MQTT
====

`Message Queuing Telemetry Transport <https://en.wikipedia.org/wiki/MQTT>`_
(MQTT) is a messaging protocol based on publish-subscribe mechanism and works
over TCP/IP protocol stack. It is an ISO standard - `ISO/IEC 20922:2016 <https://www.iso.org/standard/69466.html>`_.
You can also read the specification `here <http://mqtt.org/documentation>`_.
It is a very famous protocol in the IoT scene and is used in various domains
from home to ICS.

mqtt.generic.crackauth
----------------------

You should use this plugin if the broker requires authentication. You can 
brute-force the credentials.

.. note:: The client ID and user name are not the same.

**Usage details:**

.. code-block:: console

   ef> run mqtt.generic.crackauth -h


mqtt.generic.pub
----------------

During your assessment, you may want to write malicious data to a specific
topic, check if you are able to write to specific topics, corrupt ``$SYS``
topic's data. This plugin can help you with that.

**Usage details:**

.. code-block:: console

   ef> run mqtt.generic.pub -h

mqtt.generic.sub
----------------

It is very common to check what topics we can subscribe to, what data do we
receive for further analysis or get data from $SYS topics. If you are lucky
you may end up reading sensitive data that can help you pwn the system. This
simple plugin can help you in doing that.

**Usage details:**

.. code-block:: console

   ef> run mqtt.generic.sub -h