HackTheBox: OpSalwarKameez24-5: Bling-Bling
Sherlock
Solving the OpSalwarKameez24-5: Bling-Bling Challenge with Neo4j on Kali Linux
This guide covers how I tackled the HackTheBox Sherlock challenge **OpSalwarKameez24-5: Bling-Bling** using Neo4j on Kali Linux. The challenge required database setup, querying, and understanding of Neo4j's Cypher commands. Here’s how I approached it step-by-step.
Setting Up Neo4j Enterprise on Kali Linux
1. Installation:
Since running `sudo apt install neo4j` didn’t work on Kali Linux, I followed the [Neo4j Debian installation guide](https://neo4j.com/docs/operations-manual/current/installation/linux/debian/#debian-installation) to get Neo4j Enterprise up and running.
2. Database Setup:
Before restoring the provided database, I had to create a new Neo4j database as a destination. This ensured I could restore the backup file smoothly.
3. Restoring the Database:
Using the command `sudo neo4j-admin database restore`, I restored the database backup provided in the challenge, ensuring to use `--overwrite-destination=true` to avoid any conflicts.
Where and how to query:
When working with Neo4j commands, it’s important to know where each type of command should be executed. Here's a quick reference:
1. Neo4j Browser (or Neo4j Desktop):
- Cypher Queries: Run general database queries like `MATCH` statements to retrieve or manipulate data.
- Command Examples:
- `MATCH (n) RETURN n LIMIT 10;`
- `MATCH (a:Account) RETURN count(a);`
- Access: Neo4j Browser can be accessed by navigating to `http://localhost:7474` in your browser if Neo4j is running locally.
2. Neo4j Admin (Command Line):
- Database Management: Use `neo4j-admin` commands for setup, backups, restores, or other administrative tasks that affect the database structure.
- Command Examples:
- `neo4j-admin database restore --from-path=/path/to/backup --database=<database_name>`
- Access: Run these commands in the terminal on the server where Neo4j is installed.
3. Cypher Shell:
- For command-line access to Cypher queries and some database management tasks.
- Command Examples:
- `cypher-shell -u neo4j -p <password> "MATCH (n) RETURN n LIMIT 10"`
- Access: Typically installed with Neo4j, accessible via `cypher-shell` command.
For most tasks related to querying data, the Neo4j Browser or Cypher Shell is preferred. For setup and database maintenance, use `neo4j-admin` in the command line.
Challenge Questions and Query Walkthrough
1. Total Number of Nodes in the Database
To get the total count of nodes, I used:
MATCH (n) RETURN count(n);
This command gave a quick total of all nodes in the graph.
2. How Many `Account` Nodes Are in the Database?
MATCH (n:Account) RETURN count(n);
Counting the `Account` nodes helped narrow down the scope to accounts only.
3. How Many Accounts Are Registered from IP Address `88.236.1.190`?
MATCH (a:Account {register_ip_address: '88.236.1.190'}) RETURN count(a);
4. How Many Users Created Multiple Accounts with the Same IP Address?
MATCH (a:Account)
WITH a.register_ip_address AS ip, count(a) AS count
WHERE count > 1
RETURN ip, count;
This helped identify any IP addresses tied to multiple accounts.
5. What Physical Address Has Been Used Multiple Times?
MATCH (a:Account)
WITH a.address AS address, count(a) AS count
WHERE count > 1
RETURN address;
6. Which Credit Card Number Is Attached to Multiple Accounts?
MATCH (cc:CreditCard)
WITH cc.card_number AS card_number, count(cc) AS count
WHERE count > 1
RETURN card_number;
7. When Was the Account with Username `obhandari` Created?
MATCH (a:Account {username: 'obhandari'}) RETURN a.created_at;
8. How Many Accounts Using the Credit Card Number from Question 6 Use the Same Registered IP Address?
MATCH (a:Account)-[:USES]->(cc:CreditCard)
WHERE cc.card_number = '[card number from Q6]'
RETURN a.register_ip_address, count(a);
This approach, using a combination of database setup, Cypher commands, and careful querying, allowed me to solve each question in a straightforward way. For anyone new to Neo4j, this challenge is a great intro to querying graph databases on a technical OS like Kali Linux!