## https://sploitus.com/exploit?id=D8A19443-2A37-5592-8955-F614504AAF45
CVE-2024-40898 SSL Certificate Validation Bypass Scanner
This repository contains a Python-based proof-of-concept (PoC) script to detect CVE-2024-40898, a vulnerability in Apache HTTP Server that allows attackers to bypass SSL certificate verification.
Overview
CVE-2024-40898 is a security issue in Apache HTTP Server which, under specific conditions, permits clients to bypass certificate validation. This could potentially allow man-in-the-middle (MitM) attacks over TLS.
What This Script Does
⢠Reads a list of host:port pairs from ssl-ports.txt.
⢠For each entry:
⢠Establishes a TLS connection using a custom SSL context that disables certificate validation.
⢠Sends a HEAD / request to the server.
⢠Analyzes the response:
⢠If the response includes 200 OK, the target is marked as potentially vulnerable.
⢠If no such response is returned, the target is marked as safe.
⢠If any exception occurs, it is logged as an error.
Requirements
⢠Python 3.x
How to Use
1. Create a file named ssl-ports.txt with one target per line in the format:
api.example.com:443
www.site.org:443
secure.service.net:443
2. Run the script:
python3 check_cve_40898.py
4. View the results:
[VULNERABLE] domain.com:443
[SAFE] domain.com:443
[ERROR] domain.com:443 => <error message>
Notes
⢠This is an automated scanner. It will test all domains listed in ssl-ports.txt and print the results.
⢠Make sure your domain list is accurate and within your testing scope.