def dotransform(args): mt = MaltegoTransform() mt.debug(pprint(args)) mt.parseArguments(args) ip = mt.getVar("ip") port = mt.getVar("port") hostid = mt.getVar("hostid") if not hostid: hostid = mt.getVar("id") rep = scriptrunner(port, "msrpc-enum", ip) if rep.hosts[0].status == "up": for scriptrun in rep.hosts[0].services[0].scripts_results: popent = mt.addEntity("msploitego.RelevantInformation", "{}:{}".format(scriptrun.get("id"), hostid)) popent.setValue("{}:{}".format(scriptrun.get("id"), hostid)) popent.addAdditionalFields("description", "Description", False, scriptrun.get("output")) popent.addAdditionalFields("ip", "IP Address", False, ip) popent.addAdditionalFields("port", "Port", False, port) popent.addAdditionalFields("hostid", "Host Id", False, hostid) else: mt.addUIMessage("host is {}!".format(rep.hosts[0].status)) mt.returnOutput() mt.addUIMessage("completed!")
def dotransform(args): mt = MaltegoTransform() mt.debug(pprint(args)) mt.parseArguments(args) ip = mt.getVar("ip") port = mt.getVar("port") hostid = mt.getVar("hostid") server = mt.getVar("server") workgroup = mt.getVar("workgroup") account = mt.getVar("account_used") path = mt.getVar("sambapath") domaindns = mt.getVar("domain_dns") if not path: path = "/" conn = SMBConnection('admin', 'admin', "localhost", server, domain=workgroup, use_ntlm_v2=True, is_direct_tcp=True) conn.connect(ip, int(port)) shares = conn.listShares() regex = re.compile("^\.{1,2}$") for share in shares: if not share.isSpecial and share.name not in ['NETLOGON', 'SYSVOL']: sharename = unicodedata.normalize("NFKD", share.name).encode('ascii', 'ignore') for file in conn.listPath(share.name, path): filename = unicodedata.normalize("NFKD", file.filename).encode('ascii', 'ignore') if file.isDirectory: if not regex.match(filename): entityname = "msploitego.SambaShare" newpath = "{}/{}/".format(path,filename) else: continue # subpath = conn.listPath(share.name, '/{}'.format(filename)) else: entityname = "msploitego.SambaFile" newpath = "{}/{}".format(path, filename) sambaentity = mt.addEntity(entityname,"{}/{}/{}".format(ip,sharename,filename)) sambaentity.setValue("{}/{}/{}".format(ip,sharename,filename)) sambaentity.addAdditionalFields("ip", "IP Address", False, ip) sambaentity.addAdditionalFields("port", "Port", False, port) sambaentity.addAdditionalFields("server", "Server", False, server) sambaentity.addAdditionalFields("workgroup", "Workgroup", False, workgroup) sambaentity.addAdditionalFields("filename", "Filename", False, filename) sambaentity.addAdditionalFields("path", "Path", False, newpath) sambaentity.addAdditionalFields("hostid", "Hostid", False, hostid) sambaentity.addAdditionalFields("domain_dns", "Domain DNS", False, domaindns) sambaentity.addAdditionalFields("sharename", "Share Name", False, sharename) mt.returnOutput() mt.addUIMessage("completed!")
