Maltego module for working with Telegram.
Features:
- Getting Telegram profile by phone number
- Indexing of all stickers/emoji in Telegram channel
- Identification of the creator of a set of stickers/emoji
Find out more: What's wrong with stickers in Telegram? Deanonymize anonymous channels in two clicks
Each Telegram user has their own UID.
Any sticker pack has its creator's UID hidden in it, which can be seen by any user.
To do this, follow the algorithm:
- Make an API request to get information about the sticker pack
- Take the value of the "ID" key from the response
- Perform a binary shift by 32 to the right.
The resulting UID can be exchanged for a familiar login using the @tgdb_bot
bot, and thus reveal the user's profile.
The author of a channel who did not leave contacts can be de-anonymized. To do this, you need to scan his channel and find the sticker packs that he has ever created. And then use the algorithm above to get the real profile.
- Clone the repository
git clone https://github.com/vognik/maltego-telegram
- Install dependencies
pip install -r requirements.txt
- Specify secrets in
config.ini
:
api_id
andapi_hash
: guide https://core.telegram.org/api/obtaining_api_idbot_token
: guide https://core.telegram.org/bots/tutorial#obtain-your-bot-token
- Log in to Telegram
python login.py
- Generate Transforms Import File
python project.py
- Import
entities.mtz
andtelegram.mtz
files using Import Config in Maltego - Check if they work: new Entities and Transforms should appear in Maltego
Drag and drop an entity from the Entity Pallete, right-click and select the desired Transform.