Real-time collaboration for Jupyter Notebooks, Linux Terminals, LaTeX, VS Code, R IDE, and more,
all in one place.

1
# -*- coding: binary -*-
2

3

4
module Msf
5
  module Auxiliary::MQTT
6
      def initialize(info = {})
7
        super
8

9
        register_options(
10
          [
11
            Opt::RPORT(Rex::Proto::MQTT::DEFAULT_PORT)
12
          ]
13
        )
14

15
        register_advanced_options(
16
          [
17
            OptString.new('CLIENT_ID', [false, 'The client ID to send if necessary for bypassing clientid_prefixes']),
18
            OptInt.new('READ_TIMEOUT', [true, 'Seconds to wait while reading MQTT responses', 5])
19
          ]
20
        )
21

22
        register_autofilter_ports([Rex::Proto::MQTT::DEFAULT_PORT, Rex::Proto::MQTT::DEFAULT_SSL_PORT])
23
      end
24

25
      def setup
26
        fail_with(Msf::Exploit::Failure::BadConfig, 'READ_TIMEOUT must be > 0') if read_timeout <= 0
27

28
        client_id_arg = datastore['CLIENT_ID']
29
        if client_id_arg && client_id_arg.blank?
30
          fail_with(Msf::Exploit::Failure::BadConfig, 'CLIENT_ID must be a non-empty string')
31
        end
32
      end
33

34
      def read_timeout
35
        datastore['READ_TIMEOUT']
36
      end
37

38
      def client_id
39
        datastore['CLIENT_ID'] || 'mqtt-' + Rex::Text.rand_text_alpha(1 + rand(10))
40
      end
41

42
      # creates a new mqtt client for use against the connected socket
43
      def mqtt_client
44
        client_opts = {
45
          client_id: client_id,
46
          username: datastore['USERNAME'],
47
          password: datastore['PASSWORD'],
48
          read_timeout: read_timeout
49
        }
50
        Rex::Proto::MQTT::Client.new(sock, client_opts)
51
      end
52

53
      def mqtt_connect(client)
54
        client.connect
55
      end
56

57
      def mqtt_connect?(client)
58
        client.connect?
59
      end
60

61
      def mqtt_disconnect(client)
62
        client.disconnect
63
      end
64
  end
65
end
66

67