punch-q is a small Python 2 utility used to play with IBM MQ instances. Using punch-q, it is possible to perform security related tasks such as manipulating messages on an IBM MQ queue granting one the ability to tamper with business processes at an integration layer.
With punch-q, you can:
- GET / PUT / SNIFF messages on message queues.
- Execute commands using MQ services.
- Perform various brute force attacks.
Sniffing messages from a message queue:
Executing commands via MQ services:
This utility relies on pymqi and needs to be successfully installed for punch-q to work. The installation of pymqi relies on the IBM MQ client utilities to be installed which you would need to download from IBM's website first. This Github issue can be used as a reference to install the correct MQ Client libraries.
In summary, to get the IBM MQ client for pymqi and punch-q working, you need to:
- Download the IBM MQ Client libraries from IBM's website. The version 7.5 x64 Linux client library was used while testing
punch-qand can be found here (You may need to login with an IBM ID first). - After the download is complete, extract the archives contents and accept the IBM license agreement with
/mqlicense.sh -accept. - Install the
MQSeriesRuntime,MQSeriesClientandMQSeriesSDKRPM's. These can be installed on Kali Linux after installingrpmwithrpm -ivh <PackageName>.rpm.
Finally, with the MQ series client installed, punch-q itself can be installed with:
pip install punch-qNote: When running punch-q, and you get an error similar to Importing pymqi failed with: libmqic_r.so: cannot open shared object file: No such file or directory!, simply set the LB_LIBRARY_PATH to /opt/mqm/lib64 library with:
export LD_LIBRARY_PATH=/opt/mqm/lib64punch-q is licensed under a GNU General Public v3 License. Permissions beyond the scope of this license may be available at http://sensepost.com/contact/.