Tommy Skaug
805a34f937
All checks were successful
Export / Explore-GitHub-Actions (push) Successful in 2m19s
52 lines
1.7 KiB
Markdown
52 lines
1.7 KiB
Markdown
I've previously been writing on how to read and process Maltego
|
|
mtgx graph archives. When you start to get a directory with a lot
|
|
of them you will probably be like me "Where did I see this thing
|
|
again?"
|
|
|
|
The solution can of course be done in Python like in my previous
|
|
post, but let's try a more native solution this time, zipgrep:
|
|
|
|
> zipgrep will search files within a ZIP archive for lines
|
|
> matching the given string or pattern. zipgrep is a shell script
|
|
> and requires egrep(1) and unzip(1L) to function. Its output is
|
|
> identical to that of egrep(1).
|
|
|
|
In my testing I had 20 files, and everything worked pretty well in
|
|
regard to searching the files by e.g. ``zipgrep 1.2.3.4 \*.mtgx
|
|
\*.graphml``. The problem here being that zipgrep doesn't seem to
|
|
support printing the archive names, so thank you for
|
|
that. Returning to the more basic zip tools, like zip cat was the
|
|
solution in my case:
|
|
|
|
unzip -c \*.mtgx 2>&1 |egrep "(Archive: )|1.2.3.4"
|
|
|
|
Archive: 1.mtgx
|
|
Archive: 2.mtgx
|
|
Archive: 3.mtgx
|
|
Archive: 4.mtgx
|
|
Archive: 5.mtgx
|
|
Archive: 6.mtgx
|
|
Archive: 7.mtgx
|
|
Archive: 8.mtgx
|
|
Archive: 9.mtgx
|
|
Archive: 10.mtgx
|
|
Archive: 11.mtgx
|
|
Archive: 12.mtgx
|
|
Archive: 13.mtgx
|
|
Archive: 14.mtgx
|
|
Archive: 15.mtgx
|
|
Archive: 16.mtgx
|
|
1.2.3.4
|
|
Archive: 17.mtgx
|
|
1.2.3.4
|
|
Archive: 18.mtgx
|
|
Archive: 19.mtgx
|
|
Archive: 20.mtgx
|
|
|
|
A little Maltego archive insight helps us along speeding up the
|
|
query, since the graphml file will always stay at
|
|
``Graphs/Graph1.graphml``
|
|
|
|
unzip -c \*.mtgx Graphs/Graph1.graphml 2>&1 |egrep "(Archive: )|1.2.3.4"
|
|
|
|
The latter results in the same results as given above.
|