search
πŸ“œ MediumπŸ›’ My ShopπŸ‘Ύ GithubπŸ“© Telegram πŸ“Ί YouTubeβœ– Twitter

RabbitMQ Management - Port 15672

hashtag
Basic info

hashtag
What is RabbitMQ?

RabbitMQ is a message broker that provides:

  • Message queuing - Asynchronous communication

  • Routing - Flexible message routing

  • Multiple protocols - AMQP, MQTT, STOMP

  • High availability - Clustering and mirroring

  • Management interface - Web UI and HTTP API

  • Reliability - Message persistence and acknowledgments

hashtag
AMQP Architecture

Ports:

  • 15672 - HTTP (Management)

  • 15671 - HTTPS (Management, if enabled)

  • 5672 - AMQP (Message broker)

  • 5671 - AMQPS (Secure AMQP)

hashtag
Default Port

Port 15672 - RabbitMQ Management (HTTP)

hashtag
Reconnaissance & Enumeration

hashtag
Port Scanning

Basic Nmap Scan

Sample Output:

hashtag
Web Interface Discovery

Access Management UI

Login Page:

  • Default page shows RabbitMQ logo

  • Login form with username/password

  • Version information often visible

hashtag
API Endpoint Discovery

API Base URL:

Common API Endpoints:

hashtag
Shodan Queries

hashtag
Authentication Testing

hashtag
Default Credentials

Standard Default:

Test Default Credentials:

hashtag
Common Credentials

hashtag
Brute Force Authentication

Using Hydra

Using Metasploit

Custom Python Script

hashtag
API Enumeration

hashtag
Overview Information

Get Cluster Overview

hashtag
Node Information

List Nodes

hashtag
Connection Information

List Active Connections

Extract Client IPs:

hashtag
Channel Information

List Channels

hashtag
User Enumeration

List All Users

Example Output:

hashtag
Virtual Host Enumeration

List Virtual Hosts

hashtag
Queue Enumeration

List All Queues

Queue Information Includes:

hashtag
Exchange Enumeration

List Exchanges

hashtag
Binding Enumeration

List Bindings

hashtag
Exploitation Techniques

hashtag
Message Interception

Read Messages from Queue

Example Response:

hashtag
Message Injection

Publish Message to Queue

Command Injection via Messages:

hashtag
Path Traversal Exploitation

File Access via Message Attachments

hashtag
Queue Manipulation

Create Malicious Queue

Bind Queue to Exchange

Purge Queue (DoS)

hashtag
User Creation (Privilege Escalation)

Create Admin User

hashtag
Configuration Export

Dump Complete Configuration

hashtag
Denial of Service

Delete Critical Queues

Flood with Messages

hashtag
Password Hash Cracking

hashtag
Extract Password Hashes

Get User Hashes

hashtag
Crack RabbitMQ Hashes

Hash Format:

RabbitMQ uses salted SHA-256 (or SHA-512 in newer versions)

Extract and Format:

Crack with Hashcat

hashtag
Post-Exploitation

hashtag
Persistence

Create Backdoor User

Create Monitoring Queue

hashtag
Information Gathering

Application Architecture Discovery

Credential Harvesting

hashtag
Lateral Movement

Extract Connection Information

hashtag
Defense & Hardening

hashtag
Change Default Credentials

Delete Guest User

Create Strong Admin User

hashtag
Network Security

Bind to Localhost

Firewall Rules

Use Reverse Proxy

hashtag
Enable SSL/TLS

Configure HTTPS

hashtag
Access Control

Limit User Permissions

Virtual Host Isolation

hashtag
Monitoring & Detection

Enable Audit Logging

Monitor Management Access

Intrusion Detection Rules

hashtag
Regular Security Practices

hashtag
Tools & Scripts

hashtag
Essential Tools

  1. curl - HTTP API interaction

  2. rabbitmqctl - CLI management

  3. Metasploit - Exploitation modules

  4. Python pika - AMQP client library

  5. Custom scripts - Automation

hashtag
Python Automation Script

hashtag
Cheat Sheet

hashtag
Quick Reference

hashtag
Important API Endpoints

hashtag
Default Credentials

hashtag
Additional Resources

circle-check

Learn & practice For the Bug Bountyarrow-up-right

chevron-rightSupport VeryLazyTech πŸŽ‰hashtag
PreviousMemcache - Port 11211NextGlusterFS - Port 24007, 24008, 24009, 49152

Last updated