SPuerBRead
diff --git a/‎core/banner.go‎
Lines changed: 22 additions & 0 deletions b/‎core/banner.go‎
Lines changed: 22 additions & 0 deletions
diff --git a/‎core/client.go‎
Lines changed: 180 additions & 0 deletions b/‎core/client.go‎
Lines changed: 180 additions & 0 deletions
diff --git a/‎core/client_token.go‎
Lines changed: 45 additions & 0 deletions b/‎core/client_token.go‎
Lines changed: 45 additions & 0 deletions
diff --git a/‎core/cmd_parser.go‎
Lines changed: 138 additions & 0 deletions b/‎core/cmd_parser.go‎
Lines changed: 138 additions & 0 deletions
@@ -0,0 +1,22 @@
+package core
+
+import (
+	"fmt"
+	"mqtts/utils"
+)
+
+var banner = `
+	███╗   ███╗ ██████╗ ████████╗████████╗███████╗
+	████╗ ████║██╔═══██╗╚══██╔══╝╚══██╔══╝██╔════╝
+	██╔████╔██║██║   ██║   ██║      ██║   ███████╗
+	██║╚██╔╝██║██║▄▄ ██║   ██║      ██║   ╚════██║
+	██║ ╚═╝ ██║╚██████╔╝   ██║      ██║   ███████║
+	╚═╝     ╚═╝ ╚══▀▀═╝    ╚═╝      ╚═╝   ╚══════╝
+
+									version: %s
+
+`
+
+func ShowBanner() {
+	fmt.Printf(banner, utils.Version)
+}
@@ -0,0 +1,180 @@
+package core
+
+import (
+	"crypto/tls"
+	"crypto/x509"
+	"errors"
+	"fmt"
+	MQTT "github.com/eclipse/paho.mqtt.golang"
+	"mqtts/utils"
+	"strconv"
+	"strings"
+	"sync"
+	"time"
+)
+
+var tmpClient = &Client{}
+var tmpClientLock sync.Mutex
+
+type Client struct {
+	CurrentClient  MQTT.Client
+	ClientOptions  *MQTT.ClientOptions
+	ClientLocker   *sync.Mutex
+	MessageHandler func(client *Client, msg *Message)
+	Certificate    x509.Certificate
+}
+
+type Message struct {
+	Topic string
+	Msg   string
+}
+
+func ConnectWithOpts(opts *TargetOptions) Client {
+	client := GetMQTTClient(opts)
+	connectError := client.Connect()
+	if connectError == nil {
+		SetClientToken(opts.Host, opts.Port, *client)
+		return *client
+	} else {
+		SetClientToken(opts.Host, opts.Port, *client)
+		utils.OutputInfoMessage(opts.Host, opts.Port, "Connect mqtt server failed err:"+connectError.Error())
+		return *client
+	}
+}
+
+func GenerateClientId(id string) string {
+	return "mqttSecurityCheck" + id
+}
+
+func connectHandler(client MQTT.Client) {
+	//utils.OutputInfoMessage("Connect MQTT Service Success")
+}
+
+func connectLostHandler(client MQTT.Client, err error) {
+	reader := client.OptionsReader()
+	if len(reader.Servers()) > 0 {
+		utils.OutputErrorMessageWithoutOption("[" + reader.Servers()[0].Host + "] Loss MQTT connection")
+	}
+}
+
+func verifyPeerCertificateHandler(rawCerts [][]byte, verifiedChains [][]*x509.Certificate) error {
+	cert, _ := x509.ParseCertificate(rawCerts[0])
+	tmpClient.Certificate = *cert
+	setCertificate(tmpClient)
+	return nil
+}
+
+func verifyConnectionHandler(state tls.ConnectionState) error {
+	return nil
+}
+
+func GetMQTTClient(opts *TargetOptions) *Client {
+	clientOptions := MQTT.NewClientOptions()
+	broker := opts.Protocol + "://" + opts.Host + ":" + strconv.Itoa(opts.Port)
+	if strings.EqualFold(opts.Protocol, "tcp") || strings.EqualFold(opts.Protocol, "ssl") {
+		clientOptions.AddBroker(broker)
+	}
+	if strings.EqualFold(opts.Protocol, "ws") || strings.EqualFold(opts.Protocol, "wss") {
+		clientOptions.AddBroker(broker + "/mqtt")
+	}
+	clientOptions.SetUsername(opts.UserName)
+	clientOptions.SetPassword(opts.Password)
+	if !strings.EqualFold(opts.ClientId, "") {
+		clientOptions.SetClientID(opts.ClientId)
+	} else {
+		clientId := utils.GetRandomString(6, "string")
+		clientOptions.SetClientID(utils.GetRandomString(6, "string"))
+		opts.ClientId = clientId
+	}
+	clientOptions.SetConnectTimeout(time.Millisecond * 5000)
+	clientOptions.SetOnConnectHandler(connectHandler)
+	clientOptions.SetConnectionLostHandler(connectLostHandler)
+	tlsConfig := tls.Config{
+		InsecureSkipVerify:    true,
+		VerifyPeerCertificate: verifyPeerCertificateHandler,
+		VerifyConnection:      verifyConnectionHandler,
+	}
+	clientOptions.SetTLSConfig(&tlsConfig)
+	client := MQTT.NewClient(clientOptions)
+	return &Client{
+		CurrentClient: client,
+		ClientOptions: clientOptions,
+		ClientLocker:  &sync.Mutex{},
+	}
