New Protocol: AMQP 0.9.1

go.mod

@@ -9,6 +9,7 @@ require (
 	github.com/prometheus/client_golang v1.14.0
 	github.com/prometheus/common v0.42.0 // indirect
 	github.com/prometheus/procfs v0.9.0 // indirect
+	github.com/rabbitmq/amqp091-go v1.9.0
 	github.com/sirupsen/logrus v1.9.0
 	github.com/zmap/zcrypto v0.0.0-20230310154051-c8b263fd8300
 	github.com/zmap/zflags v1.4.0-beta.1.0.20200204220219-9d95409821b6

go.sum

@@ -207,6 +207,8 @@ github.com/prometheus/procfs v0.7.3/go.mod h1:cz+aTbrPOrUb4q7XlbU9ygM+/jj0fzG6c1
 github.com/prometheus/procfs v0.8.0/go.mod h1:z7EfXMXOkbkqb9IINtpCn86r/to3BnA0uaxHdg830/4=
 github.com/prometheus/procfs v0.9.0 h1:wzCHvIvM5SxWqYvwgVL7yJY8Lz3PKn49KQtpgMYJfhI=
 github.com/prometheus/procfs v0.9.0/go.mod h1:+pB4zwohETzFnmlpe6yd2lSc+0/46IYZRB/chUwxUZY=
+github.com/rabbitmq/amqp091-go v1.9.0 h1:qrQtyzB4H8BQgEuJwhmVQqVHB9O4+MNDJCCAcpc3Aoo=
+github.com/rabbitmq/amqp091-go v1.9.0/go.mod h1:+jPrT9iY2eLjRaMSRHUhc3z14E/l85kv/f+6luSD3pc=
 github.com/rogpeppe/go-internal v1.3.0/go.mod h1:M8bDsm7K2OlrFYOpmOWEs/qY81heoFRclV5y23lUDJ4=
 github.com/sirupsen/logrus v1.2.0/go.mod h1:LxeOpSwHxABJmUn/MG1IvRgCAasNZTLOkJPxbbu5VWo=
 github.com/sirupsen/logrus v1.3.0/go.mod h1:LxeOpSwHxABJmUn/MG1IvRgCAasNZTLOkJPxbbu5VWo=
@@ -252,6 +254,7 @@ go.opencensus.io v0.22.0/go.mod h1:+kGneAE2xo2IficOXnaByMWTGM9T73dGwxeWcUqIpI8=
 go.opencensus.io v0.22.2/go.mod h1:yxeiOL68Rb0Xd1ddK5vPZ/oVn4vY4Ynel7k9FzqtOIw=
 go.opencensus.io v0.22.3/go.mod h1:yxeiOL68Rb0Xd1ddK5vPZ/oVn4vY4Ynel7k9FzqtOIw=
 go.opencensus.io v0.22.4/go.mod h1:yxeiOL68Rb0Xd1ddK5vPZ/oVn4vY4Ynel7k9FzqtOIw=
+go.uber.org/goleak v1.2.1/go.mod h1:qlT2yGI9QafXHhZZLxlSuNsMw3FFLxBr+tBRlmO1xH4=
 golang.org/x/crypto v0.0.0-20180904163835-0709b304e793/go.mod h1:6SG95UA2DQfeDnfUPMdvaQW0Q7yPrPDi9nlGo2tz2b4=
 golang.org/x/crypto v0.0.0-20190308221718-c2843e01d9a2/go.mod h1:djNgcEr1/C05ACkg1iLfiJU5Ep61QUkGW8qpdssI0+w=
 golang.org/x/crypto v0.0.0-20190510104115-cbcb75029529/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI=

integration_tests/amqp091/cleanup.sh

@@ -0,0 +1,15 @@
+#!/usr/bin/env bash
+
+# Keep cleaning up even if something fails
+set +e
+
+# Stop all MySQL containers.
+
+VERSIONS="3.12.14 3.13.2"
+
+for version in $MYSQL_VERSIONS; do
+    CONTAINER_NAME="zgrab_amqp091-$version"
+    echo "amqp091/cleanup: Stopping $CONTAINER_NAME..."
+    docker stop $CONTAINER_NAME
+    echo "amqp091/cleanup: ...stopped."
+done

