## lib-tcp.ps1 ## Library file containing these functions: ## Write-TcpPort, Scan-Http ## Title: Write-TcpPort ## Filter input to a service on a remote TCP port filter Write-TcpPort { param( [string] $remoteHost = "localhost", [int] $port = 80 ) ## Open the socket, and connect to the computer on the specified port $socket = new-object System.Net.Sockets.TcpClient($remoteHost, $port) if($socket -eq $null) { return; } $stream = $socket.GetStream() $writer = new-object System.IO.StreamWriter($stream) $buffer = new-object System.Byte[] 1024 $encoding = new-object System.Text.AsciiEncoding while($TRUE) { ## Allow data to buffer for a bit start-sleep -m 500 ## Read all the data available from the stream, writing it to the ## screen when done. while($stream.DataAvailable) { $read = $stream.Read($buffer, 0, 1024) write-host -n ($encoding.GetString($buffer, 0, $read)) } ## Write command from pipeline to the remote host $cmd = $Input | out-string $writer.WriteLine($cmd) $writer.Flush() } ## Close the streams # $writer.Close() # $stream.Close() } ## Title: Scan-Http ## Description: Scans one or more web-server targets and reports status codes function Scan-http { param ($Path = "/", [system.uri]$fullURL) Begin { # initialize the COM object which handles the HTTP connections $xHTTP = new-object -com msxml2.xmlhttp $Output = @() # Create the array which will hold the output report } Process { # If there's anything in the pipeline, use it, otherwise, look for a target URL to be specified if ($_) { $url = "http://$_$Path" } else { if ($fullURL) { $url = $fullURL } else { write-error "No targets defined." break } } # Create a custom object to hold the results from the scan $process = "" | select-object TargetUrl,StatusCode,StatusText,Server # Perform an HTTP "GET" on the target $xHTTP.open("GET",$url,$FALSE) $xHTTP.send() # Assign properties to our custom object $process.TargetUrl = $url $process.StatusCode = $xHTTP.Status # returns the status code such as "404" $process.StatusText = $xHTTP.StatusText # text such as "Not found" $process.Server = $xHTTP.getResponseHeader("Server") # Server type if provided by web server # Add the custom object to our output collection $Output += $process } End { Write-Output $Output # Will send the output to screen or pipeline } } function Fix-LMCDNS { $lmc = gwmi Win32_NetworkAdapterConfiguration | where { $_.description -match "mobility" ` -and $_.dhcpenabled -eq $TRUE } $lmc.SetDNSServerSearchOrder( @("209.134.169.85","9.0.2.1","10.2.1.11","9.0.4.1") ) } function Reset-LMCDNS { $lmc = gwmi Win32_NetworkAdapterConfiguration | where { $_.description -match "mobility" ` -and $_.dhcpenabled -eq $TRUE } $lmc.SetDNSServerSearchOrder( @("9.0.2.1","9.0.4.1","209.134.169.85") ) } function Get-NmapScan { param ( $NmapParameters = $( Throw "Please specify nmap command-line parameters." ), [switch] $Open, [switch] $Verbose, [switch] $Xml ) if ($Verbose) { $VerbosePreference, $ErrorActionPreference = "Continue" } else { $VerbosePreference, $ErrorActionPreference = "SilentlyContinue" } $filename = [System.IO.Path]::GetRandomFileName() $cmd = "nmap.exe -oX $filename $NmapParameters" write-verbose "$(get-date -f 's') Command line: $cmd" write-verbose "$(get-date -f 's') NMAP scan in progress..." invoke-expression $cmd > $null write-verbose "$(get-date -f 's') NMAP scan complete" [xml] $XmlResult = get-content $filename remove-item $filename if ($Xml) { return $XmlResult; } $Output = @() $XmlResult.nmaprun.host | foreach-object { $myObj = "" | Select-Object IpAddress, Hostname, Protocol, Port, State, Service $myObj.IpAddress = $_.address.addr $myObj.Hostname = $_.hostnames.hostname $myObj.Protocol = $_.ports.port.protocol $myObj.Port = $_.ports.port.portid $myObj.State = $_.ports.port.state $myObj.Service = $_.ports.port.service.name $Output += $myObj } write-output $Output } function Test-Port{ param( [string]$srv = "127.0.0.1", $port=135, $timeout=1000, [switch]$verbose ) $ErrorActionPreference = "SilentlyContinue" $tcpclient = new-Object system.Net.Sockets.TcpClient $iar = $tcpclient.BeginConnect( $srv, $port, $null, $null ) $wait = $iar.AsyncWaitHandle.WaitOne( $timeout, $FALSE ) if ( !$wait ) { $tcpclient.Close() if($verbose){Write-Host "Connection Timeout"} return $FALSE } else { $Error.Clear() $tcpclient.EndConnect( $iar ) | out-Null if ($Error[0]) { if ($verbose) { write-host $Error[0] } $failed = $TRUE } $tcpclient.Close() } if ($failed) {return $FALSE} else {return $TRUE} } filter Select-Alive { param ( [switch]$Verbose ) trap { Write-Verbose "$(get-date -f 's') ping failed: $computer" continue } if ($Verbose) { $VerbosePreference = "continue" $ErrorActionPreference = "continue" } else { $VerbosePreference = "silentlycontinue" $ErrorActionPreference = "silentlycontinue" } Write-Verbose "$(get-date -f 's') ping start" $ping = New-Object System.Net.NetworkInformation.Ping $reply = $null $_ | foreach-object { $obj = $_ # Accomodate different input object types # thx Gaurhoth (http://thepowershellguy.com/blogs/gaurhoth/archive/2007/10/08/an-example-of-how-to-use-new-taskpool.aspx) switch ($obj.psbase.gettype().name) { "DirectoryEntry" { $cn = $obj.dnshostname[0] } "IPHostEntry" { $cn = $obj.HostName } "PSCustomObject" { $cn = $obj.Name } "SearchResult" { $cn = $obj.properties['dnshostname'][0] } "String" { $cn = $obj.trim() } } Write-Verbose "$(get-date -f 's') pinging $cn..." $searchCount++ $reply = $ping.Send($cn) if ($reply.status -eq "Success") { $cn; $pingCount++ } } Write-Verbose "$(get-date -f 's') ping end - $pingCount/$searchCount online" }