ztgrace
commented
4 years ago The real fix is to probably modify the code to use url parse: https://docs.python.org/3/library/urllib.parse.html
However, you could just create a new logic branch that accounts for the additional
if target.startswith('amqp'):
s = "amqp://username:password@localhost:15672/%2f"
match = re.match('^(?P<proto>amqp)://(?P<username>[a-zA-Z0-9]+):(?P<password>[a-zA-Z0-9]+)@(?P<host>[a-zA-Z0-9-\.]+):(?P<port>[0-9]+)(?P<path>.*)$', s)
match.groupdict()
# {'username': 'username', 'proto': 'amqp', 'host': 'localhost', 'path': '/%2f', 'password': 'password', 'port': '15672'}
match.group('username')
#'username'Looking forward to the PR
Hey folks - I'm trying to get the scanning functionality of ChangeMe expanded to include RabbitMQ. However, I'm running into an issue with the URL builder within the "targets.py" file. The RabbitMQ (or AMQP) URL is "amqp://username:password@localhost:15672/%2f". Currently, ChangeMe has URL building capabilities for MySQL, SNMP, and the normal IP:Port syntax. How can I use the below code for MySQL and modify it to place the username, password, and "/%2f" items into the targets.py file?
mysql://127.0.0.1:3306
protocol = target.split(':')[0] host = target.split(':')[1].replace('//', '') port = target.split(':')[2] targets.add(Target(host=host, port=port, protocol=protocol))