This post is mostly based on documentation available on ww.rabbitmq.com so it's strongly suggested to Go there and read the docs too if you're not familiar with it (yet ;))
I decided to check an example in Go - never used it, never tried it. ;] Reason good like any other, so - checking available tutorial(s)...
To prepare our 'example environment' I used Ubuntu 16.04:
Our VM after RabittMQ is installed looks (with nmap) like below:
According to the docs:
Cool (but Bitnami-VM was prepared with firewall settigs so I decided to create 'clean version' on new installed Ubuntu).
(...or I just used it in a wrong way... ;))
After a while I found very interesting link. I was able to 'reproduce' those steps but unfortunately - only in 'local machine' (again: maybe I configured something in a wrong way... anyway ;))
Reading about Erlang bugs I found that 'few weeks ago' Metasploit released a very nice module - erlang_cookie_rce. To use it I needed to update my metasploit-framework on Kali - but after a while, we are here:
As you can see there is a disclosure date from year 2009 (but you can use 'edit' command in msf console to get some hints 'why' ;))
As you can see (msf> show options) we need a valid COOKIE to use this module. As the idea was described in post mentioned before we will skip the part of the 'bruteforce attack'.
For the purpose of this post I decided to grab the COOKIE value directly from the target-machine. File was located here:
Now we have all details to use the module. Checking options:
I think it's done. ;)
Of course (according to the docs) if you still would like:
See you next time.