Adding RabbitMQ scanning capability

[sw8y]

Hey folks - I'm trying to get the scanning functionality of ChangeMe expanded to include RabbitMQ. However, I'm running into an issue with the URL builder within the "targets.py" file. The RabbitMQ (or AMQP) URL is "amqp://username:password@localhost:15672/%2f". Currently, ChangeMe has URL building capabilities for MySQL, SNMP, and the normal IP:Port syntax. How can I use the below code for MySQL and modify it to place the username, password, and "/%2f" items into the targets.py file?

mysql://127.0.0.1:3306

protocol = target.split(':')[0]
host = target.split(':')[1].replace('//', '')
port = target.split(':')[2]
targets.add(Target(host=host, port=port, protocol=protocol))

[ztgrace]

The real fix is to probably modify the code to use url parse: https://docs.python.org/3/library/urllib.parse.html

However, you could just create a new logic branch that accounts for the additional

if target.startswith('amqp'):
    s = "amqp://username:password@localhost:15672/%2f"
    match = re.match('^(?P<proto>amqp)://(?P<username>[a-zA-Z0-9]+):(?P<password>[a-zA-Z0-9]+)@(?P<host>[a-zA-Z0-9-\.]+):(?P<port>[0-9]+)(?P<path>.*)$', s)
    match.groupdict()
# {'username': 'username', 'proto': 'amqp', 'host': 'localhost', 'path': '/%2f', 'password': 'password', 'port': '15672'}
    match.group('username')
#'username'

Looking forward to the PR