Maltego OpenSSL Heartbleed Transform
Since the release of the OpenSSL Heartbleed attack, there have been many scripts, websites, and offered services to perform checks on whether a site is vulnerable to this devastating attack. Each check has its benefits and specific application; I am providing another solution which is a Maltego Transform based on the ssltest.py script by Jared Stafford (jspenguin@jspenguin.org).
You will need the following two files in order to set this up:
1.) MaltegoTransform-py.zip (Maltego Basic Python Library)
http://www.paterva.com/web6/documentation/MaltegoTransform-Python.zip
2.) maltego_heartbleedtest.py (The Custom Maltego Transform)
https://github.com/DisK0nn3cT/MaltegoHeartbleed
Once you have downloaded the files, move the MaltegoTransform.py file to your python library directory and the maltego_heartbleedtest.py into a directory of your liking (remember this directory for later).
Now we are ready to setup the local transform within Maltego. Under the “manage” tab, choose the “Local Transform” button.
On this screen we need to enter the display name, description, and input entity type. You may use the information in the screenshot below or modify it to your own liking. However, I strongly recommend setting the input entity type to “website” for the best results.
After clicking the “Next” button you will be taken to a page where you will need to enter the following fields:
- Command: path to the python executable
- Parameters: the name of the python script (maltego_heartbleedtest.py)
- Working Directory: the directory where the script is located
Once you have finished setting up the local transform, you will be able to see it in your dropdown options for “website” entities:
When the script has completed you will have a new “phrase” entity attached to your website target if the heartbleed detection returned True. If the target website is NOT vulnerable, no entities will be added.
Please leave comments on any errors you experience on the github repository: MaltegoHeartbleed
import sys
sys.exit("enjoy.")