Created
March 26, 2021 09:17
-
-
Save Hackndo/8b461b8b235142829e34eaa03c621a5e to your computer and use it in GitHub Desktop.
Generate a BloodHound query to set users as owned from a usernames file
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| import argparse | |
| import os | |
| import logging | |
| import sys | |
| parser = argparse.ArgumentParser( | |
| prog='users_to_owned', | |
| description='Generate a Neo4J request to own a list of users' | |
| ) | |
| parser.add_argument('users_file', action='store', help='User file containing usernames') | |
| parser.add_argument('domain', action='store', help='Domain name (FQDN)') | |
| args = parser.parse_args() | |
| if not os.path.isfile(args.users_file): | |
| logging.error("File {} doesn't exist".format(args.users_file)) | |
| sys.exit(1) | |
| if "." not in args.domain: | |
| logging.error("Fully qualified domain name is required") | |
| sys.exit(1) | |
| users_file = args.users_file | |
| domain = args.domain.upper() | |
| with open(users_file, 'r') as f: | |
| users = " OR ".join(["u.name=\"{}@{}\"".format(user.rstrip('\n').upper(), domain) for user in f]) | |
| print("MATCH (u:User) WHERE {} SET u.owned=true RETURN u".format(users)) |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment