Maltego Transforms for working with Telegram.
Features:
- Getting Telegram profile by phone number
- Getting a linked Telegram channel group
- Getting a list of Telegram group administrators
- Getting a list of authors of a Telegram channel
- Indexing of all stickers/emoji in Telegram channel
- Identification of the creator of a set of stickers/emoji
Each Telegram user has their own UID.
Each sticker set that a user creates has its ID hidden in it.
To reveal it, my Transform executes the following algorithm:
- Make an API request to get information about the sticker set
- Take the value of the "ID" key from the response
- Perform a binary shift by 32 to the right.
The resulting UID can be exchanged for a familiar login using the @tgdb_bot bot, and thus reveal the user's profile.
The author of a channel who did not leave contacts can be de-anonymized. To do this, you need to scan his channel and find the sticker packs that he has ever created. My Transform for Maltego does this automatically.
Find out more: What's wrong with stickers in Telegram? Deanonymize anonymous channels in two clicks
- Clone the repository
git clone https://github.com/vognik/maltego-telegram
- Install dependencies
pip install -r requirements.txt
- Specify secrets in
config.ini:
api_idandapi_hash: guide https://core.telegram.org/api/obtaining_api_idbot_token: guide https://core.telegram.org/bots/tutorial#obtain-your-bot-token
- Log in to Telegram
python login.py
- Generate Transforms Import File
python project.py
- Import
entities.mtzandtelegram.mtzfiles using Import Config in Maltego - Check if they work: new Entities and Transforms should appear in Maltego
Drag and drop an entity from the Entity Pallete, right-click and select the desired Transform.