[Boards: 3 / a / aco / adv / an / asp / b / biz / c / cgl / ck / cm / co / d / diy / e / fa / fit / g / gd / gif / h / hc / his / hm / hr / i / ic / int / jp / k / lgbt / lit / m / mlp / mu / n / news / o / out / p / po / pol / qa / r / r9k / s / s4s / sci / soc / sp / t / tg / toy / trash / trv / tv / u / v / vg / vp / vr / w / wg / wsg / wsr / x / y ] [Home]
4chanarchives logo
MQTT

You are currently reading a thread in /g/ - Technology

Thread replies: 7
Thread images: 2
File: logo.png (989 KB, 2560x1440) Image search: [Google]
logo.png
989 KB, 2560x1440
Is it possible to sniff data (passwords) from MQTT Messenger protocol like Facebook Messenger app?
>>
They dont get sent in plain text, the internet stopped doing this ages ago
>>
>>54888747

>They dont get sent in plain text, the internet stopped doing this ages ago

So even if I used mitm technique (spoof router wifi) still there is no way to decode the data?
>>
>>54888814
yes, because you're still sniffing.
>>
>>54888814
You could fake the SSL session, but even then it is probably only sending a Session ID, which you could probably use for a while if you sent requests with the same session ID.
>>
>>54888724
Spoof per usual and strip the ssl, then issue a deauth and swap out the app token. It's only a little more complex than regular mitm and strip, but you could do it. Search around I think some defcon dudes did a paper on this
>>
File: 10191814341.jpg (8 KB, 217x233) Image search: [Google]
10191814341.jpg
8 KB, 217x233
>>54889222
Thread replies: 7
Thread images: 2

[Boards: 3 / a / aco / adv / an / asp / b / biz / c / cgl / ck / cm / co / d / diy / e / fa / fit / g / gd / gif / h / hc / his / hm / hr / i / ic / int / jp / k / lgbt / lit / m / mlp / mu / n / news / o / out / p / po / pol / qa / r / r9k / s / s4s / sci / soc / sp / t / tg / toy / trash / trv / tv / u / v / vg / vp / vr / w / wg / wsg / wsr / x / y] [Home]

All trademarks and copyrights on this page are owned by their respective parties. Images uploaded are the responsibility of the Poster. Comments are owned by the Poster.
If a post contains personal/copyrighted/illegal content you can contact me at [email protected] with that post and thread number and it will be removed as soon as possible.
If a post contains illegal content, please click on its [Report] button and follow the instructions.
This is a 4chan archive - all of the content originated from them. If you need information for a Poster - you need to contact them.
This website shows only archived content and is not affiliated with 4chan in any way.
If you like this website please support us by donating with Bitcoin at 1XVgDnu36zCj97gLdeSwHMdiJaBkqhtMK