– Posted on 2017/07/27Posted in: Programming

If you don’t know what the MQTT protocol is I suggest watching the lecture “DEFCON 24 – Light Weight Protocol: Critical Implications” by Lucas Lundgren.

Joffrey is a wordlist based multi-threaded brute forcer for protected MQTT brokers. It can be found here on Github. The script is written in Python and is pretty straightforward.

Usage: python joffrey.py [ARGS]

Options:
  -h, --help           show this help message and exit
  -t TARGET            Target domain or ip to invade
  -p PORT              Target port (optional)
  --threads=NRTHREADS  Amount of threads for the King to do as he please with
  -u USERNAME          Specify username
  -w WORDLIST          Path to wordlist

Tags: Joffrey, MQTT, Python

No Comments

Start the ball rolling by posting a comment on this article!

Leave a Reply Cancel reply

Categories
- Hardware (4)
- Linux (3)
- Misc (2)
- Programming (10)
- Reverse Engineering (2)
- Security (6)
Recent Posts
- SLAE: “Polymorphic” – Assignment 6
  Posted on 2018/01/04 | No Comments
  This blog post has been created for completing the requirements of the SecurityTube Linux Assembly Expert certification: http://securitytube-training.com/online-courses/securitytube-linux-assembly-expert/ Student ID: SLAE-1046 Assignment: Take 3 shellcodes from shell-storm and create “polymorphic” […]
  Read More
- SLAE: Msfpayload (msfvenom) Shellcode Analysis – Assignment 5
  Posted on 2018/01/03 | No Comments
  This blog post has been created for completing the requirements of the SecurityTube Linux Assembly Expert certification: http://securitytube-training.com/online-courses/securitytube-linux-assembly-expert/ Student ID: SLAE-1046 Assignment: Create three Linux x86 shellcode samples with msfpayload […]
  Read More
- SLAE: Custom Encoder – Assignment 4
  Posted on 2018/01/02 | No Comments
  This blog post has been created for completing the requirements of the SecurityTube Linux Assembly Expert certification: http://securitytube-training.com/online-courses/securitytube-linux-assembly-expert/ Student ID: SLAE-1046 Assignment: Create a custom encoding scheme like the “insertion […]
  Read More
- SLAE: Egg Hunter – Assignment 3
  Posted on 2017/12/19 | No Comments
  This blog post has been created for completing the requirements of the SecurityTube Linux Assembly Expert certification: http://securitytube-training.com/online-courses/securitytube-linux-assembly-expert/ Student ID: SLAE-1046 Assignment: Study the Egg Hunter shellcode. Create a working […]
  Read More
- SLAE: Reverse TCP Shell – Assignment 2
  Posted on 2017/12/15 | 3 Comments
  This blog post has been created for completing the requirements of the SecurityTube Linux Assembly Expert certification: http://securitytube-training.com/online-courses/securitytube-linux-assembly-expert/ Student ID: SLAE-1046 Assignment: Create a shell_reverse_tcp shellcode that connects to an […]
  Read More
Tags
aide archassault buffer overflow cp2102 crackme Crawler ctf DDNS defense Digispark DIY enumeration Evil-AP IP resolution Joffrey KVM lan tap linux loopback metasploit MQTT nasm nodogsplash OpenWrt patch pe-file port-forwarding Python reconnaissance rj-45 security serial shellcode SLAE social engineering soldering SSH synergy Tools uart unicode

Joffrey – Stupid MQTT Brute Forcer

No Comments

Leave a Reply Cancel reply

Categories

Recent Posts

Tags