GitPlanet

Cheap and reliable Node.js hosting starts at $3/month, and $1/month static HTML hosting

Created with love in Canada, visit hostnodejs.com today

Feel like to post an Ad? Learn Details
All Projects → QKaiser → cottontail

QKaiser / cottontail

Licence: BSD-3-Clause license
Capture all RabbitMQ messages being sent through a broker.

Programming Languages

python
139335 projects - #7 most used programming language

Labels

securityrabbitmqamqp

Projects that are alternatives of or similar to cottontail

nestjs-rmq
A custom library for NestJS microservice. It allows you to use RabbitMQ or AMQP.
Stars: ✭ 182 (+691.3%)
Mutual labels:  rabbitmq, amqp
Enqueue Dev
Message Queue, Job Queue, Broadcasting, WebSockets packages for PHP, Symfony, Laravel, Magento. DEVELOPMENT REPOSITORY - provided by Forma-Pro
Stars: ✭ 1,977 (+8495.65%)
Mutual labels:  rabbitmq, amqp
Gen rmq
Elixir AMQP consumer and publisher behaviours
Stars: ✭ 146 (+534.78%)
Mutual labels:  rabbitmq, amqp
Rabbitmq Dump Queue
Dump messages from a RabbitMQ queue to files, without affecting the queue.
Stars: ✭ 139 (+504.35%)
Mutual labels:  rabbitmq, amqp
rejected
rejected is a consumer framework for RabbitMQ
Stars: ✭ 56 (+143.48%)
Mutual labels:  rabbitmq, amqp
Spring Boot Amqp Messaging
This is a simple spring-boot app that shows how to configure easily RabbitMQ with AMQP for producing and consuming messages in default format and JSON.
Stars: ✭ 142 (+517.39%)
Mutual labels:  rabbitmq, amqp
go-mq
Declare AMQP entities like queues, producers, and consumers in a declarative way. Can be used to work with RabbitMQ.
Stars: ✭ 76 (+230.43%)
Mutual labels:  rabbitmq, amqp
Rabbitmq Mock
Mock for RabbitMQ Java amqp-client
Stars: ✭ 114 (+395.65%)
Mutual labels:  rabbitmq, amqp
Enqueue Bundle
[READ-ONLY] Message queue bundle for Symfony. RabbitMQ, Amazon SQS, Redis, Service bus, Async events, RPC over MQ and a lot more
Stars: ✭ 233 (+913.04%)
Mutual labels:  rabbitmq, amqp
Rabtap
RabbitMQ wire tap and swiss army knife
Stars: ✭ 171 (+643.48%)
Mutual labels:  rabbitmq, amqp
Amqpstorm
Thread-safe Python RabbitMQ Client & Management library
Stars: ✭ 130 (+465.22%)
Mutual labels:  rabbitmq, amqp
tomodachi
💻 Microservice library / framework using Python's asyncio event loop with full support for HTTP + WebSockets, AWS SNS+SQS, RabbitMQ / AMQP, middleware, etc. Extendable for GraphQL, protobuf, gRPC, among other technologies.
Stars: ✭ 170 (+639.13%)
Mutual labels:  rabbitmq, amqp
Bitnami Docker Rabbitmq
Bitnami Docker Image for RabbitMQ
Stars: ✭ 120 (+421.74%)
Mutual labels:  rabbitmq, amqp
postman
Reverse proxy for async microservice communication
Stars: ✭ 30 (+30.43%)
Mutual labels:  rabbitmq, amqp
Amqproxy
An intelligent AMQP proxy, with connection and channel pooling/reusing
Stars: ✭ 115 (+400%)
Mutual labels:  rabbitmq, amqp
Garagemq
AMQP message broker implemented with golang
Stars: ✭ 153 (+565.22%)
Mutual labels:  rabbitmq, amqp
Amiquip
Pure Rust RabbitMQ client
Stars: ✭ 88 (+282.61%)
Mutual labels:  rabbitmq, amqp
Aiormq
Pure python AMQP 0.9.1 asynchronous client library
Stars: ✭ 112 (+386.96%)
Mutual labels:  rabbitmq, amqp
Cony
Simple AMQP wrapper around github.com/streadway/amqp
Stars: ✭ 158 (+586.96%)
Mutual labels:  rabbitmq, amqp
roger-rabbit
A module that makes the process of consuming and publishing messages in message brokers easier
Stars: ✭ 12 (-47.83%)
Mutual labels:  rabbitmq, amqp
View All Similar Projects ➔

Cottontail

logo

A set of scripts to capture RabbitMQ messages being sent through that broker.

Installation

Prerequisites

  • Python > 2.7.9
  • a target running RabbitMQ with rabbitmq_management plugin enabled and exposed
  • valid credentials

This tool uses rabbitmq-management HTTP API to request information about vhosts, exchanges and queues as the AMQP protocol does not provide a mechanism to list those components. Therefore, the tool requires valid credentials to access the API. Any user having one of those profiles will work: administrator, management, monitoring, and policy.

