diff options
| author | Harmj0y <will@harmj0y.net> | 2015-12-14 19:01:10 -0500 |
|---|---|---|
| committer | Harmj0y <will@harmj0y.net> | 2015-12-14 19:01:10 -0500 |
| commit | 5690b09027b53a5932e42399f6943e03fa32e549 (patch) | |
| tree | 37fe4dd34522190ca205edec69a6d5e1debab951 | |
| parent | e2993b63aaf09026a11dc3ba2f0ae4a364f27113 (diff) | |
| download | PowerSploit-5690b09027b53a5932e42399f6943e03fa32e549.tar.gz PowerSploit-5690b09027b53a5932e42399f6943e03fa32e549.zip | |
Get-NetDomain now not called if -ComputerName or -ComputerFile are passed for meta functions, in order to prevent failure when running on a non-domain joined machine
took out FQDN Pester tests from Recon.tests.ps1 that used $env:userdnsdomain
| -rw-r--r-- | Recon/PowerView.ps1 | 230 | ||||
| -rw-r--r-- | Tests/Recon.tests.ps1 | 171 |
2 files changed, 173 insertions, 228 deletions
diff --git a/Recon/PowerView.ps1 b/Recon/PowerView.ps1 index 46285f4..57a5789 100644 --- a/Recon/PowerView.ps1 +++ b/Recon/PowerView.ps1 @@ -7914,32 +7914,33 @@ function Invoke-UserHunter { Write-Verbose "[*] Running Invoke-UserHunter with delay of $Delay" - if($Domain) { - $TargetDomains = @($Domain) - } - elseif($SearchForest) { - # get ALL the domains in the forest to search - $TargetDomains = Get-NetForestDomain | ForEach-Object { $_.Name } - } - else { - # use the local domain - $TargetDomains = @( (Get-NetDomain).name ) - } - ##################################################### # # First we build the host target set # ##################################################### + if($ComputerFile) { + # if we're using a host list, read the targets in and add them to the target list + $ComputerName = Get-Content -Path $ComputerFile + } + if(!$ComputerName) { [Array]$ComputerName = @() - - if($ComputerFile) { - # if we're using a host list, read the targets in and add them to the target list - $ComputerName = Get-Content -Path $ComputerFile + + if($Domain) { + $TargetDomains = @($Domain) + } + elseif($SearchForest) { + # get ALL the domains in the forest to search + $TargetDomains = Get-NetForestDomain | ForEach-Object { $_.Name } } - elseif($Stealth) { + else { + # use the local domain + $TargetDomains = @( (Get-NetDomain).name ) + } + + if($Stealth) { Write-Verbose "Stealth mode! Enumerating commonly used servers" Write-Verbose "Stealth source: $StealthSource" @@ -8020,7 +8021,12 @@ function Invoke-UserHunter { elseif($UserName) { Write-Verbose "[*] Using target user '$UserName'..." $User = New-Object PSObject - $User | Add-Member Noteproperty 'MemberDomain' $TargetDomains[0] + if($TargetDomains) { + $User | Add-Member Noteproperty 'MemberDomain' $TargetDomains[0] + } + else { + $User | Add-Member Noteproperty 'MemberDomain' $Null + } $User | Add-Member Noteproperty 'MemberName' $UserName.ToLower() $TargetUsers = @($User) } @@ -8028,7 +8034,12 @@ function Invoke-UserHunter { elseif($UserFile) { $TargetUsers = Get-Content -Path $UserFile | ForEach-Object { $User = New-Object PSObject - $User | Add-Member Noteproperty 'MemberDomain' $TargetDomains[0] + if($TargetDomains) { + $User | Add-Member Noteproperty 'MemberDomain' $TargetDomains[0] + } + else { + $User | Add-Member Noteproperty 'MemberDomain' $Null + } $User | Add-Member Noteproperty 'MemberName' $_ $User } | Where-Object {$_} @@ -8507,37 +8518,37 @@ function Invoke-ProcessHunter { Write-Verbose "[*] Running Invoke-ProcessHunter with delay of $Delay" - if($Domain) { - $TargetDomains = @($Domain) - } - elseif($SearchForest) { - # get ALL the domains in the forest to search - $TargetDomains = Get-NetForestDomain | ForEach-Object { $_.Name } - } - else { - # use the local domain - $TargetDomains = @( (Get-NetDomain).name ) - } - ##################################################### # # First we build the host target set # ##################################################### + # if we're using a host list, read the targets in and add them to the target list + if($ComputerFile) { + $ComputerName = Get-Content -Path $ComputerFile + } + if(!$ComputerName) { - # if we're using a host list, read the targets in and add them to the target list - if($ComputerFile) { - $ComputerName = Get-Content -Path $ComputerFile + [array]$ComputerName = @() + + if($Domain) { + $TargetDomains = @($Domain) + } + elseif($SearchForest) { + # get ALL the domains in the forest to search + $TargetDomains = Get-NetForestDomain | ForEach-Object { $_.Name } } else { - [array]$ComputerName = @() - ForEach ($Domain in $TargetDomains) { - Write-Verbose "[*] Querying domain $Domain for hosts" - $ComputerName += Get-NetComputer -Domain $Domain -DomainController $DomainController -Filter $ComputerFilter -ADSpath $ComputerADSpath - } + # use the local domain + $TargetDomains = @( (Get-NetDomain).name ) } + ForEach ($Domain in $TargetDomains) { + Write-Verbose "[*] Querying domain $Domain for hosts" + $ComputerName += Get-NetComputer -Domain $Domain -DomainController $DomainController -Filter $ComputerFilter -ADSpath $ComputerADSpath + } + # remove any null target hosts, uniquify the list and shuffle it $ComputerName = $ComputerName | Where-Object { $_ } | Sort-Object -Unique | Sort-Object { Get-Random } if($($ComputerName.Count) -eq 0) { @@ -9178,7 +9189,13 @@ function Invoke-ShareFinder { $ExcludedShares = @('', "ADMIN$", "IPC$", "C$", "PRINT$") } + # if we're using a host file list, read the targets in and add them to the target list + if($ComputerFile) { + $ComputerName = Get-Content -Path $ComputerFile + } + if(!$ComputerName) { + [array]$ComputerName = @() if($Domain) { $TargetDomains = @($Domain) @@ -9191,19 +9208,12 @@ function Invoke-ShareFinder { # use the local domain $TargetDomains = @( (Get-NetDomain).name ) } - - # if we're using a host file list, read the targets in and add them to the target list - if($ComputerFile) { - $ComputerName = Get-Content -Path $ComputerFile - } - else { - [array]$ComputerName = @() - ForEach ($Domain in $TargetDomains) { - Write-Verbose "[*] Querying domain $Domain for hosts" - $ComputerName += Get-NetComputer -Domain $Domain -DomainController $DomainController -Filter $ComputerFilter -ADSpath $ComputerADSpath - } + + ForEach ($Domain in $TargetDomains) { + Write-Verbose "[*] Querying domain $Domain for hosts" + $ComputerName += Get-NetComputer -Domain $Domain -DomainController $DomainController -Filter $ComputerFilter -ADSpath $ComputerADSpath } - + # remove any null target hosts, uniquify the list and shuffle it $ComputerName = $ComputerName | Where-Object { $_ } | Sort-Object -Unique | Sort-Object { Get-Random } if($($ComputerName.count) -eq 0) { @@ -9621,18 +9631,6 @@ function Invoke-FileFinder { } } - if($Domain) { - $TargetDomains = @($Domain) - } - elseif($SearchForest) { - # get ALL the domains in the forest to search - $TargetDomains = Get-NetForestDomain | ForEach-Object { $_.Name } - } - else { - # use the local domain - $TargetDomains = @( (Get-NetDomain).name ) - } - # if we're hard-passed a set of shares if($ShareList) { ForEach ($Item in Get-Content -Path $ShareList) { @@ -9643,34 +9641,51 @@ function Invoke-FileFinder { } } } - if($SearchSYSVOL) { - ForEach ($Domain in $TargetDomains) { - $DCSearchPath = "\\$Domain\SYSVOL\" - Write-Verbose "[*] Adding share search path $DCSearchPath" - $Shares += $DCSearchPath - } - if(!$Terms) { - # search for interesting scripts on SYSVOL - $Terms = @('.vbs', '.bat', '.ps1') - } - } else { - # if we're using a host list, read the targets in and add them to the target list + # if we're using a host file list, read the targets in and add them to the target list if($ComputerFile) { $ComputerName = Get-Content -Path $ComputerFile } - else { - [array]$ComputerName = @() - ForEach ($Domain in $TargetDomains) { - Write-Verbose "[*] Querying domain $Domain for hosts" - $ComputerName += Get-NetComputer -Filter $ComputerFilter -ADSpath $ComputerADSpath -Domain $Domain -DomainController $DomainController + + if(!