Skip to content

fix(security): validate secret in _reload_dynamic_routes to prevent HMAC bypass#8306

Closed
memosr wants to merge 1 commit into
NousResearch:mainfrom
memosr:fix/webhook-dynamic-route-hmac-bypass
Closed

fix(security): validate secret in _reload_dynamic_routes to prevent HMAC bypass#8306
memosr wants to merge 1 commit into
NousResearch:mainfrom
memosr:fix/webhook-dynamic-route-hmac-bypass

Conversation

@memosr

@memosr memosr commented Apr 12, 2026

Copy link
Copy Markdown
Contributor

What does this PR do?

gateway/platforms/webhook.py had a secret validation gap between
startup and hot-reload:

  • Startup (run()): validates that all routes have a non-empty secret
  • Hot-reload (_reload_dynamic_routes()): loads routes from
    webhook_subscriptions.json without any secret validation

When a route with "secret": "" was loaded via hot-reload, the
request handler's check if secret and ... evaluated to False
(empty string is falsy), completely skipping HMAC validation.

Exploit chain

  1. Attacker sends a message: "Create a webhook subscription named
    'monitor' with an empty secret"
  2. Agent writes {"monitor": {"secret": "", "prompt": "..."}} to
    webhook_subscriptions.json
  3. _reload_dynamic_routes() hot-reloads the file — no secret check
  4. Attacker POSTs to /webhooks/monitor without any HMAC signature
  5. Agent executes the webhook prompt with full tool access

Fix

Added per-route secret validation in _reload_dynamic_routes().
Routes with empty or missing secrets are skipped with a WARNING log.
INSECURE_NO_AUTH remains valid as an explicit opt-in.

effective_secret = route.get("secret") or self._global_secret
if not effective_secret:
    logger.warning(
        "[webhook] Dynamic route '%s' has no secret — skipped.",
        name,
    )
    continue

Type of Change

  • 🔒 Security fix (authentication bypass)

Checklist

  • Read the Contributing Guide
  • Commit messages follow Conventional Commits
  • Consistent with startup validation in run()
  • INSECURE_NO_AUTH opt-in still works
  • No behavior change for routes with valid secrets

@alt-glitch alt-glitch added type/security Security vulnerability or hardening P0 Critical — data loss, security, crash loop comp/gateway Gateway runner, session dispatch, delivery platform/webhook Webhook / API server area/auth Authentication, OAuth, credential pools labels Apr 28, 2026
@teknium1 teknium1 mentioned this pull request May 21, 2026
Closed
@Nigelkil01 Nigelkil01 mentioned this pull request May 21, 2026
Closed
teknium1 added a commit that referenced this pull request May 22, 2026
@teknium1
infographic: PR #8306 webhook HMAC bypass salvage
a44ae01
@teknium1 teknium1 mentioned this pull request May 22, 2026
Merged
teknium1 added a commit that referenced this pull request May 22, 2026
@teknium1
infographic: PR #8306 webhook HMAC bypass salvage
8b49012
@teknium1

teknium1 commented May 22, 2026

Copy link
Copy Markdown
Contributor

Thanks for catching this @memosr — clean diagnosis, clean fix.

Merged via salvage PR #30370 (rebase-merge so your authorship is preserved on main in commit 9c90b3a5). Added 6 regression tests on top covering the empty/missing-secret cases, INSECURE_NO_AUTH opt-in preservation, the WARN log path, and the partial-skip case where one of several routes is bad.

Closing this PR — fix is on main: #30370

@bot-ted bot-ted mentioned this pull request May 22, 2026
Merged
Gpapas pushed a commit to Gpapas/hermes-agent that referenced this pull request May 23, 2026
@teknium1 @Gpapas
infographic: PR NousResearch#8306 webhook HMAC bypass salvage
eafc16d
Mucky010 pushed a commit to Mucky010/hermes-agent that referenced this pull request May 24, 2026
@teknium1 @Mucky010
infographic: PR NousResearch#8306 webhook HMAC bypass salvage
b617d74
exosyphon pushed a commit to exosyphon/hermes-agent that referenced this pull request May 24, 2026
@teknium1 @exosyphon
infographic: PR NousResearch#8306 webhook HMAC bypass salvage
c1b74d3
Bryce-huang pushed a commit to wbkunlun/hermes-agent that referenced this pull request May 29, 2026
@teknium1
infographic: PR NousResearch#8306 webhook HMAC bypass salvage
f368bff 
#AI commit#
mosaiq-systems pushed a commit to mosaiq-systems/hermes-agent that referenced this pull request May 29, 2026
@teknium1
infographic: PR NousResearch#8306 webhook HMAC bypass salvage
e1cbb0a
gweeteve pushed a commit to gweeteve/hermes-agent that referenced this pull request Jun 2, 2026
@teknium1
infographic: PR NousResearch#8306 webhook HMAC bypass salvage
a89f848
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

area/auth Authentication, OAuth, credential pools comp/gateway Gateway runner, session dispatch, delivery P0 Critical — data loss, security, crash loop platform/webhook Webhook / API server type/security Security vulnerability or hardening

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@memosr @teknium1 @alt-glitch