add rabbitmq default password detection

2020-07-06 18:33:19 -04:00 · 2020-07-06 18:33:19 -04:00 · 941ab6d875
parent 2499aaa0a6
commit 941ab6d875
3 changed files with 48 additions and 0 deletions
--- a/panels/rabbitmq-dashboard.yaml
+++ b/panels/rabbitmq-dashboard.yaml
@ -0,0 +1,16 @@
+id: rabbitmq-dashboard
+
+info:
+  name: RabbitMQ Dashboard
+  author: fyoorer
+  severity: informative
+
+requests:
+  - method: GET
+    path:
+      - '{{BaseURL}}'
+    matchers:
+      - type: word
+        words:
+          - "RabbitMQ Management"
+        part: body
--- a/security-misconfiguration/rabbitmq-default-admin.yaml
+++ b/security-misconfiguration/rabbitmq-default-admin.yaml
@ -0,0 +1,17 @@
+id: rabbitmq-default-admin
+
+info:
+  name: RabbitMQ Default Credentials
+  author: fyoorer
+  severity: High
+
+requests:
+  - method: GET
+    headers:
+      authorization: "Basic Z3Vlc3Q6Z3Vlc3Q="
+    path:
+      -  "{{BaseURL}}/api/whoami"
+    matchers:
+      - type: status
+        status:
+          - 200
--- a/workflows/rabbitmq-workflow.yaml
+++ b/workflows/rabbitmq-workflow.yaml
@ -0,0 +1,15 @@
+id: rabbitmq-workflow
+
+info:
+  name: RabbitMQ Workflow
+  author: fyoorer
+
+variables:
+  rabbitmq-dashboard: panels/rabbitmq-dashboard.yaml
+  rabbitmq-default-admin: security-misconfiguration/rabbitmq-default-admin.yaml
+
+logic:
+  |
+  if rabbitmq-dashboard() {
+    rabbitmq-default-admin()
+  }