hacktricks/network-services-pentesting/1883-pentesting-mqtt-mosquitto.md

# 1883 - Pentesting MQTT (Mosquitto)

<details>

<summary><strong>Jifunze kuhusu kuvamia AWS kutoka sifuri hadi shujaa na</strong> <a href="https://training.hacktricks.xyz/courses/arte"><strong>htARTE (Mtaalam wa Timu Nyekundu ya AWS ya HackTricks)</strong></a><strong>!</strong></summary>

Njia nyingine za kusaidia HackTricks:

* Ikiwa unataka kuona **kampuni yako ikitangazwa kwenye HackTricks** au **kupakua HackTricks kwa PDF** Angalia [**MIPANGO YA KUJIUNGA**](https://github.com/sponsors/carlospolop)!
* Pata [**bidhaa rasmi za PEASS & HackTricks**](https://peass.creator-spring.com)
* Gundua [**Familia ya PEASS**](https://opensea.io/collection/the-peass-family), mkusanyiko wetu wa [**NFTs**](https://opensea.io/collection/the-peass-family) ya kipekee
* **Jiunge na** 💬 [**Kikundi cha Discord**](https://discord.gg/hRep4RUj7f) au kikundi cha [**telegram**](https://t.me/peass) au **tufuate** kwenye **Twitter** 🐦 [**@carlospolopm**](https://twitter.com/hacktricks\_live)**.**
* **Shiriki mbinu zako za kuvamia kwa kuwasilisha PRs kwa** [**HackTricks**](https://github.com/carlospolop/hacktricks) na [**HackTricks Cloud**](https://github.com/carlospolop/hacktricks-cloud) repos za github.

</details>

## Taarifa Msingi

**MQ Telemetry Transport (MQTT)** inajulikana kama **itifaki ya ujumbe wa kuchapisha/kusikiliza** ambayo inajulikana kwa unyenyekevu wake wa kipekee na uzito wake mdogo. Itifaki hii imeundwa mahsusi kwa mazingira ambapo vifaa vina uwezo mdogo na vinatumika kwenye mitandao ambayo inajulikana kwa upungufu wa wigo wa bandari, kuchelewa kwa juu, au uhusiano usioaminika. Malengo makuu ya MQTT ni pamoja na kupunguza matumizi ya wigo wa mtandao na kupunguza mahitaji kwenye rasilimali za kifaa. Aidha, inalenga kudumisha mawasiliano yanayoweza kutegemewa na kutoa kiwango fulani cha uhakikisho wa utoaji. Malengo haya hufanya MQTT iweze kufaa sana kwa uwanja unaokua wa **mawasiliano ya mashine-kwa-mashine (M2M)** na **Intaneti ya Vitu (IoT)**, ambapo ni muhimu kuunganisha vifaa vingi kwa ufanisi. Zaidi ya hayo, MQTT ni muhimu sana kwa programu za simu, ambapo kuhifadhi wigo na maisha ya betri ni muhimu.

**Bandari ya msingi:** 1883
```
PORT     STATE SERVICE                 REASON
1883/tcp open  mosquitto version 1.4.8 syn-ack
```
## Kuchunguza trafiki

Wakati pakiti ya **CONNECT** inapopokelewa na wakala wa MQTT, pakiti ya **CONNACK** hutumwa kujibu. Pakiti hii ina msimbo wa kurudi ambao ni muhimu kwa kuelewa hali ya uhusiano. Msimbo wa kurudi wa **0x00** una maana kuwa anwani za siri zimekubaliwa, ikionyesha uhusiano uliofanikiwa. Kwa upande mwingine, msimbo wa kurudi wa **0x05** unamaanisha kuwa anwani za siri si sahihi, hivyo kuzuia uhusiano.

Kwa mfano, ikiwa wakala anakataa uhusiano kutokana na anwani za siri zisizo sahihi, hali ingeonekana kama hii:
```
{
"returnCode": "0x05",
"description": "Connection Refused, not authorized"
}
```
![](<../.gitbook/assets/image (973).png>)

### [**Kuvunja Nguvu MQTT**](../generic-methodologies-and-resources/brute-force.md#mqtt)

## Pentesting MQTT

**Uthibitishaji ni hiari kabisa** na hata kama uthibitishaji unafanywa, **encryption haiitwi kwa chaguo-msingi** (vitambulisho hutolewa kwa maandishi wazi). Mashambulizi ya MITM bado yanaweza kutekelezwa kuiba nywila.

