Skip to content

Commit cf82940

Browse files
committed
fix(security): enable TLS certificate verification by default
- Changed verify=False to settings.ssl_verify (default True) across 7 files - Added ssl_verify config option to Settings - All HTTP clients now verify TLS certificates by default - MILESTONE: closes critical MITM vulnerability
1 parent b765889 commit cf82940

8 files changed

Lines changed: 15 additions & 8 deletions

File tree

bugfinder/agents/api/discover.py

Lines changed: 2 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -5,6 +5,7 @@
55
import httpx
66

77
from bugfinder.agents.base import AgentResult, BaseAgent
8+
from bugfinder.core.config import settings
89

910
API_PATTERNS = [
1011
"/api",
@@ -47,7 +48,7 @@ async def execute(self) -> AgentResult:
4748
findings = []
4849
assets = []
4950

50-
async with httpx.AsyncClient(timeout=30, follow_redirects=True, verify=False) as client:
51+
async with httpx.AsyncClient(timeout=settings.request_timeout, follow_redirects=True, verify=settings.ssl_verify) as client:
5152
for path in API_PATTERNS:
5253
url = urljoin(base_url, path)
5354
parsed = urlparse(url)

bugfinder/agents/recon/tech.py

Lines changed: 2 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -3,6 +3,7 @@
33
import httpx
44

55
from bugfinder.agents.base import AgentResult, BaseAgent
6+
from bugfinder.core.config import settings
67

78
TECH_SIGNATURES: dict[str, list[str]] = {
89
"nginx": ["nginx", "nginx/"],
@@ -39,7 +40,7 @@ async def execute(self) -> AgentResult:
3940
findings = []
4041

4142
try:
42-
async with httpx.AsyncClient(timeout=30, follow_redirects=True, verify=False) as client:
43+
async with httpx.AsyncClient(timeout=settings.request_timeout, follow_redirects=True, verify=settings.ssl_verify) as client:
4344
response = await client.get(url, headers=headers)
4445
body = response.text.lower()
4546
raw_headers = dict(response.headers)

bugfinder/agents/secrets/scan.py

Lines changed: 2 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -5,6 +5,7 @@
55
import httpx
66

77
from bugfinder.agents.base import AgentResult, BaseAgent
8+
from bugfinder.core.config import settings
89
from bugfinder.utils.crypto import detect_high_entropy_strings
910

1011
SECRET_PATTERNS: list[tuple[str, str, str]] = [
@@ -35,7 +36,7 @@ async def execute(self) -> AgentResult:
3536

3637
targets_to_scan = [base_url]
3738

38-
async with httpx.AsyncClient(timeout=30, follow_redirects=True, verify=False) as client:
39+
async with httpx.AsyncClient(timeout=settings.request_timeout, follow_redirects=True, verify=settings.ssl_verify) as client:
3940
js_paths = ["/", "/static/js/", "/assets/", "/app.js", "/main.js"]
4041
for path in js_paths:
4142
from urllib.parse import urljoin

bugfinder/agents/web/crawler.py

Lines changed: 2 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -5,6 +5,7 @@
55
import httpx
66

77
from bugfinder.agents.base import AgentResult, BaseAgent
8+
from bugfinder.core.config import settings
89

910
COMMON_PATHS = [
1011
"/robots.txt",
@@ -46,7 +47,7 @@ async def execute(self) -> AgentResult:
4647
findings = []
4748
assets = []
4849

49-
async with httpx.AsyncClient(timeout=30, follow_redirects=True, verify=False) as client:
50+
async with httpx.AsyncClient(timeout=settings.request_timeout, follow_redirects=True, verify=settings.ssl_verify) as client:
5051
try:
5152
resp = await client.get(base_url, headers=headers)
5253
assets.append(

bugfinder/agents/web/sqli.py

Lines changed: 2 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -3,6 +3,7 @@
33
import httpx
44

55
from bugfinder.agents.base import AgentResult, BaseAgent
6+
from bugfinder.core.config import settings
67

78
SQLI_PAYLOADS = ["'", '"', "1=1--", "' OR '1'='1", '" OR "1"="1', "1 UNION SELECT 1"]
89

@@ -34,7 +35,7 @@ async def execute(self) -> AgentResult:
3435
findings = []
3536
headers = {"User-Agent": "BugFinder/0.1.0"}
3637

37-
async with httpx.AsyncClient(timeout=30, follow_redirects=True, verify=False) as client:
38+
async with httpx.AsyncClient(timeout=settings.request_timeout, follow_redirects=True, verify=settings.ssl_verify) as client:
3839
try:
3940
resp = await client.get(base_url, headers=headers)
4041
except Exception:

bugfinder/agents/web/xss.py

Lines changed: 2 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -5,6 +5,7 @@
55
import httpx
66

77
from bugfinder.agents.base import AgentResult, BaseAgent
8+
from bugfinder.core.config import settings
89

910
XSS_PAYLOADS = [
1011
"<script>alert(1)</script>",
@@ -27,7 +28,7 @@ async def execute(self) -> AgentResult:
2728
findings = []
2829
headers = {"User-Agent": "BugFinder/0.1.0"}
2930

30-
async with httpx.AsyncClient(timeout=30, follow_redirects=True, verify=False) as client:
31+
async with httpx.AsyncClient(timeout=settings.request_timeout, follow_redirects=True, verify=settings.ssl_verify) as client:
3132
try:
3233
resp = await client.get(base_url, headers=headers)
3334
content = resp.text.lower()

bugfinder/core/config.py

Lines changed: 2 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -53,7 +53,8 @@ class Settings(BaseSettings):
5353
default=str(Path(user_data_dir(APP_NAME, ensure_exists=True)) / "cache"),
5454
)
5555

56-
# Scope
56+
# Security
57+
ssl_verify: bool = Field(default=True, description="Verify TLS certificates")
5758
scope_enforcement: bool = Field(default=True)
5859
allowed_domains: list[str] = Field(default=[], description="Allowed domains for testing")
5960

bugfinder/utils/http.py

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -29,7 +29,7 @@ async def request(
2929
async with httpx.AsyncClient(
3030
timeout=httpx.Timeout(settings.request_timeout),
3131
follow_redirects=True,
32-
verify=False,
32+
verify=settings.ssl_verify,
3333
) as client:
3434
response = await client.request(method, url, headers=headers, **kwargs)
3535
return response

0 commit comments

Comments
 (0)