def dotransform(args): mt = MaltegoTransform() # mt.debug(pprint(args)) mt.parseArguments(args) ip = mt.getValue() hostid = mt.getVar("id") db = mt.getVar("db") user = mt.getVar("user") password = mt.getVar("password").replace("\\", "") mpost = MsploitPostgres(user, password, db) for vuln in mpost.getforHost(ip, "vulns"): vulnentity = mt.addEntity("maltego.Vulnerability", vuln.get("name")) vulnentity.setValue(vuln.get("name")) vulnentity.addAdditionalFields("ip", "IP Address", True, ip) for k, v in vuln.items(): if isinstance(v, datetime): vulnentity.addAdditionalFields( k, k.capitalize(), False, "{}/{}/{}".format(v.day, v.month, v.year)) elif v and str(v).strip(): vulnentity.addAdditionalFields(k, k.capitalize(), False, str(v)) vulnentity.addAdditionalFields("user", "User", False, user) vulnentity.addAdditionalFields("db", "db", False, db) mt.returnOutput() mt.addUIMessage("completed!")
def dotransform(args): mt = MaltegoTransform() # mt.debug(pprint(args)) mt.parseArguments(args) ip = mt.getValue() hostid = mt.getVar("id") db = mt.getVar("db") user = mt.getVar("user") password = mt.getVar("password").replace("\\", "") mpost = MsploitPostgres(user, password, db) for vuln in mpost.getforHost(ip, "vulns"): vulnentity = mt.addEntity("maltego.Vulnerability", "{}:{}".format(vuln.get("name"),hostid)) vulnentity.setValue("{}:{}".format(vuln.get("name"),hostid)) vulnentity.addAdditionalFields("ip", "IP Address", True, ip) for k,v in vuln.items(): if isinstance(v,datetime): vulnentity.addAdditionalFields(k, k.capitalize(), False, "{}/{}/{}".format(v.day,v.month,v.year)) elif v and str(v).strip(): vulnentity.addAdditionalFields(k, k.capitalize(), False, str(v)) vulnentity.addAdditionalFields("user", "User", False, user) vulnentity.addAdditionalFields("db", "db", False, db) mt.returnOutput() mt.addUIMessage("completed!")
def dotransform(args): mt = MaltegoTransform() # mt.debug(pprint(args)) mt.parseArguments(args) ip = mt.getValue() mac = mt.getVar("mac") machinename = mt.getVar("name") os_family = mt.getVar("os_family") os_name = mt.getVar("os_name") os_sp = mt.getVar("os_sp") hostid = mt.getVar("id") if not hostid: hostid = mt.getVar("hostid") db = mt.getVar("db") user = mt.getVar("user") password = mt.getVar("password").replace("\\", "") mpost = MsploitPostgres(user, password, db) for service in mpost.getforHost(ip, "services"): entityname = getserviceentity(service) servicename = service.get("name") if not servicename: servicename = "unknown" hostservice = mt.addEntity( entityname, "{}/{}:{}".format(servicename, service.get("port"), hostid)) hostservice.setValue("{}/{}:{}".format(servicename, service.get("port"), hostid)) hostservice.addAdditionalFields("ip", "IP Address", True, ip) if service.get("info"): hostservice.addAdditionalFields("banner.text", "Service Banner", True, service.get("info")) else: hostservice.addAdditionalFields("banner.text", "Service Banner", True, "") hostservice.addAdditionalFields( "service.name", "Description", True, "{}/{}".format(service.get("port"), servicename)) for k, v in service.items(): if isinstance(v, datetime): hostservice.addAdditionalFields( k, k.capitalize(), False, "{}/{}/{}".format(v.day, v.month, v.year)) elif v and str(v).strip(): hostservice.addAdditionalFields(k, k.capitalize(), False, str(v)) hostservice.addAdditionalFields("user", "User", False, user) hostservice.addAdditionalFields("password", "Password", False, password) hostservice.addAdditionalFields("db", "db", False, db) if mac: macentity = mt.addEntity("maltego.MacAddress", mac) macentity.setValue(mac) macentity.addAdditionalFields("ip", "IP Address", True, ip) if machinename and re.match("^[a-zA-z]+", machinename): hostentity = mt.addEntity("msploitego.Hostname", machinename) hostentity.setValue(machinename) hostentity.addAdditionalFields("ip", "IP Address", True, ip) osentityname, osdescription = getosentity(os_family, os_name) if os_sp: osdescription += " {}".format(os_sp) osentity = mt.addEntity(osentityname, osdescription) osentity.setValue(osdescription) osentity.addAdditionalFields("ip", "IP Address", True, ip) mt.returnOutput() mt.addUIMessage("completed!")