Skip to content

๐Ÿ‘Š A small utility to play with IBM MQ

License

Notifications You must be signed in to change notification settings

sensepost/punch-q

Folders and files

NameName
Last commit message
Last commit date

Latest commit

ย 

History

54 Commits
ย 
ย 
ย 
ย 
ย 
ย 
ย 
ย 
ย 
ย 
ย 
ย 
ย 
ย 
ย 
ย 
ย 
ย 
ย 
ย 
ย 
ย 
ย 
ย 
ย 
ย 

Repository files navigation


๐Ÿ‘Š punch-q

A small utility to play with IBM MQ

@leonjza PyPI version Docker Cloud Build Status


introduction

punch-q is a small Python utility used to play with IBM MQ instances. Using punch-q, it is possible to perform security related tasks such as manipulating messages on an IBM MQ queue granting one the ability to tamper with business processes at an integration layer.

features

With punch-q, you can:

  • GET / PUT / SNIFF messages on message queues.
  • Execute commands using MQ services.
  • Perform various brute force attacks.

examples

Sniffing messages from a message queue:

message sniff

Executing commands via MQ services:

command execution

installation - docker

A docker container for punch-q exists and can be used with:

docker run --rm -ti leonjza/punch-q

Alternatively the container can be built locally with:

git clone https://github.com/sensepost/punch-q.git
cd punch-q
docker build -t punch-q:local .

Once done, you can run punch-q with (note the tag if you build it yourself):

docker run --rm -ti leonjza/punch-q --help

installation - host

This utility relies on pymqi and needs to be successfully installed for punch-q to work. The installation of pymqi relies on the IBM MQ client utilities to be available which you would need to download from IBM's website first. This Github issue can be used as a reference to install the correct MQ Client libraries.

Alternatively, a hint from this repository means one could just download and extract the archive in the correct location to compile pymqi. This is how the docker container does it.

To get the IBM MQ client for pymqi and punch-q working, you need to:

  • Download the IBM MQ Client libraries for Linux from IBM's website here. Older versions and ibraries for other operating systems is also available here.
  • Extract the downloaded archive to /opt/mqm.

Finally, punch-q itself can be installed with:

pip install punch-q

Note: When running punch-q, and you get an error similar to Importing pymqi failed with: libmqic_r.so: cannot open shared object file: No such file or directory!, simply set the LB_LIBRARY_PATH to /opt/mqm/lib64 library with:

export LD_LIBRARY_PATH=/opt/mqm/lib64

osquery table plugin

An osquery table plugin PoC can also be found in this repository here.

license

punch-q is licensed under a GNU General Public v3 License. Permissions beyond the scope of this license may be available at http://sensepost.com/contact/.