Pennyw0rth
Make nxc compatible with bloodhound-ce zip
Description
This PR allow a user to dump using bloodhound-ce or bloodhound, it's a bit manuel but no choice. This is a bit related to #616 and #663 , ippsec and 0xdf are both using bloodhound-ce package directly since the one on nxc doesn't supporte the community edtion :'(
Maybe bloodhound-ce should be the default pacakage now ... 🤔
This pull request introduces enhancements for managing BloodHound configurations and handling compatibility between the standard and Community Edition (CE) versions. The changes include adding a new configuration section, implementing a utility function to detect BloodHound versions, and improving error handling for mismatched configurations.
BloodHound Configuration Enhancements:
-
New Configuration Section for BloodHound-CE: Added a
[BloodHound-CE]section in thenxc.conffile to enable or disable the Community Edition. (nxc/data/nxc.conf) -
Utility Function to Detect Installed BloodHound Version: Introduced
get_bloodhound_infoto determine the installed BloodHound package (bloodhoundorbloodhound-ce), its version, and whether it is the CE version. (nxc/protocols/ldap.py) -
Configuration Validation and Error Handling: Added logic to validate the configuration against the installed BloodHound version, providing detailed error messages and remediation steps if there is a mismatch. (
nxc/protocols/ldap.py)
Code Quality Improvements:
- Improved Return Consistency: Updated the
bloodhoundmethod to returnNoneinstead of an implicitNonewhen no collection methods are resolved. (nxc/protocols/ldap.py)
Type of change
- [x] New feature (non-breaking change which adds functionality)
- [x] Breaking change (fix or feature that would cause existing functionality to not work as expected)
- [x] This change requires a documentation update
How Has This Been Tested?
Against vintage box
Screenshots (if appropriate):
Checklist:
- [x] I have ran Ruff against my changes (via poetry:
poetry run python -m ruff check . --preview, use--fixto automatically fix what it can) - [x] I have added or updated the tests/e2e_commands.txt file if necessary
- [x] New and existing e2e tests pass locally with my changes
- [x] My code follows the style guidelines of this project (should be covered by Ruff above)
- [x] If reliant on third party dependencies, such as Impacket, dploot, lsassy, etc, I have linked the relevant PRs in those projects
- [x] I have performed a self-review of my own code
- [x] I have commented my code, particularly in hard-to-understand areas
- [ ] I have made corresponding changes to the documentation (PR here: https://github.com/Pennyw0rth/NetExec-Wiki)
Or another solution is to embrace bloodhound-ce and just use it and drop legacy bloodhound (i prefer this solution but the pr offer both choice in case)
Or another solution is to embrace bloodhound-ce and just use it and drop legacy bloodhound (i prefer this solution but the pr offer both choice in case)
Honestly, i would switch to bloodhound-ce as well. What about we give the user the choice to switch back to the old bloodhound version with this tutorial/fix, but use bloodhound-ce as default? Thoughts?
Or another solution is to embrace bloodhound-ce and just use it and drop legacy bloodhound (i prefer this solution but the pr offer both choice in case)
Honestly, i would switch to bloodhound-ce as well. What about we give the user the choice to switch back to the old bloodhound version with this tutorial/fix, but use bloodhound-ce as default? Thoughts?
A bit of a late response, but I agree with this solution. I don't think NetExec should break backwards compatibility, but considering that Bloodhound CE is now the default version included with the latest version of Kali, I think using the CE collector by default is the right move.
