Skip to content

Instantly share code, notes, and snippets.

Embed
What would you like to do?
Script to mark hosts as vulnerable in Bloodhound.
#!/usr/bin/python
import sys, json, urllib, urllib2
#Define the Bloodhound Database
url = 'http://bloodhound-server:7474/db/data/cypher/'
#Define the Bloodhound Credentials
#echo neo4j:bloodhound | base64
base64auth = 'bmVvNGo6Ymxvb2Rob3VuZA=='
request = urllib2.Request(url)
#Parse the Command Line for the ComputerName to Search For
if len(sys.argv) == 2:
computername = sys.argv[1].upper()
else:
print "Requires one parameter"
sys.exit(1)
#Build our Query. Auth Header is base64 username:password, neo4j:bloodhound
data = '''{ "query" : "MATCH (n:Computer) WHERE n.name STARTS WITH \'''' + computername + '''\' RETURN n"}'''
request.add_header('Authorization','Basic ' + base64auth)
request.add_header('Content-Type','application/json')
#Make our query to verify the computer name, Get the Results
response = urllib2.urlopen(request,data)
txtresponse = response.read()
json_obj = json.loads(txtresponse)
if len(json_obj['data']) < 1:
print "No Match for Name " + computername
sys.exit(1)
elif len(json_obj['data']) > 1:
print "Too Many Computer Matches for Name " + computername
sys.exit(1)
else:
for rows in json_obj['data']:
computername = rows[0]['data']['name']
#Get rid of all of our variables
data = ''
txtresponse = ''
request = ''
#--------------------------------------------
#Rebuild our request
request = urllib2.Request(url)
#Build our real query using the full computer name
data = '''{ "query" : "MATCH (n:Computer) WHERE n.name=\'''' + computername + '''\' SET n.vulnerable=TRUE RETURN n.name"}'''
#Make our Query for computers, Get the Results
request.add_header('Authorization','Basic ' + base64auth)
request.add_header('Content-Type','application/json')
response = urllib2.urlopen(request,data)
txtresponse = response.read()
json_obj = json.loads(txtresponse)
#print json_obj
for rows in json_obj['data']:
computername = rows[0]
print "Marked " + computername + " as vulnerable"
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
You can’t perform that action at this time.
You signed in with another tab or window. Reload to refresh your session. You signed out in another tab or window. Reload to refresh your session.