Skip to content

for Linux

Shusei Tomonaga edited this page Dec 21, 2022 · 4 revisions

1. Install packages
2. Install Neo4j
3. Clone LogonTracer git repository
4. Install python3 requirements

The following is an example of installing LogonTracer on Debian. Special Thanks to @nepobef for a very comprehensive install guide!

Install packages

If you do not have Java installed, please check this page and install it.

Notes: This tool supports Python3.7.0 or later.

Install Neo4j

Download URL (Neo4j Community or Enterprise Linux/Mac tarball)
Please check the Neo4j web site and install Neo4j.

Notes: This tool support Neo4j 4.4.

Change Neo4j configuration to allow remote access

$ cd [NEO4J_HOME]
$ vi conf/neo4j.conf

Find the Bolt connector section in the config file and enable it to listen on all interfaces

# Bolt connector
dbms.connector.bolt.enabled=true
#dbms.connector.bolt.tls_level=OPTIONAL
#dbms.connector.bolt.listen_address=:7687 <-- here

And modify the line as follows

dbms.connector.bolt.listen_address=0.0.0.0:7687 <-- remove the # and insert 0.0.0.0 before the colon

Find the section for HTTP Connector and enable it to listen on all interfaces

# HTTP Connector. There must be exactly one HTTP connector.
dbms.connector.http.enabled=true
#dbms.connector.http.listen_address=:7474 <-- this line

Modify last line as follows

dbms.connector.http.listen_address=0.0.0.0:7474 <-- remove the # and insert 0.0.0.0 before the colon

Restart Neo4j

$ ./bin/neo4j console &

Login to Neo4j and change the Neo4j user password

From the host OS browser to the your linux with the port 7474.

http://[IP_Address]:7474

Login with the default username(neo4j) and password(neo4j). Then you'll be prompted to change the password.

Clone LogonTracer git repository

$ git clone https://github.com/JPCERTCC/LogonTracer.git

Install python3 requirements

$ pip3 install -r LogonTracer/requirements.txt

That's it. Now move on to How to Use!

Clone this wiki locally