AMQP Credentials
Description
General
- Documentation: https://www.rabbitmq.com/documentation.html
- Summary: AMQP is a protocol for queuing messages. GitGuardian detectors can catch AMQP credentials in URI connection strings or assignments.
- IPs allowlist: It can be defined on the server and selected on a user basis.
- Scopes: Credentials are user-based and a user may have limited rights.
Revoke the secret
Secrets can be revoked directly from the server.
Check for suspicious activity
All activity on the server can be checked from the server logs.
Details for AMQP URI
-
Family: identifiers
-
Category: data_storage
-
High recall: True
-
Validity check available: True
-
Analyzer available: False
-
On-premise instances exist: False
-
Only valid secrets raise an alert: False
-
Minimum number of matches: 5
-
Occurrences found for one million commits: 12.23
-
Prefixed: True
-
PreValidators:
- type: FilenameBanlistPreValidator
banlist_extensions: []
banlist_filenames: []
check_binaries: false
include_default_banlist_extensions: true
ban_markup: false
- type: ContentWhitelistPreValidator
patterns:
- amqp
Examples
- text: |
CONNECTION_URI="amqp://root:m42xloz2wd@google.com:5434/thegift"
host: google.com
port: '5434'
username: root
password: m42xloz2wd
scheme: amqp
database: thegift
connection_uri: amqp://root:m42xloz2wd@google.com:5434/thegift
- text: |
CONNECTION_URI="amqps://root:m42xloz2wd@google.com:5434/thegift"
host: google.com
port: '5434'
username: root
password: m42xloz2wd
scheme: amqps
database: thegift
connection_uri: amqps://root:m42xloz2wd@google.com:5434/thegift
- text: |
amqp.connect('amqp://root:m42xloz2wd@google.com', (err, connection) => {
})
host: google.com
username: root
password: m42xloz2wd
scheme: amqp
connection_uri: amqp://root:m42xloz2wd@google.com
# Test special characters in password
- text: |
amqp.connect('amqp://root:m42p!o@z2wd@google.com', (err, connection) => {
})
host: google.com
username: root
password: m42p!o@z2wd
scheme: amqp
connection_uri: amqp://root:m42p!o@z2wd@google.com
# Test detection in md files
- text: |
```
amqp.connect('amqp://root:m42p!o@z2wd@google.com', (err, connection) => {
})
```
host: google.com
username: root
password: m42p!o@z2wd
scheme: amqp
connection_uri: amqp://root:m42p!o@z2wd@google.com
Details for AMQP Credentials
-
Family: identifiers
-
Category: data_storage
-
High recall: False
-
Validity check available: True
-
Analyzer available: False
-
On-premise instances exist: False
-
Only valid secrets raise an alert: False
-
Minimum number of matches: 4
-
Occurrences found for one million commits: 4.61
-
Prefixed: False
-
PreValidators:
- type: FilenameBanlistPreValidator
banlist_extensions: []
banlist_filenames: []
check_binaries: false
include_default_banlist_extensions: true
ban_markup: true
- type: ContentWhitelistPreValidator
patterns:
- rabbit
- amqp
- broker
Examples
- text: |
spring.rabbitmq.host="google.com"
spring.rabbitmq.port=5672
spring.rabbitmq.username="admin"
spring.rabbitmq.password="fieogfb1234voigi"
host: google.com
port: '5672'
username: admin
password: fieogfb1234voigi
Details for AMQP Credentials
-
Family: identifiers
-
Category: data_storage
-
High recall: False
-
Validity check available: True
-
Analyzer available: False
-
On-premise instances exist: False
-
Only valid secrets raise an alert: False
-
Minimum number of matches: 4
-
Occurrences found for one million commits: 0.32
-
Prefixed: False
-
PreValidators:
- type: FilenameBanlistPreValidator
banlist_extensions: []
banlist_filenames: []
check_binaries: false
include_default_banlist_extensions: true
ban_markup: true
- type: ContentWhitelistPreValidator
patterns:
- rabbit
- amqp
- broker
Examples
- text: |
spring.rabbitmq.addresses="br1.google.com:5672,br2.google.com:5672"
spring.rabbitmq.username="admin"
spring.rabbitmq.password="fkeozfj1339voiaj"
host: br1.google.com
port: '5672'
username: admin
password: fkeozfj1339voiaj
