I am submitting a new port definition, service probe, discovery script, and protocol library for MQTT, an Internet of Things publish-subscribe protocol. MQTT is standardized and has many implementations and public test servers.
The code in this branch has one deficiency that I suspect the reviewer(s) can help fix: it does not properly connect over TLS for either the service probe nor the discovery script.
The following command lines can be used to test multiple public test servers using multiple MQTT broker implementations both with and without user authentication.
Without user authentication and without TLS (working):
nmap -p 1883 --script mqtt-subscribe test.mosquitto.org
nmap -p 1883 --script mqtt-subscribe broker.hivemq.com
nmap -p 1883 --script mqtt-subscribe broker.mqttdashboard.com
With user authentication and without TLS (working):
nmap -PN -sV --allports -p 11638 --script mqtt-subscribe --script-args=username=nmap,password=hunter2 m10.cloudmqtt.com
Without user authentication and with TLS (not working):
nmap -p 8883 --script mqtt-subscribe test.mosquitto.org
If you have any questions or guidance, I will do my best to respond promptly.
Initial submission of MQTT-related code to the Nmap project.
Fun! I only just read about MQTT yesterday when looking for more TLS-secured protocols. I'll take a look at your submission.
Thanks! I'm hoping to add some more protocols in the coming weeks, all for a project in an Internet of Things course.
Thanks so much for using @name in your NSEdoc! Object-oriented libs can make for ugly generated docs without this.
I'll make those changes today. Thanks for the quick turnaround on reviewing!
Correct name of MQTT over TLS to match IANA.
Update the SSL/TLS framework to include port 8883.
Change listen-secs to listen-time and allow higher-resolution timeouts.
Improve description with clearer explanation and references.
Require neglected table library.
Declare neglected local variable.
Reorganize library to separate communication and build/parsing which …
…permits the use of tryssl().
I have made the recommended changes, including the stylistic ones.
Remove unnecessary debugging call.
Removed unused function.
Add unit tests for MQTT.length_*(), fixing discovered issues.
Add unit tests for MQTT.utf8_*(), fixing discovered issues.
Did some minor cleanup, and added a bunch of tests for the very sensitive functions that are used for generating and parsing values.
Add comment with full IANA protocol description.
It's been a while, wondering if there's anything that's needed from me that would help move this along?
Oops! Missed the actual script. #352
Add missing mqtt.lua. #352