How To: Installing Malformity

{0 Comments}

Malformity was released a couple of weeks ago. If you missed it, the original post and the follow up provide more background on the project. This post is meant to get you started using Malformity and provides a quick overview of how to install it.

First, if you don’t have Maltego, you should head over to the Paterva site and download Maltego CE, which is free for personal use. If you’ve never used it before, but want to give Malformity a try, I suggest fooling around with Maltego a bit to get used to it. Alternatively, Paterva has a great set of video tutorials up on YouTube.
Once you have Maltego, you’ll have to grab Canari (supports Python 2.x) in order to install the Malformity package. You can do this by running the following:

$ sudo easy_install canari

Now, make sure you’re in your desired directory. You then need to clone Malformity from Github. You should see similar output when using the command below.

$git clone http://github.com/digital4rensics/Malformity
Cloning into Malformity...
remote: Counting objects: 158, done.
remote: Compressing objects: 100% (87/87), done.
remote: Total 158 (delta 77), reused 146 (delta 65)
Receiving objects: 100% (158/158), 64.97 KiB | 63 KiB/s, done.
Resolving deltas: 100% (77/77), done.
$ cd Malformity
$ ls
README.md	maltego		setup.py	src

We’re almost done! If you don’t already have Mechanize and BeautifulSoup(3.x), you can run the setup script included with Malformity using the command below. Note: This also means you don’t have to separately grab Canari, as noted above.

$ sudo python setup.py install

If you’ve already got the dependencies (or completed the above step) and have already run Maltego the first time, you can run the following command (with Maltego closed).

$ canari install-package Malformity
Multiple versions of Maltego detected: 
[0] Maltego v1.0.1CaseFileCE
[1] Maltego v3.1.1CE
[2] Maltego v3.2.0
Please select which version you wish to use [0]:

If multiple versions are detected, select the appropriate installation and press enter. If multiple versions are not detected, or after you select a version, you’ll see output similar to below.

Writing /Library/Frameworks/Python.framework/Versions/7.3/lib/python2.7/site-packages/canari-0.5-py2.7.egg/canari/resources/template/canari.plate to /Users/Johnson/Temp/Malformity/src/canari.conf
Writing Malformity/resources/etc/Malformity.conf to /Users/Johnson/Temp/Malformity/src/Malformity.conf
Looking for transforms in Malformity.transforms
Installing transform malformity.v1.VT_URL2Engine from Malformity.transforms.vt_url2engine...
Installing transform malformity.v1.VT_Hash2Name from Malformity.transforms.vt_hash2name...
Installing transform malformity.v1.ViCheck_FileSearch from Malformity.transforms.vicheck_filesearch...
Installing transform malformity.v1.ViCheck_Hash2Filename from Malformity.transforms.vicheck_hash2filename...
Installing transform malformity.v1.ViCheck_Hash2dHash from Malformity.transforms.vicheck_hash2dhash...
...snipped...

If you receive an error about Malformity not being a valid package, you likely had the dependencies and didn’t need to run the setup script. If this is the case, cd in to the src/ directory and run the command from the previous step again.

That should be it! You can now fire up Maltego and begin using Malformity. If you run in to any issues, feel free to leave a comment below or send me a message on Twitter (@digital4rensics). I’ll help out as much as I can. Check back for updates and additional information!

Leave a Comment

Your email address will not be published.

*