Kuunganisha kwenye huduma ya MQTT unaweza kutumia: [https://github.com/bapowell/python-mqtt-client-shell](https://github.com/bapowell/python-mqtt-client-shell) na kujisajili kwenye mada zote kwa kufanya:
```
> connect (NOTICE that you need to indicate before this the params of the connection, by default 127.0.0.1:1883)
> subscribe "#" 1
> subscribe "$SYS/#"
```
Unaweza pia kutumia [**https://github.com/akamai-threat-research/mqtt-pwn**](https://github.com/akamai-threat-research/mqtt-pwn)

Unaweza pia kutumia:
```bash
apt-get install mosquitto mosquitto-clients
mosquitto_sub -t 'test/topic' -v #Subscribe to 'test/topic'
mosquitto_sub -h <host-ip> -t "#" -v #Subscribe to ALL topics.
```
Au unaweza **kutekeleza nambari hii ili kujaribu kuunganisha kwenye huduma ya MQTT bila uthibitishaji, kusajili kila mada na kuzisikiliza**:
```python
#This is a modified version of https://github.com/Warflop/IOT-MQTT-Exploit/blob/master/mqtt.py
import paho.mqtt.client as mqtt
import time
import os

HOST = "127.0.0.1"
PORT = 1883

def on_connect(client, userdata, flags, rc):
client.subscribe('#', qos=1)
client.subscribe('$SYS/#')

def on_message(client, userdata, message):
print('Topic: %s | QOS: %s  | Message: %s' % (message.topic, message.qos, message.payload))

def main():
client = mqtt.Client()
client.on_connect = on_connect
client.on_message = on_message
client.connect(HOST, PORT)
client.loop_start()
#time.sleep(10)
#client.loop_stop()

if __name__ == "__main__":
main()
```
## Taarifa zaidi

kutoka hapa: [https://morphuslabs.com/hacking-the-iot-with-mqtt-8edaf0d07b9b](https://morphuslabs.com/hacking-the-iot-with-mqtt-8edaf0d07b9b)

### Mfano wa Kuchapisha/Kusikiliza <a href="#b667" id="b667"></a>

Mfano wa kuchapisha/kusikiliza unajumuisha:

* **Mchapishaji**: huchapisha ujumbe kwa mada moja (au nyingi) kwenye mpatanishi.
* **Msikilizaji**: anasikiliza mada moja (au nyingi) kwenye mpatanishi na kupokea ujumbe wote uliotumwa na mchapishaji.
* **Mpatanishi**: huarifu ujumbe wote kutoka kwa wachapishaji kwenda kwa wasikilizaji.
* **Mada**: inajumuisha kiwango kimoja au zaidi kilichotenganishwa na mstari wa mbele (k.m., /smartshouse/livingroom/temperature).

### Muundo wa Pakiti <a href="#f15a" id="f15a"></a>

Kila pakiti ya MQTT ina kichwa kilichofungwa (Mchoro 02).Mchoro 02: Kichwa Kilichofungwa

![https://miro.medium.com/max/838/1\*k6RkAHEk0576geQGUcKSTA.png](https://miro.medium.com/max/838/1\*k6RkAHEk0576geQGUcKSTA.png)

### Aina za Pakiti

* CONNECT (1): Kuanzishwa na mteja kuomba uhusiano kwa seva.
* CONNACK (2): Kuthibitisha seva ya uhusiano uliofanikiwa.
* PUBLISH (3): Hutumiwa kutuma ujumbe kutoka kwa mteja kwenda kwa seva au kinyume chake.
* PUBACK (4): Kuthibitisha pakiti ya PUBLISH.
* PUBREC (5): Sehemu ya itifaki ya utoaji ujumbe ikidhibitisha ujumbe umepokelewa.
* PUBREL (6): Hakikisho zaidi katika utoaji wa ujumbe, ikionyesha kutolewa kwa ujumbe.
* PUBCOMP (7): Sehemu ya mwisho ya itifaki ya utoaji ujumbe, ikionyesha kukamilika.
* SUBSCRIBE (8): Ombi la mteja kusikiliza ujumbe kutoka kwa mada.
* SUBACK (9): Kuthibitisha ya seva ya ombi la SUBSCRIBE.
* UNSUBSCRIBE (10): Ombi la mteja kuacha kupokea ujumbe kutoka kwa mada.
* UNSUBACK (11): Majibu ya seva kwa ombi la UNSUBSCRIBE.
* PINGREQ (12): Ujumbe wa moyo unatumwa na mteja.
* PINGRESP (13): Majibu ya seva kwa ujumbe wa moyo.
* DISCONNECT (14): Kuanzishwa na mteja kumaliza uhusiano.
* Thamani mbili, 0 na 15, zimewekwa kama zilizohifadhiwa na matumizi yao ni marufuku.

