Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Broken collected filter for available-domains endpoint #635

Closed
6 of 11 tasks
exploide opened this issue May 25, 2024 · 2 comments
Closed
6 of 11 tasks

Broken collected filter for available-domains endpoint #635

exploide opened this issue May 25, 2024 · 2 comments
Labels
bug Something isn't working ticketed (automation only) Ticket has been created internally for tracking

Comments

@exploide
Copy link
Contributor

Description:

A request to /api/v2/available-domains?collected=eq:false does not return the not collected domains but an empty list instead. However, a request to /api/v2/available-domains?collected=eq:true returns only collected domains, as expected. It seems the negative filtering is broken. Maybe because the attribute does not exist in this case?

Component(s) Affected:

  • UI
  • API
  • Neo4j
  • PostgreSQL
  • Data Collector (SharpHound, AzureHound)
  • Other (tooling, documentation, etc.)

Steps to Reproduce:

  1. Import the sample data from this repository
  2. Perform the request to /api/v2/available-domains?collected=eq:true and see that the three collected domains are returned correctly.
  3. Perform the request to /api/v2/available-domains?collected=eq:false and see that an empty list is returned instead of the two not collected domains.

Expected Behavior:

I would have expected that the negative filtering works as well as the positive filtering does.

Actual Behavior:

Negative filtering does not work.

Environment Information:

BloodHound: 5.9.0

Collector: what ever you used to generate the sample data

Potential Solution (Optional):

I could imagine this is because the collected property does not exist in the neo4j data for not collected domains. This needs to be worked around.

Contributor Checklist:

  • I have searched the issue tracker to ensure this bug hasn't been reported before or is not already being addressed.
  • I have provided clear steps to reproduce the issue.
  • I have included relevant environment information details.
  • I have attached necessary supporting documents.
  • I have checked that any JSON files I am attempting to upload to BloodHound are valid.
@exploide exploide added bug Something isn't working triage This issue requires triaging labels May 25, 2024
@slokie-so slokie-so added the ticketed (automation only) Ticket has been created internally for tracking label May 29, 2024
@elikmiller
Copy link
Collaborator

Hey @exploide - I've validated this issue and I think you have the right idea. The collected property is not being set on all Domain or AZTenant nodes which breaks the query.

For now, I believe you can work around this by leveraging the following cypher query:
MATCH (n) WHERE (n:Domain OR n:AZTenant) AND n.collected IS NULL RETURN n

@elikmiller elikmiller removed the triage This issue requires triaging label Jun 3, 2024
@exploide exploide mentioned this issue Jun 9, 2024
Closed
@exploide
Copy link
Contributor Author

This was fixed in #684, thank you.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
bug Something isn't working ticketed (automation only) Ticket has been created internally for tracking
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@elikmiller @exploide @slokie-so