Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CVE-2009-3555 PoC — Apache HTTP Server 信任管理问题漏洞

Source
https://github.com/johnwchadwick/cve-2009-3555-test-server
Associated Vulnerability
Title:Apache HTTP Server 信任管理问题漏洞 (CVE-2009-3555)
Description:The TLS protocol, and the SSL protocol 3.0 and possibly earlier, as used in Microsoft Internet Information Services (IIS) 7.0, mod_ssl in the Apache HTTP Server 2.2.14 and earlier, OpenSSL before 0.9.8l, GnuTLS 2.8.5 and earlier, Mozilla Network Security Services (NSS) 3.12.4 and earlier, multiple Cisco products, and other products, does not properly associate renegotiation handshakes with an existing connection, which allows man-in-the-middle attackers to insert data into HTTPS sessions, and possibly other types of sessions protected by TLS or SSL, by sending an unauthenticated request that is processed retroactively by a server in a post-renegotiation context, related to a "plaintext injection" attack, aka the "Project Mogul" issue.
Description
A TLS server using a vendored fork of the Go TLS stack that has renegotation indication extension forcibly disabled.
Readme
# What is this?

This is a TLS server using a vendored fork of the Go TLS stack that has renegotation indication extension forcibly disabled, which will trigger CVE-2009-3555 mitigations in OpenSSL 3.0+. Note that it isn't truly vulnerable to CVE-2009-3555 because the Go TLS stack doesn't allow renegotiations at all.

The function of this program is to act as a test server for TLS clients that refuse to connect to servers with insecure client renegotiation configurations, like OpenSSL 3.0+ without the SSL_OP_ALLOW_UNSAFE_LEGACY_RENEGOTIATION option.
File Snapshot

 [4.0K]  /data/pocs/bde2008135d300e577b57cda6e8fc8f3458afee8
├── [ 162]  go.mod
├── [ 627]  go.sum
├── [2.2K]  main.go
├── [ 556]  README.md
└── [4.0K]  tls
    ├── [3.9K]  alert.go
    ├── [9.8K]  auth.go
    ├── [ 24K]  cipher_suites.go
    ├── [ 53K]  common.go
    ├── [3.3K]  common_string.go
    ├── [ 46K]  conn.go
    ├── [4.8K]  generate_cert.go
    ├── [ 30K]  handshake_client.go
    ├── [ 20K]  handshake_client_tls13.go
    ├── [ 45K]  handshake_messages.go
    ├── [ 24K]  handshake_server.go
    ├── [ 25K]  handshake_server_tls13.go
    ├── [ 12K]  key_agreement.go
    ├── [5.9K]  key_schedule.go
    ├── [1.4K]  LICENSE
    ├── [8.4K]  prf.go
    ├── [5.2K]  ticket.go
    └── [ 12K]  tls.go

1 directory, 22 files
Shenlong Bot has cached this for you
Remarks
    1. It is advised to access via the original source first.
    2. Local POC snapshots are reserved for subscribers — if the original source is unavailable, the local mirror is part of the paid plan.
    3. Mirroring, verifying, and maintaining this POC archive takes ongoing effort, so local snapshots are a paid feature. Your subscription keeps the archive online — thank you for the support. View subscription plans →