From c85b118b5c8de34fb5ebe69a0f10b0292c3e96d8 Mon Sep 17 00:00:00 2001
From: jordanlarose <jordanlarose@gmail.com>
Date: Wed, 16 May 2018 13:58:22 -0500
Subject: [PATCH] Bypass Untrusted or Self-Signed Certs

Fix to avoid 500 Certificate Verify Failed errors on HTTPS connections to applications with untrusted or self-signed certificates.
---
 padBuster.pl | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/padBuster.pl b/padBuster.pl
index d3977d2..c6c284c 100644
--- a/padBuster.pl
+++ b/padBuster.pl
@@ -637,9 +637,11 @@ sub makeRequest {
  do {
   #Quick hack to avoid hostname in URL when using a proxy with SSL (this will get re-set later if needed)
   $ENV{HTTPS_PROXY} = "";
+  $ENV{PERL_LWP_SSL_VERIFY_HOSTNAME} = 0;
   
   $lwp = LWP::UserAgent->new(env_proxy => 1,
                             keep_alive => 1,
+			    ssl_opts => { SSL_verify_mode => 0 },
                             timeout => 30,
 			    requests_redirectable => [],
                             );