Find out the IP address through a call to Telegram
https://medium.com/@ibederov_en/find-out-the-ip-address-through-a-call-to-telegram-a899441b1bac
Discussion
How to trace IP of someone's id in telegram using Golang!
Code:
package mai
import (
"fmt"
"log"
"os"
"os/exec"
"strings"
)
func main() {
const CAP_PATH = "/tmp/tg_cap.pcap" // Temporary path for pcap capture file
const CAP_TEXT = "/tmp/tg_text.txt" // Temporary path for text file with information
const CAP_DURATION = "5" // Capture duration in seconds
// Get the external IP address of the device
ipCmd := exec.Command("curl", "-s", "icanhazip.com")
ipOutput, err := ipCmd.Output()
if err != nil {
log.Fatal("Failed to get IP address:", err)
}
MY_IP := strings.TrimSpace(string(ipOutput))
// Check if Wireshark is installed
_, err = exec.LookPath("tshark")
if err != nil {
log.Println("[-] Wireshark not found. Try installing Wireshark first.")
log.Println("[+] Debian-based: sudo apt-get install -y tshark")
log.Println("[+] RedHat-based: sudo yum install -y tshark")
os.Exit(1)
}
fmt.Println("[+] Discovering User's IP Address on Telegram using Golang")
fmt.Println("[+] Starting traffic capture. Please wait for", CAP_DURATION, "seconds...")
// Start traffic capture with Wireshark
captureCmd := exec.Command("tshark", "-w", CAP_PATH, "-a", "duration:"+CAP_DURATION)
captureOutput, err := captureCmd.CombinedOutput()
if err != nil {
log.Fatal("Traffic capture error:", err)
}
fmt.Println("[+] Traffic captured.")
// Convert pcap file to readable text file
convertCmd := exec.Command("tshark", "-r", CAP_PATH)
convertOutput, err := convertCmd.Output()
if err != nil {
log.Fatal("Error converting pcap file to text:", err)
}
err = os.WriteFile(CAP_TEXT, convertOutput, 0644)
if err != nil {
log.Fatal("Error writing text file:", err)
}
fmt.Println("[+] Pcap file successfully converted to text.")
// Check if Telegram traffic is present in the text file
if strings.Contains(string(convertOutput), "STUN 106") {
fmt.Println("[+] Telegram traffic found.")
// Extract the IP address from the text
extractCmd := exec.Command("cat", CAP_TEXT, "|", "grep", "STUN 106", "|", "sed", "'s/^.*XOR-MAPPED-ADDRESS: //'", "|", "awk", "'{match($0,/[0-9]+\\.[0-9]+\\.[0-9]+\\.[0-9]+/); ip = substr($0,RSTART,RLENGTH); print ip}' | awk '!seen[$0]++'")
extractOutput, err := extractCmd.Output()
if err != nil {
log.Fatal("Error extracting IP address:", err)
}
TG_OUT := strings.TrimSpace(string(extractOutput))
IP_1 := strings.Fields(TG_OUT)[0]
IP_2 := strings.Fields(TG_OUT)[1]
var IP string
// Check if the IP address is ours or the recipient's
if MY_IP == IP_1 {
IP = IP_2
} else if MY_IP == IP_2 {
IP = IP_1
} else {
IP = "[-] Sorry. IP address not found."
os.Exit(1)
}
// Get host information for the IP address
hostCmd := exec.Command("host", IP)
hostOutput, err := hostCmd.Output()
if err != nil {
log.Fatal("Error getting host information:", err)
}
fmt.Println("[+]")
fmt.Println("[+] IP Address:", IP)
fmt.Println("[+] Host:", strings.TrimSpace(string(hostOutput)))
fmt.Println("[+]")
// Clean up temporary files
err = os.Remove(CAP_PATH)
if err != nil {
log.Fatal("Cleanup error:", err)
}
err = os.Remove(CAP_TEXT)
if err != nil {
log.Fatal("Cleanup error:", err)
}
fmt.Println("[+] Cleanup completed.")
} else {
fmt.Println("[-] Telegram traffic not found.")
fmt.Println("[!]")
fmt.Println("[!] Run this script only >>>AFTER<<< the response.")
fmt.Println("[!]")
os.Exit(1)
}
fmt.Println("[?]")
fmt.Print("[?] Run whois", IP, "? (Y/N): ")
// Check if the user wants to run the whois command
var answer string
fmt.Scanln(&answer)
if strings.ToUpper(answer) == "Y" {
whoisCmd := exec.Command("whois", IP)
whoisOutput, err := whoisCmd.Output()
if err != nil {
log.Fatal("Error running whois command:", err)
}
fmt.Println(string(whoisOutput))
} else {
fmt.Println("[+] Goodbye!")
os.Exit(0)
}
}
➡️ Telegram Maltego
a free set of Transforms for Maltego that enables OSINT investigations in the Telegram messenger.
Initially designed solely to simplify de-anonymization through stickers/emojis, it has since expanded far beyond its original functionality, allowing for more advanced investigations.
Features:
Getting Telegram profile by phone number
Getting a linked Telegram channel group
Getting a list of Telegram group administrators
Getting a list of authors of a Telegram channel
Collect all forwarded & similar channels by Channel
Search for deleted posts and generate links to view them
Indexing of all stickers/emoji in Telegram channel
Identification of the creator of a set of stickers/emoji
https://github.com/vognik/maltego-telegram
nostr:note1wl7gret2z6mggnk9auss7cn4zp0hgwtnaef4jkj2u7a9qw3lmrhsm5mx5w