$ComputerName) { + + if($Domain) { + $TargetDomains = @($Domain) + } + elseif($SearchForest) { + # get ALL the domains in the forest to search + $TargetDomains = Get-NetForestDomain | ForEach-Object { $_.Name } + } + else { + # use the local domain + $TargetDomains = @( (Get-NetDomain).name ) } - } - # remove any null target hosts, uniquify the list and shuffle it - $ComputerName = $ComputerName | Where-Object { $_ } | Sort-Object -Unique | Sort-Object { Get-Random } - if($($ComputerName.Count) -eq 0) { - throw "No hosts found!" + if($SearchSYSVOL) { + ForEach ($Domain in $TargetDomains) { + $DCSearchPath = "\\$Domain\SYSVOL\" + Write-Verbose "[*] Adding share search path $DCSearchPath" + $Shares += $DCSearchPath + } + if(!$Terms) { + # search for interesting scripts on SYSVOL + $Terms = @('.vbs', '.bat', '.ps1') + } + } + else { + [array]$ComputerName = @() + + ForEach ($Domain in $TargetDomains) { + Write-Verbose "[*] Querying domain $Domain for hosts" + $ComputerName += Get-NetComputer -Filter $ComputerFilter -ADSpath $ComputerADSpath -Domain $Domain -DomainController $DomainController + } + + # remove any null target hosts, uniquify the list and shuffle it + $ComputerName = $ComputerName | Where-Object { $_ } | Sort-Object -Unique | Sort-Object { Get-Random } + if($($ComputerName.Count) -eq 0) { + throw "No hosts found!" + } + } } } @@ -9953,8 +9968,15 @@ function Find-LocalAdminAccess { $RandNo = New-Object System.Random Write-Verbose "[*] Running Find-LocalAdminAccess with delay of $Delay" - + + # if we're using a host list, read the targets in and add them to the target list + if($ComputerFile) { + $ComputerName = Get-Content -Path $ComputerFile + } + if(!$ComputerName) { + [array]$ComputerName = @() + if($Domain) { $TargetDomains = @($Domain) } @@ -9967,18 +9989,11 @@ function Find-LocalAdminAccess { $TargetDomains = @( (Get-NetDomain).name ) } - # if we're using a host list, read the targets in and add them to the target list - if($ComputerFile) { - $ComputerName = Get-Content -Path $ComputerFile - } - else { - [array]$ComputerName = @() - ForEach ($Domain in $TargetDomains) { - Write-Verbose "[*] Querying domain $Domain for hosts" - $ComputerName += Get-NetComputer -Filter $ComputerFilter -ADSpath $ComputerADSpath -Domain $Domain -DomainController $DomainController - } + ForEach ($Domain in $TargetDomains) { + Write-Verbose "[*] Querying domain $Domain for hosts" + $ComputerName += Get-NetComputer -Filter $ComputerFilter -ADSpath $ComputerADSpath -Domain $Domain -DomainController $DomainController } - + # remove any null target hosts, uniquify the list and shuffle it $ComputerName = $ComputerName | Where-Object { $_ } | Sort-Object -Unique | Sort-Object { Get-Random } if($($ComputerName.Count) -eq 0) { @@ -10521,7 +10536,13 @@ function Invoke-EnumerateLocalAdmin { Write-Verbose "[*] Running Invoke-EnumerateLocalAdmin with delay of $Delay" + # if we're using a host list, read the targets in and add them to the target list + if($ComputerFile) { + $ComputerName = Get-Content -Path $ComputerFile + } + if(!$ComputerName) { + [array]$ComputerName = @() if($Domain) { $TargetDomains = @($Domain) @@ -10535,18 +10556,11 @@ function Invoke-EnumerateLocalAdmin { $TargetDomains = @( (Get-NetDomain).name ) } - # if we're using a host list, read the targets in and add them to the target list - if($ComputerFile) { - $ComputerName = Get-Content -Path $ComputerFile - } - else { - [array]$ComputerName = @() - ForEach ($Domain in $TargetDomains) { - Write-Verbose "[*] Querying domain $Domain for hosts" - $ComputerName += Get-NetComputer -Filter $ComputerFilter -ADSpath $ComputerADSpath -Domain $Domain -DomainController $DomainController - } + ForEach ($Domain in $TargetDomains) { + Write-Verbose "[*] Querying domain $Domain for hosts" + $ComputerName += Get-NetComputer -Filter $ComputerFilter -ADSpath $ComputerADSpath -Domain $Domain -DomainController $DomainController } - + # remove any null target hosts, uniquify the list and shuffle it $ComputerName = $ComputerName | Where-Object { $_ } | Sort-Object -Unique | Sort-Object { Get-Random } if($($ComputerName.Count) -eq 0) { diff --git a/Tests/Recon.tests.ps1 b/Tests/Recon.tests.ps1 index 3e6679e..8fd3d75 100644 --- a/Tests/Recon.tests.ps1 +++ b/Tests/Recon.tests.ps1 @@ -163,11 +163,6 @@ Describe "Get-NetLocalGroup" { It "Should accept -GroupName argument" { {Get-NetLocalGroup -GroupName "Remote Desktop Users"} | Should Not Throw } - It "Should accept FQDN -ComputerName argument" { - if ( (Get-NetLocalGroup -ComputerName "$env:computername.