AMQP Credentials
#
Description#
General- Documentation: https://www.rabbitmq.com/documentation.html
- Summary: AMQP is a protocol for queuing messages. GitGuardian detectors can catch AMQP credentials in URI connection strings or assignments.
- IPs allowlist: It can be defined on the server and selected on a user basis.
- Scopes: Credentials are user-based and a user may have limited rights.
#
Revoke the secretSecrets can be revoked directly from the server.
#
Check for suspicious activityAll activity on the server can be checked from the server logs.
Amqp uri
#
Details for Family: Database
Category: Data storage
High recall: True
Validity check available: True
On-premise instances exist: True
Only valid secrets raise an alert: False
Minimum number of matches: 8
Occurrences found for one million commits: 12.23
Prefixed: True
PreValidators:
- type: FilenameBanlistPreValidator banlist_extensions: [] banlist_filenames: [] check_binaries: false include_default_banlist_extensions: true ban_markup: false- type: ContentWhitelistPreValidator patterns: - amqp
#
Examples- text: | CONNECTION_URI="amqp://root:m42xloz2wd@google.com:5434/thegift" host: google.com port: "5434" username: root password: m42xloz2wd scheme: amqp database: thegift connection_uri: amqp://root:m42xloz2wd@google.com:5434/thegift
- text: | CONNECTION_URI="amqps://root:m42xloz2wd@google.com:5434/thegift" host: google.com port: "5434" username: root password: m42xloz2wd scheme: amqps database: thegift connection_uri: amqps://root:m42xloz2wd@google.com:5434/thegift
- text: | amqp.connect('amqp://root:m42xloz2wd@google.com', (err, connection) => { }) host: google.com username: root password: m42xloz2wd scheme: amqp connection_uri: amqp://root:m42xloz2wd@google.com
# Test special characters in password- text: | amqp.connect('amqp://root:m42p!o@z2wd@google.com', (err, connection) => { }) host: google.com username: root password: m42p!o@z2wd scheme: amqp connection_uri: amqp://root:m42p!o@z2wd@google.com
# Test detection in md files- text: | ``` amqp.connect('amqp://root:m42p!o@z2wd@google.com', (err, connection) => { }) ``` host: google.com username: root password: m42p!o@z2wd scheme: amqp connection_uri: amqp://root:m42p!o@z2wd@google.com
Amqp assignment
#
Details for Family: Database
Category: Data storage
High recall: False
Validity check available: True
On-premise instances exist: True
Only valid secrets raise an alert: False
Minimum number of matches: 4
Occurrences found for one million commits: 4.72
Prefixed: False
PreValidators:
- type: FilenameBanlistPreValidator banlist_extensions: [] banlist_filenames: [] check_binaries: false include_default_banlist_extensions: true ban_markup: true- type: ContentWhitelistPreValidator patterns: - rabbit - amqp - broker
#
Examples- text: | spring.rabbitmq.host="google.com" spring.rabbitmq.port=5672 spring.rabbitmq.username="admin" spring.rabbitmq.password="fieogfb1234voigi" host: google.com port: "5672" username: admin password: fieogfb1234voigi
Amqp assignment attached port
#
Details for Family: Database
Category: Data storage
High recall: False
Validity check available: True
On-premise instances exist: True
Only valid secrets raise an alert: False
Minimum number of matches: 4
Occurrences found for one million commits: 0.32
Prefixed: False
PreValidators:
- type: FilenameBanlistPreValidator banlist_extensions: [] banlist_filenames: [] check_binaries: false include_default_banlist_extensions: true ban_markup: true- type: ContentWhitelistPreValidator patterns: - rabbit - amqp - broker
#
Examples- text: | spring.rabbitmq.addresses="br1.google.com:5672,br2.google.com:5672" spring.rabbitmq.username="admin" spring.rabbitmq.password="fkeozfj1339voiaj" host: br1.google.com port: "5672" username: admin password: fkeozfj1339voiaj