+}
+
+func (client *Client) Connect() error {
+	if !client.CurrentClient.IsConnected() {
+		client.ClientLocker.Lock()
+		defer client.ClientLocker.Unlock()
+		if !client.CurrentClient.IsConnected() {
+			if token := client.CurrentClient.Connect(); token.Wait() && token.Error() != nil {
+				client.saveCertificate(currentCertificate().Certificate)
+				return token.Error()
+			} else {
+				client.saveCertificate(currentCertificate().Certificate)
+			}
+		}
+	}
+	return nil
+}
+
+func defaultMessageHandler(c *Client, message *Message) {
+	fmt.Println(message.Msg)
+}
+
+func (client *Client) messageHandler(c MQTT.Client, message MQTT.Message) {
+	if client.MessageHandler == nil {
+		//utils.OutputErrorMessage("Not subscribe message")
+		return
+	}
+	msg := &Message{
+		Topic: message.Topic(),
+		Msg:   string(message.Payload()),
+	}
+	client.MessageHandler(client, msg)
+}
+
+func (client *Client) Subscribe(handler func(c *Client, message *Message), qos byte, topics ...string) error {
+	if client.MessageHandler != nil {
+		return errors.New("messageHandler has been bound, have to clear messageHandler first")
+	}
+
+	if len(topics) == 0 {
+		return errors.New("subscribe method must set topic")
+	}
+
+	if handler != nil {
+		client.MessageHandler = handler
+	} else {
+		client.MessageHandler = defaultMessageHandler
+	}
+
+	filters := make(map[string]byte)
+	for _, topic := range topics {
+		filters[topic] = qos
+	}
+	client.CurrentClient.SubscribeMultiple(filters, client.messageHandler)
+	return nil
+}
+
+func (client *Client) Unsubscribe(topics ...string) {
+	client.MessageHandler = nil
+	client.CurrentClient.Unsubscribe(topics...)
+}
+
+func (client *Client) saveCertificate(certificate x509.Certificate) {
+	client.Certificate = certificate
+}
+
+func currentCertificate() *Client {
+	tmpClientLock.Lock()
+	defer tmpClientLock.Unlock()
+	return tmpClient
+}
+
+func setCertificate(c *Client) {
+	tmpClientLock.Lock()
+	tmpClient = c
+	tmpClientLock.Unlock()
+}
@@ -0,0 +1,45 @@
+package core
+
+import (
+	"strconv"
+	"sync"
+)
+
+type clientTokenMap struct {
+	ClientInfo map[string]Client
+}
+
+var ctMap *clientTokenMap
+var clientOnce sync.Once
+
+func getClientMap() *clientTokenMap {
+	clientOnce.Do(func() {
+		ctMap = &clientTokenMap{}
+		ctMap.ClientInfo = make(map[string]Client)
+	})
+	return ctMap
+}
+
+func SetClientToken(host string, port int, client Client) {
+	if ctMap != nil && ctMap.ClientInfo != nil {
+		ctMap.ClientInfo[host+":"+strconv.Itoa(port)] = client
+	} else {
+		getClientMap()
+		ctMap.ClientInfo[host+":"+strconv.Itoa(port)] = client
+	}
+}
+
+func GetClientToken(opts *TargetOptions, existing bool) Client {
+	if ctMap != nil && ctMap.ClientInfo != nil {
+		if _, existKey := ctMap.ClientInfo[opts.Host+":"+strconv.Itoa(opts.Port)]; existKey {
+			if ctMap.ClientInfo[opts.Host+":"+strconv.Itoa(opts.Port)].CurrentClient.IsConnected() {
+				return ctMap.ClientInfo[opts.Host+":"+strconv.Itoa(opts.Port)]
+			}
+		}
+	}
+	if !existing {
+		return ConnectWithOpts(opts)
+	} else {
+		return Client{}
+	}
+}
@@ -0,0 +1,138 @@
+package core
+
+import (
+	"flag"
+	"fmt"
+	"mqtts/utils"
+	"os"
+	"strconv"
+	"strings"
+)
+
+type ScanArgs struct {
+	CommonScan        bool
+	UnauthScan        bool
+	AnyPwdScan        bool
+	SystemInfo        bool
+	BruteScan         bool
+	AutoScan          bool
+	TopicsList        bool
+	WaitTime          int
+	UserPath          string
+	PwdPath           string
+	TargetFile        string
+	GoroutinePoolSize int
+}
+
+func CmdArgsParser() *ScanArgs {
+	var host string
+	var port int
+	var username string
+	var password string
+	var protocol string
+	var clientId string
+	var unauthScan bool
+	var anyPwdScan bool
+	var autoScan bool
+	var systemInfo bool
+	var topicsList bool
+	var userPath string
+	var pwdPath string
+	var waitTime int
+	var bruteScan bool
+	var targetFile string
+	var goroutinePoolSize int
+	var showVersion bool
+	flag.StringVar(&host, "t", "", "input target ip or host")