$env:userdnsdomain" | Measure-Object).count -lt 1) { - Throw "Incorrect local administrators returned" - } - } It "Should accept NETBIOS -ComputerName argument" { if ( (Get-NetLocalGroup -ComputerName "$env:computername" | Measure-Object).count -lt 1) { Throw "Incorrect local administrators returned" @@ -179,7 +174,7 @@ Describe "Get-NetLocalGroup" { } } It "Should accept pipeline input" { - if ( ( "$env:computername.$env:userdnsdomain" | Get-NetLocalGroup | Measure-Object).count -lt 1) { + if ( ( "$env:computername" | Get-NetLocalGroup | Measure-Object).count -lt 1) { Throw "Incorrect local administrators returned" } } @@ -192,11 +187,6 @@ Describe "Get-NetShare" { Throw "Incorrect share results returned" } } - It "Should accept FQDN -ComputerName argument" { - if ( (Get-NetShare -ComputerName "$env:computername.$env:userdnsdomain" | Measure-Object).count -lt 1) { - Throw "Incorrect local administrators returned" - } - } It "Should accept NETBIOS -ComputerName argument" { if ( (Get-NetShare -ComputerName "$env:computername" | Measure-Object).count -lt 1) { Throw "Incorrect local administrators returned" @@ -208,7 +198,7 @@ Describe "Get-NetShare" { } } It "Should accept pipeline input" { - if ( ( "$env:computername.$env:userdnsdomain" | Get-NetShare | Measure-Object).count -lt 1) { + if ( ( "$env:computername" | Get-NetShare | Measure-Object).count -lt 1) { Throw "Incorrect local administrators returned" } } @@ -221,11 +211,6 @@ Describe "Get-NetLoggedon" { Throw "Incorrect loggedon results returned" } } - It "Should accept FQDN -ComputerName argument" { - if ( (Get-NetLoggedon -ComputerName "$env:computername.$env:userdnsdomain" | Measure-Object).count -lt 1) { - Throw "Incorrect loggedon results returned" - } - } It "Should accept NETBIOS -ComputerName argument" { if ( (Get-NetLoggedon -ComputerName "$env:computername" | Measure-Object).count -lt 1) { Throw "Incorrect loggedon results returned" @@ -237,7 +222,7 @@ Describe "Get-NetLoggedon" { } } It "Should accept pipeline input" { - if ( ( "$env:computername.$env:userdnsdomain" | Get-NetLoggedon | Measure-Object).count -lt 1) { + if ( ( "$env:computername" | Get-NetLoggedon | Measure-Object).count -lt 1) { Throw "Incorrect local administrators returned" } } @@ -250,11 +235,6 @@ Describe "Get-NetSession" { Throw "Incorrect session results returned" } } - It "Should accept FQDN -ComputerName argument" { - if ( (Get-NetSession -ComputerName "$env:computername.$env:userdnsdomain" | Measure-Object).count -lt 1) { - Throw "Incorrect session results returned" - } - } It "Should accept NETBIOS -ComputerName argument" { if ( (Get-NetSession -ComputerName "$env:computername" | Measure-Object).count -lt 1) { Throw "Incorrect session results returned" @@ -269,7 +249,7 @@ Describe "Get-NetSession" { {Get-NetSession -UserName 'Administrator'} | Should Not Throw } It "Should accept pipeline input" { - {"$env:computername.$env:userdnsdomain" | Get-NetSession} | Should Not Throw + {"$env:computername" | Get-NetSession} | Should Not Throw } } @@ -280,11 +260,6 @@ Describe "Get-NetRDPSession" { Throw "Incorrect session results returned" } } - It "Should accept FQDN -ComputerName argument" { - if ( (Get-NetRDPSession -ComputerName "$env:computername.$env:userdnsdomain" | Measure-Object).count -lt 1) { - Throw "Incorrect session results returned" - } - } It "Should accept NETBIOS -ComputerName argument" { if ( (Get-NetRDPSession -ComputerName "$env:computername" | Measure-Object).count -lt 1) { Throw "Incorrect session results returned" @@ -296,7 +271,7 @@ Describe "Get-NetRDPSession" { } } It "Should accept pipeline input" { - {"$env:computername.$env:userdnsdomain" | Get-NetRDPSession} | Should Not Throw + {"$env:computername" | Get-NetRDPSession} | Should Not Throw } } @@ -305,9 +280,6 @@ Describe "Invoke-CheckLocalAdminAccess" { It "Should Not Throw for localhost" { {Invoke-CheckLocalAdminAccess} | Should Not Throw } - It "Should accept FQDN -ComputerName argument" { - {Invoke-CheckLocalAdminAccess -ComputerName "$env:computername.