# Message Protocols

## Where to begin

* __Communication Sniffing__ on unsecured connections
* __Source code analysis__
* __Documentation__

## Message Queueing Telemetry Transport (MQTT)

Queues on a Broker are used through a __publish/subscribe__ model as an asynchronous connection in the following way

* Publisher sends data to a queue of the broker
* Broker holds the message in Topics (queues) for period of time
* Subscriber may connect and get the message from the Broker via Topics

### Tools & Usage

* `nmap` to list the topics
* Use `MQTT-Explorer` for intel
* `mosquitto_sub -h <hostname> -t <topic>` to subscribe to topics or query the device ID. Listen to all topics via
```sh
mosquitto_sub -h <hostname> -t '#'
```
* `mosquitto_pub -h ` to publish to topics through mentioning the device ID. Can be send as raw, xml or json. `-f` for file sending
    * Base64 encoding

## References

* [Mosquitto usage](https://cedalo.com/blog/mqtt-subscribe-publish-mosquitto-pub-sub-example/)