1

I’m trying to capture the traffic that my IoT device sends to the broker. It seems that the MQTT packets use TLS 1.2, so I can’t see the traffic in plaintext.

Is there a way to capture this data in plaintext?

Improve this question
4
  • 3
    It depends on the exact TLS client and trust store used by the device. If you can make the client log the TLS secrets to a file (like the SSLKEYLOGFILE supported by some libraries), then you can decrypt the traffic with tools like Wireshark. If you can install a custom certificate in the trust store of the device, then you can set up a proxy which intercepts and decrypts the traffic. Or maybe you can disable TLS altogether – it’s not mandatory for MQTT. Commented Nov 25, 2024 at 1:34
  • No, unfortunately, I have no way to communicate directly with this device. I execute commands on the device through a mobile app, but all messages go through the broker, and I don't have the authority to control either the broker or the device directly. Commented Nov 25, 2024 at 23:11
  • If you cannot patch or configure the TLS client on the device, then getting the plaintext will be difficult. Remember that TLS was designed specifically to prevent attackers from reading the traffic. Your only hope would be an insecure configuration or an implementation bug. For example, you could set up a proxy to mimic the broker and test how far you can downgrade the TLS/SSL version. You can also inspect the Client Hello message (which is plaintext in TLS 1.2) to check which cipher suites the client supports. If you’re lucky, you’ll find some weakness. Commented Nov 26, 2024 at 0:02
  • But note that some TLS/SSL attacks require a lot of effort and resources, so it may turn out that it's just not worth it. Commented Nov 26, 2024 at 0:04

0

Reset to default

You must log in to answer this question.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.