This article will walk you through setting up a Python Transform using Apache2 and our Maltego-TRX library hosted on Github.
The Maltego-TRX library is the official Maltego Python library used for developing local and TDS Transforms.
Maltego-TRX 1.3.2 supports both Python2.7 & Python3
The files used for this article can be found in the Apache demo folder of the Maltego-TRX Github project.
Provisioning the host
We will be using an Ubuntu 18.04 host machine for our Transform server.
We will need to install the following dependencies.
Install System Dependencies
apt-get update apt-get install apache2 libapache2-mod-wsgi python-pip -y
Install Python Dependencies
pip install maltego-trx
Start a new project
We will need to create a project folder to hold our Transform code. In this example, we will use the project folder "/var/www/TRX/".
We can create a new project folder, with the recommended project structure using the following commands:
cd /var/www/ maltego-trx start TRX
This will create the project folder "/var/www/TRX" with the recommended folder structure.
The user that runs the production server will be www-data. We will need to make www-data the owner of our project folder. We can do this using the following command:
chown -R www-data:www-data /var/www/TRX/
We can then enter our project folder and run the commands needed to start the server:
cd TRX
Configure Apache2
We will need to add a configuration file for Apache2 to run on our Transform server.
We are looking to run the WSGI server from "/var/www/TRX/project.py" on port "8080".
In order to do this, we will need an apache config file called "TRX.conf" which contains the following.
Create TRX.conf file in the directory "/etc/apache2/sites-available".
<VirtualHost *:8080>
WSGIDaemonProcess TRX user=www-data group=www-data threads=25 python-path=/var/www/TRX/
WSGIScriptAlias / /var/www/TRX/project.py
<Directory /var/www/TRX>
WSGIProcessGroup TRX
WSGIApplicationGroup %{GLOBAL}
Order deny,allow
Allow from all
</Directory>
</VirtualHost>Ensure that the python-path points your project folder.
Start the apache2 server if it is not already started.
service apache2 start
After adding the TRX config file, activate it using the following command:
a2ensite TRX.conf #To activate the new configuration, you need to run: service apache2 reload
We will also need to configure Apache2 to listen on port 8080, to do this we need to add the line "Listen 8080" to the file "/etc/apache2/ports.conf".
One way of doing this is to run the following command to append the line to the end of the file:
echo "Listen 8080" >> /etc/apache2/ports.conf service apache2 reload
Start the Server
Development Server
If we are developing and debugging new Transforms, then it is better to use a lightweight Transform server that restarts every time the code is changed.
Remember to stop the apache service first to free up port 8080:
systemctl stop apache2.service
To run the development server, run the following command:
python project.py runserver
The server should start up and print out the available Transforms and their names:
=== Maltego Transform Server: v1.3.1 === = Transform Server URLs = /run/dnstoip/: DNSToIP /run/greetperson/: GreetPerson = Local Transform Names = dnstoip: DNSToIP greetperson: GreetPerson
The default project setup contains the DNSToIP and GreetPerson Transforms which we can see are listed above.
To test that the server is running correctly, we can navigate to http://<server_host>:<port> in our browser, and we should receive the following response:
You have reached a Maltego Transform Server.
Production Server
Once you are finished developing and testing your transforms, it is better to run a more robust setup using Apache.
First, make sure the development server is no longer running (Ctrl + C).
Then restart apache using the command:
service apache2 restart
Again, we can check that the server is running by opening http://<server_host>:<port> in our browser.
To list all available Transforms you can use this command:
cd /var/www/TRX/ python project.py list
Then you should see a similar output:
= Transform Server URLs = /run/dnstoip/: DNSToIP /run/greetperson/: GreetPerson = Local Transform Names = dnstoip: DNSToIP greetperson: GreetPerson