## Shodan

* `port:1883 MQTT`

<details>

<summary><strong>Jifunze kuhusu kudukua AWS kutoka sifuri hadi shujaa na</strong> <a href="https://training.hacktricks.xyz/courses/arte"><strong>htARTE (HackTricks AWS Red Team Expert)</strong></a><strong>!</strong></summary>

Njia nyingine za kusaidia HackTricks:

* Ikiwa unataka kuona **kampuni yako ikitangazwa kwenye HackTricks** au **kupakua HackTricks kwa PDF** Angalia [**MIPANGO YA KUJIUNGA**](https://github.com/sponsors/carlospolop)!
* Pata [**bidhaa rasmi za PEASS & HackTricks**](https://peass.creator-spring.com)
* Gundua [**Familia ya PEASS**](https://opensea.io/collection/the-peass-family), mkusanyiko wetu wa [**NFTs**](https://opensea.io/collection/the-peass-family) ya kipekee
* **Jiunge na** 💬 [**Kikundi cha Discord**](https://discord.gg/hRep4RUj7f) au kikundi cha [**telegram**](https://t.me/peass) au **tufuate** kwenye **Twitter** 🐦 [**@carlospolopm**](https://twitter.com/hacktricks\_live)**.**
* **Shiriki mbinu zako za kudukua kwa kuwasilisha PRs kwa** [**HackTricks**](https://github.com/carlospolop/hacktricks) na [**HackTricks Cloud**](https://github.com/carlospolop/hacktricks-cloud) github repos.

</details>
GitBook: [#3360] No subject 2022-08-12 14:24:34 +00:00			`# 1883 - Pentesting MQTT (Mosquitto)`
Ad hacktricks sponsoring 2022-04-28 16:01:33 +00:00
			`<details>`

Translated ['README.md', 'binary-exploitation/arbitrary-write-2-exec/REA 2024-04-07 03:36:12 +00:00			`<summary><strong>Jifunze kuhusu kuvamia AWS kutoka sifuri hadi shujaa na</strong> <a href="https://training.hacktricks.xyz/courses/arte"><strong>htARTE (Mtaalam wa Timu Nyekundu ya AWS ya HackTricks)</strong></a><strong>!</strong></summary>`
Ad hacktricks sponsoring 2022-04-28 16:01:33 +00:00
Translated to Swahili 2024-02-11 02:13:58 +00:00			`Njia nyingine za kusaidia HackTricks:`
Ad hacktricks sponsoring 2022-04-28 16:01:33 +00:00
Translated ['README.md', 'binary-exploitation/arbitrary-write-2-exec/REA 2024-04-07 03:36:12 +00:00			`* Ikiwa unataka kuona kampuni yako ikitangazwa kwenye HackTricks au kupakua HackTricks kwa PDF Angalia [MIPANGO YA KUJIUNGA](https://github.com/sponsors/carlospolop)!`
			`* Pata [bidhaa rasmi za PEASS & HackTricks](https://peass.creator-spring.com)`
			`* Gundua [Familia ya PEASS](https://opensea.io/collection/the-peass-family), mkusanyiko wetu wa [NFTs](https://opensea.io/collection/the-peass-family) ya kipekee`
			`* Jiunge na 💬 [Kikundi cha Discord](https://discord.gg/hRep4RUj7f) au kikundi cha [telegram](https://t.me/peass) au tufuate kwenye Twitter 🐦 [@carlospolopm](https://twitter.com/hacktricks\_live).`
			`* Shiriki mbinu zako za kuvamia kwa kuwasilisha PRs kwa [HackTricks](https://github.com/carlospolop/hacktricks) na [HackTricks Cloud](https://github.com/carlospolop/hacktricks-cloud) repos za github.`
Ad hacktricks sponsoring 2022-04-28 16:01:33 +00:00
			`</details>`

