CVE-2016-2402 PoC — Square OkHttp 安全漏洞

Source

https://github.com/ikoz/cert-pinning-flaw-poc

Associated Vulnerability

Title:Square OkHttp 安全漏洞 (CVE-2016-2402)
Description:OkHttp before 2.7.4 and 3.x before 3.1.2 allows man-in-the-middle attackers to bypass certificate pinning by sending a certificate chain with a certificate from a non-pinned trusted CA and the pinned certificate.

Description

Simple script for testing CVE-2016-2402 and similar flaws

Readme

# cert pinning flaw POC

Simple POC script for testing CVE-2016-2402 and similar flaws. Read [my blog post](https://koz.io/pinning-cve-2016-2402) for details.

This utility will set up a HTTPS server that servers a malicious certificate chain to the client for a specific domain.

If traffic from an app with a vulnerable certificate pinning implementation is redirected to this server, 
the pinning control will be bypassed and you should be able to see a GET or a POST request in the server console.

By default, this uses a hardcoded CA certificate and key (CA_CERT.pem and CA_KEY.pem files).

You can change these, use the following command to generate a new pair.

`openssl req -x509 -days 1825 -nodes -newkey rsa:2048 -outform pem -keyout CA_KEY.key -out CA_CERT.pem`

You will want to insert CA_CERT.pem to the platform being tested.

John Kozyrakis

File Snapshot


 [4.0K]  /data/pocs/c44ec065efe138cce89026c2dc30ffe2e30396dd
├── [1.2K]  CA_CERT.pem
├── [1.7K]  CA_KEY.pem
├── [5.7K]  cert-pinning-flaw-poc.py
├── [1.1K]  LICENSE
└── [ 856]  README.md

0 directories, 5 files

Shenlong Bot has cached this for you

Remarks

1. It is advised to access via the original source first.

2. Local POC snapshots are reserved for subscribers — if the original source is unavailable, the local mirror is part of the paid plan.

View subscription plans →

Goal Reached Thanks to every supporter — we hit 100%!