rabbitmq-exploit

该技能与其声明目的高度一致，但声明目的本身就是为AI代理提供RabbitMQ漏洞利用与接管能力。未见明显第三方供应链或凭据转发问题；主要风险来自把完整渗透/利用流程、后门创建、数据读取和RCE自动化交给代理，属于高风险攻击型技能，应判定为 SUSPICIOUS 而非 benign。

This artifact is explicitly malicious: it provides step-by-step instructions and an incomplete exploit scaffold to abuse Erlang cookie authentication for remote OS command execution on RabbitMQ/Erlang nodes. It includes operational RCE execution guidance (os:cmd/erl -eval), optional payload download-and-execute, and credential/secret access examples. Even though the Python snippet appears incomplete for full handshake functionality, the intent and described capability are unambiguously harmful.

This fragment is not software dependency code; it is a maliciously oriented intrusion/attack guide. It combines protocol/service enumeration (epmd, MQTT, STOMP) with explicit sensitive secret theft (reading `/var/lib/rabbitmq/.erlang.cookie`) via container exec and Docker API exec exploitation. If such content appears inside a package/artifact, it is a strong indicator of harmful or trojaned material and should be treated as a high security risk.

This code is a deliberate exploitation PoC rather than a benign library module. It generates attacker-controlled bytecode that calls Runtime.getRuntime().exec(command), injects it into TemplatesImpl using reflection, wraps it with Spring AOP/Jackson gadget structures (POJONode, BadAttributeValueExpException, JdkDynamicAopProxy), and sends it over RabbitMQ to trigger deserialization/RCE on a vulnerable consumer. If present in a dependency or package, it represents an extremely high risk of malware and active exploitation.

This code fragment is highly indicative of malicious exploitation tooling for RabbitMQ Management: it performs authenticated recon of users/queues/connections/topology and includes a documented persistence mechanism to create an administrator/backdoor account and grant it full `.*` permissions. The presence of backdoor/persistence instructions, wildcard authorization escalation, and insecure TLS handling collectively indicate a strong malicious intent. This should not be treated as a benign dependency or safe client code.