Table of contents
window download community version neo4j
introduce:
Use BloodHound to automatically collect information from the huge intranet domain environment and organize and analyze the data to improve penetration efficiency. BloodHound is a tool for visual graphical analysis of relationships in a domain environment. It uses graphs and lines to analyze users, computers, groups, Sessions, ACLs, and all related users, groups, computers, login information, and access control policies in the domain. The relationship between them is more intuitively displayed in front of the red team members, who can analyze the situation in the domain more conveniently and upgrade their authority in the domain more quickly. It also allows blue team members to conduct better security inspections of their own network systems and ensure domain security.
Neo4j is a NOSQL graph database that stores structured data on the network instead of in tables. Bloodhound uses this feature to conduct reasonable analysis and express relevant data more intuitively in the form of "node space". Bloodhound uses this feature to express relevant data in the domain Export relevant information, and after collecting the data, import it into the Neo4j database for display and analysis.
Installation Environment:
1. Download and install jdk;
2. Download and install neo4j;
kali:apt-get install neo4j
windows:Neo4j Download Center - Graph Database & Analytics
3. Start the neo4j database server
4. Download bloodhound
neo4j
window download community version neo4j
Click to see the operation manual
Download and install, enter the bin directory and enter the command
⚠️Note: If an error occurs, change the Java version and software version in time. This is a pitfall.
cd D:\neo4j-community-3.5.3\bin\.\neo4j.bat console
After success, you can configure it normally. Open the web page http://localhost:7474/browser/ , enter the username and password, and then change the password to 123456.
kali download
After the installation is complete, run the graphical database Neo4j first.
sudo neo4j start
After startup, the browser access is as follows, with the default account and password
neo4j.When you log in for the first time, you will be prompted to change the password. For example, change the password to: 123456. After the change, you will be redirected to the following page, indicating that Neo4j is installed successfully.
BloodHound
windows download
BloodHound project address: https://github.com/BloodHoundAD/BloodHound. After downloading, unzip and open BloodHound.exe, enter the account and password of the Neo4j database to complete the installation.
kali download
After downloading, unzip it to kali linux, and switch to this directory to execute the startup command:
./BloodHound --no-sandbox
After the startup command is successfully executed, the login page will automatically pop up and you can log in to use it.
The username and password are set above
Host : //localhost:7687 Username : neo4j Password : 123456
After successful login, the following page appears indicating that bloodhound has been started successfully.
BloodHound uses
After installing BloodHound, you need to collect and import data. You can use ps1 scripts or exe programs to collect data. Tool download address: https://github.com/BloodHoundAD/BloodHound/tree/f4d9c1af1529124d33c9f360a27686eea51755e1/Collectors
Here, SharpHound.exe is used to collect data, copy SharpHound.exe to the target, and execute SharpHound.exe -c all to collect data.
# Binary collection tool command:
SharpHound.exe -c all
# Powershell collection tool command:
powershell -exec bypass -command "Import-Module ./SharpHound.ps1; Invoke-BloodHound -c all"
BloodHound data import
Upload and import the zip file generated after data collection into BloodHound analysis.