Git
/
mgeeky-Penetration-Testing-Tools
mirror of https://github.com/mgeeky/Penetration-Testing-Tools.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Updated IBM MQ notes.

This commit is contained in:
mgeeky 2019-11-25 13:06:08 +01:00
parent 538e2baa3c
commit dd5be2c656
1 changed files with 9 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

9
networks/IBM-MQ-Pentesting-notes.md
View File

@ -181,6 +181,15 @@ If we wish to have our commands' results back, then more code will need to be ad
Martyn Ruks described (ref: 1, page 30) that we may also succeed invoking system commands by defining event triggers that would execute specified command as soon as preconfigured event fired up our malicious trigger. Martyn Ruks described (ref: 1, page 30) that we may also succeed invoking system commands by defining event triggers that would execute specified command as soon as preconfigured event fired up our malicious trigger.
## Additional sources
1. [Martyn Ruks: WebSphere MQ Security. White Paper Part 1](https://labs.f-secure.com/assets/141/original/mwri_websphere-mq-security-white-paper-part1_2008-05-06.pdf)
2. [Martyn Ruks: MQ Jumping](https://www.defcon.org/images/defcon-15/dc15-presentations/dc-15-ruks.pdf)
3. [punch-q](https://github.com/sensepost/punch-q)
4. [pymqi installation issue](https://github.com/dsuch/pymqi/issues/15#issuecomment-124772995)raad](https://gist.github.com/mgeeky/fc11c9f227755a529eb607ed4d1742f9)
## Additional sources ## Additional sources
1. [Martyn Ruks: WebSphere MQ Security. White Paper Part 1](https://labs.f-secure.com/assets/141/original/mwri_websphere-mq-security-white-paper-part1_2008-05-06.pdf) 1. [Martyn Ruks: WebSphere MQ Security. White Paper Part 1](https://labs.f-secure.com/assets/141/original/mwri_websphere-mq-security-white-paper-part1_2008-05-06.pdf)