def dotransform(args):
mt = MaltegoTransform()
# mt.debug(pprint(args))
mt.parseArguments(args)
ip = mt.getValue()
hostid = mt.getVar("id")
db = mt.getVar("db")
user = mt.getVar("user")
password = mt.getVar("password").replace("\\", "")
mpost = MsploitPostgres(user, password, db)
for vuln in mpost.getforHost(ip, "vulns"):
vulnentity = mt.addEntity("maltego.Vulnerability", vuln.get("name"))
vulnentity.setValue(vuln.get("name"))
vulnentity.addAdditionalFields("ip", "IP Address", True, ip)
for k, v in vuln.items():
if isinstance(v, datetime):
vulnentity.addAdditionalFields(
k, k.capitalize(), False,
"{}/{}/{}".format(v.day, v.month, v.year))
elif v and str(v).strip():
vulnentity.addAdditionalFields(k, k.capitalize(), False,
str(v))
vulnentity.addAdditionalFields("user", "User", False, user)
vulnentity.addAdditionalFields("db", "db", False, db)
mt.returnOutput()
mt.addUIMessage("completed!")
def dotransform(args):
mt = MaltegoTransform()
# mt.debug(pprint(args))
mt.parseArguments(args)
ip = mt.getValue()
hostid = mt.getVar("id")
db = mt.getVar("db")
user = mt.getVar("user")
password = mt.getVar("password").replace("\\", "")
mpost = MsploitPostgres(user, password, db)
for vuln in mpost.getforHost(ip, "vulns"):
vulnentity = mt.addEntity("maltego.Vulnerability", "{}:{}".format(vuln.get("name"),hostid))
vulnentity.setValue("{}:{}".format(vuln.get("name"),hostid))
vulnentity.addAdditionalFields("ip", "IP Address", True, ip)
for k,v in vuln.items():
if isinstance(v,datetime):
vulnentity.addAdditionalFields(k, k.capitalize(), False, "{}/{}/{}".format(v.day,v.month,v.year))
elif v and str(v).strip():
vulnentity.addAdditionalFields(k, k.capitalize(), False, str(v))
vulnentity.addAdditionalFields("user", "User", False, user)
vulnentity.addAdditionalFields("db", "db", False, db)
mt.returnOutput()
mt.addUIMessage("completed!")
def dotransform(args):
mt = MaltegoTransform()
# mt.debug(pprint(args))
mt.parseArguments(args)
ip = mt.getValue()
mac = mt.getVar("mac")
machinename = mt.getVar("name")
os_family = mt.getVar("os_family")
os_name = mt.getVar("os_name")
os_sp = mt.getVar("os_sp")
hostid = mt.getVar("id")
if not hostid:
hostid = mt.getVar("hostid")
db = mt.getVar("db")
user = mt.getVar("user")
password = mt.getVar("password").replace("\\", "")
mpost = MsploitPostgres(user, password, db)
for service in mpost.getforHost(ip, "services"):
entityname = getserviceentity(service)
servicename = service.get("name")
if not servicename:
servicename = "unknown"
hostservice = mt.addEntity(
entityname, "{}/{}:{}".format(servicename, service.get("port"),
hostid))
hostservice.setValue("{}/{}:{}".format(servicename,
service.get("port"), hostid))
hostservice.addAdditionalFields("ip", "IP Address", True, ip)
if service.get("info"):
hostservice.addAdditionalFields("banner.text", "Service Banner",
True, service.get("info"))
else:
hostservice.addAdditionalFields("banner.text", "Service Banner",
True, "")
hostservice.addAdditionalFields(
"service.name", "Description", True,
"{}/{}".format(service.get("port"), servicename))
for k, v in service.items():
if isinstance(v, datetime):
hostservice.addAdditionalFields(
k, k.capitalize(), False,
"{}/{}/{}".format(v.day, v.month, v.year))
elif v and str(v).strip():
hostservice.addAdditionalFields(k, k.capitalize(), False,
str(v))
hostservice.addAdditionalFields("user", "User", False, user)
hostservice.addAdditionalFields("password", "Password", False,
password)
hostservice.addAdditionalFields("db", "db", False, db)
if mac:
macentity = mt.addEntity("maltego.MacAddress", mac)
macentity.setValue(mac)
macentity.addAdditionalFields("ip", "IP Address", True, ip)
if machinename and re.match("^[a-zA-z]+", machinename):
hostentity = mt.addEntity("msploitego.Hostname", machinename)
hostentity.setValue(machinename)
hostentity.addAdditionalFields("ip", "IP Address", True, ip)
osentityname, osdescription = getosentity(os_family, os_name)
if os_sp:
osdescription += " {}".format(os_sp)
osentity = mt.addEntity(osentityname, osdescription)
osentity.setValue(osdescription)
osentity.addAdditionalFields("ip", "IP Address", True, ip)
mt.returnOutput()
mt.addUIMessage("completed!")
