Research
Security News
Malicious npm Packages Inject SSH Backdoors via Typosquatted Libraries
Socket’s threat research team has detected six malicious npm packages typosquatting popular libraries to insert SSH backdoors.
AMQP-tool
is a cli for importing and/or exporting message from/to an AMQP/RabbitMQ broker.
$ npm install amqp-tool -g
Usage: node ./bin/amqp-tool [options] [-import | -export]
Options:
--host host [default: "localhost"]
--user, -u username [default: "guest"]
--password, -p password [default: "guest"]
--port port [default: 5672]
--vhost vhost [default: "/"]
--queue, -q queue's name to work with [required]
--passive set it to true if the queue already exist [boolean] [default: true]
--durable if specified the queue will survive a broker restart [boolean]
--autoDelete if specified the queue will be deleted when there are no more subscriptions [boolean]
--onlyBody if specified export will contain only body of messages [boolean] [default: false]
--export export [filename], export queue's content to filename
--import import [filename], export file content into the queue
--count limit the number of message to export/import
-v, --verbose verbose mode [default: false]
-h, --help produce this help message
into a file ...
amqp-tool --host rabbitmq.local -u user -p azerty -q queuetest --count 5000 --export dump.json
... or to stdout
amqp-tool --host rabbitmq.local -u user -p azerty -q queuetest --count 5000 --export > dump.json
amqp-tool --host rabbitmq.local -u user -p azerty -q queuetest --export > dump.json
from a file...
amqp-tool --host rabbitmq.local -u user -p azerty -q queuetest --import dump.json
...or from stdin
cat dump.json | amqp-tool --host rabbitmq.local -u user -p azerty -q queuetest --import
head -n10 500messages.json | amqp-tool --host rabbitmq.local -u user -p azerty -q queuetest --import
amqp-tool --host rabbitmq1.local -u user -p azerty -q queue1 --export | amqp-tool --host rabbitmq2.local -u user -p azerty -q queue2 --import
FAQs
Rabbitmq-tool - import/export data from a RabbitMQ broker
The npm package amqp-tool receives a total of 2 weekly downloads. As such, amqp-tool popularity was classified as not popular.
We found that amqp-tool demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket’s threat research team has detected six malicious npm packages typosquatting popular libraries to insert SSH backdoors.
Security News
MITRE's 2024 CWE Top 25 highlights critical software vulnerabilities like XSS, SQL Injection, and CSRF, reflecting shifts due to a refined ranking methodology.
Security News
In this segment of the Risky Business podcast, Feross Aboukhadijeh and Patrick Gray discuss the challenges of tracking malware discovered in open source softare.