$env:userdnsdomain"} | Should Not Throw - } It "Should accept NETBIOS -ComputerName argument" { {Invoke-CheckLocalAdminAccess -ComputerName "$env:computername"} | Should Not Throw } @@ -315,7 +287,7 @@ Describe "Invoke-CheckLocalAdminAccess" { {Invoke-CheckLocalAdminAccess -ComputerName $LocalIP} | Should Not Throw } It "Should accept pipeline input" { - {"$env:computername.$env:userdnsdomain" | Invoke-CheckLocalAdminAccess} | Should Not Throw + {"$env:computername" | Invoke-CheckLocalAdminAccess} | Should Not Throw } } @@ -326,11 +298,6 @@ Describe "Get-LastLoggedOn" { Throw "Incorrect loggedon results returned" } } - It "Should accept FQDN -ComputerName argument" { - if ( (Get-LastLoggedOn -ComputerName "$env:computername.$env:userdnsdomain" | Measure-Object).count -lt 1) { - Throw "Incorrect loggedon results returned" - } - } It "Should accept NETBIOS -ComputerName argument" { if ( (Get-LastLoggedOn -ComputerName "$env:computername" | Measure-Object).count -lt 1) { Throw "Incorrect loggedon results returned" @@ -342,7 +309,7 @@ Describe "Get-LastLoggedOn" { } } It "Should accept pipeline input" { - {"$env:computername.$env:userdnsdomain" | Get-LastLoggedOn} | Should Not Throw + {"$env:computername" | Get-LastLoggedOn} | Should Not Throw } } @@ -351,9 +318,6 @@ Describe "Get-CachedRDPConnection" { It "Should Not Throw" { {Get-CachedRDPConnection} | Should Not Throw } - It "Should accept FQDN -ComputerName argument" { - {Get-CachedRDPConnection -ComputerName "$env:computername.$env:userdnsdomain"} | Should Not Throw - } It "Should accept NETBIOS -ComputerName argument" { {Get-CachedRDPConnection -ComputerName "$env:computername"} | Should Not Throw } @@ -361,7 +325,7 @@ Describe "Get-CachedRDPConnection" { {Get-CachedRDPConnection -ComputerName $LocalIP} | Should Not Throw } It "Should accept pipeline input" { - {"$env:computername.$env:userdnsdomain" | Get-CachedRDPConnection} | Should Not Throw + {"$env:computername" | Get-CachedRDPConnection} | Should Not Throw } } @@ -372,11 +336,6 @@ Describe "Get-NetProcess" { Throw "Incorrect process results returned" } } - It "Should accept FQDN -ComputerName argument" { - if ( (Get-NetProcess -ComputerName "$env:computername.$env:userdnsdomain" | Measure-Object).count -lt 1) { - Throw "Incorrect process results returned" - } - } It "Should accept NETBIOS -ComputerName argument" { if ( (Get-NetProcess -ComputerName "$env:computername" | Measure-Object).count -lt 1) { Throw "Incorrect process results returned" @@ -389,7 +348,7 @@ Describe "Get-NetProcess" { } # TODO: RemoteUserName/RemotePassword It "Should accept pipeline input" { - {"$env:computername.$env:userdnsdomain" | Get-NetProcess} | Should Not Throw + {"$env:computername" | Get-NetProcess} | Should Not Throw } } @@ -401,13 +360,13 @@ Describe "Find-InterestingFile" { Describe "Invoke-UserHunter" { It "Should accept -ComputerName argument" { - if ( (Invoke-UserHunter -ShowAll -ComputerName "$env:computername.$env:userdnsdomain" | Measure-Object).count -lt 1) { + if ( (Invoke-UserHunter -ShowAll -ComputerName "$env:computername" | Measure-Object).count -lt 1) { Throw "Insuffient results returned" } } try { It "Should accept -ComputerFile argument" { - "$env:computername.$env:userdnsdomain","$env:computername.$env:userdnsdomain" | Out-File -Encoding ASCII targets.txt + "$env:computername","$env:computername" | Out-File -Encoding ASCII targets.txt if ( (Invoke-UserHunter -ComputerFile ".\targets.txt" -ShowAll | Measure-Object).count -lt 1) { Throw "Insuffient results returned" } @@ -417,17 +376,12 @@ Describe "Invoke-UserHunter" { Remove-Item -Force ".\targets.txt" } It "Should accept -NoPing flag" { - if ( (Invoke-UserHunter -ComputerName "$env:computername.$env:userdnsdomain" -UserName $env:USERNAME -NoPing | Measure-Object).count -lt 1) { + if ( (Invoke-UserHunter -ComputerName "$env:computername" -UserName $env:USERNAME -NoPing | Measure-Object).count -lt 1) { Throw "Insuffient results returned" } } It "Should accept -Delay and -Jitter arguments" { - if ( (Invoke-UserHunter -ShowAll -Delay 5 -Jitter 0.2 -ComputerName @("$env:computername.$env:userdnsdomain", "$env:computername.$env:userdnsdomain") | Measure-Object).count -lt 1) { - Throw "Insuffient results returned" - } - } - It "Should accept pipeline input" { - if ( ("$env:computername.$env:userdnsdomain" | Invoke-UserHunter -ShowAll | Measure-Object).count -lt 1) { + if ( (Invoke-UserHunter -ShowAll -Delay 5 -Jitter 0.2 -ComputerName @("$env:computername", "$env:computername") | Measure-Object).count -lt 1) { Throw "Insuffient results returned" } } @@ -437,20 +391,20 @@ Describe "Invoke-UserHunter" { Describe "Invoke-StealthUserHunter" { # simple test of the splatting It "Should accept splatting for Invoke-UserHunter" { - {Invoke-StealthUserHunter -ShowAll -ComputerName "$env:computername.$env:userdnsdomain"} | Should Not Throw + {Invoke-StealthUserHunter -ShowAll -ComputerName "$env:computername"} | Should Not Throw } } Describe "Invoke-ProcessHunter" { It "Should accept -ComputerName and -UserName arguments" { - if ( (Invoke-ProcessHunter -UserName $env:USERNAME -ComputerName "$env:computername.$env:userdnsdomain" | Measure-Object).count -lt 1) { + if ( (Invoke-ProcessHunter -UserName $env:USERNAME -ComputerName "$env:computername" | Measure-Object).count -lt 1) { Throw "Insuffient results returned" } } try { It "Should accept -ComputerFile argument" { - "$env:computername.$env:userdnsdomain","$env:computername.$env:userdnsdomain" | Out-File -Encoding ASCII targets.txt + "$env:computername","$env:computername" | Out-File -Encoding ASCII targets.txt if ( (Invoke-ProcessHunter -ComputerFile ".\targets.txt" -UserName $env:USERNAME | Measure-Object).count -lt 1) { Throw "Insuffient results returned" } @@ -460,14 +414,14 @@ Describe "Invoke-ProcessHunter" { Remove-Item -Force ".\targets.txt" } It "Should accept -ProcessName argument" { - if ( (Invoke-ProcessHunter -ComputerName "$env:computername.$env:userdnsdomain" -ProcessName powershell | Measure-Object).count -lt 1) { + if ( (Invoke-ProcessHunter -ComputerName "$env:computername" -ProcessName powershell | Measure-Object).count -lt 1) { Throw "Insuffient results returned" } } try { It "Should accept -UserFile argument" { "$env:USERNAME" | Out-File -Encoding ASCII target_users.txt - if ( (Invoke-ProcessHunter -ComputerName "$env:computername.$env:userdnsdomain" -UserFile ".\target_users.txt" | Measure-Object).count -lt 1) { + if ( (Invoke-ProcessHunter -ComputerName "$env:computername" -UserFile ".\target_users.txt" | Measure-Object).count -lt 1) { Throw "Insuffient results returned" } } @@ -476,17 +430,12 @@ Describe "Invoke-ProcessHunter" { Remove-Item -Force ".\target_users.txt" } It "Should accept -NoPing flag" { - if ( (Invoke-ProcessHunter -ComputerName "$env:computername.$env:userdnsdomain" -UserName $env:USERNAME -NoPing | Measure-Object).count -lt 1) { + if ( (Invoke-ProcessHunter -ComputerName "$env:computername" -UserName $env:USERNAME -NoPing | Measure-Object).count -lt 1) { Throw "Insuffient results returned" } } It "Should accept -Delay and -Jitter arguments" { - if ( (Invoke-ProcessHunter -UserName $env:USERNAME -Delay 5 -Jitter 0.2 -ComputerName @("$env:computername.$env:userdnsdomain", "$env:computername.$env:userdnsdomain") | Measure-Object).count -lt 1) { - Throw "Insuffient results returned" - } - } - It "Should accept pipeline input" { - if ( ("$env:computername.$env:userdnsdomain" | Invoke-ProcessHunter -UserName $env:USERNAME | Measure-Object).count -lt 1) { + if ( (Invoke-ProcessHunter -UserName $env:USERNAME -Delay 5 -Jitter 0.2 -ComputerName @("$env:computername", "$env:computername") | Measure-Object).count -lt 1) { Throw "Insuffient results returned" } } @@ -495,13 +444,13 @@ Describe "Invoke-ProcessHunter" { Describe "Invoke-ShareFinder" { It "Should accept -ComputerName argument" { - if ( (Invoke-ShareFinder -ComputerName "$env:computername.$env:userdnsdomain" | Measure-Object).count -lt 1) { + if ( (Invoke-ShareFinder -ComputerName "$env:computername" | Measure-Object).count -lt 1) { Throw "Insuffient results returned" } } try { It "Should accept -ComputerFile argument" { - "$env:computername.