Setup

Install from Pypi

Just run this command to install the latest version from Pypi:

pip install cottontail-offensive

Once installed you can call it like this:

cottontail http://localhost:15672/ --username guest --password guest

You should see something along those lines:

Screenshot

Install from Source - Linux

To install it, just clone the repo and use setup.py (might need sudo rights to install system-wide):

git clone https://github.com/QKaiser/cottontail.git
cd cottontail
python setup.py install

Install from source - Windows

You'll need git and python3 to install cottontail. The easiest way is to install them using Chocolatey.

PS C:\Users> choco install git.install
PS C:\Users> choco install python3

To install it, just clone the repo and use setup.py (might need administrator privileges to install system-wide):

PS C:\Users> git clone https://github.com/QKaiser/cottontail.git
PS C:\Users> cd cottontail
PS C:\Users\cottontail> python setup.py install

Once installed you can call it like this:

PS C:\Users> python C:\Python37\Scripts\cottontail -h

       /\ /|
       \ V/
       | "")     Cottontail v0.8.0
       /  |      Quentin Kaiser ([email protected])
      /  \\
    *(__\_\)

usage: cottontail [-h] [--username USERNAME] [--password PASSWORD] [-v] url
cottontail: error: the following arguments are required: url

Operation

  1. the script gather information by sending requests to rabbitmq-management HTTP API.
  2. the script launch one process per vhost
  3. each process establish a connection and open a channel within that vhost
  4. within that channel, the process will bind to every queue and every exchange except amqp.*

For more information on how the tool attain stealth, please refer to the information below.

Capture models

Producer Consumer Model / RPC Model

In the producer consumer mode, our connection will just move the model towards "Work queues" as if the legitimate consumer was worker1 and Cottontail would be worker2. The interesting thing here is that as soon as we receive our first message and requeue it, we will be able to capture all of them due to the round robin distribution implemented by RabbitMQ. Note that it is true for low traffic queues, it surely is different for traffic intensive queues (a message being dispatched prior to our script requeuing the previous one). Anyway, in theory, in this mode of operation, you get 100% of messages 100% of the time.

Cottontail handles RPC calls by requeuing messages with their complete metadata (reply_to and correlation_id fields), which means the RPC server will ultimately receives the request from us as if it were coming from the RPC client. Consider it 'RPC call spoofing' if you will.

Work queues

Assuming RabbitMQ is configured by default and distribute messages to consumers in a round robin manner, you will be able to capture len(messages)/len(consumers)-1 messages. Cottontail verify if consumers are listening for messages on the queue you just received a message from. If that is the case, it requeues the message so the next consumer receives it and your capture is transparent to them.

The less consumers there is, the more you'll be able to receive.

Note: assuming we have administrative privileges, an aggressive way to ensure we get all messages would be to disconnect all consumers but one. However, this could lead to denial of service condition if work load gets dispatched to a single node (e.g. sending emails, cropping pictures, generating PDFs, ...).

Fanout exchange

In this capture model, we simply bind a queue to the fanout exchange while specifying a wildcard (#) routing key. This way we receive everything that is sent to the fanout exchange.

Direct exchange

Direct exchanges do not support wildcard (#) routing keys. Therefore, we list bindings between other consumers and this direct exchange to obtain a list of routing keys. Then we bind one queue per routing key to the direct exchange. This way we are able to receive the same amount of messages as all consumers bound to this direct exchange combined.

Note: some producers might send messages with a routing key unused by currently bound consumers. Still need to thing about that scenario.

Test setup

I used the official RabbitMQ Docker image for my tests, redirecting both RabbitMQ and rabbitmq_management HTTP API ports:

sudo docker run -d --hostname my-rabbit --name some-rabbit -p 15672:15672 -p 5672:5672 rabbitmq:3-management

If you need more information about that docker image: https://hub.docker.com/_/rabbitmq/

Changelog

v0.8.4

  • identified and fixed another issue with exclusive locks
  • new logo \o/

v0.8.3

  • release as a Pypi package under the name cottontail-offensive

v0.8.2

  • add support for exclusive locks on queues

v0.8.1

  • use latest version of all external libraries (no specific version requirement)
  • pika API changed again, cottontail now support the latest calling convention

v0.8.0

  • fix issue when requeuing (see #22 and #23)

v0.7.0

  • handle permissions and access control (no AMQP connections to vhost we're not authorized to access, checks read and write permissions prior to consuming from queues and exchanges).
  • better exception handling (AMQP connection is gracefully closed on interrupt signal)

v0.6.0

  • requeuing got way smarter :)

v0.5.0

  • bug fix for direct exchange bindings
  • add support for Python3

v0.4.0

  • add verbose logging (show messages properties and header)
  • include all message properties when requeuing
  • better argument parsing and ASCII art bunny :)

v0.3.0

  • Support for AMQP connections over SSL

v0.2.0

  • Support for HTTPS connection to rabbitmq_management API.
  • Fallback to dumping messages via HTTP API if AMQP listener is not reachable

v0.1.0

Initial release

References

Note that the project description data, including the texts, logos, images, and/or trademarks, for each open source project belongs to its rightful owner. If you wish to add or remove any projects, please contact us at [email protected].