def dotransform(args):
mt = MaltegoTransform()
# mt.debug(pprint(sys.argv))
mt.parseArguments(args)
hostid = mt.getVar("hostid")
fn = mt.getVar("niktofile")
if not fn:
mt.addException("Nikto file is either not attached or does not exist")
mt.returnOutput()
else:
nr = NiktoReport(fn)
for d in nr.details:
try:
det = mt.addEntity("msploitego.niktodetail",
"{}:{}".format(d.description, hostid))
except Exception:
continue
det.setValue("{}:{}".format(d.description, hostid))
det.addAdditionalFields("description", "Description", False,
d.description)
det.addAdditionalFields("iplink", "IP Link", False, d.iplink)
det.addAdditionalFields("namelink", "Name Link", False, d.namelink)
det.addAdditionalFields("uri", "URI", False, d.uri)
inheritvalues(det, mt.values)
mt.returnOutput()
def dotransform(args):
mt = MaltegoTransform()
# mt.debug(pprint(sys.argv))
mt.parseArguments(args)
ip = mt.getVar("ip")
port = mt.getVar("port")
fn = mt.getVar("niktofile")
if not fn:
mt.addException("Nikto file is either not attached or does not exist")
mt.returnOutput()
else:
nr = NiktoReport(fn)
for d in nr.details:
det = mt.addEntity("msploitego.niktodetail", d.description)
det.setValue(d.description[0:25])
det.addAdditionalFields("description", "Description", False,
d.description)
det.addAdditionalFields("iplink", "IP Link", False, d.iplink)
det.addAdditionalFields("namelink", "Name Link", False, d.namelink)
det.addAdditionalFields("uri", "URI", False, d.uri)
det.addAdditionalFields("ip", "IP", False, ip)
det.addAdditionalFields("port", "IP", False, port)
if len(d.get("uri")) > 2:
webdir = mt.addEntity("maltego.URL", d.get("iplink"))
webdir.setValue(d.get("iplink"))
# elif d.get("namelink"):
# webdir = mt.addEntity("maltego.URL", d.get("namelink"))
# webdir.setValue(d.get("namelink"))
webdir.addAdditionalFields("ip", "IP", False, ip)
webdir.addAdditionalFields("port", "IP", False, port)
mt.returnOutput()
mt.addUIMessage("completed!")
def dotransform(args):
mt = MaltegoTransform()
# mt.debug(pprint(sys.argv))
mt.parseArguments(args)
ip = mt.getVar("ip")
port = mt.getVar("port")
fn = mt.getVar("niktofile")
if not fn:
mt.addException("Nikto file is either not attached or does not exist")
mt.returnOutput()
else:
nr = NiktoReport(fn)
for d in nr.details:
det = mt.addEntity("msploitego.niktodetail", d.description)
det.setValue(d.description[0:45])
det.addAdditionalFields("description","Description",False,d.description)
det.addAdditionalFields("iplink", "IP Link", False, d.iplink)
det.addAdditionalFields("namelink", "Name Link", False, d.namelink)
det.addAdditionalFields("uri", "URI", False, d.uri)
det.addAdditionalFields("ip", "IP", False, ip)
det.addAdditionalFields("port", "IP", False, port)
if len(d.get("uri")) > 2:
webdir = mt.addEntity("maltego.URL", d.get("iplink"))
webdir.setValue(d.get("iplink"))
# elif d.get("namelink"):
# webdir = mt.addEntity("maltego.URL", d.get("namelink"))
# webdir.setValue(d.get("namelink"))
webdir.addAdditionalFields("ip", "IP", False, ip)
webdir.addAdditionalFields("port", "IP", False, port)
mt.returnOutput()
mt.addUIMessage("completed!")
