def dotransform(args): excludes = ["Nessus Scan Information"] # entitytags = ["hostid", "info", "name","vulnattemptcount"] mt = MaltegoTransform() # mt.debug(pprint(args)) mt.parseArguments(args) fn = mt.getVar("fromfile") ip = mt.getVar("address") host = MetasploitXML(fn).gethost(ip) vulncount = int(mt.getVar("vulncount")) if vulncount > 0: for vuln in host.vulns: vulnent = mt.addEntity("maltego.Vulnerability", vuln.name) vulnent.setValue("{}/{}".format(vuln.name, host.address)) vulnent.addAdditionalFields("refs", "References", False, ",".join([x.ref for x in vuln.refs])) vulnent.addAdditionalFields("ipaddress", "IP Address", False, host.address) vulnent.addAdditionalFields("hostid", "Host ID", False, host.id) vulnent.addAdditionalFields("os", "OS Name", False, host.osname) for tag, val in vuln: if isinstance(val, str): vulnent.addAdditionalFields(tag, tag.capitalize(), False, val) mt.returnOutput()
def dotransform(args): mt = MaltegoTransform() # mt.debug(pprint(args)) mt.parseArguments(args) fn = mt.getVar("fromfile") ip = mt.getVar("address") host = MetasploitXML(fn).gethost(ip) for page in host.webpages: setentity(mt, page) for form in host.webforms: setentity(mt, form) mt.returnOutput()
def dotransform(args): entitytags = [ "name", "address", "servicecount", "osname", "state", "mac", "vulncount", "purpose", "osflavor", "osfamily", "notecount" ] mt = MaltegoTransform() # mt.debug(pprint(args)) mt.parseArguments(args) fn = mt.getVar("description") mdb = MetasploitXML(fn) for host in mdb.hosts: hostentity = mt.addEntity("maltego.IPv4Address", host.address) hostentity.setValue(host.address) hostentity.addAdditionalFields("fromfile", "Source File", False, fn) tags = host.getTags() for etag in entitytags: if etag in tags: hostentity.addAdditionalFields(etag, etag, False, host.getVal(etag)) mt.returnOutput()
def dotransform(args): entitytags = ["hostid", "info", "name", "port", "proto", "state"] mt = MaltegoTransform() # mt.debug(pprint(args)) mt.parseArguments(args) fn = mt.getVar("fromfile") ip = mt.getVar("address") mac = mt.getVar("mac") osname = mt.getVar("osname") osfamily = mt.getVar("osfamily") machinename = mt.getVar("name") servicecount = int(mt.getVar("servicecount")) mdb = MetasploitXML(fn) if servicecount > 0: host = mdb.gethost(ip) for service in host.services: entityname = "msploitego.MetasploitService" try: servicename = service.name except AttributeError: servicename = "NoName" try: serviceinfo = service.info except AttributeError: serviceinfo = None if service.state.lower() in ["filtered", "closed"]: entityname = "msploitego.ClosedPort" else: if servicename in [ "http", "https", "possible_wls", "www", "ncacn_http", "ccproxy-http", "ssl/http", "http-proxy" ]: if serviceinfo: if "iis" in service.info.lower(): entityname = "msploitego.IISWebservice" elif "rpc over http" in service.info.lower(): entityname = "msploitego.RPCoverhttp" elif "oracle xml db" in service.info.lower(): entityname = "msploitego.OracleXMLDB" elif "apache" in service.info.lower(): if "apache tomcat" in service.info.lower(): entityname = "msploitego.ApacheTomcat" elif all(x in service.info.lower() for x in ["apache", "php"]): entityname = "msploitego.ApachePHP" else: entityname = "msploitego.Apachehttpd" elif "httpfileserver" in service.info.lower(): entityname = "msploitego.HTTPFileServer" elif "lighttpd" in service.info.lower(): entityname = "msploitego.lighttpd" elif "nginx" in service.info.lower(): entityname = "msploitego.nginx" elif "jetty" in service.info.lower(): entityname = "msploitego.Jetty" elif "node.js" in service.info.lower(): entityname = "msploitego.Nodejs" elif "httpapi" in service.info.lower(): entityname = "msploitego.MicrosoftHTTPAPI" elif "WAF" in service.info: entityname = "msploitego.WAF" elif "oracle http server" in service.info.lower(): entityname = "msploitego.OracleHTTPServer" elif "oracle xml db" in service.info.lower(): entityname = "msploitego.OracleXMLDB" elif "goahead" in service.info.lower(): entityname = "msploitego.GoAheadWebServer" # else: entityname = "msploitego.WebService" else: entityname = "msploitego.WebService" elif service.port == "32768": entityname = "msploitego.PotentialBackdoor" elif any(x in servicename for x in [ "samba", "netbios-ssn", "smb", "microsoft-ds", "netbios-ns", "netbios-dgm" ]): entityname = "msploitego.SambaService" elif servicename == "ssh": entityname = "msploitego.SSHService" elif servicename in ["dns", "mdns", "domain"]: entityname = "msploitego.DNSService" elif "rpc" in servicename: entityname = "msploitego.RPC" elif "epmap" in servicename: entityname = "msploitego.epmap" elif "cifs" in servicename: entityname = "msploitego.cifs" elif "ssdp" in servicename: entityname = "msploitego.ssdp" elif "irc" in servicename: entityname = "msploitego.irc" elif "pop" in servicename: entityname = "msploitego.pop3" elif "oracle" in servicename: entityname = "msploitego.Oracle" elif "ftp" in servicename: entityname = "msploitego.ftp" elif "finger" in servicename: entityname = "msploitego.finger" elif "imap" in servicename: entityname = "msploitego.imap" elif "winrm" in servicename.lower(): entityname = "msploitego.winrm" elif "nmap" in servicename.lower(): entityname = "msploitego.Nmap" elif "ldap" in servicename.lower(): entityname = "msploitego.LDAP" elif "compressnet" in servicename.lower(): entityname = "msploitego.compressnet" elif "ansys" in servicename.lower(): entityname = "msploitego.ansys" elif "boinc" in servicename.lower(): entityname = "msploitego.boinc" elif "bakbone" in servicename.lower(): entityname = "msploitego.bakbonenetvault" elif "cisco" in servicename.lower(): entityname = "msploitego.CISCO" elif "ntp" in servicename: entityname = "msploitego.ntp" elif "dhcp" in servicename: entityname = "msploitego.DHCP" elif "dbase" in servicename.lower(): entityname = "msploitego.dBase" elif "chargen" in servicename.lower(): entityname = "msploitego.chargen" elif "directplaysrvr" in servicename: entityname = "msploitego.directplaysrvr" elif "smtp" in servicename.lower(): entityname = "msploitego.smtp" elif "ident" in servicename.lower(): entityname = "msploitego.ident" elif any(x in servicename.lower() for x in ["snmp", "smux"]): entityname = "msploitego.SNMP" elif "tcpwrapped" in servicename: entityname = "msploitego.tcpwrapped" elif "mysql" in servicename: entityname = "msploitego.mysql" elif any(x in servicename.lower() for x in ["mssql", "ms-sql", "dbm"]): entityname = "msploitego.mssql" elif any(x in servicename for x in ["nat-pmp", "upnp", "natpmp"]): entityname = "msploitego.natpmp" elif any(x in servicename.lower() for x in ["confluent", "kafka"]): entityname = "msploitego.ApacheKafka" elif any(x in servicename for x in ["ndmp"]): entityname = "msploitego.NAS" elif any(x in servicename.lower() for x in ["neod", "corba"]): entityname = "msploitego.ObjectRequestBroker" elif "ajp" in servicename: entityname = "msploitego.ajp" elif "llmnr" in servicename.lower(): entityname = "msploitego.llmnr" elif any(x in servicename.lower() for x in ["keysrvr", "keyshadow"]): entityname = "msploitego.KeyServer" elif servicename.lower() in [ "kerberos", "kpasswd5", "kerberos-sec", "krb524" ]: entityname = "msploitego.kerberos" elif "msexchange-logcopier" in servicename.lower(): entityname = "msploitego.MSExchangeLogCopier" elif any(x in servicename.lower() for x in ["nfs", "lockd", "amiganetfs"]): entityname = "msploitego.nfsacl" elif "x11" in servicename.lower(): entityname = "msploitego.X11" elif "sip" == servicename.lower(): entityname = "msploitego.SIP" elif "fmtp" in servicename.lower(): entityname = "msploitego.fmtp" elif "telnet" in servicename.lower(): entityname = "msploitego.telnet" elif any(x in servicename.lower() for x in ["rdp", "xdmcp"]): entityname = "msploitego.rdp" elif "ipp" in servicename.lower(): entityname = "msploitego.ipp" elif "vnc" in servicename.lower(): entityname = "msploitego.vnc" elif "wap-wsp" in servicename.lower(): entityname = "msploitego.wapwsp" elif "blackjack" in servicename.lower(): entityname = "msploitego.blackjack" elif any(x in servicename.lower() for x in ["backorifice", "bo2k"]): entityname = "msploitego.backorifice" elif "rtsp" in servicename.lower(): entityname = "msploitego.rtsp" elif "bacnet" in servicename.lower(): entityname = "msploitego.Bacnet" elif "msdtc" in servicename.lower(): entityname = "msploitego.msdtc" elif "wfremotertm" in servicename.lower(): entityname = "msploitego.wfremotertm" elif "msdp" in servicename.lower(): entityname = "msploitego.msdp" elif "ssl" in servicename.lower(): entityname = "msploitego.ssl" elif all(x in servicename.lower() for x in ["afs", "fileserver"]): entityname = "msploitego.AFS" elif "adobeserver" in servicename.lower(): entityname = "msploitego.AdobeserverService" elif "ms-wbt-server" in servicename.lower(): entityname = "msploitego.MicrosoftTerminalServices" elif servicename.lower() in ["rmiregistry", "java-rmi"]: entityname = "msploitego.JavaRMI" hostservice = mt.addEntity( entityname, "{}/{}:{}".format(servicename, service.port, service.hostid)) hostservice.setValue = "{}/{}:{}".format(servicename, service.port, service.hostid) hostservice.addAdditionalFields("ip", "IP Address", True, ip) if servicename and servicename.lower() in [ "http", "https", "possible_wls", "www", "ncacn_http", "ccproxy-http", "ssl/http", "http-proxy" ]: hostservice.addAdditionalFields("niktofile", "Nikto File", True, '') hostservice.addAdditionalFields("fromfile", "Source File", True, fn) hostservice.addAdditionalFields("service.name", "Service Name", True, servicename) if service.containsTag("info"): hostservice.addAdditionalFields("banner", "Banner", True, service.info) if servicename in [ "samba", "netbios-ssn", "smb", "microsoft-ds" ]: if "workgroup" in service.info.lower(): groupname = service.info.lower().split( "workgroup:", 1)[-1].lstrip() workgroup = mt.addEntity("maltego.Domain", groupname) workgroup.setValue(groupname) workgroup.addAdditionalFields("ip", "IP Address", True, ip) else: hostservice.addAdditionalFields( "banner", "Banner", True, "{}-No info".format(servicename)) for etag in entitytags: if etag in service.getTags(): val = service.getVal(etag) hostservice.addAdditionalFields(etag, etag, True, val) if mac: macentity = mt.addEntity("maltego.MacAddress", mac) macentity.setValue(mac) macentity.addAdditionalFields("ip", "IP Address", True, ip) if machinename and re.match("^[a-zA-z]+", machinename): hostentity = mt.addEntity("msploitego.Hostname", machinename) hostentity.setValue(machinename) hostentity.addAdditionalFields("ip", "IP Address", True, ip) """ OS determination """ osentityname = "msploitego.OperatingSystem" if osname or osfamily: if osfamily: if osname: if "windows 2003" in osname.lower(): osentityname = "msploitego.Windows2003" elif "windows 2008" in osname.lower(): osentityname = "msploitego.Windows2008" elif "windows 2012" in osname.lower(): osentityname = "msploitego.Windows2012" elif "windows 2000" in osname.lower(): osentityname = "msploitego.Windows2000" elif "windows xp" in osname.lower(): osentityname = "msploitego.WindowsXP" elif "windows 7" in osname.lower(): osentityname = "msploitego.Windows7" elif "freebsd" in osname.lower(): osentityname = "msploitego.FreeBSD" elif "solaris" in osname.lower(): osentityname = "msploitego.Solaris" elif "linux" in osname.lower(): osentityname = "msploitego.LinuxOperatingSystem" elif "embedded" in osname.lower(): osentityname = "msploitego.EmbeddedOS" osdescription = osname else: if "windows" in osfamily.lower(): osentityname = "msploitego.WindowsOperatingSystem" elif "freebsd" in osfamily.lower(): osentityname = "msploitego.FreeBSD" elif "linux" in osfamily.lower(): osentityname = "msploitego.LinuxOperatingSystem" osdescription = osfamily elif osname: if "embedded" in osname.lower(): osentityname = "msploitego.EmbeddedOS" elif "linux" in osname.lower(): osentityname = "msploitego.LinuxOperatingSystem" osdescription = osname osentity = mt.addEntity(osentityname, osdescription) osentity.setValue(osdescription) osentity.addAdditionalFields("ip", "IP Address", True, ip) # elif "linux" in osfamily.lower(): # osfament = mt.addEntity("msploitego.LinuxOperatingSystem", osfamily) # osfament.setValue(osfamily) # osfament.addAdditionalFields("ip", "IP Address", True, ip) mt.returnOutput() mt.addUIMessage("completed!")
def dotransform(args): entitytags = ["hostid","info", "name", "port", "proto", "state"] mt = MaltegoTransform() # mt.debug(pprint(args)) mt.parseArguments(args) fn = mt.getVar("fromfile") ip = mt.getVar("address") mac = mt.getVar("mac") osname = mt.getVar("osname") osfamily = mt.getVar("osfamily") machinename = mt.getVar("name") servicecount = int(mt.getVar("servicecount")) mdb = MetasploitXML(fn) if servicecount > 0: host = mdb.gethost(ip) for service in host.services: entityname = "msploitego.MetasploitService" try: servicename = service.name except AttributeError: servicename = "NoName" try: serviceinfo = service.info except AttributeError: serviceinfo = None if service.state.lower() in ["filtered", "closed"]: entityname = "msploitego.ClosedPort" else: if servicename in ["http","https","possible_wls","www","ncacn_http","ccproxy-http","ssl/http","http-proxy"]: if serviceinfo: if "iis" in service.info.lower(): entityname = "msploitego.IISWebservice" elif "rpc over http" in service.info.lower(): entityname = "msploitego.RPCoverhttp" elif "oracle xml db" in service.info.lower(): entityname = "msploitego.OracleXMLDB" elif "apache" in service.info.lower(): if "apache tomcat" in service.info.lower(): entityname = "msploitego.ApacheTomcat" elif all(x in service.info.lower() for x in ["apache", "php"]): entityname = "msploitego.ApachePHP" else: entityname = "msploitego.Apachehttpd" elif "httpfileserver" in service.info.lower(): entityname = "msploitego.HTTPFileServer" elif "lighttpd" in service.info.lower(): entityname = "msploitego.lighttpd" elif "nginx" in service.info.lower(): entityname = "msploitego.nginx" elif "jetty" in service.info.lower(): entityname = "msploitego.Jetty" elif "node.js" in service.info.lower(): entityname = "msploitego.Nodejs" elif "httpapi" in service.info.lower(): entityname = "msploitego.MicrosoftHTTPAPI" elif "WAF" in service.info: entityname = "msploitego.WAF" elif "oracle http server" in service.info.lower(): entityname = "msploitego.OracleHTTPServer" elif "oracle xml db" in service.info.lower(): entityname = "msploitego.OracleXMLDB" elif "goahead" in service.info.lower(): entityname = "msploitego.GoAheadWebServer" # else: entityname = "msploitego.WebService" else: entityname = "msploitego.WebService" elif service.port == "32768": entityname = "msploitego.PotentialBackdoor" elif any(x in servicename for x in ["samba","netbios-ssn","smb","microsoft-ds","netbios-ns","netbios-dgm"]): entityname = "msploitego.SambaService" elif servicename == "ssh": entityname = "msploitego.SSHService" elif servicename in ["dns","mdns","domain"]: entityname = "msploitego.DNSService" elif "rpc" in servicename: entityname = "msploitego.RPC" elif "epmap" in servicename: entityname = "msploitego.epmap" elif "cifs" in servicename: entityname = "msploitego.cifs" elif "ssdp" in servicename: entityname = "msploitego.ssdp" elif "irc" in servicename: entityname = "msploitego.irc" elif "pop" in servicename: entityname = "msploitego.pop3" elif "oracle" in servicename: entityname = "msploitego.Oracle" elif "ftp" in servicename: entityname = "msploitego.ftp" elif "finger" in servicename: entityname = "msploitego.finger" elif "imap" in servicename: entityname = "msploitego.imap" elif "winrm" in servicename.lower(): entityname = "msploitego.winrm" elif "nmap" in servicename.lower(): entityname = "msploitego.Nmap" elif "ldap" in servicename.lower(): entityname = "msploitego.LDAP" elif "compressnet" in servicename.lower(): entityname = "msploitego.compressnet" elif "ansys" in servicename.lower(): entityname = "msploitego.ansys" elif "boinc" in servicename.lower(): entityname = "msploitego.boinc" elif "bakbone" in servicename.lower(): entityname = "msploitego.bakbonenetvault" elif "cisco" in servicename.lower(): entityname = "msploitego.CISCO" elif "ntp" in servicename: entityname = "msploitego.ntp" elif "dhcp" in servicename: entityname = "msploitego.DHCP" elif "dbase" in servicename.lower(): entityname = "msploitego.dBase" elif "chargen" in servicename.lower(): entityname = "msploitego.chargen" elif "directplaysrvr" in servicename: entityname = "msploitego.directplaysrvr" elif "smtp" in servicename.lower(): entityname = "msploitego.smtp" elif "ident" in servicename.lower(): entityname = "msploitego.ident" elif any(x in servicename.lower()for x in ["snmp", "smux"]): entityname = "msploitego.SNMP" elif "tcpwrapped" in servicename: entityname = "msploitego.tcpwrapped" elif "mysql" in servicename: entityname = "msploitego.mysql" elif any(x in servicename.lower() for x in ["mssql","ms-sql","dbm"]): entityname = "msploitego.mssql" elif any(x in servicename for x in ["nat-pmp","upnp", "natpmp"]): entityname = "msploitego.natpmp" elif any(x in servicename.lower() for x in ["confluent", "kafka"]): entityname = "msploitego.ApacheKafka" elif any(x in servicename for x in ["ndmp"]): entityname = "msploitego.NAS" elif any(x in servicename.lower() for x in ["neod", "corba"]): entityname = "msploitego.ObjectRequestBroker" elif "ajp" in servicename: entityname = "msploitego.ajp" elif "llmnr" in servicename.lower(): entityname = "msploitego.llmnr" elif any(x in servicename.lower() for x in ["keysrvr", "keyshadow"]): entityname = "msploitego.KeyServer" elif servicename.lower() in ["kerberos","kpasswd5","kerberos-sec","krb524"]: entityname = "msploitego.kerberos" elif "msexchange-logcopier" in servicename.lower(): entityname = "msploitego.MSExchangeLogCopier" elif any(x in servicename.lower() for x in ["nfs", "lockd","amiganetfs"]): entityname = "msploitego.nfsacl" elif "x11" in servicename.lower(): entityname = "msploitego.X11" elif "sip" == servicename.lower(): entityname = "msploitego.SIP" elif "fmtp" in servicename.lower(): entityname = "msploitego.fmtp" elif "telnet" in servicename.lower(): entityname = "msploitego.telnet" elif any(x in servicename.lower() for x in ["rdp","xdmcp"]): entityname = "msploitego.rdp" elif "ipp" in servicename.lower(): entityname = "msploitego.ipp" elif "vnc" in servicename.lower(): entityname = "msploitego.vnc" elif "wap-wsp" in servicename.lower(): entityname = "msploitego.wapwsp" elif "blackjack" in servicename.lower(): entityname = "msploitego.blackjack" elif any(x in servicename.lower() for x in ["backorifice","bo2k"]): entityname = "msploitego.backorifice" elif "rtsp" in servicename.lower(): entityname = "msploitego.rtsp" elif "bacnet" in servicename.lower(): entityname = "msploitego.Bacnet" elif "msdtc" in servicename.lower(): entityname = "msploitego.msdtc" elif "wfremotertm" in servicename.lower(): entityname = "msploitego.wfremotertm" elif "msdp" in servicename.lower(): entityname = "msploitego.msdp" elif "ssl" in servicename.lower(): entityname = "msploitego.ssl" elif all(x in servicename.lower() for x in ["afs","fileserver"]): entityname = "msploitego.AFS" elif "adobeserver" in servicename.lower(): entityname = "msploitego.AdobeserverService" elif "ms-wbt-server" in servicename.lower(): entityname = "msploitego.MicrosoftTerminalServices" elif servicename.lower() in ["rmiregistry", "java-rmi"]: entityname = "msploitego.JavaRMI" hostservice = mt.addEntity(entityname, "{}/{}:{}".format(servicename,service.port,service.hostid)) hostservice.setValue = "{}/{}:{}".format(servicename,service.port,service.hostid) hostservice.addAdditionalFields("ip","IP Address",True,ip) if servicename and servicename.lower() in ["http","https","possible_wls","www","ncacn_http","ccproxy-http","ssl/http","http-proxy"]: hostservice.addAdditionalFields("niktofile", "Nikto File", True, '') hostservice.addAdditionalFields("fromfile", "Source File", True, fn) hostservice.addAdditionalFields("service.name", "Service Name", True, servicename) if service.containsTag("info"): hostservice.addAdditionalFields("banner", "Banner", True, service.info) if servicename in ["samba", "netbios-ssn", "smb", "microsoft-ds"]: if "workgroup" in service.info.lower(): groupname = service.info.lower().split("workgroup:",1)[-1].lstrip() workgroup = mt.addEntity("maltego.Domain", groupname) workgroup.setValue(groupname) workgroup.addAdditionalFields("ip", "IP Address", True, ip) else: hostservice.addAdditionalFields("banner", "Banner", True, "{}-No info".format(servicename)) for etag in entitytags: if etag in service.getTags(): val = service.getVal(etag) hostservice.addAdditionalFields(etag, etag, True, val) if mac: macentity = mt.addEntity("maltego.MacAddress", mac) macentity.setValue(mac) macentity.addAdditionalFields("ip", "IP Address", True, ip) if machinename and re.match("^[a-zA-z]+",machinename): hostentity = mt.addEntity("msploitego.Hostname", machinename) hostentity.setValue(machinename) hostentity.addAdditionalFields("ip", "IP Address", True, ip) """ OS determination """ osentityname = "msploitego.OperatingSystem" if osname or osfamily: if osfamily: if osname: if "windows 2003" in osname.lower(): osentityname = "msploitego.Windows2003" elif "windows 2008" in osname.lower(): osentityname = "msploitego.Windows2008" elif "windows 2012" in osname.lower(): osentityname = "msploitego.Windows2012" elif "windows 2000" in osname.lower(): osentityname = "msploitego.Windows2000" elif "windows xp" in osname.lower(): osentityname = "msploitego.WindowsXP" elif "windows 7" in osname.lower(): osentityname = "msploitego.Windows7" elif "freebsd" in osname.lower(): osentityname = "msploitego.FreeBSD" elif "solaris" in osname.lower(): osentityname = "msploitego.Solaris" elif "linux" in osname.lower(): osentityname = "msploitego.LinuxOperatingSystem" elif "embedded" in osname.lower(): osentityname = "msploitego.EmbeddedOS" osdescription = osname else: if "windows" in osfamily.lower(): osentityname = "msploitego.WindowsOperatingSystem" elif "freebsd" in osfamily.lower(): osentityname = "msploitego.FreeBSD" elif "linux" in osfamily.lower(): osentityname = "msploitego.LinuxOperatingSystem" osdescription = osfamily elif osname: if "embedded" in osname.lower(): osentityname = "msploitego.EmbeddedOS" elif "linux" in osname.lower(): osentityname = "msploitego.LinuxOperatingSystem" osdescription = osname osentity = mt.addEntity(osentityname, osdescription) osentity.setValue(osdescription) osentity.addAdditionalFields("ip", "IP Address", True, ip) # elif "linux" in osfamily.lower(): # osfament = mt.addEntity("msploitego.LinuxOperatingSystem", osfamily) # osfament.setValue(osfamily) # osfament.addAdditionalFields("ip", "IP Address", True, ip) mt.returnOutput() mt.addUIMessage("completed!")
def dotransform(args): entitytags = ["hostid", "info", "name", "port", "proto", "state"] mt = MaltegoTransform() # mt.debug(pprint(args)) mt.parseArguments(args) fn = mt.getVar("fromfile") ip = mt.getVar("address") mac = mt.getVar("mac") osname = mt.getVar("osname") osfamily = mt.getVar("osfamily") machinename = mt.getVar("name") servicecount = int(mt.getVar("servicecount")) mdb = MetasploitXML(fn) if servicecount > 0: host = mdb.gethost(ip) for service in host.services: try: servicename = service.name except AttributeError: servicename = "NoName" try: serviceinfo = service.info except AttributeError: serviceinfo = None if service.state.lower() in ["filtered", "closed"]: entityname = "msploitego.ClosedPort" else: entityname = getserviceentity(service) hostservice = mt.addEntity( entityname, "{}/{}:{}".format(servicename, service.port, service.hostid)) hostservice.setValue = "{}/{}:{}".format(servicename, service.port, service.hostid) hostservice.addAdditionalFields("ip", "IP Address", True, ip) if servicename and servicename.lower() in [ "http", "https", "possible_wls", "www", "ncacn_http", "ccproxy-http", "ssl/http", "http-proxy" ]: hostservice.addAdditionalFields("niktofile", "Nikto File", True, '') hostservice.addAdditionalFields("fromfile", "Source File", True, fn) hostservice.addAdditionalFields("service.name", "Service Name", True, servicename) if service.containsTag("info"): hostservice.addAdditionalFields("banner", "Banner", True, service.info) if servicename in [ "samba", "netbios-ssn", "smb", "microsoft-ds" ]: if "workgroup" in service.info.lower(): groupname = service.info.lower().split( "workgroup:", 1)[-1].lstrip() workgroup = mt.addEntity("maltego.Domain", groupname) workgroup.setValue(groupname) workgroup.addAdditionalFields("ip", "IP Address", True, ip) else: hostservice.addAdditionalFields( "banner", "Banner", True, "{}-No info".format(servicename)) for etag in entitytags: if etag in service.getTags(): val = service.getVal(etag) hostservice.addAdditionalFields(etag, etag, True, val) if mac: macentity = mt.addEntity("maltego.MacAddress", mac) macentity.setValue(mac) macentity.addAdditionalFields("ip", "IP Address", True, ip) if machinename and re.match("^[a-zA-z]+", machinename): hostentity = mt.addEntity("msploitego.Hostname", machinename) hostentity.setValue(machinename) hostentity.addAdditionalFields("ip", "IP Address", True, ip) """ OS determination """ osentityname, osdescription = getosentity(osfamily, osname) # osentityname = "msploitego.OperatingSystem" osentity = mt.addEntity(osentityname, osdescription) osentity.setValue(osdescription) osentity.addAdditionalFields("ip", "IP Address", True, ip) mt.returnOutput()