Msploitego - Pentesting Suite For Maltego Based On Data In A Metasploit Database



msploitego leverages the data gathered in a Metasploit database by enumerating and creating specific entities for services. Services like samba, smtp, snmp, http have transforms to enumerate even further. Entities can either be loaded from a Metasploit XML file or taken directly from the Postgres msf database.
Requirements
  • Python 2.7
  • Has only been tested on Kali Linux
  • software installations:
  • Metasploit
  • nmap
  • enum4linux
  • smtp-check
  • nikto
Installation
  • checkout and update the transform path inside Maltego
  • In Maltego import config from msploitego/src/msploitego/resources/maltego/msploitego.mtz
General Use
Using exported Metasploit xml file
  • run a db_nmap scan in metatasploit, or import a previous scan
  • msf> db_nmap -vvvv -T5 -A -sS -ST -Pn
  • msf> db_import /path/to/your/nmapfile.xml
  • export the database to an xml file
  • msf> db_export -f xml /path/to/your/output.xml
  • In Maltego drag a MetasploitDBXML entity onto the graph.
  • Update the entity with the path to your metasploit database file.
  • run the MetasploitDB transform to enumerate hosts.
  • from there several transforms are available to enumerate services, vulnerabilities stored in the metasploit DB
Using Postgres
  • drag and drop a Postgresql DB entity onto the canvas, enter DB details.
  • run the Postgresql transforms directly against a running DB
Notes
  • Instead of running a nikto scan directly from Maltego, I've opted to include a field to for a Nikto XML file. Nikto can take long time to run so best to manage that directly from the os.
Screenshots
TODO's
  • Connect directly to the postgres database - in progress
  • Much, much, much more tranforms for actions on generated entities.

No comments

Note: Only a member of this blog may post a comment.

Powered by Blogger.