Skip to content

Instantly share code, notes, and snippets.

@NotMedic
Last active July 11, 2019 02:11
Show Gist options
  • Save NotMedic/59f92a4235c03c5196d2cbb15d938e1c to your computer and use it in GitHub Desktop.
Save NotMedic/59f92a4235c03c5196d2cbb15d938e1c to your computer and use it in GitHub Desktop.
Script to mark hosts as vulnerable in Bloodhound.
#!/usr/bin/python
import sys, json, urllib, urllib2
#Define the Bloodhound Database
url = 'http://bloodhound-server:7474/db/data/cypher/'
#Define the Bloodhound Credentials
#echo neo4j:bloodhound | base64
base64auth = 'bmVvNGo6Ymxvb2Rob3VuZA=='
request = urllib2.Request(url)
#Parse the Command Line for the ComputerName to Search For
if len(sys.argv) == 2:
computername = sys.argv[1].upper()
else:
print "Requires one parameter"
sys.exit(1)
#Build our Query. Auth Header is base64 username:password, neo4j:bloodhound
data = '''{ "query" : "MATCH (n:Computer) WHERE n.name STARTS WITH \'''' + computername + '''\' RETURN n"}'''
request.add_header('Authorization','Basic ' + base64auth)
request.add_header('Content-Type','application/json')
#Make our query to verify the computer name, Get the Results
response = urllib2.urlopen(request,data)
txtresponse = response.read()
json_obj = json.loads(txtresponse)
if len(json_obj['data']) < 1:
print "No Match for Name " + computername
sys.exit(1)
elif len(json_obj['data']) > 1:
print "Too Many Computer Matches for Name " + computername
sys.exit(1)
else:
for rows in json_obj['data']:
computername = rows[0]['data']['name']
#Get rid of all of our variables
data = ''
txtresponse = ''
request = ''
#--------------------------------------------
#Rebuild our request
request = urllib2.Request(url)
#Build our real query using the full computer name
data = '''{ "query" : "MATCH (n:Computer) WHERE n.name=\'''' + computername + '''\' SET n.vulnerable=TRUE RETURN n.name"}'''
#Make our Query for computers, Get the Results
request.add_header('Authorization','Basic ' + base64auth)
request.add_header('Content-Type','application/json')
response = urllib2.urlopen(request,data)
txtresponse = response.read()
json_obj = json.loads(txtresponse)
#print json_obj
for rows in json_obj['data']:
computername = rows[0]
print "Marked " + computername + " as vulnerable"
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment