diff options
| author | Kevin Robertson <robertsonk@gmail.com> | 2016-10-17 21:21:48 -0400 |
|---|---|---|
| committer | Kevin Robertson <robertsonk@gmail.com> | 2016-10-17 21:21:48 -0400 |
| commit | 841bc1584525af51b5d9fbbfee374bb2c9a7348d (patch) | |
| tree | 54d141169dce5f56f590a8e886b599909b32f2bc /Scripts/Inveigh-Relay.ps1 | |
| parent | c40dc8cade7b878b556c4745abd4febb36835b68 (diff) | |
| download | Inveigh-841bc1584525af51b5d9fbbfee374bb2c9a7348d.tar.gz Inveigh-841bc1584525af51b5d9fbbfee374bb2c9a7348d.zip | |
Fixes for startup checks
Added @6cyril's improved netstat checks. Added StartupChecks parameter
for an easy way to disable checks if they get in the way.
Diffstat (limited to 'Scripts/Inveigh-Relay.ps1')
| -rw-r--r-- | Scripts/Inveigh-Relay.ps1 | 21 |
1 files changed, 17 insertions, 4 deletions
diff --git a/Scripts/Inveigh-Relay.ps1 b/Scripts/Inveigh-Relay.ps1 index f766b71..ef5f5f4 100644 --- a/Scripts/Inveigh-Relay.ps1 +++ b/Scripts/Inveigh-Relay.ps1 @@ -80,6 +80,9 @@ enabled. .PARAMETER RunTime (Integer) Run time duration in minutes. +.PARAMETER StartupChecks +Default = Enabled: (Y/N) Enable/Disable checks for in use ports and running services on startup. + .PARAMETER ShowHelp Default = Enabled: (Y/N) Enable/Disable the help messages at startup. @@ -111,6 +114,7 @@ param [parameter(Mandatory=$false)][ValidateSet("Y","N")][String]$MachineAccounts = "N", [parameter(Mandatory=$false)][ValidateSet("Y","N")][String]$ShowHelp = "Y", [parameter(Mandatory=$false)][ValidateSet("Y","N")][String]$SMBRelayAutoDisable = "Y", + [parameter(Mandatory=$false)][ValidateSet("Y","N")][String]$StartupChecks = "Y", [parameter(Mandatory=$false)][ValidateSet("Anonymous","NTLM")][String]$WPADAuth = "NTLM", [parameter(Mandatory=$false)][ValidateSet("0","1","2")][String]$Tool = "0", [parameter(Mandatory=$false)][ValidateScript({Test-Path $_})][String]$OutputDir = "", @@ -242,7 +246,10 @@ else $inveigh.status_queue.Add("Inveigh Relay started at $(Get-Date -format 's')") > $null $inveigh.log.Add($inveigh.log_file_queue[$inveigh.log_file_queue.Add("$(Get-Date -format 's') - Inveigh Relay started")]) > $null -$firewall_status = netsh advfirewall show allprofiles state | Where-Object {$_ -match 'ON'} +if($StartupChecks -eq 'Y') +{ + $firewall_status = netsh advfirewall show allprofiles state | Where-Object {$_ -match 'ON'} +} if($firewall_status) { @@ -260,7 +267,10 @@ if($firewall_status) if($HTTP -eq 'Y') { - $HTTP_port_check = netstat -anp TCP | findstr 0.0.0.0:80 + if($StartupChecks -eq 'Y') + { + $HTTP_port_check = netstat -anp TCP | findstr LISTENING | findstr /C:":80 " + } if($HTTP_port_check) { @@ -283,11 +293,14 @@ else if($HTTPS -eq 'Y') { - $HTTPS_port_check = netstat -anp TCP | findstr 0.0.0.0:443 + if($StartupChecks -eq 'Y') + { + $HTTPS_port_check = netstat -anp TCP | findstr LISTENING | findstr /C:":443 " + } if($HTTPS_port_check) { - $inveigh.HTTP = $true + $inveigh.HTTPS = $false $inveigh.status_queue.Add("HTTPS Capture/Relay Disabled Due To In Use Port 443") > $null } else |