def dotransform(args):
mt = MaltegoTransform()
# mt.debug(pprint(sys.argv))
mt.parseArguments(args)
ip = mt.getVar("ip")
port = mt.getVar("port")
servicename = mt.getVar("servicename")
serviceid = mt.getVar("serviceid")
hostid = mt.getVar("hostid")
workspace = mt.getVar("workspace")
fn = mt.getVar("enum4linux")
if not fn:
mt.addException(fn)
mt.returnOutput()
contents = getFileContents(fn)
regex = re.compile("^\|\s+")
ignore = re.compile("={3,}|Looking\s|padding\d|unknown_\d|logon_hrs|\[V\]\sAttempting\sto\sget|\*unknown\*|\[V\]\sassuming\sthat\suser|\[V\]\sprocessing\ssid\s|\[E\]", re.I)
headsignore = re.compile("target\sinformation|getting\sprinter", re.I)
results = bucketparser(regex,contents,ignoreg=ignore)
for res in results:
header = res.get("Header")
if headsignore.search(header):
continue
if re.search("enumerating\sworkgroup",header,re.I):
for k,v in res.items():
if re.search("got\sdomain",k,re.I):
doment = mt.addEntity("maltego.Domain", v)
doment.setValue(v)
doment.addAdditionalFields("ip", "IP Address", True, ip)
doment.addAdditionalFields("hostid", "Host Id", True, hostid)
elif re.search("nbtstat\sinformation",header,re.I):
h = header.replace("|","").lstrip().rstrip()
nbstat = mt.addEntity("msploitego.nbstatinformation",h)
nbstat.setValue(h)
nbstat.addAdditionalFields("data", "Data", False, "\n".join(res.get("Details")))
nbstat.addAdditionalFields("ip", "IP Address", True, ip)
nbstat.addAdditionalFields("hostid", "Host Id", True, hostid)
elif re.search("session\scheck\son",header,re.I):
data = packandroll(res)
if data:
h = header.replace("|", "").lstrip().rstrip()
sessioncheck = mt.addEntity("msploitego.nbstatinformation",h)
sessioncheck.setValue(h)
sessioncheck.addAdditionalFields("data", "Data", False, "\n".join(data))
sessioncheck.addAdditionalFields("ip", "IP Address", True, ip)
sessioncheck.addAdditionalFields("hostid", "Host Id", True, hostid)
elif re.search("getting\sdomain\ssid",header,re.I):
data = packandroll(res)
if data:
h = header.replace("|", "").lstrip().rstrip()
domainsid = mt.addEntity("msploitego.RelevantInformation", h)
domainsid.setValue(h)
domainsid.addAdditionalFields("data", "Data", False, "\n".join(data))
domainsid.addAdditionalFields("ip", "IP Address", True, ip)
domainsid.addAdditionalFields("hostid", "Host Id", True, hostid)
elif re.search("os\sinformation\son",header,re.I):
data = packandroll(res)
if data:
h = header.replace("|", "").lstrip().rstrip()
osinfo = mt.addEntity("msploitego.SambaOSInformation", h)
osinfo.setValue(h)
osinfo.addAdditionalFields("data", "Data", False, "\n".join(data))
osinfo.addAdditionalFields("ip", "IP Address", True, ip)
osinfo.addAdditionalFields("hostid", "Host Id", True, hostid)
elif re.search("\svia\srid\scyling",header,re.I):
data = packandroll(res)
if data:
h = header.replace("|", "").lstrip().rstrip()
ridinfo = mt.addEntity("msploitego.SambaAccountInformation", h)
ridinfo.setValue(h)
ridinfo.addAdditionalFields("data", "Data", False, "\n".join(data))
ridinfo.addAdditionalFields("ip", "IP Address", True, ip)
ridinfo.addAdditionalFields("hostid", "Host Id", True, hostid)
elif re.search("\susers\son\s",header,re.I):
data = packandroll(res)
if data:
h = header.replace("|", "").lstrip().rstrip()
userinfo = mt.addEntity("msploitego.SambaAccountInformation", h)
userinfo.setValue(h)
userinfo.addAdditionalFields("data", "Data", False, "\n".join(data))
userinfo.addAdditionalFields("ip", "IP Address", True, ip)
userinfo.addAdditionalFields("hostid", "Host Id", True, hostid)
elif re.search("\smacine\senumeration\s",header,re.I):
data = packandroll(res)
