Warning: PHP iTDS Library is no longer supported in favor of Python Maltego-TRX

This page provides example code for writing iTDS transforms using Paterva's PHP iTDS transform library. These code examples need to run on your transform host server which should be configured to serve the PHP scripts when called by your iTDS.

Basic Examples

Hello World

This transform merely returns "hello world" as a phrase, it doesn't depend on the input entity at all:

//include our MaltegoTDS class(es)
include_once("Maltego.php");

//set return content-type to be XML
header ("content-type: text/xml");

$maltegoInput = new MaltegoTransformInput();
$maltegoTransform = new MaltegoTransformResponse();
$maltegoTransform->addEntity("maltego.Phrase","Hello Transform World");
$maltegoTransform->returnOutput();


Reading Input 

This is simple transform to show reading input from an entity and returning it to the graph (in this case working with a domain and returning a phrase with that domain in it):

//include our MaltegoTDS class(es)
include_once("Maltego.php");

//set return content-type to be XML
header ("content-type: text/xml");

$maltegoInput = new MaltegoTransformInput();
$maltegoTransform = new MaltegoTransformResponse();


if ($maltegoInput->getEntity())
{
  //get the details into local variables
  $entityValue = $maltegoInput->value;
  $maltegoTransform->addEntity("maltego.Phrase","hello" . $entityValue);
  $maltegoTransform->returnOutput();
}
else
{
  $maltegoTransform->addException("No input entity found");
  $maltegoTransform->throwExceptions();
}


Reading the Slider Value

This code shows a really simple call to get the slider value:

//include our MaltegoTDS class(es)

include_once("Maltego.php");

//set return content-type to be XML

header ("content-type: text/xml");

$maltegoInput = new MaltegoTransformInput();
$maltegoTransform = new MaltegoTransformResponse();

if ($maltegoInput->getEntity())
{
$slider = $maltegoInput->slider;
echo "slider value is currently: $slider";

}
else

$maltegoTransform->addException("No input entity found");
$maltegoTransform->throwExceptions();
}


Reading Transform Settings (aka Popups) 

This example illustrates reading a Popup from the client (popup is setup as seen in the image below):


NOTE: Whether the setting is a popup or not the code will not change, the user will merely not be prompted if it is not set to popup.

//include our MaltegoTDS class(es)
include_once("Maltego.php");

//set return content-type to be XML
header ("content-type: text/xml");

$maltegoInput = new MaltegoTransformInput();
$maltegoTransform = new MaltegoTransformResponse();

if ($maltegoInput->getEntity())
{
  //fetch the popup value (it is a transform field)
  $enteredName = $maltegoInput->transformFields["popupVar"];
  //return as phrase entity containing the above popup value
  $maltegoTransform->addEntity("maltego.Phrase","hello" . $enteredName);
  $maltegoTransform->returnOutput();
}
else
{
  $maltegoTransform->addException("No input entity found");
  $maltegoTransform->throwExceptions();
}


Reading Entity Properties

This example simply illustrates using the library to read the properties of an entity and printing them out. Note this is just a snippet, not a transform!

///include our MaltegoTDS class(es)
include_once("Maltego.php");

//set return content-type to be XML
header ("content-type: text/xml");

$maltegoInput = new MaltegoTransformInput();
$maltegoTransform = new MaltegoTransformResponse();


if ($maltegoInput->getEntity())
{
  $entityAdditionalFields = $maltegoInput->additionalFields;
  $longitude = $entityAdditionalFields["longitude"];
  $latitude = $entityAdditionalFields["latitude"];
  echo "$longitude";
  echo "$latitude";
}
else
{
  $maltegoTransform->addException("No input entity found");
  $maltegoTransform->throwExceptions();
}


Returning a complex entity

This transform example shows reading an entity as well as setting properties, additional fields, a UI message and the weight of the entity (run on a domain):

//include our MaltegoTDS class(es)
include_once("Maltego.php");

//set return content-type to be XML
header ("content-type: text/xml");

$maltegoInput = new MaltegoTransformInput();
$maltegoTransform = new MaltegoTransformResponse();


if ($maltegoInput->getEntity())
{
  $domain = $maltegoInput->value;
  
