changeme icon indicating copy to clipboard operation
changeme copied to clipboard
verified publisher icon ztgrace

Adding RabbitMQ scanning capability

Open sw8y opened this issue 6 years ago • 1 comments

Hey folks - I'm trying to get the scanning functionality of ChangeMe expanded to include RabbitMQ. However, I'm running into an issue with the URL builder within the "targets.py" file. The RabbitMQ (or AMQP) URL is "amqp://username:password@localhost:15672/%2f". Currently, ChangeMe has URL building capabilities for MySQL, SNMP, and the normal IP:Port syntax. How can I use the below code for MySQL and modify it to place the username, password, and "/%2f" items into the targets.py file?

mysql://127.0.0.1:3306

protocol = target.split(':')[0] host = target.split(':')[1].replace('//', '') port = target.split(':')[2] targets.add(Target(host=host, port=port, protocol=protocol))

sw8y avatar Jan 27 '20 21:01 sw8y

The real fix is to probably modify the code to use url parse: https://docs.python.org/3/library/urllib.parse.html

However, you could just create a new logic branch that accounts for the additional

if target.startswith('amqp'):
    s = "amqp://username:password@localhost:15672/%2f"
    match = re.match('^(?P<proto>amqp)://(?P<username>[a-zA-Z0-9]+):(?P<password>[a-zA-Z0-9]+)@(?P<host>[a-zA-Z0-9-\.]+):(?P<port>[0-9]+)(?P<path>.*)$', s)
    match.groupdict()
# {'username': 'username', 'proto': 'amqp', 'host': 'localhost', 'path': '/%2f', 'password': 'password', 'port': '15672'}
    match.group('username')
#'username'

Looking forward to the PR

ztgrace avatar Mar 05 '20 23:03 ztgrace