- Python version 2.7.x
- PySocks:
sudo apt-get install pysocks - Requirements:
pip install -r requirements.txt
Run the program with following command:
python GraFScan.py [-h] [-neo4j] [-orient] [-arango] [-virtuoso] [-allegro] [-all] [-ip IP] [-n NET] [-i FILEINPUT] [-o OUTPUT] [-B] [-dict DICT] [-proxies PROXIES] [-nl] [-tor] [-DoS]
You can get basic usage information inside the menus.
- ip: Ip analyzed.
- authentication: True.
- version: < 3.X or > 3.X.
- change_password: boolean if the bruteforce was succesfull or not, and add old_password if was true. Only if you use brute force option.
- Info: Json with the return of query in cypher Match (n)-[r]-(m) Return n,r,m.
- license: Two values, version and license, communtiy or enterprise.
- NumNodes: Number of index to the nodes.
- ip: Ip analyzed.
- NumProperties: Number of index to the properties.
- NumRelationships: Number of index to the edges.
- labels: Array with all labels of nodes in the graph database.
- props: Array with all the key of all properties in the graph database.
- types: Array with all labels of edges in the graph database.
- cluster: Boolean to know if this instance is part of cluster, if the value is true, appear if this instance was slave or master.
- version: Version of Neo4j instance.
- databases: Array with all names of databases in OrientDB Server.
- version_OrientDB: Version of OrientDB Server.
- server_pass: Password of root user.
- serer_info: Json object with all information of server: connections, globalproperties, storadges and properties. Only if you use brute force option.
The tool tries to export all databases in the OrientDB Server, it creates a folder with the IP as name and put into the compress databases. Only use default auth to send the request.
- Arango: True if appear in the headers response.
- IP
- Port
- Auth: False if the auth is disabled.
- Collections: List of collections in database.
- User: User with we access to the database.
- Databases: Name of databases where we can access.
- Virtuoso
- IP
- Port
- AllegroGraph: True if appear in the headers response.
- IP
- Port
- Repositories: List of repositories.
- Catalogs
- User: A user other than anonymous is required
- Roles: A user other than anonymous is required.
- Anon_user: True when we access with an anonymous user.
-
If you use TOR to anonymize your ip, it is necessary to start the node instance before executed.
-
If you don't put any file in output, the report is written in report.json
-
If you don't put any file after the -dict option, the tool try to open dict file in the actual path.
-
If you don't put any file after the -proxies option, the tool try to open proxies file in the actual path.
While this may be helpful for some, there are significant risks. You could go to jail on obstruction of justice charges just for running grafscan, even though you are innocent. Your are on notice, that using this tool outside your "own" environment is considered malicious and is against the law. Use with caution.
This project is licensed under the GNU General Public License v3.0 - see the LICENSE file for details.
This project is written by Miguel Hernández and Alfonso Muñoz