Translated to Swahili 2024-02-11 02:13:58 +00:00			`## Taarifa Msingi`
GitBook: [master] 351 pages and 442 assets modified 2020-07-15 15:43:14 +00:00
Translated ['network-services-pentesting/1883-pentesting-mqtt-mosquitto. 2024-04-10 11:55:40 +00:00			MQ Telemetry Transport (MQTT) inajulikana kama itifaki ya ujumbe wa kuchapisha/kusikiliza ambayo inajulikana kwa unyenyekevu wake wa kipekee na uzito wake mdogo. Itifaki hii imeundwa mahsusi kwa mazingira ambapo vifaa vina uwezo mdogo na vinatumika kwenye mitandao ambayo inajulikana kwa upungufu wa wigo wa bandari, kuchelewa kwa juu, au uhusiano usioaminika. Malengo makuu ya MQTT ni pamoja na kupunguza matumizi ya wigo wa mtandao na kupunguza mahitaji kwenye rasilimali za kifaa. Aidha, inalenga kudumisha mawasiliano yanayoweza kutegemewa na kutoa kiwango fulani cha uhakikisho wa utoaji. Malengo haya hufanya MQTT iweze kufaa sana kwa uwanja unaokua wa mawasiliano ya mashine-kwa-mashine (M2M) na Intaneti ya Vitu (IoT), ambapo ni muhimu kuunganisha vifaa vingi kwa ufanisi. Zaidi ya hayo, MQTT ni muhimu sana kwa programu za simu, ambapo kuhifadhi wigo na maisha ya betri ni muhimu.
GitBook: [master] 351 pages and 442 assets modified 2020-07-15 15:43:14 +00:00
Translated ['network-services-pentesting/1883-pentesting-mqtt-mosquitto. 2024-04-10 11:55:40 +00:00			`Bandari ya msingi: 1883`
GitBook: [#2777] gitbookissooooo slow I cannot write 2021-10-18 11:21:18 +00:00			```
GitBook: [master] one page modified 2020-09-24 18:58:31 +00:00			`PORT STATE SERVICE REASON`
			`1883/tcp open mosquitto version 1.4.8 syn-ack`
			```
Translated ['README.md', 'binary-exploitation/arbitrary-write-2-exec/REA 2024-04-07 03:36:12 +00:00			`## Kuchunguza trafiki`
GitBook: [master] one page modified 2020-09-24 18:58:31 +00:00
Translated ['network-services-pentesting/1883-pentesting-mqtt-mosquitto. 2024-04-10 11:55:40 +00:00			`Wakati pakiti ya CONNECT inapopokelewa na wakala wa MQTT, pakiti ya CONNACK hutumwa kujibu. Pakiti hii ina msimbo wa kurudi ambao ni muhimu kwa kuelewa hali ya uhusiano. Msimbo wa kurudi wa 0x00 una maana kuwa anwani za siri zimekubaliwa, ikionyesha uhusiano uliofanikiwa. Kwa upande mwingine, msimbo wa kurudi wa 0x05 unamaanisha kuwa anwani za siri si sahihi, hivyo kuzuia uhusiano.`
a 2024-02-08 21:36:35 +00:00
Translated ['network-services-pentesting/1883-pentesting-mqtt-mosquitto. 2024-04-10 11:55:40 +00:00			`Kwa mfano, ikiwa wakala anakataa uhusiano kutokana na anwani za siri zisizo sahihi, hali ingeonekana kama hii:`
a 2024-02-08 21:36:35 +00:00			```
			`{`
Translated to Swahili 2024-02-11 02:13:58 +00:00			`"returnCode": "0x05",`
			`"description": "Connection Refused, not authorized"`
a 2024-02-08 21:36:35 +00:00			`}`
			```
Translated ['README.md', 'binary-exploitation/arbitrary-write-2-exec/REA 2024-04-07 03:36:12 +00:00			`![](<../.gitbook/assets/image (973).png>)`
GitBook: [#3024] No subject 2022-02-19 19:42:58 +00:00
Translated ['README.md', 'binary-exploitation/arbitrary-write-2-exec/REA 2024-04-07 03:36:12 +00:00			`### [Kuvunja Nguvu MQTT](../generic-methodologies-and-resources/brute-force.md#mqtt)`
GitBook: [#3024] No subject 2022-02-19 19:42:58 +00:00
GitBook: [#3360] No subject 2022-08-12 14:24:34 +00:00			`## Pentesting MQTT`
