Closed francsam01 closed 2 years ago
cvandeplas
commented
3 years ago On which system are you running Maltego (and therefore misp-maltego)? Ubuntu 20.04 or Windows 10?
If you can access the MISP Server from a browser running in your own machine, I would recommend you to investigate if a local (application level) firewall could be blocking the requests from Maltego.
Do you have a proxy server configured in Maltego or your OS (windows/linux) ?
NetwarSystem
commented
3 years ago I am having similar troubles.
Experienced Maltego user, I do my own Python stuff, MISP is in an Ubuntu VM, and my desktop is also Ubuntu. No firewalls under foot here.
I modified ~/.canari/MISP_maltego.conf a couple different ways. The name misp is in my /etc/hosts, I've tried it with and without the :443.
misp_url = https://misp:443 misp_key = very_secret_key
I pulled the key I'm using from
https://misp/admin/users/index
There's one user, this is the only place I've seen anything that looks like an API key. Maltego comes back with an error instead of accessing the site.
Is there a set of precise instructions re: where to get the key in MISP? Am going to go back and see what's up using tshark, but this should not be that difficult to get running.
cvandeplas
commented
3 years ago @NetwarSystem You can find (or generate) your MISP API key in your users profile. (the top menu's)
francsam01
commented
3 years ago Hi All, this is solved. The problem was that even after installing MISP-Maltego using pip, the util.py have some discrepancies in the code. The solution, substitute the util.py with the util.py in this link: https://github.com/MISP/MISP-maltego/blob/master/src/MISP_maltego/transforms/common/util.py, and you should be good.
cvandeplas
commented
2 years ago Thank you very much @francsam01 . I have unfortunately missed your comment. The pip package has now been updated to contain the latest code from the util.py file.
Hi Guys,
I'm currently facing issues connecting Maltego with MISP-maltego. Im working using: Ubuntu 20.04, Maltego 4.2.14 and MISP_maltego utility.py v1.4.6'
This is the error message that I received while running the transform:
Transform outpu: ERROR: Cannot connect to MISP server. Please verify your MISP_Maltego.conf settings (from entity "1113") Transform Search in MISP returned with an error: ERROR: Cannot connect to MISP server. Please verify your MISP_Maltego.conf settings (from entity "1113") Transform Search in MISP done (from entity "1113")
Debug: Loading Canari configuration file '/home/amdocsmisp/.canari/canari.conf'
INFO [api.py:124 - init() ] To configure logging in your script, leave it to None and use the following: import logging; logging.getLogger('pymisp').setLevel(logging.DEBUG) DEBUG [api.py:3001 - _prepare_request() ] GET - https://x.x.x.x/servers/getPyMISPVersion.json DEBUG [api.py:3003 - _prepare_request() ] {} DEBUG [api.py:3021 - _prepare_request() ] {'User-Agent': 'PyMISP 2.4.134 - Python 3.8 - misp_maltego', 'Accept-Encoding': 'gzip, deflate', 'Accept': 'application/json', 'Connection': 'keep-alive', 'Authorization': '9KDdXF...', 'content-type': 'application/json'}
My MISP_maltego.conf has the following config:
[MISP_maltego.local] misp_url = http://x.x.x.x/ misp_key = 9KDdXFr....
misp_verify = True misp_debug = True
check_updates = True
[MISP_maltego.remote]
I test this local transfor using Windows 10 and still not able to connect Maltego with my local MISP Server. Any idea why Maltego is not able to connect to my local MISP server?