if data:
h = header.replace("|", "").lstrip().rstrip()
machineinfo = mt.addEntity("msploitego.SambaMachineEnumeration", h)
machineinfo.setValue(h)
machineinfo.addAdditionalFields("data", "Data", False, "\n".join(data))
machineinfo.addAdditionalFields("ip", "IP Address", True, ip)
machineinfo.addAdditionalFields("hostid", "Host Id", True, hostid)
elif re.search("\sshare\senumeration\son\s",header,re.I):
data = packandroll(res)
if data:
h = header.replace("|", "").lstrip().rstrip()
shareinfo = mt.addEntity("msploitego.SambaShareInformation", h)
shareinfo.setValue(h)
shareinfo.addAdditionalFields("data", "Data", False, "\n".join(data))
shareinfo.addAdditionalFields("ip", "IP Address", True, ip)
shareinfo.addAdditionalFields("hostid", "Host Id", True, hostid)
elif re.search("\spassword\spolicy\sinformation\s",header,re.I):
data = packandroll(res)
if data:
h = header.replace("|", "").lstrip().rstrip()
passinfo = mt.addEntity("msploitego.SambaPasswordPolicyInfo", h)
passinfo.setValue(h)
passinfo.addAdditionalFields("data", "Data", False, "\n".join(data))
passinfo.addAdditionalFields("ip", "IP Address", True, ip)
passinfo.addAdditionalFields("hostid", "Host Id", True, hostid)
elif re.search("\sgroups\son\s",header,re.I):
data = packandroll(res)
if data:
h = header.replace("|", "").lstrip().rstrip()
passinfo = mt.addEntity("msploitego.SambaGroupInformation", h)
passinfo.setValue(h)
passinfo.addAdditionalFields("data", "Data", False, "\n".join(data))
passinfo.addAdditionalFields("ip", "IP Address", True, ip)
passinfo.addAdditionalFields("hostid", "Host Id", True, hostid)
mt.returnOutput()
def dotransform(args):
mt = MaltegoTransform()
mt.debug(pprint(args))
mt.parseArguments(args)
ip = mt.getVar("ip")
port = mt.getVar("port")
hostid = mt.getVar("hostid")
server = mt.getVar("server")
workgroup = mt.getVar("workgroup")
account = mt.getVar("account_used")
if not account:
account = ""
path = mt.getVar("sambapath")
domaindns = mt.getVar("domain_dns")
if not path:
path = "/"
conn = SMBConnection(account,
'',
"localhost",
server,
domain=workgroup,
use_ntlm_v2=True,
is_direct_tcp=True)
try:
conn.connect(ip, int(port))
except Exception:
mt.addException("Could not connect to samba server")
else:
shares = conn.listShares()
regex = re.compile("^\.{1,2}$")
for share in shares:
if not share.isSpecial and share.name not in [
'NETLOGON', 'SYSVOL'
]:
sharename = checkAndConvertToAscii(share.name)
for f in conn.listPath(share.name, path):
filename = checkAndConvertToAscii(f.filename)
if f.isDirectory:
if not regex.match(filename):
entityname = "msploitego.SambaShare"
newpath = "{}/{}/".format(path, filename)
else:
continue
# subpath = conn.listPath(share.name, '/{}'.format(filename))
else:
entityname = "msploitego.SambaFile"
newpath = "{}/{}".format(path, filename)
sambaentity = mt.addEntity(
entityname, "{}/{}/{}".format(ip, sharename, filename))
sambaentity.setValue("{}/{}/{}".format(
ip, sharename, filename))
sambaentity.addAdditionalFields("ip", "IP Address", False,
ip)
sambaentity.addAdditionalFields("port", "Port", False,
port)
sambaentity.addAdditionalFields("server", "Server", False,
server)
sambaentity.addAdditionalFields("workgroup", "Workgroup",
False, workgroup)
sambaentity.addAdditionalFields("filename", "Filename",
False, filename)
sambaentity.addAdditionalFields("path", "Path", False,
newpath)
sambaentity.addAdditionalFields("hostid", "Hostid", False,
hostid)
sambaentity.addAdditionalFields("domain_dns", "Domain DNS",
False, domaindns)
sambaentity.addAdditionalFields("sharename", "Share Name",
False, sharename)
mt.returnOutput()
