Tommy Skaug
805a34f937
1.7 KiB
I've previously been writing on how to read and process Maltego mtgx graph archives. When you start to get a directory with a lot of them you will probably be like me "Where did I see this thing again?"
The solution can of course be done in Python like in my previous post, but let's try a more native solution this time, zipgrep:
zipgrep will search files within a ZIP archive for lines matching the given string or pattern. zipgrep is a shell script and requires egrep(1) and unzip(1L) to function. Its output is identical to that of egrep(1).
In my testing I had 20 files, and everything worked pretty well in
regard to searching the files by e.g. zipgrep 1.2.3.4 \*.mtgx \*.graphml. The problem here being that zipgrep doesn't seem to
support printing the archive names, so thank you for
that. Returning to the more basic zip tools, like zip cat was the
solution in my case:
unzip -c \*.mtgx 2>&1 |egrep "(Archive: )|1.2.3.4"
Archive: 1.mtgx
Archive: 2.mtgx
Archive: 3.mtgx
Archive: 4.mtgx
Archive: 5.mtgx
Archive: 6.mtgx
Archive: 7.mtgx
Archive: 8.mtgx
Archive: 9.mtgx
Archive: 10.mtgx
Archive: 11.mtgx
Archive: 12.mtgx
Archive: 13.mtgx
Archive: 14.mtgx
Archive: 15.mtgx
Archive: 16.mtgx
1.2.3.4
Archive: 17.mtgx
1.2.3.4
Archive: 18.mtgx
Archive: 19.mtgx
Archive: 20.mtgx
A little Maltego archive insight helps us along speeding up the
query, since the graphml file will always stay at
Graphs/Graph1.graphml
unzip -c \*.mtgx Graphs/Graph1.graphml 2>&1 |egrep "(Archive: )|1.2.3.4"
The latter results in the same results as given above.