def dotransform(args): mt = MaltegoTransform() mt.debug(pprint(args)) mt.parseArguments(args) ip = mt.getVar("ip") port = mt.getVar("port") hostid = mt.getVar("hostid") path = mt.getVar("uri") namelink = mt.getVar("namelink") # urlent = mt.addEntity("msploitego.SiteURL", namelink) # urlent.setValue(namelink) # urlent.addAdditionalFields("ip", "IP Address", False, ip) # urlent.addAdditionalFields("port", "Port", False, port) mt.returnOutput()
def dotransform(args): mt = MaltegoTransform() mt.debug(pprint(args)) mt.parseArguments(args) ip = mt.getVar("ip") port = mt.getVar("port") hostid = mt.getVar("hostid") diry = mt.getValue() # website = mt.addEntity("maltego.URL", "http://{}:{}{}".format(ip,port,diry)) # website.setValue("http://{}:{}{}".format(ip,port,diry)) # website.addAdditionalFields("dir", "Directory", False, diry) # website.addAdditionalFields("url", "URL", False, "http://{}:{}{}".format(ip,port,diry)) # website.addAdditionalFields("ip", "IP Address", False, ip) # website.addAdditionalFields("port", "Port", False, port) mt.returnOutput()
def dotransform(args): mt = MaltegoTransform() mt.debug(pprint(args)) mt.parseArguments(args) ip = mt.getVar("ip") port = mt.getVar("port") hostid = mt.getVar("hostid") diry = mt.getValue() # website = mt.addEntity("maltego.URL", "http://{}:{}{}".format(ip,port,diry)) # website.setValue("http://{}:{}{}".format(ip,port,diry)) # website.addAdditionalFields("dir", "Directory", False, diry) # website.addAdditionalFields("url", "URL", False, "http://{}:{}{}".format(ip,port,diry)) # website.addAdditionalFields("ip", "IP Address", False, ip) # website.addAdditionalFields("port", "Port", False, port) mt.returnOutput() mt.addUIMessage("completed!")
def dotransform(args): mt = MaltegoTransform() mt.debug(pprint(args)) mt.parseArguments(args) url = mt.getValue() ip = mt.getVar("ip") port = mt.getVar("port") hostid = mt.getVar("hostid") # gobuster -e -w /usr/share/wordlists/dirbuster/directory-list-2.3-medium.txt -u http://10.11.1.24/ bashlog = bashrunner("gobuster -q -e -w /usr/share/wordlists/dirbuster/directory-list-2.3-medium.txt -u {}".format(url)) for line in bashlog: webdir = mt.addEntity("maltego.WebDir", line.split()[0]) webdir.setValue(line.split()[0]) webdir.addAdditionalFields("ip", "IP Address", False, ip) webdir.addAdditionalFields("port", "Port", False, port) webdir.addAdditionalFields("url", "URL", False, url) mt.returnOutput() mt.addUIMessage("completed!")
def dotransform(args): mt = MaltegoTransform() mt.debug(pprint(args)) mt.parseArguments(args) url = mt.getValue() ip = mt.getVar("ip") port = mt.getVar("port") hostid = mt.getVar("hostid") # gobuster -e -w /usr/share/wordlists/dirbuster/directory-list-2.3-medium.txt -u http://10.11.1.24/ bashlog = bashrunner( "gobuster -q -e -w /usr/share/wordlists/dirbuster/directory-list-2.3-medium.txt -u {}" .format(url)) for line in bashlog: webdir = mt.addEntity("maltego.WebDir", line.split()[0]) webdir.setValue(line.split()[0]) webdir.addAdditionalFields("ip", "IP Address", False, ip) webdir.addAdditionalFields("port", "Port", False, port) webdir.addAdditionalFields("url", "URL", False, url) mt.returnOutput()
def dotransform(args): mt = MaltegoTransform() mt.debug(pprint(args)) mt.parseArguments(args) ip = mt.getVar("ip") port = mt.getVar("port") hostid = mt.getVar("hostid") if not hostid: hostid = mt.getVar("id") rep = scriptrunner(port, "msrpc-enum", ip) if rep.hosts[0].status == "up": for scriptrun in rep.hosts[0].services[0].scripts_results: popent = mt.addEntity("msploitego.RelevantInformation", "{}:{}".format(scriptrun.get("id"),hostid)) popent.setValue("{}:{}".format(scriptrun.get("id"),hostid)) popent.addAdditionalFields("description", "Description",False,scriptrun.get("output")) popent.addAdditionalFields("ip", "IP Address", False, ip) popent.addAdditionalFields("port", "Port", False, port) popent.addAdditionalFields("hostid", "Host Id", False, hostid) else: mt.addUIMessage("host is {}!".format(rep.hosts[0].status)) mt.returnOutput() mt.addUIMessage("completed!")
