knavesec
Some major optimizations on cypher queries
So, max struggles on really large databases. High value users cracked took a couple hours, and Domain Admin members cracked didn't finish, despite letting it run overnight. I've optimized these problems into the past, max now chews through it in less than a minute.
For comparison, here's the stats for the DB I'm operating on
I haven't looked at the "High intensity" queries, they scare me. I barely understand why the optimizations I've already done work, I foresee several more hours of head-bashing in my future when I get to those
Total time is now a couple minutes, vs DNF.
┌──(kali㉿kali)-[~/git/Max]
└─$ time python3 ./max.py dpat -o /tmp/dpat-test --html --noparse
[+] Querying for "All User Accounts"
[*] Done in 0.9340991973876953 seconds
[+] Querying for "All User Accounts Cracked"
[*] Done in 0.7245879173278809 seconds
[+] Querying for "Enabled User Accounts Cracked"
[*] Done in 0.6633918285369873 seconds
[+] Querying for "High Value User Accounts Cracked"
[*] Done in 0.022990703582763672 seconds
[+] Querying for "Domain Admin Members"
[*] Done in 0.03940081596374512 seconds
[+] Querying for "Domain Admin Members Cracked"
[*] Done in 0.04153704643249512 seconds
[+] Querying for "Enterprise Admin Members"
[*] Done in 0.043781280517578125 seconds
[+] Querying for "Enterprise Admin Accounts Cracked"
[*] Done in 0.0340726375579834 seconds
[+] Querying for "Administrator Group Members"
[*] Done in 0.04144740104675293 seconds
[+] Querying for "Administrator Group Member Accounts Cracked"
[*] Done in 0.037444353103637695 seconds
[+] Querying for "Kerberoastable Users Cracked"
[*] Done in 0.10801506042480469 seconds
[+] Querying for "Accounts Not Requiring Kerberos Pre-Authentication Cracked"
[*] Done in 0.08888125419616699 seconds
[+] Querying for "Unconstrained Delegation Accounts Cracked"
[*] Done in 0.10851049423217773 seconds
[+] Querying for "Inactive Accounts (Last Used Over 6mos Ago) Cracked"
[*] Done in 0.17684030532836914 seconds
[+] Querying for "Accounts With Passwords Set Over 1yr Ago Cracked"
[*] Done in 0.777630090713501 seconds
[+] Querying for "Accounts With Passwords That Never Expire Cracked"
[*] Done in 0.7179906368255615 seconds
[+] Querying for "Accounts With Paths To Unconstrained Delegation Objects Cracked (Excluding DCs)"
[*] Done in 59.37591004371643 seconds
[+] Querying for "Accounts With Paths To High Value Targets Cracked"
[*] Done in 165.70466709136963 seconds
[+] Querying for "Accounts With Explicit Admin Rights Cracked"
[*] Done in 0.006938457489013672 seconds
[+] Querying for "Accounts With Group Delegated Admin Rights Cracked"
[*] Done in 0.049982309341430664 seconds
[+] Querying for "Accounts With Explicit Controlling Privileges Cracked"
[*] Done in 0.4140133857727051 seconds
[+] Querying for "Accounts With Group Delegated Controlling Privileges Cracked"
[*] Done in 132.02647495269775 seconds
[+] Querying for Group Statistics
[+] Generating Overall Statistics
[+] Writing HTML files
[+] Report has been written to the "Report.html" file in the "/tmp/dpat-test/" directory
[+] Would you like to open the report now? [Y/n]
n
real 381.04s
user 5.77s
sys 3.86s
cpu 2%
I'd appreciate anyone else looking at this timing it on other databases, the one I'm using is a fairly cursed one.
Must have missed this PR a while ago, looks awesome man! Thanks for the additions
