Giters

BloodHoundAD / BloodHound

Six Degrees of Domain Admin

Geek Repo:Geek Repo

Github PK Tool:Github PK Tool

Cypher query timeout in 4.3.1

nlinley opened this issue · comments

commented

In the docker version 4.3.1, I noticed most of the more complicated built-in cypher queries fail with a generic error in the gui. On the docker logs, it shows the queries are being set with a 30 sec timeout, which is timing out. Is there some way to control this setting to allow the query to run to completion?

ex: Shortest path to systems trusted for unconstrained delegation.

2024-03-18 12:34:08 {"level":"info","query":"match p = shortestPath((n)-[:Owns|GenericAll|GenericWrite|WriteOwner|WriteDacl|MemberOf|ForceChangePassword|AllExtendedRights|AddMember|HasSession|Contains|GPLink|AllowedToDelegate|TrustedBy|AllowedToAct|AdminTo|CanPSRemote|CanRDP|ExecuteDCOM|HasSIDHistory|AddSelf|DCSync|ReadLAPSPassword|ReadGMSAPassword|DumpSMSAPassword|SQLAdmin|AddAllowedToAct|WriteSPN|AddKeyCredentialLink|SyncLAPSPassword|WriteAccountRestrictions*1..]->(m:Computer)) where m.unconstraineddelegation = $STRIPPED and n <> m return p","time":"2024-03-18T04:34:08.533035336Z","message":"Executing user cypher query"}

2024-03-18 12:34:08 {"level":"info","time":"2024-03-18T04:34:08.533068036Z","message":"Cypher query cost is: 9.00. Reduction factor for query is: 1. Available timeout for query is now set to: 30.00 seconds"}

2024-03-18 12:34:39 {"level":"warn","time":"2024-03-18T04:34:39.115550543Z","message":"Writing API Error. Status: 500. Message: [{ driver error: Neo4jError: Neo.ClientError.Transaction.TransactionTimedOut (The transaction has been terminated. Retry your operation in a new transaction, and you should see a successful result. The transaction has not completed within the specified timeout (dbms.transaction.timeout). You may want to retry with a longer timeout. ) - query: match p = shortestPath((n)-[:Owns|GenericAll|GenericWrite|WriteOwner|WriteDacl|MemberOf|ForceChangePassword|AllExtendedRights|AddMember|HasSession|Contains|GPLink|AllowedToDelegate|TrustedBy|AllowedToAct|AdminTo|CanPSRemote|CanRDP|ExecuteDCOM|HasSIDHistory|AddSelf|DCSync|ReadLAPSPassword|ReadGMSAPassword|DumpSMSAPassword|SQLAdmin|AddAllowedToAct|WriteSPN|AddKeyCredentialLink|SyncLAPSPassword|WriteAccountRestrictions*1..]->(m:Computer)) where m.unconstraineddelegation = true and n <> m return p}]"}