来源

关联漏洞

描述

This Python script is a Proof-of-Concept (PoC) scanner for detecting the vulnerability CVE-2024-40898, which affects Apache HTTP Server’s SSL certificate validation.  

介绍

CVE-2024-40898 SSL Certificate Validation Bypass Scanner

This repository contains a Python-based proof-of-concept (PoC) script to detect CVE-2024-40898, a vulnerability in Apache HTTP Server that allows attackers to bypass SSL certificate verification.

Overview

CVE-2024-40898 is a security issue in Apache HTTP Server which, under specific conditions, permits clients to bypass certificate validation. This could potentially allow man-in-the-middle (MitM) attacks over TLS.

What This Script Does
	•	Reads a list of host:port pairs from ssl-ports.txt.
	•	For each entry:
	•	Establishes a TLS connection using a custom SSL context that disables certificate validation.
	•	Sends a HEAD / request to the server.
	•	Analyzes the response:
	•	If the response includes 200 OK, the target is marked as potentially vulnerable.
	•	If no such response is returned, the target is marked as safe.
	•	If any exception occurs, it is logged as an error.

Requirements
	•	Python 3.x

How to Use
	1.	Create a file named ssl-ports.txt with one target per line in the format:
                    
		      api.example.com:443
		      
                      www.site.org:443
		      
                      secure.service.net:443
2.	Run the script:

  	      python3 check_cve_40898.py
4.	View the results:
[VULNERABLE] domain.com:443
[SAFE] domain.com:443
[ERROR] domain.com:443 => <error message>
Notes
	•	This is an automated scanner. It will test all domains listed in ssl-ports.txt and print the results.
	•	Make sure your domain list is accurate and within your testing scope.

文件快照

 [4.0K]  /data/pocs/6553e4b3f4751394643cc8d2126a01fa9f099005
├── [1.1K]  check_cve_40898.py
├── [ 220]  Disclaimer
├── [1.0K]  LICENSE
├── [1.5K]  README.md
└── [1.1K]  Script

0 directories, 5 files

备注