I wrote a small web application which I’m calling “PSaas” – Port Scan as a Service. This webapp was an opportunity for me to do some coding and interaction with RabbitMQ. RabbitMQ has come up a few times for me lately. First, RabbitMQ was mentioned by Woulter Milterburg in a RIPE Labs article describing the next generation of Remote Route Collectors, then Robert Keizer spoke on how he used RabbitMQ to buffer generated addresses from masscan to scan 0.0.0.0/0 for PTR records at BSidesWpg 2017.
The frontend web application accepts input from end users, validates it, and queues it up. The backend is notified through RabbitMQ and executes the job immediately. 1 or more backend runners can take jobs and run them simultaneously. Results are stored in SQL so they can be reviewed later on.
- PHP-FPM w/ php-amqplib
- CLI PHP w/ php-amqplib
As an added benefit the scans are now started immediately, and if they aren’t marked completed RabbitMQ will hand them out again (think: hitting CTRL-C on the backend runner). The events being added to the queue kicks off the scanning, instead of an endless loop with a sleep(30) in between to keep things reasonable.
The code is available on Github.