2022-12-22 17:30:06 +01:00
|
|
|
# Message Protocols
|
|
|
|
|
|
|
|
|
|
## Where to begin
|
|
|
|
|
|
|
|
|
|
* __Communication Sniffing__ on unsecured connections
|
|
|
|
|
* __Source code analysis__
|
|
|
|
|
* __Documentation__
|
|
|
|
|
|
|
|
|
|
## Message Queueing Telemetry Transport (MQTT)
|
|
|
|
|
|
|
|
|
|
Queues on a Broker are used through a __publish/subscribe__ model as an asynchronous connection in the following way
|
|
|
|
|
|
|
|
|
|
* Publisher sends data to a queue of the broker
|
|
|
|
|
* Broker holds the message in Topics (queues) for period of time
|
|
|
|
|
* Subscriber may connect and get the message from the Broker via Topics
|
|
|
|
|
|
2023-03-05 13:16:50 +01:00
|
|
|
### Tools & Usage
|
2022-12-22 17:30:06 +01:00
|
|
|
|
|
|
|
|
* `nmap` to list the topics
|
2023-03-05 13:16:50 +01:00
|
|
|
* Use `MQTT-Explorer` for intel
|
|
|
|
|
* `mosquitto_sub -h <hostname> -t <topic>` to subscribe to topics or query the device ID. Listen to all topics via
|
|
|
|
|
```sh
|
|
|
|
|
mosquitto_sub -h <hostname> -t '#'
|
|
|
|
|
```
|
|
|
|
|
* `mosquitto_pub -h ` to publish to topics through mentioning the device ID. Can be send as raw, xml or json. `-f` for file sending
|
|
|
|
|
* Base64 encoding
|