GitBook: [master] 351 pages and 442 assets modified 2020-07-15 15:43:14 +00:00
Translated ['network-services-pentesting/1883-pentesting-mqtt-mosquitto. 2024-04-10 11:55:40 +00:00			`Uthibitishaji ni hiari kabisa na hata kama uthibitishaji unafanywa, encryption haiitwi kwa chaguo-msingi (vitambulisho hutolewa kwa maandishi wazi). Mashambulizi ya MITM bado yanaweza kutekelezwa kuiba nywila.`
GitBook: [master] 351 pages and 442 assets modified 2020-07-15 15:43:14 +00:00
Translated ['network-services-pentesting/1883-pentesting-mqtt-mosquitto. 2024-04-10 11:55:40 +00:00			`Kuunganisha kwenye huduma ya MQTT unaweza kutumia: [https://github.com/bapowell/python-mqtt-client-shell](https://github.com/bapowell/python-mqtt-client-shell) na kujisajili kwenye mada zote kwa kufanya:`
GitBook: [#2777] gitbookissooooo slow I cannot write 2021-10-18 11:21:18 +00:00			```
GitBook: [master] 351 pages and 442 assets modified 2020-07-15 15:43:14 +00:00			`> connect (NOTICE that you need to indicate before this the params of the connection, by default 127.0.0.1:1883)`
			`> subscribe "#" 1`
			`> subscribe "$SYS/#"`
			```
Translated to Swahili 2024-02-11 02:13:58 +00:00			`Unaweza pia kutumia [https://github.com/akamai-threat-research/mqtt-pwn](https://github.com/akamai-threat-research/mqtt-pwn)`
GitBook: [master] 351 pages and 442 assets modified 2020-07-15 15:43:14 +00:00
Translated to Swahili 2024-02-11 02:13:58 +00:00			`Unaweza pia kutumia:`
GitBook: [#3024] No subject 2022-02-19 19:42:58 +00:00			```bash
			`apt-get install mosquitto mosquitto-clients`
Translated ['network-services-pentesting/1883-pentesting-mqtt-mosquitto. 2024-04-10 11:55:40 +00:00			`mosquitto_sub -t 'test/topic' -v #Subscribe to 'test/topic'`
			`mosquitto_sub -h <host-ip> -t "#" -v #Subscribe to ALL topics.`
GitBook: [#3024] No subject 2022-02-19 19:42:58 +00:00			```
Translated ['network-services-pentesting/1883-pentesting-mqtt-mosquitto. 2024-04-10 11:55:40 +00:00			`Au unaweza kutekeleza nambari hii ili kujaribu kuunganisha kwenye huduma ya MQTT bila uthibitishaji, kusajili kila mada na kuzisikiliza:`
GitBook: [master] 351 pages and 442 assets modified 2020-07-15 15:43:14 +00:00			```python
			`#This is a modified version of https://github.com/Warflop/IOT-MQTT-Exploit/blob/master/mqtt.py`
			`import paho.mqtt.client as mqtt`
			`import time`
			`import os`

			`HOST = "127.0.0.1"`
			`PORT = 1883`

			`def on_connect(client, userdata, flags, rc):`
Translated to Swahili 2024-02-11 02:13:58 +00:00			`client.subscribe('#', qos=1)`
			`client.subscribe('$SYS/#')`
GitBook: [master] 351 pages and 442 assets modified 2020-07-15 15:43:14 +00:00
			`def on_message(client, userdata, message):`
Translated to Swahili 2024-02-11 02:13:58 +00:00			`print('Topic: %s \| QOS: %s \| Message: %s' % (message.topic, message.qos, message.payload))`
GitBook: [master] 351 pages and 442 assets modified 2020-07-15 15:43:14 +00:00
			`def main():`
Translated to Swahili 2024-02-11 02:13:58 +00:00			`client = mqtt.Client()`
			`client.on_connect = on_connect`
			`client.on_message = on_message`
			`client.connect(HOST, PORT)`
			`client.loop_start()`
			`#time.sleep(10)`
			`#client.loop_stop()`
GitBook: [master] 351 pages and 442 assets modified 2020-07-15 15:43:14 +00:00
