search

nixawk / pentest-wiki

PENTEST-WIKI is a free online security knowledge library for pentesters / researchers. If you have a good idea, please share it with others.
MIT License
3.37k stars 915 forks source link

[bruteforce] rabbitmq #21

Open nixawk opened 6 years ago

nixawk commented 6 years ago
screen shot 2017-11-30 at 05 00 11

default creds: 

guest/guest

Try to access http://target.com:15672/ with your browser, and login with the creds. If it is on, please disable it with the following method.

$ rabbitmq-plugins disable rabbitmq_management
The following plugins have been disabled:
  rabbitmq_management_visualiser
  cowlib
  cowboy
  rabbitmq_web_dispatch
  rabbitmq_management_agent
  rabbitmq_management

Applying plugin configuration to rabbit@localhost... stopped 6 plugins.