Kali Linux Tools Tutorials
Episode 8
Maltego
First of all i would like to apologize for the incredible delay between this post and that last one, A lot's been going on here and it was all too distracting, Also add to that a little laziness.
So without further ado i present to you the king of enumeration ! The most feel-like-an-nsa-agent tool in backtrack, the Jennifer lawrence of enumeration tools (you guessed it !) Maltego.
That tool is so powerful it gives you warnings sometimes before using some of its features and its payed version has even more 007-y features.
 |
| The cool graphic interface |
Jokes aside though maltego is a pretty awesome enumeration tool, It's not just about enumeration DNS records for a target but it can get you information about ANYTHING you feed it! including email addresses, names, and even phone numbers ! In addition of course to the multitude of pentesting related features it offers.
Unlike the tools we've discussed previously in this series Maltego has a graphical interface (GUI) which makes things much easier since it used visual representation to show you the data it collected and any correlations between them in a CSI like form.
When you first start maltego you'll need to sign up on Paterva's website (The folks who made it) The whole process takes no time and is absolutely free.
After starting maltego and signing up you'll be presented with this screen:
This is the starting screen for maltego, It contains some info about the tool, latest updates where to contact them etc..
in order to start working with it you'll need to create a "New Graph" By clicking first little icon next to that thing in th- Let me just show you..
so after you click that you'll get your own brand new graph (woo !)
A maltego graph is like the blank canvas on which you will draw your enumeration masterpiece if that makes any sense..
in order to get things started you need to drag an "entity" from the palette on the right, An entity is the object which you would like to enumerate for example a domain, an Email address, a phone number etc..
So let's try to drag a domain entity from the palette on the right to the middle of the screen (Please don't tell me that i have to take a picture for that..)
In order to change the default domain to scan double click the entity and change the "domain name" field, For this demonstration ill be using scanme.org.
After setting the domain name successfully its then time to start the enumeration process.
To start a lookup in maltego you need to right click your domain icon and click "Run Transform", I really don't know why they called them "transformations" but you can think of them as the type of lookup you want to perform on that target.
If you've updated your Maltego you should get tons of transformation to choose from. For this demonstration i will use a complete set of DNS lookup transformations which you can get to by choosing Run Transform --> DNS from domain --> All in this set. Which will result in the following:
After starting maltego and signing up you'll be presented with this screen:
This is the starting screen for maltego, It contains some info about the tool, latest updates where to contact them etc..
in order to start working with it you'll need to create a "New Graph" By clicking first little icon next to that thing in th- Let me just show you..
so after you click that you'll get your own brand new graph (woo !)
A maltego graph is like the blank canvas on which you will draw your enumeration masterpiece if that makes any sense..
in order to get things started you need to drag an "entity" from the palette on the right, An entity is the object which you would like to enumerate for example a domain, an Email address, a phone number etc..
So let's try to drag a domain entity from the palette on the right to the middle of the screen (Please don't tell me that i have to take a picture for that..)
In order to change the default domain to scan double click the entity and change the "domain name" field, For this demonstration ill be using scanme.org.
To start a lookup in maltego you need to right click your domain icon and click "Run Transform", I really don't know why they called them "transformations" but you can think of them as the type of lookup you want to perform on that target.
If you've updated your Maltego you should get tons of transformation to choose from. For this demonstration i will use a complete set of DNS lookup transformations which you can get to by choosing Run Transform --> DNS from domain --> All in this set. Which will result in the following:
As you can see the tool has performed a DNS lookup of the target domain and has found 5 Nameservers, a Web server and a mail server which it then sorted in this linked view so you can easily figure out who's linked to who and where does what come from.
we can also gain information about the owner of the domain by choosing "Domain owner detail" from the transformations menu, I chose the whole set there and this was the result:
Bear in mind that the tool CAN return some false positives like in the last picture when it returned -.Domain as a location
For every entity that you click (Or right click to be precise) in Maltego it'll have it's own set of useful transformations to offer, Using which you can construct a full comprehensive graph of a target's structure and you may even include some info about the owners of the targets like their phone numbers and emails if you're lucky.
This was a very brief and concise tutorial of maltego and by no means does this do the tool any justice, If you're interested in the tool you can read the user manual provided by paterva on the tool which covers most of its functions comprehensively.
________________________________________________________
Next Episode: URLCRAZY
No comments:
Post a Comment