  $ent = $maltegoTransform->addEntity("maltego.Phrase","Complex." . $domain);
  $ent->setWeight(50);
  $ent->setDisplayInformation("this is a more complex entity addition");
  $ent->setDisplayInformation("<h3>Heading</h3><p>content here about " . $domain . "!</p>");
  $ent->addAdditionalFields("variable","Display Value","strict",$domain)
  
  //return output
  $maltegoTransform->returnOutput();
  
}
else
{
  $maltegoTransform->addException("No input entity found");
  $maltegoTransform->throwExceptions();
}


SQL Examples

The next three transform examples are written in PHP and use the Basic PHP TDS transform Library which can be downloaded on the transform libraries page.

MySQL Transform Code

This transform example performs the same task as the Python MySQL transform. The transform simply queries a sample customer database for the customer's location and returns it as a location entity in the Maltego client. The transform will use PHP's built in PDO_MYSQL driver that implements the PHP Data Objects (PDO) interface to enable access from PHP to MySQL databases.


MySQL Transform

//include our MaltegoTDS class(es)
include_once("Maltego.php");
 
//set return content-type to be XML
header ("content-type: text/xml");
 
$maltegoInput = new MaltegoTransformInput();
$maltegoTransform = new MaltegoTransformResponse();

//Define MySQL data connection details.
$servername = "localhost";
$username = "root";
$password = "******";
$dbname = "classicmodels";

if ($maltegoInput->getEntity())
{
  try {
  //get the details into local variables
  $customerName = $maltegoInput->value;
  
  //Connect to the MySQLdb using database your connection details
  $conn = new PDO("mysql:host=$servername;dbname=$dbname", $username, $password);
  $conn->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION); 
  
  //Prepare and execute the SQL query to get the country that corresponds to the customer name.
  $stmt = $conn->prepare('SELECT country FROM customers WHERE customerName = :customerName'); 
  $stmt->execute(array('customerName' => $customerName));
  
  $result = $stmt->fetchAll(); 
  
  if ( count($result) ) { 
  
    //Create a new entity for each row that is returned.
    foreach($result as $row) {
      
      //Break the loop if added entities exceeds slider value.
      if($i >= $slider){
        break;
        }
      $maltegoTransform->addEntity("maltego.Location",$row['country']);
    }   
    $conn = null;
    $maltegoTransform->returnOutput();
    
  } else {
    $conn = null;
    $maltegoTransform->addException("No results returned.");
    $maltegoTransform->throwExceptions();
  }
  }
  catch(PDOException $e) {
    $maltegoTransform->addException("Error: " . $e->getMessage());
    $maltegoTransform->throwExceptions();
  }
}
else
{
    $maltegoTransform->addException("No input entity found");
    $maltegoTransform->throwExceptions();
}

Running this transform on a few company names from our sample customer database results with the following graph:


PostgreSQL Transform Code

Library requirements

To run this transform on a Ubuntu server you will first need to install the PostgreSQL PHP library which can be done with the command below:
 

$ sudo apt-get update
$ sudo apt-get install php-pgsql


PostgreSQL Transform

This transform example performs a similar task as the Python PostgreSQL transform written above. This transform example queries a database containing information about the domain paterva.com. The database includes columns for the DNS names and the IP addresses that they resolve to. The transform example below will query the sample database for DNS names that resolve to the IP address specified in the input entity.

//include our MaltegoTDS class(es)
include_once("Maltego.php");
 
//set return content-type to be XML
header ("content-type: text/xml");
 
$maltegoInput = new MaltegoTransformInput();
$maltegoTransform = new MaltegoTransformResponse();

//get the value of the transform slider
$slider = $maltegoInput->slider;

//Define MySQL data connection details.
$servername = "localhost";
$port = "5432";
$username = "postgres";
$password = "*******";
$dbname = "postgres";

if ($maltegoInput->getEntity())
{
  try {
  //get the details into local variables
  $IP = $maltegoInput->value;

