Software: Apache/2.4.41 (Ubuntu). PHP/8.0.30 

uname -a: Linux apirnd 5.4.0-204-generic #224-Ubuntu SMP Thu Dec 5 13:38:28 UTC 2024 x86_64 

uid=33(www-data) gid=33(www-data) groups=33(www-data) 

Safe-mode: OFF (not secure)

/var/www/html/wincloud_gateway/node_modules/mongodb/lib/core/auth/   drwxr-xr-x
Free 13.18 GB of 57.97 GB (22.74%)
                            Encoder    Tools    Proc.    FTP brute    Sec.    SQL    PHP-code    Update    Self remove    Logout    

Viewing file:     mongocr.js (1.24 KB)      -rw-r--r--

'use strict';

const crypto = require('crypto');
const AuthProvider = require('./auth_provider').AuthProvider;

class MongoCR extends AuthProvider {
  auth(authContext, callback) {
    const connection = authContext.connection;
    const credentials = authContext.credentials;
    const username = credentials.username;
    const password = credentials.password;
    const source = credentials.source;

    connection.command(`${source}.$cmd`, { getnonce: 1 }, (err, result) => {
      let nonce = null;
      let key = null;

      // Get nonce
      if (err == null) {
        const r = result.result;
        nonce = r.nonce;
        // Use node md5 generator
        let md5 = crypto.createHash('md5');
        // Generate keys used for authentication
        md5.update(username + ':mongo:' + password, 'utf8');
        const hash_password = md5.digest('hex');
        // Final key
        md5 = crypto.createHash('md5');
        md5.update(nonce + username + hash_password, 'utf8');
        key = md5.digest('hex');
      }

      const authenticateCommand = {
        authenticate: 1,
        user: username,
        nonce,
        key
      };

      connection.command(`${source}.$cmd`, authenticateCommand, callback);
    });
  }
}

module.exports = MongoCR;