integration_tests/amqp091/setup.sh

@@ -0,0 +1,37 @@
+#!/bin/bash -e
+
+VERSIONS="3.12.14 3.13.2"
+
+function launch() {
+  VERSION=$1
+  CONTAINER_NAME="zgrab_amqp091-$VERSION"
+  if docker ps --filter "name=$CONTAINER_NAME" | grep -q $CONTAINER_NAME; then
+    echo "amqp091/setup: Container $CONTAINER_NAME already running -- skipping launch..."
+    return
+  fi
+  docker run -td --rm --name $CONTAINER_NAME rabbitmq:$VERSION
+}
+
+function waitFor() {
+  VERSION=$1
+  CONTAINER_NAME=zgrab_amqp091-$VERSION
+  echo "amqp091/setup: Waiting for $CONTAINER_NAME to become ready..."
+  while ! (docker logs --tail all $CONTAINER_NAME | grep -q "started TCP listener on"); do
+    echo -n "."
+    sleep 1
+  done
+  for i in $(seq 1 5); do
+    echo -n "*"
+    sleep 1
+  done
+  echo "...ok."
+}
+
+echo "amqp091/setup: Launching docker containers..."
+for version in $VERSIONS; do
+  launch $version
+done
+
+for version in $VERSIONS; do
+  waitFor $version
+done

integration_tests/amqp091/test.sh

@@ -0,0 +1,60 @@
+#!/usr/bin/env bash
+set -e
+
+VERSIONS="3.12.14 3.13.2"
+
+# Run the AMQP-specific integration tests:
+# 1. Run zgrab2 on the container
+# 2. Check that data.amqp091.result.server_properties.version matches $MQ_VERSION
+
+ZGRAB_ROOT=$(git rev-parse --show-toplevel)
+ZGRAB_OUTPUT=$ZGRAB_ROOT/zgrab-output
+
+status=0
+
+function doTest() {
+  MQ_VERSION=$1
+
+  SUFFIX=""
+  AUTH_ARGS=""
+  if [[ -n "$2" ]]; then
+    AUTH_ARGS=$2
+    SUFFIX="-auth"
+  fi
+  CONTAINER_NAME="zgrab_amqp091-${MQ_VERSION}"
+  OUTPUT_FILE="$ZGRAB_OUTPUT/amqp091/${MQ_VERSION}${SUFFIX}.json"
+  echo "amqp091/test: Testing RabbitMQ Version ${MQ_VERSION}${SUFFIX}..."
+  CONTAINER_NAME=$CONTAINER_NAME $ZGRAB_ROOT/docker-runner/docker-run.sh amqp091 $AUTH_ARGS --timeout 10s >$OUTPUT_FILE
+  SERVER_VERSION=$(jp -u data.amqp091.result.server_properties.version <$OUTPUT_FILE)
+  if [[ "$SERVER_VERSION" == "$MQ_VERSION" ]]; then
+    echo "amqp091/test: Server version matches expected version: $SERVER_VERSION == $MQ_VERSION"
+  else
+    echo "amqp091/test: Server version mismatch: Got $SERVER_VERSION, expected $MQ_VERSION. Full output: [["
+    cat $OUTPUT_FILE
+    echo "]]"
+    status=1
+  fi
+
+  if [[ -n "$AUTH_ARGS" ]]; then
+    AUTH_SUCCESS=$(jp -u data.amqp091.result.auth_success <$OUTPUT_FILE)
+    if [[ "$AUTH_SUCCESS" == "true" ]]; then
+      echo "amqp091/test: Auth test successful"
+    else
+      echo "amqp091/test: Auth test failed"
+      status=1
+    fi
+  fi
+
+  echo "amqp091/test: BEGIN docker+amqp091 logs from $CONTAINER_NAME [{("
+  docker logs --tail all $CONTAINER_NAME
+  echo ")}] END docker+amqp091 logs from $CONTAINER_NAME"
+}
+
+mkdir -p $ZGRAB_OUTPUT/amqp091
+
+for version in $VERSIONS; do
+  doTest $version
+  doTest $version "--auth-user guest --auth-pass guest"
+done
+
+exit $status

modules/amqp.go

@@ -0,0 +1,7 @@
+package modules
+
+import "github.com/zmap/zgrab2/modules/amqp091"
+
+func init() {
+	amqp091.RegisterModule()
+}