This Python script is a Proof-of-Concept (PoC) scanner for detecting the vulnerability CVE-2024-40898, which affects Apache HTTP Server’s SSL certificate validation. CVE-2024-40898 SSL Certificate Validation Bypass Scanner
This repository contains a Python-based proof-of-concept (PoC) script to detect CVE-2024-40898, a vulnerability in Apache HTTP Server that allows attackers to bypass SSL certificate verification.
Overview
CVE-2024-40898 is a security issue in Apache HTTP Server which, under specific conditions, permits clients to bypass certificate validation. This could potentially allow man-in-the-middle (MitM) attacks over TLS.
What This Script Does
• Reads a list of host:port pairs from ssl-ports.txt.
• For each entry:
• Establishes a TLS connection using a custom SSL context that disables certificate validation.
• Sends a HEAD / request to the server.
• Analyzes the response:
• If the response includes 200 OK, the target is marked as potentially vulnerable.
• If no such response is returned, the target is marked as safe.
• If any exception occurs, it is logged as an error.
Requirements
• Python 3.x
How to Use
1. Create a file named ssl-ports.txt with one target per line in the format:
api.example.com:443
www.site.org:443
secure.service.net:443
2. Run the script:
python3 check_cve_40898.py
4. View the results:
[VULNERABLE] domain.com:443
[SAFE] domain.com:443
[ERROR] domain.com:443 => <error message>
Notes
• This is an automated scanner. It will test all domains listed in ssl-ports.txt and print the results.
• Make sure your domain list is accurate and within your testing scope.
[4.0K] /data/pocs/6553e4b3f4751394643cc8d2126a01fa9f099005
├── [1.1K] check_cve_40898.py
├── [ 220] Disclaimer
├── [1.0K] LICENSE
├── [1.5K] README.md
└── [1.1K] Script
0 directories, 5 files