Feature: Shortest Path from Owned Principals

[0xGreen]

Feature Description

"Shortest Path from Owned Principals" cypher queries are not yet implemented in BloodhoundCE. It would be really nice to have these. At multiple occasion i needed "Shortest Path from Owned Principals" queries, but one way or another the information was somehow available, recently HackTheBox Machine named "Jab" the path was no where to found with Bloodhound CE, However, it was just a click away with BloodHound 4.3.1. Would like to request if these cypher queries can be added.

Also, I tried some basic custom queries around "Owned Principals" with the help of chat GPT but none worked.

Are you intending to implement this feature?

No, unfortunately, don't have that skillset

Current Behavior

Important Queries are missing and there is no ways to find the attack path if you have owned principals. A very obvious path got missed.

Desired Behavior

Show the attack path as in the image above, which was displayed with BloodHound 4.3.1.

It would also be nice to add other cypher queries related to "Owned Principals", e.g. "Shortest Path to Domain Admin from Owned Principals" etc.

Use Case

In my opinion, various use cases, whenever you have an owned principal, it would be nice to know where you can go from there.

[TactiFail]

Yeah this is desperately missed in the new version. Between this and the missing "Owned" icon on the graphs, it feels like a huge step backwards.

[StephenHinck]

Hey folks, we've got an upcoming surge of work that will cover several features including those mentioned related to Owned principals. Stay tuned!

[olafhartong]

just spotted this lovely PR #795