Skip to main content

AMQP Credentials

Description#

General#

  • Documentation: https://www.rabbitmq.com/documentation.html
  • Summary: AMQP is a protocol for queuing messages. GitGuardian detectors can catch AMQP credentials in URI connection strings or assignments.
  • IPs allowlist: It can be defined on the server and selected on a user basis.
  • Scopes: Credentials are user-based and a user may have limited rights.

Revoke the secret#

Secrets can be revoked directly from the server.

Check for suspicious activity#

All activity on the server can be checked from the server logs.

Details for Amqp uri#

  • Family: Database

  • Category: Data storage

  • High recall: True

  • Validity check available: True

  • On-premise instances exist: True

  • Only valid secrets raise an alert: False

  • Minimum number of matches: 8

  • Occurrences found for one million commits: 12.23

  • Prefixed: True

  • PreValidators:

- type: FilenameBanlistPreValidator  banlist_extensions: []  banlist_filenames: []  check_binaries: false  include_default_banlist_extensions: true  ban_markup: false- type: ContentWhitelistPreValidator  patterns:  - amqp

Examples#

- text: >    CONNECTION_URI="amqp://root:m42ploz2wd@google.com:5434/thegift"  host: google.com  port: "5434"  username: root  password: m42ploz2wd  scheme: amqp  database: thegift  connection_uri: amqp://root:m42ploz2wd@google.com:5434/thegift
- text: >    CONNECTION_URI="amqps://root:m42ploz2wd@google.com:5434/thegift"  host: google.com  port: "5434"  username: root  password: m42ploz2wd  scheme: amqps  database: thegift  connection_uri: amqps://root:m42ploz2wd@google.com:5434/thegift
- text: >    amqp.connect('amqp://root:m42ploz2wd@google.com', (err, connection) => {  host: google.com  username: root  password: m42ploz2wd  scheme: amqp  connection_uri: amqp://root:m42ploz2wd@google.com
# Test special characters in password- text: >    amqp.connect('amqp://root:m42p!o@z2wd@google.com', (err, connection) => {  host: google.com  username: root  password: m42p!o@z2wd  scheme: amqp  connection_uri: amqp://root:m42p!o@z2wd@google.com
# Test detection in md files- text: >    amqp.connect('amqp://root:m42p!o@z2wd@google.com', (err, connection) => {  host: google.com  username: root  password: m42p!o@z2wd  scheme: amqp  connection_uri: amqp://root:m42p!o@z2wd@google.com  filename: some_file.md

Details for Amqp assignment#

  • Family: Database

  • Category: Data storage

  • High recall: False

  • Validity check available: True

  • On-premise instances exist: True

  • Only valid secrets raise an alert: False

  • Minimum number of matches: 4

  • Occurrences found for one million commits: 4.72

  • Prefixed: False

  • PreValidators:

- type: FilenameBanlistPreValidator  banlist_extensions: []  banlist_filenames: []  check_binaries: false  include_default_banlist_extensions: true  ban_markup: true- type: ContentWhitelistPreValidator  patterns:  - rabbit  - amqp  - broker

Examples#

- text: |    spring.rabbitmq.host=google.com    spring.rabbitmq.port=5672    spring.rabbitmq.username=admin    spring.rabbitmq.password=fkeozfj1234voigj  host: google.com  port: "5672"  username: admin  password: fkeozfj1234voigj

Details for Amqp assignment attached port#

  • Family: Database

  • Category: Data storage

  • High recall: False

  • Validity check available: True

  • On-premise instances exist: True

  • Only valid secrets raise an alert: False

  • Minimum number of matches: 4

  • Occurrences found for one million commits: 0.32

  • Prefixed: False

  • PreValidators:

- type: FilenameBanlistPreValidator  banlist_extensions: []  banlist_filenames: []  check_binaries: false  include_default_banlist_extensions: true  ban_markup: true- type: ContentWhitelistPreValidator  patterns:  - rabbit  - amqp  - broker

Examples#

- text: |    spring.rabbitmq.addresses=br1.google.com:5672,br2.google.com:5672    spring.rabbitmq.username=admin    spring.rabbitmq.password=fkeozfj1234voigj  host: br1.google.com  port: "5672"  username: admin  password: fkeozfj1234voigj