.
rm *.csr
rm *.key
@ Telegram