Skip to content

Maltego Transforms for working with Telegram

Notifications You must be signed in to change notification settings

mazzz3r/maltego-telegram

 
 

Repository files navigation

Maltego Telegram

preview.png

Maltego module for working with Telegram.

Features:

  • Getting Telegram profile by phone number
  • Indexing of all stickers/emoji in Telegram channel
  • Identification of the creator of a set of stickers/emoji

Find out more: What's wrong with stickers in Telegram? Deanonymize anonymous channels in two clicks

How does it work?

work.png

Each Telegram user has their own UID.

Any sticker pack has its creator's UID hidden in it, which can be seen by any user.

To do this, follow the algorithm:

  1. Make an API request to get information about the sticker pack
  2. Take the value of the "ID" key from the response
  3. Perform a binary shift by 32 to the right.

The resulting UID can be exchanged for a familiar login using the @tgdb_bot bot, and thus reveal the user's profile.

The author of a channel who did not leave contacts can be de-anonymized. To do this, you need to scan his channel and find the sticker packs that he has ever created. And then use the algorithm above to get the real profile.

Installation

  1. Clone the repository
git clone https://github.com/vognik/maltego-telegram
  1. Install dependencies
pip install -r requirements.txt
  1. Specify secrets in config.ini:
  1. Log in to Telegram
python login.py
  1. Generate Transforms Import File
python project.py
  1. Import entities.mtz and telegram.mtz files using Import Config in Maltego
  2. Check if they work: new Entities and Transforms should appear in Maltego

imports.png

Usage

Drag and drop an entity from the Entity Pallete, right-click and select the desired Transform.

1118.1.1.mp4

About

Maltego Transforms for working with Telegram

Resources

Stars

Watchers

Forks

Releases

No releases published

Packages

No packages published

Languages

  • Python 100.0%