HackTricks
Search…
Pentesting
Powered By GitBook
5671,5672 - Pentesting AMQP

Basic Information

RabbitMQ is a message-queueing software also known as a message broker or queue manager. Simply said; it is software where queues are defined, to which applications connect in order to transfer a message or messages. A message can include any kind of information. It could, for example, have information about a process or task that should start on another application (which could even be on another server), or it could be just a simple text message. The queue-manager software stores the messages until a receiving application connects and takes a message off the queue. The receiving application then processes the message. Definition from here.
Default port: 5672,5671
1
PORT STATE SERVICE VERSION
2
5672/tcp open amqp RabbitMQ 3.1.5 (0-9)
Copied!

Enumeration

Manual

1
import amqp
2
#By default it uses default credentials "guest":"guest"
3
conn = amqp.connection.Connection(host="<IP>", port=5672, virtual_host="/")
4
conn.connect()
5
for k, v in conn.server_properties.items():
6
print(k, v)
Copied!

Automatic

1
nmap -sV -Pn -n -T4 -p 5672 --script amqp-info <IP>
2
3
PORT STATE SERVICE VERSION
4
5672/tcp open amqp RabbitMQ 3.1.5 (0-9)
5
| amqp-info:
6
| capabilities:
7
| publisher_confirms: YES
8
| exchange_exchange_bindings: YES
9
| basic.nack: YES
10
| consumer_cancel_notify: YES
11
| copyright: Copyright (C) 2007-2013 GoPivotal, Inc.
12
| information: Licensed under the MPL. See http://www.rabbitmq.com/
13
| platform: Erlang/OTP
14
| product: RabbitMQ
15
| version: 3.1.5
16
| mechanisms: PLAIN AMQPLAIN
17
|_ locales: en_US
Copied!

Other RabbitMQ ports

From https://www.rabbitmq.com/networking.html you can find that rabbitmq uses several ports:

Shodan

    AMQP
Last modified 1yr ago