$env:userdnsdomain","$env:computername.$env:userdnsdomain" | Out-File -Encoding ASCII targets.txt + "$env:computername","$env:computername" | Out-File -Encoding ASCII targets.txt if ( (Invoke-ShareFinder -ComputerFile ".\targets.txt" | Measure-Object).count -lt 1) { Throw "Insuffient results returned" } @@ -511,40 +460,35 @@ Describe "Invoke-ShareFinder" { Remove-Item -Force ".\targets.txt" } It "Should accept -ExcludeStandard argument" { - {Invoke-ShareFinder -ComputerName "$env:computername.$env:userdnsdomain" -ExcludeStandard} | Should Not Throw + {Invoke-ShareFinder -ComputerName "$env:computername" -ExcludeStandard} | Should Not Throw } It "Should accept -ExcludePrint argument" { - if ( (Invoke-ShareFinder -ComputerName "$env:computername.$env:userdnsdomain" -ExcludePrint | Measure-Object).count -lt 1) { + if ( (Invoke-ShareFinder -ComputerName "$env:computername" -ExcludePrint | Measure-Object).count -lt 1) { Throw "Insuffient results returned" } } It "Should accept -ExcludeIPC argument" { - if ( (Invoke-ShareFinder -ComputerName "$env:computername.$env:userdnsdomain" -ExcludeIPC | Measure-Object).count -lt 1) { + if ( (Invoke-ShareFinder -ComputerName "$env:computername" -ExcludeIPC | Measure-Object).count -lt 1) { Throw "Insuffient results returned" } } It "Should accept -CheckShareAccess argument" { - if ( (Invoke-ShareFinder -ComputerName "$env:computername.$env:userdnsdomain" -CheckShareAccess | Measure-Object).count -lt 1) { + if ( (Invoke-ShareFinder -ComputerName "$env:computername" -CheckShareAccess | Measure-Object).count -lt 1) { Throw "Insuffient results returned" } } It "Should accept -CheckAdmin argument" { - if ( (Invoke-ShareFinder -ComputerName "$env:computername.$env:userdnsdomain" -CheckAdmin | Measure-Object).count -lt 1) { + if ( (Invoke-ShareFinder -ComputerName "$env:computername" -CheckAdmin | Measure-Object).count -lt 1) { Throw "Insuffient results returned" } } It "Should accept -NoPing argument" { - if ( (Invoke-ShareFinder -NoPing -ComputerName "$env:computername.$env:userdnsdomain" | Measure-Object).count -lt 1) { + if ( (Invoke-ShareFinder -NoPing -ComputerName "$env:computername" | Measure-Object).count -lt 1) { Throw "Insuffient results returned" } } It "Should accept -Delay and -Jitter arguments" { - if ( (Invoke-ShareFinder -Delay 5 -Jitter 0.2 -ComputerName @("$env:computername.$env:userdnsdomain", "$env:computername.$env:userdnsdomain") | Measure-Object).count -lt 1) { - Throw "Insuffient results returned" - } - } - It "Should accept pipeline input" { - if ( ("$env:computername.$env:userdnsdomain" | Invoke-ShareFinder | Measure-Object).count -lt 1) { + if ( (Invoke-ShareFinder -Delay 5 -Jitter 0.2 -ComputerName @("$env:computername", "$env:computername") | Measure-Object).count -lt 1) { Throw "Insuffient results returned" } } @@ -553,11 +497,11 @@ Describe "Invoke-ShareFinder" { Describe "Invoke-FileFinder" { It "Should accept -ComputerName argument" { - {Invoke-FileFinder -ComputerName "$env:computername.$env:userdnsdomain"} | Should Not Throw + {Invoke-FileFinder -ComputerName "$env:computername"} | Should Not Throw } try { It "Should accept -ComputerFile argument" { - "$env:computername.$env:userdnsdomain","$env:computername.$env:userdnsdomain" | Out-File -Encoding ASCII targets.txt + "$env:computername","$env:computername" | Out-File -Encoding ASCII targets.txt {Invoke-FileFinder -ComputerFile ".\targets.txt"} | Should Not Throw } } @@ -574,56 +518,53 @@ Describe "Invoke-FileFinder" { Remove-Item -Force ".\shares.txt" } It "Should accept -Terms argument" { - {Invoke-FileFinder -Terms secret,testing -ComputerName "$env:computername.$env:userdnsdomain"} | Should Not Throw + {Invoke-FileFinder -Terms secret,testing -ComputerName "$env:computername"} | Should Not Throw } It "Should accept -OfficeDocs argument" { - {Invoke-FileFinder -OfficeDocs -ComputerName "$env:computername.$env:userdnsdomain"} | Should Not Throw + {Invoke-FileFinder -OfficeDocs -ComputerName "$env:computername"} | Should Not Throw } It "Should accept -FreshEXEs argument" { - {Invoke-FileFinder -FreshEXEs -ComputerName "$env:computername.