next »

[Maltego Forum]

Maltego Forum » Development » User Transforms
Network Discovery

[konrads]

Hi,

I''ve started work on network discovery pack (right now, just a ping sweep).
The pack is available as subversion download form http://rogue.smelkovs.com/svn/pymaltego/trunk .

The lib directory includes pymaltego - a Pythonic way of reporting to maltego
The bin directory has one transform nmap_sweep.py, which takes netblock as argument and ping-sweeps it.

External dependencies:
nmap_sweep depends on netaddr, which can be easily installed (it comes as .exe and .zip for easy_install''ing).

Setup:
svn checkout it and add the pymaltego/lib to Your path. Set up local transform.

[H]

Nice work, the nmap_sweep.py transform works nicely.

The current version of nmap_scan.py in your SVN seems to contain some debug code and didn`t work for me (it`s reading the output XML from a hardcoded path, it`s doing a full default ports nmap scan rather than just a port 80 as indicated in the comment, and it doesn`t check if ports are actually in state open).

I made two modified versions based on your code:

nmap_scan.py (hardcoded scan of ports 21,22,25,80,443 and not using tempfiles)

nmap_scan_gui.py (uses easygui to pop up a dialog box prompting for port range to scan. Needs http://easygui.sourceforge.net/current_version/index.html. One issue with this is that you will get a popup box for each IP when running the transform on multiple IPs).