Sample DB "objectid" <=> "objectsid"

[FallenHero66]

Hello, I noticed that my Bloodhound threw a "No data returned from query" error when trying to run the "Find all domain admins" sample query on the sample database. While trying to figure out what the problem was, I stumbled upon the fact that I couldn't even show single notes. The Query Debug mode revealed, that the attribute "objectid" is "undefined".

Comparing with the data in neo4j, I noticed that there is no attribute "objectid", but "objectsid".

Hope this helps with fixing.

Cheers

[rvazarkar]

Unfortunately, we haven't had a chance to update the sample DB. It's on our to-do list

[leitosama]

Hello, guys! I'm using neo4j-communtity 4.0.1 and i had a similar issue not only in sample DB. I had successfully fixed her by changing all of "objectid" entries in code to "objectsid".

[Brian-Hanrahan]

lines 227, 367 in DBCreator.py need to be tweaked to use “objectid” in place of objectsid … in case you are interested (this is if you are using the BloodHound-Tools Python DBCreator.py). Setup is described in this article if interested: https://www.pentestpartners.com/security-blog/bloodhound-walkthrough-a-tool-for-many-tradecrafts/

[d0pameen]

Hello, I noticed that my Bloodhound threw a "No data returned from query" error when trying to run the "Find all domain admins" sample query on the sample database. While trying to figure out what the problem was, I stumbled upon the fact that I couldn't even show single notes. The Query Debug mode revealed, that the attribute "objectid" is "undefined".

Comparing with the data in neo4j, I noticed that there is no attribute "objectid", but "objectsid".

Hope this helps with fixing.

Cheers

Been struggling with this issue, glad to know you solved it. can you tell me which files to change and its location please.

[Brian-Hanrahan]

@d0pameen see my prior post above :-)

[d0pameen]

@d0pameen see my prior post above :-)

Thank you Brian. I was not able to find BDCreator.py.

Sorry, i am new here, may be missing something which may be very basic.

Can you point me to the location i can find it and change.

Thanks in advace.

[Brian-Hanrahan]

@d0pameen Ahh - my mistake. I did not mention it is part of BloodHound-Tools (https://github.com/BloodHoundAD/BloodHound-Tools) in ~/BloodHound-Tools/DBCreator.py

[d0pameen]

Thank you so very much Brian.

I was doing HTB labs and extracted have some .json with extracted from bloodhound-python..

in my process, i didnt have to use the DBCreator.py. what am i messing up here?

On Tue, Jul 14, 2020 at 4:56 PM Brian-Hanrahan notifications@github.com wrote:

@d0pameen https://github.com/d0pameen Ahh - my mistake. I did not mention it is part of BloodHound-Tools ( https://github.com/BloodHoundAD/BloodHound-Tools) in ~/BloodHound-Tools/DBCreator.py

— You are receiving this because you were mentioned. Reply to this email directly, view it on GitHub https://github.com/BloodHoundAD/BloodHound/issues/297#issuecomment-658163089, or unsubscribe https://github.com/notifications/unsubscribe-auth/AQIV233LK6MWRKAPVVZLIG3R3RIXNANCNFSM4KXDFP7Q .

[FallenHero66]

Hey d0pameen Data extracted with the correct version of sharphound or other bloodhound tools which are compatible with this version will integrate fine into bloodhound It's just the sample DB that is not yet updated

Cheers

[d0pameen]

Hey d0pameen Data extracted with the correct version of sharphound or other bloodhound tools which are compatible with this version will integrate fine into bloodhound It's just the sample DB that is not yet updated

Cheers

Thank you for the reply FallenHero66!

1. Tried running directly from kali using bloodhound-python command..
2. Tried running from the git clone repo.. /bloodhound.py

both of the above give json.. both version of json has objectid, instead of objectsid..

i replaced manually to see if it help, NO.. still i get "No data returned from the query" and the map is shown without any connections.

Note: i also tried running 'bloodhound --no-sandbox' from kali default and from the git clone repo.. same results

[FallenHero66]

So if I understand correctly, you're scanning a network in HTB, and want to inspect the outcome in Bloodhound?

If so, I would suggest loading Sharphound3 onto a windows machine inside the HTB network, as this will definitely generate a compatible database SharpHound is included in this repository btw

Kind of off-topic: (since I'm doing the Offshore pro lab with a few colleagues), which pro lab are you doing, if I may ask?

[d0pameen]

I am actually preparing for my OSCP.. im all over the places. Doing HTB randomly with unique skill requirements and when i get bored, jump on to TryHackMe, then Kioptrix.

On to the issue:

Im scanning a domain controller using bloodhound-python, this generates .json for me.

I have to upload this on to bloodhound.

Typically this should give maps, for me shows none.. i click on an entry and it goes blank and none of the queries work. This is specific to while following the walkthrough for Pathfinder lab.

On Wed, 15 Jul 2020, 10:57 FallenHero66, notifications@github.com wrote:

So if I understand correctly, you're scanning a network in HTB, and want to inspect the outcome in Bloodhound?

If so, I would suggest loading Sharphound3 onto a windows machine inside the HTB network, as this will definitely generate a compatible database SharpHound is included in this repository btw

Kind of off-topic: (since I'm doing the Offshore pro lab with a few colleagues), which pro lab are you doing, if I may ask?

— You are receiving this because you were mentioned. Reply to this email directly, view it on GitHub https://github.com/BloodHoundAD/BloodHound/issues/297#issuecomment-658583496, or unsubscribe https://github.com/notifications/unsubscribe-auth/AQIV236QX5QKMK7IR3DIBQ3R3VHNJANCNFSM4KXDFP7Q .

[cnotin]

According to https://github.com/BloodHoundAD/BloodHound/issues/322#issuecomment-613638482 the sample DB was updated to version 3 format. The issue can be closed?