Well it looks like Nadeem “@ndouba” Douba has been busy creating a new component called MaltegoSploit to add to Sploitego. For those that aren’t familiar with Sploitego … it is basically a set of additional transforms that allows security professionals to use Maltego as a GUI for common pen test activities. In its first release at DefCon in his talk “Sploitego – Maltego’s (Local) Partner in Crime” Nadeem demonstrated using Spoitego to perform basic Nmap and Nessus scans. The interesting thing to note here is that these new transforms support “local” scanning and as such doesn’t require connecting back to the Paterva servers.
After six months of work Nadeem is on the cusp of releasing a new module that extends Spoitego to perform basic Metasploit activities.
Here’s a quick writeup from the site.
Alas, a new dawn has broken and Sploitego is now armed with fangs. That’s right, the penetration testing transform pack you’ve come to know and love now has a set of Exploitation transforms; Metasploit transforms to be precise. Developing the Metasploit transforms was no easy ordeal. It involved a great deal of research (YouTube cat video marathons), reverse engineering, and integration of several different technologies to come up with the final product.
At the end of the day, you, the open source information security community, will get to take advantage of (what I feel is) some really awesome software. The side-products of this endeavor include two powerful, comprehensive, and easy-to-use Python modules that interact with the Nessus and Metasploit RPC daemons, as well as three Metasploit transforms to aid in the exploitation and post-exploitation phases of a penetration test. All this at the low and affordable cost of FREE.
To summarize here are the transform capabilities that Sploitego now allows testers to perform out of the box.
- -A: Scanning and Fingerprinting
- -sU: UDP Scanning
- -F: Fast scanning
- Results: Port (i.e., port, ip address, and status info) & OS (only for -A) Entities
- -sV: Transforms Port Entities into Service Banners
- Any Preset Nessus Policy by Default
- Custom Policies
- Results: Vulnerability Entities (e.g., severity, plugin ID, etc.)
- Transforms from Vulnerability Entities into Port Entities
- Matches Vulnerability Entities with Metasploit Exploits & Exploits
- Transforms from Successful Exploits Result in Session Entities
- Interface with Session Entity Using Metepreter or Shell Sessions
But that’s not all… Nadeem mentioned several planned transforms in the near future for post-exploitation, including the ability to right-click on a Session entity and running common post-exploitation exercises like retrieving password hashes and sending them to Hashcat or John the Ripper.
Right now the new Metasploit transforms are not available to public but you can sign up as a beta tester. Nadeem hopes to have all the testing wrapped up in a few weeks at which time he’ll release everything for free. And finally here’s a short one minute video showing these new transforms in action.
Have you used Sploitego since we discussed it after DefCon? Any thoughts? What do you think of these new additions? Let us know in the comments below. Today’s post pic is from CanariProject.com. See ya!