Unexpected error with Neo4J

[snovvcrash]

Describe the bug
When BloodHound is set to True in cme.conf, there's an unidentified error with Neo4J while using any valid creds (and any protocol).

To Reproduce
Steps to reproduce the behavior:
cme smb <ANY_HOST> -u <ANY_USER> -p <ANY_PASSWD>

Expected behavior
Credentials should be marked as owned in BloodHound.

Screenshots

Crackmapexec info

• OS: Kali 2021.4
• Version of CME: 5.2.3
• Installed via pipx using latest release

[mpgn]

Hello,

Can you run with flag --verbose ?

cme --verbose smb ...

[snovvcrash]

Hi @mpgn!

Thanks for the feedback.

I suppose, this is the part of --verbose that refers to Neo4j:

[mpgn]

Indeed ! That because the user is not found on your neo4j database :)

Can you double check the user exist, the one you blured on screenshot.

[snovvcrash]

Yep, that's right - I was trying to reproduce it with a computer account (my bad)...

But anyways, when I'm trying to set a domain admin user account as owned, there's no error message but the account is not set as owned in the DB either.

I found a reason for it: here the condition checks whether c.owned is False but in my case this owned property is null for every collected account.

So if I replace False with None it works as expected!

[mpgn]

We could also add the owned on computer accounts 😀

…

Yep, that's right - I was trying to reproduce it with a computer account (my bad)... But anyways, when I'm trying to set a domain admin *user* account as owned, there's no error message but the account is not set as owned in the DB either. I found a reason for it: here <https://github.com/byt3bl33d3r/CrackMapExec/blob/83cb8ef8527d7715b2679e4e6f47d5d794fa1700/cme/helpers/bloodhound.py#L23> the condition checks whether c.owned is False but in my case this owned property is *null* for every collected account. So if I replace False with None it works as expected! — Reply to this email directly, view it on GitHub <#529 (comment)>, or unsubscribe <https://github.com/notifications/unsubscribe-auth/ABM6NTD33FVIEWFYWKTFIOTUZI5UZANCNFSM5NKCXPHA> . You are receiving this because you were mentioned.Message ID: ***@***.***>

[snovvcrash]

We could also add the owned on computer accounts 😀

You mean with bh_owned.py module or by modifying the bloodhound.py helper? 🤔

I also think of editing the IF condition mentioned above to support null-valued owned property. What’s your thoughts on it?

[Cyb3rC3lt]

Apologies I know this was closed but I am getting a similar issue and the user does exist in Neo4J as shown.
Also no issue using SMB as shown also. i am on version 5.2.2. Any ideas?