  //Connect to the pgsql using database your connection details
  $conn = new PDO("pgsql:host=$servername;port=$port;dbname=$dbname;user=$username;password=$password");
  
  //Prepare and execute the SQL query for DNSNAMES relating to your input IP address.
  $stmt = $conn->prepare('SELECT DNSNAME FROM iptodns WHERE IP = :IP'); 
  $stmt->execute(array('IP' => $IP));
  
  $result = $stmt->fetchAll(); 

  if (count($result) ) { 
  
    //Create a new entity for each row that is returned.
    foreach($result as $row) {
      $maltegoTransform->addEntity("maltego.DNSName",$row[0]);
    }
    $maltegoTransform->returnOutput();
    
  } else {
    
    $maltegoTransform->addException("No results returned.");
    $maltegoTransform->throwExceptions();
  }
  }
  catch(PDOException $e) {
    $maltegoTransform->addException("Error: " . $e->getMessage());
    $maltegoTransform->throwExceptions();
  }
}
else
{
    $maltegoTransform->addException("No input entity found");
    $maltegoTransform->throwExceptions();
} 
$conn = null;


Running this transform on the IP address belonging to Paterva "104.200.18.205" with the transform slider set to 12 results in the graph below:


MSSQL [using ODBC] Transform Code

This transform will demonstrate how a MSSQL database can be queried using an ODBC connection string from PHP. A ODBC driver for MSSQL needs to be installed and configured on the server before running the transform. The instructions in the Python example page can be followed to install and configure unixODBC and FreeTDS that are needed to run the transform code below.

MSSQL Transform

The transform example below will use PHP's standard ODBC library and connect to a database containing information from the Bitcoin Blockchain using the ODBC connection string below:

'DRIVER=FreeTDS;SERVER=mdviumqix9.database.windows.net;PORT=1433;DATABASE=AdventureWorks;UID=testDB@mdviumqix9;PWD=********;TDS_Version=8.0;


The transform in this example will take a Bitcoin address in as the input entity and return Bitcoin transaction where that address was the sender as the output.

//include our MaltegoTDS class(es)
include_once("Maltego.php");
 
//set return content-type to be XML
header ("content-type: text/xml");
 
$maltegoInput = new MaltegoTransformInput();
$maltegoTransform = new MaltegoTransformResponse();

//get the value of the transform slider
$slider = $maltegoInput->slider;

//Define ODBC connection string to connect to MSSQL database
$dsn = 'DRIVER=FreeTDS;SERVER=mdviumqix9.database.windows.net;PORT=1433;DATABASE=AdventureWorks;UID=testDB@mdviumqix9;PWD=*******;TDS_Version=8.0'
$user = 'testDB'
$password = '********'

if ($maltegoInput->getEntity())
{
  //Get the input entity into local variables
  $BTC_Address = $maltegoInput->value;

  //Connect to the MySQLdb using database your connection string defined above
  $conn = odbc_connect($dsn, $user, $password);
  
  //if connection cant be made to the database return an exception to the Maltego client.
  if(!$conn){
    $maltegoTransform->addException("Error : Unable to open database\n");
    $maltegoTransform->throwExceptions();
  } 

  //Prepare and execute the SQL query to get DNS names related to your input IP address.
  $stmt  = odbc_prepare($conn, 'SELECT transactions FROM BTCTransactions WHERE BTC_Address = ?');
  $sql_result = odbc_execute($stmt, array($BTC_Address));

  //Create a new entity for each row that is returned.
  $i = 0;
  while ($row = odbc_fetch_array($sql_result)) {
    //Break the loop if added entities exceeds slider value.
    if($i >= $slider){
      break;
    }
    $maltegoTransform->addEntity("PR.BTCTransaction",$row[0]);
    $i++;
  }
  //Return results to the Maltego client.
  $maltegoTransform->returnOutput();
}
else
{
    $maltegoTransform->addException("No input entity found");
    $maltegoTransform->throwExceptions();
} 
//close the database connection  
odbc_close($conn);


Running this transform on the Bitcoin address "16Fg2yjwrbtC6fZp61EV9mNVKmwCzGasw5" with the transform slider set to 12 results in the graph below: