Updated IBM MQ notes.

2024-11-21 18:11:37 +01:00 · 2019-11-25 13:06:08 +01:00 · 2019-11-25 13:06:08 +01:00 · dd5be2c656
commit dd5be2c656
parent 538e2baa3c
1 changed files with 9 additions and 0 deletions
--- a/networks/IBM-MQ-Pentesting-notes.md
+++ b/networks/IBM-MQ-Pentesting-notes.md
@ -181,6 +181,15 @@ If we wish to have our commands' results back, then more code will need to be ad
 Martyn Ruks described (ref: 1, page 30) that we may also succeed invoking system commands by defining event triggers that would execute specified command as soon as preconfigured event fired up our malicious trigger.


+## Additional sources
+
+1. [Martyn Ruks: WebSphere MQ Security. White Paper – Part 1](https://labs.f-secure.com/assets/141/original/mwri_websphere-mq-security-white-paper-part1_2008-05-06.pdf)
+2. [Martyn Ruks: MQ Jumping](https://www.defcon.org/images/defcon-15/dc15-presentations/dc-15-ruks.pdf)
+3. [punch-q](https://github.com/sensepost/punch-q)
+4. [pymqi installation issue](https://github.com/dsuch/pymqi/issues/15#issuecomment-124772995)raad](https://gist.github.com/mgeeky/fc11c9f227755a529eb607ed4d1742f9)
+
+
+
 ## Additional sources

 1. [Martyn Ruks: WebSphere MQ Security. White Paper – Part 1](https://labs.f-secure.com/assets/141/original/mwri_websphere-mq-security-white-paper-part1_2008-05-06.pdf)