			`if __name__ == "__main__":`
Translated to Swahili 2024-02-11 02:13:58 +00:00			`main()`
GitBook: [master] 351 pages and 442 assets modified 2020-07-15 15:43:14 +00:00			```
Translated to Swahili 2024-02-11 02:13:58 +00:00			`## Taarifa zaidi`
GitBook: [master] 351 pages and 442 assets modified 2020-07-15 15:43:14 +00:00
Translated to Swahili 2024-02-11 02:13:58 +00:00			`kutoka hapa: [https://morphuslabs.com/hacking-the-iot-with-mqtt-8edaf0d07b9b](https://morphuslabs.com/hacking-the-iot-with-mqtt-8edaf0d07b9b)`
GitBook: [master] 351 pages and 442 assets modified 2020-07-15 15:43:14 +00:00
Translated to Swahili 2024-02-11 02:13:58 +00:00			`### Mfano wa Kuchapisha/Kusikiliza <a href="#b667" id="b667"></a>`
GitBook: [master] 351 pages and 442 assets modified 2020-07-15 15:43:14 +00:00
Translated to Swahili 2024-02-11 02:13:58 +00:00			`Mfano wa kuchapisha/kusikiliza unajumuisha:`
GitBook: [master] 351 pages and 442 assets modified 2020-07-15 15:43:14 +00:00
Translated ['README.md', 'binary-exploitation/arbitrary-write-2-exec/REA 2024-04-07 03:36:12 +00:00			`* Mchapishaji: huchapisha ujumbe kwa mada moja (au nyingi) kwenye mpatanishi.`
Translated ['network-services-pentesting/1883-pentesting-mqtt-mosquitto. 2024-04-10 11:55:40 +00:00			`* Msikilizaji: anasikiliza mada moja (au nyingi) kwenye mpatanishi na kupokea ujumbe wote uliotumwa na mchapishaji.`
			`* Mpatanishi: huarifu ujumbe wote kutoka kwa wachapishaji kwenda kwa wasikilizaji.`
Translated ['README.md', 'binary-exploitation/arbitrary-write-2-exec/REA 2024-04-07 03:36:12 +00:00			`* Mada: inajumuisha kiwango kimoja au zaidi kilichotenganishwa na mstari wa mbele (k.m., /smartshouse/livingroom/temperature).`
GitBook: [master] 351 pages and 442 assets modified 2020-07-15 15:43:14 +00:00
Translated to Swahili 2024-02-11 02:13:58 +00:00			`### Muundo wa Pakiti <a href="#f15a" id="f15a"></a>`
GitBook: [master] 351 pages and 442 assets modified 2020-07-15 15:43:14 +00:00
Translated ['README.md', 'binary-exploitation/arbitrary-write-2-exec/REA 2024-04-07 03:36:12 +00:00			`Kila pakiti ya MQTT ina kichwa kilichofungwa (Mchoro 02).Mchoro 02: Kichwa Kilichofungwa`
GitBook: [master] 351 pages and 442 assets modified 2020-07-15 15:43:14 +00:00
a 2024-02-08 21:36:35 +00:00			`![https://miro.medium.com/max/838/1\k6RkAHEk0576geQGUcKSTA.png](https://miro.medium.com/max/838/1\k6RkAHEk0576geQGUcKSTA.png)`

Translated to Swahili 2024-02-11 02:13:58 +00:00			`### Aina za Pakiti`

Translated ['README.md', 'binary-exploitation/arbitrary-write-2-exec/REA 2024-04-07 03:36:12 +00:00			`* CONNECT (1): Kuanzishwa na mteja kuomba uhusiano kwa seva.`
Translated ['network-services-pentesting/1883-pentesting-mqtt-mosquitto. 2024-04-10 11:55:40 +00:00			`* CONNACK (2): Kuthibitisha seva ya uhusiano uliofanikiwa.`
			`* PUBLISH (3): Hutumiwa kutuma ujumbe kutoka kwa mteja kwenda kwa seva au kinyume chake.`
Translated ['README.md', 'binary-exploitation/arbitrary-write-2-exec/REA 2024-04-07 03:36:12 +00:00			`* PUBACK (4): Kuthibitisha pakiti ya PUBLISH.`
Translated ['network-services-pentesting/1883-pentesting-mqtt-mosquitto. 2024-04-10 11:55:40 +00:00			`* PUBREC (5): Sehemu ya itifaki ya utoaji ujumbe ikidhibitisha ujumbe umepokelewa.`
