neo4j REST API

Rohan Vazarkar edited this page Aug 7, 2018 · 3 revisions

Neo4j has a RESTful API that can be used to query or modify BloodHound graph. The API supports transactional statements.

By default, the endpoint is located at http://localhost:7474/db/data/transaction/commit

Required HTTP Headers

Accept: application/json; charset=UTF-8
Content-Type: application/json
Authorization: BASE64 ENCODED USERNAME:PASSWORD

POST Body

{
 "statements": [
 {
 "statement": "CYPHER QUERY GOES HERE"
 }
 ]
}

Sample CURL query to get deritive local admins for USERNAME@DOMAIN.COM

curl -X POST \
http://localhost:7474/db/data/transaction/commit \
-H 'accept: application/json; charset=UTF-8' \
-H 'authorization: BASE64 ENCODED USER:PASS' \
-H 'content-type: application/json' \
-d '{"statements": [{"statement": "MATCH (c:Computer) WHERE NOT c.name='\''USERNAME@DOMAIN.COM'\'' WITH c MATCH p = shortestPath((n:User {name:'\''USERNAME@DOMAIN.COM'\''})-[r:HasSession|AdminTo|MemberOf*1..]->(c)) RETURN count(p)"}]}'

Sample Python Request

user = USER@DOMAIN.COM
statement = "MATCH p=(n:User {name:'%s'})-[r1:MemberOf*1..]->(g:Group)-[r2:AdminTo]->(c:Computer) RETURN count(p)" % user 
headers = { "Accept": "application/json; charset=UTF-8",
                "Content-Type": "application/json",
                "Authorization": "BASE64 ENCODED USERNAME:PASSWORD" }
    data = {"statements": [{'statement': statement}]}
    url = 'http://localhost:7474/db/data/transaction/commit'
r = requests.post(url=url,headers=headers,json=data)

Official neo4j documentation

http://neo4j.com/docs/rest-docs/current/

Official neo4j HTTP REST API documentation

https://neo4j.com/docs/developer-manual/current/http-api/

Credit

Thanks to kafkaesqu3 for this content.

You can’t perform that action at this time.
You signed in with another tab or window. Reload to refresh your session. You signed out in another tab or window. Reload to refresh your session.
Press h to open a hovercard with more details.