Apache ActiveMQ Detection

ID: apache-activemq-detect

Severity: info

Author: pussycat0x

Tags: network,activemq,oss,detect,apache,detection,tcp

Description

Apache ActiveMQ is an open source message broker written in Java together with a full Java Message Service client. It provides “Enterprise Features” which in this case means fostering the communication from more than one client or server.

YAML Source

id: apache-activemq-detect

info:
  name: Apache ActiveMQ Detection
  author: pussycat0x
  severity: info
  description: |
    Apache ActiveMQ is an open source message broker written in Java together with a full Java Message Service client. It provides "Enterprise Features" which in this case means fostering the communication from more than one client or server.
  metadata:
    verified: true
    max-request: 1
    shodan-query: product:"Apache ActiveMQ"
  tags: network,activemq,oss,detect,apache,detection,tcp
tcp:
  - inputs:
      - data: "HELP\n\n\u0000"

    host:
      - "{{Hostname}}"
    port: 61613

    matchers-condition: and
    matchers:
      - type: word
        words:
          - "Unknown STOMP action"
          - "norg.apache.activemq.transport.stomp"
# digest: 490a0046304402200d0dc6b11ce64524c240b563acbb254ef2a3a4f4e0c7acef28d7b877904bf22f0220299920d2856306fae07ef74e9dc05ca519343402e42423355621df26a36de581:922c64590222798bb761d5b6d8e72950

Guide to check the vulnerabilities

This template is used to detect vulnerabilities in web applications. It can be used with the Nuclei tool to scan for specific patterns or behaviors.

$ nuclei -u "URL" -t "network/detection/apache-activemq-detect.yaml"

View on Github