+	flag.IntVar(&port, "p", 1883, "input target port default is 1883/tcp")
+	flag.StringVar(&username, "username", "", "input username")
+	flag.StringVar(&password, "password", "", "input password")
+	flag.StringVar(&protocol, "protocol", "", "input protocol tcp/ssl/ws/wss")
+	flag.StringVar(&clientId, "clientid", "", "input password default is 6 random string")
+	flag.BoolVar(&unauthScan, "u", false, "unauth scan (support batch scanning)")
+	flag.BoolVar(&anyPwdScan, "a", false, "any username/password login scan for EMQX emqx_plugin_template plugin (support batch scanning)")
+	flag.BoolVar(&bruteScan, "b", false, "username and password brute force")
+	flag.BoolVar(&autoScan, "au", false, "automatic scanning according to service conditions")
+	flag.BoolVar(&systemInfo, "s", false, "mqtt server system topic info scan (batch scanning is not supported)")
+	flag.BoolVar(&topicsList, "ts", false, "mqtt server topic list scan (batch scanning is not supported)")
+	flag.StringVar(&userPath, "nf", "", "brute force username list file path, default is ./username.txt")
+	flag.StringVar(&pwdPath, "pf", "", "brute force password list file path, default is ./password.txt")
+	flag.IntVar(&waitTime, "w", 15, "systemInfo scan and topics scan wait time, unit: seconds, default 15s")
+	flag.StringVar(&targetFile, "tf", "", "batch scan target file, line format split with \\t host port [protocol | clientId | username | password]")
+	flag.IntVar(&goroutinePoolSize, "g", 10, "batch scan goroutine pool size")
+	flag.BoolVar(&showVersion, "v", false, "show version")
+	flag.Parse()
+	if showVersion {
+		fmt.Println(utils.Version)
+		os.Exit(0)
+	}
+	if strings.EqualFold(host, "") && strings.EqualFold(targetFile, "") {
+		flag.Usage()
+		os.Exit(0)
+	}
+	if !strings.EqualFold(host, "") && !strings.EqualFold(targetFile, "") {
+		utils.OutputErrorMessageWithoutOption("Single targets and batch targets cannot be set at the same time")
+		os.Exit(0)
+	}
+	if !strings.EqualFold(host, "") {
+		setSingleTarget(protocol, host, port, clientId, username, password)
+	}
+	if !strings.EqualFold(targetFile, "") {
+		setTargets(targetFile)
+	}
+	if !unauthScan && !anyPwdScan && !systemInfo && !topicsList && !bruteScan && !autoScan {
+		utils.OutputErrorMessageWithoutOption("Must specify the type of scan")
+		os.Exit(0)
+	}
+	if !strings.EqualFold(targetFile, "") && (systemInfo || topicsList) {
+		utils.OutputErrorMessageWithoutOption("Topic info scanning and topic list scanning do not support batch")
+		os.Exit(0)
+	}
+	return &ScanArgs{
+		UnauthScan:        unauthScan,
+		AnyPwdScan:        anyPwdScan,
+		BruteScan:         bruteScan,
+		AutoScan:          autoScan,
+		SystemInfo:        systemInfo,
+		TopicsList:        topicsList,
+		WaitTime:          waitTime,
+		UserPath:          userPath,
+		PwdPath:           pwdPath,
+		GoroutinePoolSize: goroutinePoolSize,
+	}
+}
+
+func setSingleTarget(protocol string, host string, port int, clientId string, username string, password string) {
+	SetTargetInfo(protocol, host, port, clientId, username, password)
+}
+
+func setTargets(targetFile string) {
+	lines, err := utils.ReadFileByLine(targetFile)
+	if err != nil {
+		utils.OutputErrorMessageWithoutOption("Load target file failed")
+		os.Exit(0)
+	}
+	for num, line := range lines {
+		targetInfo := strings.Split(line, " ")
+		if len(targetInfo) < 2 {
+			utils.OutputErrorMessageWithoutOption("Target format or data error in line " + strconv.Itoa(num+1) + ": " + line)
+		}
+		if len(targetInfo) < 6 {
+			for range utils.IterRange(6 - len(targetInfo)) {
+				targetInfo = append(targetInfo, "")
+			}
+		}
+		host := targetInfo[0]
+		port, err := strconv.Atoi(targetInfo[1])
+		if err != nil {
+			utils.OutputErrorMessageWithoutOption("Target port parse error in line " + strconv.Itoa(num+1) + ": " + line)
+			continue
+		}
+		protocol := targetInfo[2]
+		clientId := targetInfo[3]
+		username := targetInfo[4]
+		password := targetInfo[5]
+		SetTargetInfo(protocol, host, port, clientId, username, password)
+	}
+
+}