__author__ = 'Marc Gurreri' __copyright__ = 'Copyright 2018, msploitego Project' __credits__ = [] __license__ = 'GPLv3' __version__ = '0.1' __maintainer__ = 'Marc Gurreri' __email__ = '*****@*****.**' __status__ = 'Development' from common.MaltegoTransform import * import sys mt = MaltegoTransform() mt.debug(pprint(sys.argv)) mt.parseArguments(sys.argv) pprint(mt.debug(mt.value)) pprint(mt.debug(mt.entities)) pprint(mt.debug(mt.values)) fn = mt.getVar("metasploit.session") pprint(fn) mdb = MetasploitXML(fn) for host in mdb.hosts: ipv4 = IPv4Address(host.address) mt.addUIMessage("found host {}".format(ipv4)) mt.addEntity("sploitego.IPv4Address", ipv4) mt.returnOutput()
def dotransform(args): mt = MaltegoTransform() mt.debug(pprint(args)) mt.parseArguments(args) ip = mt.getVar("ip") port = mt.getVar("port") hostid = mt.getVar("hostid") server = mt.getVar("server") workgroup = mt.getVar("workgroup") account = mt.getVar("account_used") path = mt.getVar("sambapath") domaindns = mt.getVar("domain_dns") if not path: path = "/" conn = SMBConnection('admin', 'admin', "localhost", server, domain=workgroup, use_ntlm_v2=True, is_direct_tcp=True) conn.connect(ip, int(port)) shares = conn.listShares() regex = re.compile("^\.{1,2}$") for share in shares: if not share.isSpecial and share.name not in ['NETLOGON', 'SYSVOL']: sharename = unicodedata.normalize("NFKD", share.name).encode( 'ascii', 'ignore') for file in conn.listPath(share.name, path): filename = unicodedata.normalize("NFKD", file.filename).encode( 'ascii', 'ignore') if file.isDirectory: if not regex.match(filename): entityname = "msploitego.SambaShare" newpath = "{}/{}/".format(path, filename) else: continue # subpath = conn.listPath(share.name, '/{}'.format(filename)) else: entityname = "msploitego.SambaFile" newpath = "{}/{}".format(path, filename) sambaentity = mt.addEntity( entityname, "{}/{}/{}".format(ip, sharename, filename)) sambaentity.setValue("{}/{}/{}".format(ip, sharename, filename)) sambaentity.addAdditionalFields("ip", "IP Address", False, ip) sambaentity.addAdditionalFields("port", "Port", False, port) sambaentity.addAdditionalFields("server", "Server", False, server) sambaentity.addAdditionalFields("workgroup", "Workgroup", False, workgroup) sambaentity.addAdditionalFields("filename", "Filename", False, filename) sambaentity.addAdditionalFields("path", "Path", False, newpath) sambaentity.addAdditionalFields("hostid", "Hostid", False, hostid) sambaentity.addAdditionalFields("domain_dns", "Domain DNS", False, domaindns) sambaentity.addAdditionalFields("sharename", "Share Name", False, sharename) mt.returnOutput() mt.addUIMessage("completed!")
__author__ = 'Marc Gurreri' __copyright__ = 'Copyright 2018, msploitego Project' __credits__ = [] __license__ = 'GPLv3' __version__ = '0.1' __maintainer__ = 'Marc Gurreri' __email__ = '*****@*****.**' __status__ = 'Development' from common.MaltegoTransform import * import sys mt = MaltegoTransform() mt.debug(pprint(sys.argv)) mt.parseArguments(sys.argv) pprint(mt.debug(mt.value)) pprint(mt.debug(mt.entities)) pprint(mt.debug(mt.values)) fn = mt.getVar("metasploit.session") pprint(fn) mdb = MetasploitXML(fn) for host in mdb.hosts: ipv4 = IPv4Address(host.address) mt.addUIMessage("found host {}".format(ipv4)) mt.addEntity("sploitego.IPv4Address", ipv4) mt.addUIMessage("completed!") mt.returnOutput()