Dart Grpc Ssl Verification Bypass
Description
This detector identifies Dart gRPC clients that disable SSL certificate verification by accepting invalid certificates through unsafe certificate validation handlers. Bypassing SSL verification exposes applications to man-in-the-middle attacks and compromises secure communications.
Detection Strategy
• Scans Dart source files that import the grpc package (package:grpc/grpc.dart)
• Excludes test files from analysis to focus on production code
• Examines function call arguments for unsafe certificate validation handlers that accept bad certificates
• Reports vulnerabilities when gRPC client configurations use certificate handlers that bypass SSL verification checks
Vulnerable code example
import 'dart:io';
import 'package:grpc/grpc.dart';
// VULNERABLE: Arrow callback unconditionally returns true - accepts all certificates
ChannelCredentials badChannel() => ChannelCredentials.secure(
onBadCertificate: (X509Certificate cert, String host) => true,
);
...✅ Secure code example
import 'dart:io';
import 'package:grpc/grpc.dart';
// SAFE: Callback returns false - rejects invalid certificates
ChannelCredentials badChannel() => ChannelCredentials.secure(
onBadCertificate: (X509Certificate cert, String host) => false,
);
...Search for vulnerabilities in your apps for free with Fluid Attacks' automated security testing! Start your 21-day free trial and discover the benefits of the Continuous Hacking Essential plan. If you prefer the Advanced plan, which includes the expertise of Fluid Attacks' hacking team, fill out this contact form.