search

RhinoSecurityLabs / pacu

The AWS exploitation framework, designed for testing the security of Amazon Web Services environments.
https://rhinosecuritylabs.com/aws/pacu-open-source-aws-exploitation-framework/
BSD 3-Clause "New" or "Revised" License
4.3k stars 689 forks source link

New module: mq__enum #431

Closed 6a6f656c closed 3 months ago

6a6f656c commented 3 months ago

Enumerates MQ Instances and stores information into json file.

h00die commented 3 months ago

Running against a specific region

image

For the stored data, it's just a subset of the data that we thought would be of value to a pentester. image

all regions with 1 broker & 1 user

image

image

mutliple brokers and users

image

image

h00die commented 3 months ago

The only other improvement we thought of (other than adding more useful fields into the saved data) would be saving this to data as well. Thoughts on that?

DaveYesland commented 3 months ago

The only other improvement we thought of (other than adding more useful fields into the saved data) would be saving this to data as well. Thoughts on that?

Yeah agreed, seems like this data should go into the DB instead of just a file since it is just structed data from a service.

6a6f656c commented 3 months ago

All fixed...ready for review.

6a6f656c commented 3 months ago

Ready for review