Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

CPP: Disabled SSL certificate verification #836

Closed
2 tasks
porcupineyhairs opened this issue Jun 23, 2024 · 7 comments
Closed
2 tasks

CPP: Disabled SSL certificate verification #836

porcupineyhairs opened this issue Jun 23, 2024 · 7 comments
Labels
All For One Submissions to the All for One, One for All bounty

Comments

@porcupineyhairs
Copy link

porcupineyhairs commented Jun 23, 2024
edited
Loading

Query PR

CPP: Disabled SSL certificate verification

Language

C/C++

CVE(s) ID list

CVE-2022-33684
https://huntr.com/bounties/42325662-6329-4e04-875a-49e2f5d69f78

CWE

CWE-295

Report

Disable SSL certificate verification can expose the communication to MITM attacks.

This PR adds a query to detect the same. This also include the tests and qhelp for the same. This query primarily detects the following pattern

curl_easy_setopt(curl.get(), CURLOPT_SSL_VERIFYPEER, 0);
curl_easy_setopt(curl.get(), CURLOPT_SSL_VERIFYHOST, 0);

This detects two independent issues found in different projects. One of them has a CVE. while the other does not. the databases for the openframework project can be downloaded below.

openframeworksVulnDb.zip

Are you planning to discuss this vulnerability submission publicly? (Blog Post, social networks, etc).

  • Yes
  • No

Blog post link

No response
@porcupineyhairs porcupineyhairs added the All For One Submissions to the All for One, One for All bounty label Jun 23, 2024
@porcupineyhairs porcupineyhairs changed the title [<language>]: <short description> CPP: Disabled SSL certificate verification Jun 23, 2024
@ghsecuritylab
Copy link
Collaborator

Your submission is now in status Test run.

For information, the evaluation workflow is the following:
Initial triage > Test run > Results analysis > Query review > Final decision > Pay > Closed

@ghsecuritylab
Copy link
Collaborator

Your submission is now in status Results analysis.

For information, the evaluation workflow is the following:
Initial triage > Test run > Results analysis > Query review > Final decision > Pay > Closed

@ghsecuritylab
Copy link
Collaborator

Your submission is now in status Query review.

For information, the evaluation workflow is the following:
Initial triage > Test run > Results analysis > Query review > Final decision > Pay > Closed

@p-
Copy link

p- commented Sep 9, 2024

Hey @porcupineyhairs 👋

Could you have a look at the code review?

@porcupineyhairs
Copy link
Author

@p- Sorry for the delay in addressing this. I will complete all of the pending PRs including this one over the weekend.

@xcorail
Copy link
Contributor

xcorail commented Sep 24, 2024

Created Hackerone report 2736991 for bounty 621415 : [836] CPP: Disabled SSL certificate verification

@xcorail xcorail closed this as completed Sep 24, 2024
@xcorail
Copy link
Contributor

xcorail commented Nov 4, 2024

Hey @porcupineyhairs don't forget to claim your reward, the program is shutting down soon!

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
All For One Submissions to the All for One, One for All bounty
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
4 participants
@p- @xcorail @ghsecuritylab @porcupineyhairs