-
Notifications
You must be signed in to change notification settings - Fork 0
Issues, ToDo & DoNot
maxlandon edited this page Mar 8, 2019
·
7 revisions
-
Persistence of Builtin Maltego Entities adjustments
- When a Maltego builtin Entity is redefined/overloaded in the Python code, AND that its display settings are modified in the Maltego client (for multiple icons management, between others), the following issue appears:
- If doing a Factory Reset, and despite exporting the concerned builtin Entities, when importing them again, overloaded properties will remain present (they are imported with the .mtz entity file) but all advanced display settings will disappear. This is not a huge problem if there are only 1 or 2 builtin entities that overloaded, but if this number grows it will become cumbersome...
- When a Maltego builtin Entity is redefined/overloaded in the Python code, AND that its display settings are modified in the Maltego client (for multiple icons management, between others), the following issue appears:
-
Random bugs in Maltego client's Entity hierarchy
- Sometimes (very rarely), maybe because of an inconsistent Profile or Entity file being imported, Maltego Client does not infer the right hierarchy of Entities, so that transforms are not available to all expected entities (between other problems).
-
Naming
- Almost all entity fields are just
Field()classes. Wherever possible, replace them with more precise types such asEnumEntityField(), or more important,StringEntityField(). - -> Use entity generation in Canari for having the good Python properties, if Entity is already defined in Maltego.
- Almost all entity fields are just
-
Entity Merging
- When a Metasploit workspace has the same host under several IPs, it automatically switches its services if they have been discovered for the new IP. However there is an issue when retrieving them in Maltego, because each host will be considered a different one and two Host entities will appear. When the Host Entity will retrieve the services, an error will raise that there are no services. The issue also appears when both Host Entities are merged into one, because one IP will override the other, as well as the Host ID. Therefore the remaining entity cannot retrieve the services assigned under the other IP in Metasploit. TO BE RESOLVED QUICKLY
-
Utilities
- Make a utility class for managing different Databases, with potentially a GUI that helps managing the Metasploit Web Service. Potentially not useful to go that far though...
-
MetasploitCredential
- Finish Pull/Push Credential transforms: For the Push, needs to implement the full dictionary required by the API. It is not exactly the same as one from GET requests, so it cannot be fetched-then-put this way.
-
Config Files
- Currently, Effective-Couscous loads the config file local to the package (not the
~/.canari/canari.conf). It may be good to change this, or simply to add user-specific parameters in both config files, at install.
- Currently, Effective-Couscous loads the config file local to the package (not the
Python Entity definition class: Do not make an Entity class inherit from the class of an Entity higher hierarchically in Maltego, for the sake of saving a few lines of properties' code...
class MetasploitHost(Entity):
_namespace = "foo.host"
prop_one = StringEntityField("")
prop_two = StringEntityField("")
class LinuxHost(MetasploitHost):
_namespace_ = "foo.host.MetasploitHost"
""" Using inheritance to get/set props on this Entity class """...And then accessing the values of LinuxHost() in transforms....
host = LinuxHost()
host.name = "Foo"... because: The way Canari looks up class properties, in this case, is ambiguous to the Maltego client (it considers the properties to be MetasploitHost's, not LinuxHost's ones) so it will mess everything up WITH HUNDREDS OF EXCEPTIONS AND A TOTALLY UNUSABLE MALTEGO CLIENT.