NetExec/nxc/helpers/bloodhound.py

#!/usr/bin/env python3
# -*- coding: utf-8 -*-


def add_user_bh(user, domain, logger, config):
    users_owned = []
    if isinstance(user, str):
        users_owned.append({"username": user.upper(), "domain": domain.upper()})
    else:
        users_owned = user
    if config.get("BloodHound", "bh_enabled") != "False":
        try:
            from neo4j.v1 import GraphDatabase
        except:
            from neo4j import GraphDatabase
        from neo4j.exceptions import AuthError, ServiceUnavailable

        uri = f"bolt://{config.get('BloodHound', 'bh_uri')}:{config.get('BloodHound', 'bh_port')}"

        driver = GraphDatabase.driver(
            uri,
            auth=(
                config.get("BloodHound", "bh_user"),
                config.get("BloodHound", "bh_pass"),
            ),
            encrypted=False,
        )
        try:
            with driver.session() as session:
                with session.begin_transaction() as tx:
                    for info in users_owned:
                        if info["username"][-1] == "$":
                            user_owned = info["username"][:-1] + "." + info["domain"]
                            account_type = "Computer"
                        else:
                            user_owned = info["username"] + "@" + info["domain"]
                            account_type = "User"

                        result = tx.run(f'MATCH (c:{account_type} {{name:"{user_owned}"}}) RETURN c')

                        if result.data()[0]["c"].get("owned") in (False, None):
                            logger.debug(f'MATCH (c:{account_type} {{name:"{user_owned}"}}) SET c.owned=True RETURN c.name AS name')
                            result = tx.run(f'MATCH (c:{account_type} {{name:"{user_owned}"}}) SET c.owned=True RETURN c.name AS name')
                            logger.highlight(f"Node {user_owned} successfully set as owned in BloodHound")
        except AuthError as e:
            logger.fail(f"Provided Neo4J credentials ({config.get('BloodHound', 'bh_user')}:{config.get('BloodHound', 'bh_pass')}) are not valid.")
            return
        except ServiceUnavailable as e:
            logger.fail(f"Neo4J does not seem to be available on {uri}.")
            return
        except Exception as e:
            logger.fail("Unexpected error with Neo4J")
            logger.fail("Account not found on the domain")
            return
        driver.close()