ActiveMQ是Apache使用纯Java语言编写的开源消息中间件,
https://juejin.cn/post/6844903920209231886
信息收集
╭─ethan@ethan.local ~
╰─➤ nmap 10.184.67.63 -sV -Pn -T4 -p 61616
Host discovery disabled (-Pn). All addresses will be marked 'up' and scan times will be slower.
Starting Nmap 7.91 ( https://nmap.org ) at 2020-11-04 17:00 CST
Nmap scan report for 10.184.67.63
Host is up (0.047s latency).
PORT STATE SERVICE VERSION
61616/tcp open apachemq ActiveMQ OpenWire transport 5.14.0 (Java 1.8.0_172; arch: amd64)
Service Info: OS: Linux 3.10.0; CPE: cpe:/o:linux:linux_kernel:3.10.0
Service detection performed. Please report any incorrect results at https://nmap.org/submit/ .
Nmap done: 1 IP address (1 host up) scanned in 0.54 seconds
Apache ActiveMQ Information Leak-[CVE-2017-15709]
Apache ActiveMQ默认消息队列61616端口对外,61616端口使用了OpenWire协议,这个端口会暴露服务器相关信息,这些相关信息实际上是debug信息,会返回应用名称,JVM,操作系统以及内核版本等信息。
telnet测试
telnet 10.184.67.53 61616MSF相关漏洞模块
转载请注明来源,欢迎对文章中的引用来源进行考证,欢迎指出任何有错误或不够清晰的表达。可以在下面评论区评论,也可以邮件至 askding@qq.com
