Protocol fuzzing to find security vulnerabilities of RabbitMQ

A message broker is widely used to enable applications, systems, and services to communicate with each other. One of the widely used message brokers is RabbitMQ that provides various functions and stability. However, as presented in this paper, RabbitMQ is vulnerable. In this paper, we present how RabbitMQ is exploited by protocol fuzzing, which is a common way to find unknown vulnerabilities inherent in software. We describe our protocol fuzzing procedures in detail and present conducted results.