Translated ['README.md', 'binary-exploitation/arbitrary-write-2-exec/REA 2024-04-07 03:36:12 +00:00			`* PUBREL (6): Hakikisho zaidi katika utoaji wa ujumbe, ikionyesha kutolewa kwa ujumbe.`
Translated to Swahili 2024-02-11 02:13:58 +00:00			`* PUBCOMP (7): Sehemu ya mwisho ya itifaki ya utoaji ujumbe, ikionyesha kukamilika.`
			`* SUBSCRIBE (8): Ombi la mteja kusikiliza ujumbe kutoka kwa mada.`
Translated ['network-services-pentesting/1883-pentesting-mqtt-mosquitto. 2024-04-10 11:55:40 +00:00			`* SUBACK (9): Kuthibitisha ya seva ya ombi la SUBSCRIBE.`
Translated to Swahili 2024-02-11 02:13:58 +00:00			`* UNSUBSCRIBE (10): Ombi la mteja kuacha kupokea ujumbe kutoka kwa mada.`
Translated ['README.md', 'binary-exploitation/arbitrary-write-2-exec/REA 2024-04-07 03:36:12 +00:00			`* UNSUBACK (11): Majibu ya seva kwa ombi la UNSUBSCRIBE.`
Translated ['network-services-pentesting/1883-pentesting-mqtt-mosquitto. 2024-04-10 11:55:40 +00:00			`* PINGREQ (12): Ujumbe wa moyo unatumwa na mteja.`
Translated ['README.md', 'binary-exploitation/arbitrary-write-2-exec/REA 2024-04-07 03:36:12 +00:00			`* PINGRESP (13): Majibu ya seva kwa ujumbe wa moyo.`
			`* DISCONNECT (14): Kuanzishwa na mteja kumaliza uhusiano.`
Translated ['network-services-pentesting/1883-pentesting-mqtt-mosquitto. 2024-04-10 11:55:40 +00:00			`* Thamani mbili, 0 na 15, zimewekwa kama zilizohifadhiwa na matumizi yao ni marufuku.`
GitBook: [master] one page modified 2020-09-21 23:14:27 +00:00
GitBook: [#3360] No subject 2022-08-12 14:24:34 +00:00			`## Shodan`
GitBook: [master] one page modified 2020-09-21 23:14:27 +00:00
			* `port:1883 MQTT`
Ad hacktricks sponsoring 2022-04-28 16:01:33 +00:00
			`<details>`

Translated ['network-services-pentesting/1883-pentesting-mqtt-mosquitto. 2024-04-10 11:55:40 +00:00			`<summary><strong>Jifunze kuhusu kudukua AWS kutoka sifuri hadi shujaa na</strong> <a href="https://training.hacktricks.xyz/courses/arte"><strong>htARTE (HackTricks AWS Red Team Expert)</strong></a><strong>!</strong></summary>`
Ad hacktricks sponsoring 2022-04-28 16:01:33 +00:00
Translated to Swahili 2024-02-11 02:13:58 +00:00			`Njia nyingine za kusaidia HackTricks:`
Ad hacktricks sponsoring 2022-04-28 16:01:33 +00:00
Translated ['README.md', 'binary-exploitation/arbitrary-write-2-exec/REA 2024-04-07 03:36:12 +00:00			`* Ikiwa unataka kuona kampuni yako ikitangazwa kwenye HackTricks au kupakua HackTricks kwa PDF Angalia [MIPANGO YA KUJIUNGA](https://github.com/sponsors/carlospolop)!`
			`* Pata [bidhaa rasmi za PEASS & HackTricks](https://peass.creator-spring.com)`
			`* Gundua [Familia ya PEASS](https://opensea.io/collection/the-peass-family), mkusanyiko wetu wa [NFTs](https://opensea.io/collection/the-peass-family) ya kipekee`
			`* Jiunge na 💬 [Kikundi cha Discord](https://discord.gg/hRep4RUj7f) au kikundi cha [telegram](https://t.me/peass) au tufuate kwenye Twitter 🐦 [@carlospolopm](https://twitter.com/hacktricks\_live).`
Translated ['network-services-pentesting/1883-pentesting-mqtt-mosquitto. 2024-04-10 11:55:40 +00:00			`* Shiriki mbinu zako za kudukua kwa kuwasilisha PRs kwa [HackTricks](https://github.com/carlospolop/hacktricks) na [HackTricks Cloud](https://github.com/carlospolop/hacktricks-cloud) github repos.`
Ad hacktricks sponsoring 2022-04-28 16:01:33 +00:00
			`</details>`