Linux server.thearyasamaj.org 4.18.0-553.56.1.el8_10.x86_64 #1 SMP Tue Jun 10 05:00:59 EDT 2025 x86_64
Apache
: 103.90.241.146 | : 216.73.216.222
Cant Read [ /etc/named.conf ]
5.6.40
ftpuser@mantra.thearyasamaj.org
www.github.com/MadExploits
Terminal
AUTO ROOT
Adminer
Backdoor Destroyer
Linux Exploit
Lock Shell
Lock File
Create User
CREATE RDP
PHP Mailer
BACKCONNECT
UNLOCK SHELL
HASH IDENTIFIER
CPANEL RESET
CREATE WP USER
README
+ Create Folder
+ Create File
/
usr /
libexec /
[ HOME SHELL ]
Name
Size
Permission
Action
awk
[ DIR ]
drwxr-xr-x
coreutils
[ DIR ]
drwxr-xr-x
dbus-1
[ DIR ]
drwxr-xr-x
dovecot
[ DIR ]
drwxr-xr-x
gawk
[ DIR ]
drwxr-xr-x
gcc
[ DIR ]
drwxr-xr-x
getconf
[ DIR ]
drwxr-xr-x
grubby
[ DIR ]
drwxr-xr-x
hostname
[ DIR ]
drwxr-xr-x
initscripts
[ DIR ]
drwxr-xr-x
installkernel
[ DIR ]
drwxr-xr-x
linux-boot-probes
[ DIR ]
drwxr-xr-x
lsm.d
[ DIR ]
drwxr-xr-x
man-db
[ DIR ]
drwxr-xr-x
mecab
[ DIR ]
drwxr-xr-x
microcode_ctl
[ DIR ]
drwxr-xr-x
openldap
[ DIR ]
drwxr-xr-x
openssh
[ DIR ]
drwxr-xr-x
os-prober
[ DIR ]
drwxr-xr-x
os-probes
[ DIR ]
drwxr-xr-x
p11-kit
[ DIR ]
drwxr-xr-x
p7zip
[ DIR ]
drwxr-xr-x
pcp
[ DIR ]
drwxr-xr-x
postfix
[ DIR ]
drwxr-xr-x
proftpd
[ DIR ]
drwxr-xr-x
psacct
[ DIR ]
drwxr-xr-x
selinux
[ DIR ]
drwxr-xr-x
smartmontools
[ DIR ]
drwxr-xr-x
sssd
[ DIR ]
drwxr-xr-x
sudo
[ DIR ]
drwxr-xr-x
tuned
[ DIR ]
drwxr-xr-x
usermin
[ DIR ]
drwxr-xr-x
utempter
[ DIR ]
drwxr-xr-x
webmin
[ DIR ]
drwxr-xr-x
audit-functions
990
B
-rwxr-x---
chrony-helper
7.17
KB
-rwxr-xr-x
cockpit-askpass
45.4
KB
-rwxr-xr-x
cockpit-certificate-ensure
24.8
KB
-rwxr-xr-x
cockpit-certificate-helper
5.29
KB
-rwxr-xr-x
cockpit-client
12.26
KB
-rwxr-xr-x
cockpit-client.ui
4.13
KB
-rw-r--r--
cockpit-desktop
4.57
KB
-rwxr-xr-x
cockpit-session
57.16
KB
-rwsr-x---
cockpit-ssh
127.34
KB
-rwxr-xr-x
cockpit-tls
49.56
KB
-rwxr-xr-x
cockpit-ws
279.13
KB
-rwxr-xr-x
cockpit-wsinstance-factory
16.49
KB
-rwxr-xr-x
dirmngr_ldap
87.32
KB
-rwxr-xr-x
ebtables
1.33
KB
-rwxr-xr-x
generate-rndc-key.sh
546
B
-rwxr-xr-x
glib-pacrunner
21.66
KB
-rwxr-xr-x
gpg-check-pattern
111.88
KB
-rwxr-xr-x
gpg-preset-passphrase
87.21
KB
-rwxr-xr-x
gpg-protect-tool
206.3
KB
-rwxr-xr-x
gpg-wks-client
227.22
KB
-rwxr-xr-x
grepconf.sh
253
B
-rwxr-xr-x
httpd-ssl-gencerts
1.22
KB
-rwxr-xr-x
httpd-ssl-pass-dialog
92
B
-rwxr-xr-x
import-state
1.03
KB
-rwxr-xr-x
loadmodules
233
B
-rwxr-xr-x
mlocate-run-updatedb
138
B
-rwxr-x---
mlx4-setup.sh
2.48
KB
-rwxr-xr-x
mysql-check-socket
1.4
KB
-rwxr-xr-x
mysql-check-upgrade
1.53
KB
-rwxr-xr-x
mysql-prepare-db-dir
3.42
KB
-rwxr-xr-x
mysql-scripts-common
2.51
KB
-rw-r--r--
mysql-wait-stop
709
B
-rwxr-xr-x
mysqld
62.52
MB
-rwxr-xr-x
nm-daemon-helper
12.59
KB
-rwxr-xr-x
nm-dhcp-helper
16.2
KB
-rwxr-xr-x
nm-dispatcher
66.13
KB
-rwxr-xr-x
nm-ifdown
1.07
KB
-rwxr-xr-x
nm-ifup
1.04
KB
-rwxr-xr-x
nm-initrd-generator
740.38
KB
-rwxr-xr-x
no-python
157
B
-rwxr-xr-x
packagekit-direct
105.7
KB
-rwxr-xr-x
packagekitd
316.57
KB
-rwxr-xr-x
pk-offline-update
33.13
KB
-rwxr-xr-x
platform-python
11.59
KB
-rwxr-xr-x
platform-python3.6
11.59
KB
-rwxr-xr-x
platform-python3.6m
11.59
KB
-rwxr-xr-x
scdaemon
442.36
KB
-rwxr-xr-x
tcawmgr.cgi
25.1
KB
-rwxr-xr-x
truescale-serdes.cmds
8.5
KB
-rwxr-xr-x
vdoprepareforlvm
540.58
KB
-rwxr-xr-x
virt-what-cpuid-helper
7.84
KB
-rwxr-xr-x
Delete
Unzip
Zip
${this.title}
Close
Code Editor : cockpit-certificate-helper
#!/bin/bash set -eu # prefix= is set because the default /etc contains "${prefix}" prefix="/usr" COCKPIT_CONFIG="/etc/cockpit" COCKPIT_WS_CERTS_D="${COCKPIT_CONFIG}/ws-certs.d" COCKPIT_RUNTIME_DIR="/run/cockpit" install_cert() { local destination="${COCKPIT_WS_CERTS_D}/$1" mv -Z "$1" "${destination}" # The certificate should be world-readable chmod a+r "${destination}" } install_key() { local destination="${COCKPIT_WS_CERTS_D}/$1" mv -Z "$1" "${destination}" } selfsign_sscg() { sscg --quiet \ --lifetime "${DAYS}" \ --key-strength 2048 \ --cert-key-file "${KEYFILE}" \ --cert-file "${CERTFILE}" \ --ca-file "${CA_FILE}" \ --hostname "${HOSTNAME}" \ --organization "${MACHINE_ID:-unspecified}" \ --subject-alt-name localhost \ --subject-alt-name IP:127.0.0.1/255.255.255.255 } selfsign_openssl() { openssl req -x509 \ -days "${DAYS}" \ -newkey rsa:2048 \ -keyout "${KEYFILE}" \ -keyform PEM \ -nodes \ -out "${CERTFILE}" \ -outform PEM \ -subj "${MACHINE_ID:+/O=${MACHINE_ID}}/CN=${HOSTNAME}" \ -config - \ -extensions v3_req << EOF [ req ] req_extensions = v3_req extensions = v3_req distinguished_name = req_distinguished_name [ req_distinguished_name ] [ v3_req ] subjectAltName=IP:127.0.0.1,DNS:localhost basicConstraints = critical, CA:TRUE keyUsage = critical, digitalSignature,cRLSign,keyCertSign,keyEncipherment,keyAgreement extendedKeyUsage = serverAuth EOF } cmd_selfsign() { # Common variables used by both methods local MACHINE_ID if [ -e /etc/machine-id ]; then MACHINE_ID="$(tr -d -c '[:xdigit:]' < /etc/machine-id)" fi local HOSTNAME="${HOSTNAME:-$(hostname)}" local CERTFILE="0-self-signed.cert" local KEYFILE="0-self-signed.key" local CA_FILE="0-self-signed-ca.pem" # We renew certificates up to 30 days before expiry, so give ourselves a # year, plus 30 days. The maximum is variously mentioned to be 397 or 398. local DAYS=395 # If sscg fails, try openssl selfsign_sscg || selfsign_openssl # Install the files and set permissions ($CA_FILE is only created by sscg) test ! -e "${CA_FILE}" || install_cert "${CA_FILE}" install_cert "${CERTFILE}" install_key "${KEYFILE}" } cmd_ipa_request() { local USER="$1" # IPA operations require auth; read password from stdin to avoid quoting issues # if kinit fails, we can't handle this setup, exit cleanly kinit "${USER}@${REALM}" || exit 0 # ensure this gets run with a non-C locale; ipa fails otherwise if [ "$(sh -c 'eval `locale`; echo $LC_CTYPE')" = 'C' ]; then export LC_CTYPE=C.UTF-8 fi # create a kerberos Service Principal Name for cockpit-ws, unless already present ipa service-show "${SERVICE}" || \ ipa service-add --ok-as-delegate=true --ok-to-auth-as-delegate=true --force "${SERVICE}" # add cockpit-ws key, unless already present klist -k "${KEYTAB}" | grep -qF "${SERVICE}" || \ ipa-getkeytab -p "HTTP/${HOST}" -k "${KEYTAB}" # request the certificate and put it into our certificate directory, so that auto-refresh works ipa-getcert request -f "${COCKPIT_WS_CERTS_D}/10-ipa.cert" -k "${COCKPIT_WS_CERTS_D}/10-ipa.key" -K "HTTP/${HOST}" -m 640 -o root:root -M 644 -w -v } cmd_ipa_cleanup() { # clean up keytab if [ -e "${KEYTAB}" ]; then ipa-rmkeytab -k "${KEYTAB}" -p "${SERVICE}" fi # clean up certificate; support both "copy" and "direct" modes from cmd_ipa_request() rm "${COCKPIT_WS_CERTS_D}/10-ipa.cert" "${COCKPIT_WS_CERTS_D}/10-ipa.key" ipa-getcert stop-tracking -f "${COCKPIT_WS_CERTS_D}/10-ipa.cert" -k "${COCKPIT_WS_CERTS_D}/10-ipa.key" || \ ipa-getcert stop-tracking -f /run/cockpit/certificate-helper/10-ipa.cert -k /run/cockpit/certificate-helper/10-ipa.key } cmd_ipa() { local REALM="$2" local HOST HOST="$(hostname -f)" local SERVICE="HTTP/${HOST}@${REALM}" local KEYTAB="${COCKPIT_CONFIG}/krb5.keytab" # use a temporary keytab to avoid interfering with the system one export KRB5CCNAME=/run/cockpit/keytab-setup # not an IPA setup? cannot handle this if [ -z "$(which ipa)" ]; then echo 'ipa must be installed for this command' exit 1 fi case "$1" in request) cmd_ipa_request "$3" ;; cleanup) cmd_ipa_cleanup ;; *) echo 'unknown subcommand' exit 1 ;; esac } main() { # ipa-getkeytab needs root to create the file, same for cert installation if [ "$(id -u)" != "0" ]; then echo 'must be run as root' exit 1 fi # Create a private working directory mkdir -p "${COCKPIT_RUNTIME_DIR}" WORKDIR="${COCKPIT_RUNTIME_DIR}/certificate-helper" mkdir -m 700 "${WORKDIR}" # we expect that not to have existed trap 'exit' INT QUIT PIPE TERM trap 'rm -rf "${WORKDIR}"' EXIT cd "${WORKDIR}" # Dispatch subcommand case "$1" in selfsign) cmd_selfsign ;; ipa) shift cmd_ipa "$@" ;; *) echo 'unknown subcommand' exit 1 ;; esac } main "$@"
Close
