BloodHound 2.0 walkthrough on Kali 2018

In below post we are going to look at installing BloodHound (UI) on Kali 2018.2 Virtual Machine (x64).

Lets download the Bloodhound-linux-x64.zip from releases tab of Bloodhound github repository and Neo4j community server from download center.

Our Setup :-
  • Kali 2018.2 VM x64
  • Bloodhound (version BloodHound 2.0.3)
  • Neo4j Community Server (version neo4j-community-3.4.6-unix.tar.gz )
Next task to extract both the packages.
Once both packages are extracted, start the Neo4j server.
Then browse to http://localhost:7474/browser/ and it will prompt you to login with default credentials to Neo4j sever i.e.; neo4j : neo4j. Once credentials are submitted, server would force you to set new password. In our case we set it to "bloodhound".

Now we have successfully configured the Neo4j server and you should get below window.
Now we can navigate to Bloodhound directory and run the executable. But we encountered one dependency was missing in Kali.
Then we login with configured credentials (neo4j : bloodhound) and it should launch Bloodhound UI.


As we can see from below screenshot, there is data missing in our freshly baked setup.


Now by using Bloodhound ingestor i.e. ; Sharphound, we collect the required data from windows domain connected/joined machine. We have already written the post do same and perform varies analysis to perform domain compromise.

In order to help the community @CptJesus recently opensourced the DBCreator script. This scripts generate dummy data in the Neo4j database in order to play and test all capabilities of Bloodhound UI. Before running this script we need to edit the credentials in the script.

Then running the script generates dummy data for analysis.



Happy Hacking !!

Comments

Popular Posts