CoCalc provides the best real-time collaborative environment for Jupyter Notebooks, LaTeX documents, and SageMath, scalable from individual users to large groups and classes!
CoCalc provides the best real-time collaborative environment for Jupyter Notebooks, LaTeX documents, and SageMath, scalable from individual users to large groups and classes!
Path: blob/master/lib/metasploit/framework/login_scanner/mqtt.rb
Views: 1904
require 'metasploit/framework/tcp/client'1require 'metasploit/framework/login_scanner/base'2require 'metasploit/framework/login_scanner/rex_socket'34module Metasploit5module Framework6module LoginScanner7# This is the LoginScanner class for dealing with MQTT.8# It is responsible for taking a single target, and a list of9# credentials and attempting them. It then saves the results.10class MQTT11include Metasploit::Framework::LoginScanner::Base12include Metasploit::Framework::LoginScanner::RexSocket13include Metasploit::Framework::Tcp::Client1415#16# CONSTANTS17#18DEFAULT_PORT = Rex::Proto::MQTT::DEFAULT_PORT19DEFAULT_SSL_PORT = Rex::Proto::MQTT::DEFAULT_SSL_PORT20LIKELY_PORTS = [ DEFAULT_PORT, DEFAULT_SSL_PORT ]21LIKELY_SERVICE_NAMES = [ 'MQTT' ]22PRIVATE_TYPES = [ :password ]23REALM_KEY = nil2425# @!attribute read_timeout26# @return [int] The timeout use while reading responses from MQTT, in seconds27attr_accessor :read_timeout2829# @!attribute client_id30# @return [String] The client identifier to use when connecting to MQTT31attr_accessor :client_id3233# This method attempts a single login with a single credential against the target34# @param credential [Credential] The credential object to attempt to login with35# @return [Metasploit::Framework::LoginScanner::Result] The LoginScanner Result object36def attempt_login(credential)37result_options = {38credential: credential,39host: host,40port: port,41protocol: 'tcp',42service_name: 'MQTT'43}4445begin46# Make our initial socket to the target47disconnect if self.sock48connect4950client_opts = {51username: credential.public,52password: credential.private,53read_timeout: read_timeout,54client_id: client_id55}56client = Rex::Proto::MQTT::Client.new(sock, client_opts)57connect_res = client.connect58client.disconnect5960if connect_res.return_code == 061status = Metasploit::Model::Login::Status::SUCCESSFUL62proof = "Successful Connection (Received CONNACK packet)"63else64status = Metasploit::Model::Login::Status::INCORRECT65proof = "Failed Connection (#{connect_res.return_code})"66end6768result_options.merge!(69proof: proof,70status: status71)72rescue ::EOFError, Errno::ENOTCONN, Rex::ConnectionError, ::Timeout::Error => e73result_options.merge!(74proof: e.message,75status: Metasploit::Model::Login::Status::UNABLE_TO_CONNECT76)77ensure78disconnect79end8081::Metasploit::Framework::LoginScanner::Result.new(result_options)82end83end84end85end86end878889