$env:userdnsdomain"} | Should Not Throw + {Invoke-FileFinder -FreshEXEs -ComputerName "$env:computername"} | Should Not Throw } It "Should accept -LastAccessTime argument" { - {Invoke-FileFinder -LastAccessTime "01/01/2000" -ComputerName "$env:computername.$env:userdnsdomain"} | Should Not Throw + {Invoke-FileFinder -LastAccessTime "01/01/2000" -ComputerName "$env:computername"} | Should Not Throw } It "Should accept -LastWriteTime argument" { - {Invoke-FileFinder -LastWriteTime "01/01/2000" -ComputerName "$env:computername.$env:userdnsdomain"} | Should Not Throw + {Invoke-FileFinder -LastWriteTime "01/01/2000" -ComputerName "$env:computername"} | Should Not Throw } It "Should accept -ExcludeFolders argument" { - {Invoke-FileFinder -ExcludeFolders -ComputerName "$env:computername.$env:userdnsdomain"} | Should Not Throw + {Invoke-FileFinder -ExcludeFolders -ComputerName "$env:computername"} | Should Not Throw } It "Should accept -ExcludeHidden argument" { - {Invoke-FileFinder -ExcludeHidden -ComputerName "$env:computername.$env:userdnsdomain"} | Should Not Throw + {Invoke-FileFinder -ExcludeHidden -ComputerName "$env:computername"} | Should Not Throw } It "Should accept -CreationTime argument" { - {Invoke-FileFinder -CreationTime "01/01/2000" -ComputerName "$env:computername.$env:userdnsdomain"} | Should Not Throw + {Invoke-FileFinder -CreationTime "01/01/2000" -ComputerName "$env:computername"} | Should Not Throw } It "Should accept -OutFile argument" { - {Invoke-FileFinder -ComputerName "$env:computername.$env:userdnsdomain" -OutFile "found_files.csv"} | Should Not Throw + {Invoke-FileFinder -ComputerName "$env:computername" -OutFile "found_files.csv"} | Should Not Throw if(Test-Path -Path .\found_files.csv) { $Null = Remove-Item -Force .\found_files.csv } } It "Should accept -NoPing argument" { - {Invoke-FileFinder -NoPing -ComputerName "$env:computername.$env:userdnsdomain"} | Should Not Throw + {Invoke-FileFinder -NoPing -ComputerName "$env:computername"} | Should Not Throw } It "Should accept -Delay and -Jitter arguments" { - {Invoke-FileFinder -Delay 5 -Jitter 0.2 -ComputerName @("$env:computername.$env:userdnsdomain","$env:computername.$env:userdnsdomain")} | Should Not Throw - } - It "Should accept pipeline input" { - {"$env:computername.$env:userdnsdomain" | Invoke-FileFinder} | Should Not Throw + {Invoke-FileFinder -Delay 5 -Jitter 0.2 -ComputerName @("$env:computername","$env:computername")} | Should Not Throw } } Describe "Find-LocalAdminAccess" { It "Should accept -ComputerName argument" { - if ( (Find-LocalAdminAccess -ComputerName "$env:computername.$env:userdnsdomain" | Measure-Object).count -lt 1) { + if ( (Find-LocalAdminAccess -ComputerName "$env:computername" | Measure-Object).count -lt 1) { Throw "Insuffient results returned" } } try { It "Should accept -ComputerFile argument" { - "$env:computername.$env:userdnsdomain","$env:computername.$env:userdnsdomain" | Out-File -Encoding ASCII targets.txt + "$env:computername","$env:computername" | Out-File -Encoding ASCII targets.txt if ( (Find-LocalAdminAccess -ComputerFile ".\targets.txt" | Measure-Object).count -lt 1) { Throw "Insuffient results returned" } @@ -633,17 +574,12 @@ Describe "Find-LocalAdminAccess" { Remove-Item -Force ".\targets.txt" } It "Should accept -NoPing argument" { - if ( (Find-LocalAdminAccess -NoPing -ComputerName "$env:computername.$env:userdnsdomain" | Measure-Object).count -lt 1) { + if ( (Find-LocalAdminAccess -NoPing -ComputerName "$env:computername" | Measure-Object).count -lt 1) { Throw "Insuffient results returned" } } It "Should accept -Delay and -Jitter arguments" { - if ( (Find-LocalAdminAccess -Delay 5 -Jitter 0.2 -ComputerName @("$env:computername.$env:userdnsdomain","$env:computername.$env:userdnsdomain") | Measure-Object).count -lt 1) { - Throw "Insuffient results returned" - } - } - It "Should accept pipeline input" { - if ( ("$env:computername.$env:userdnsdomain" | Find-LocalAdminAccess | Measure-Object).count -lt 1) { + if ( (Find-LocalAdminAccess -Delay 5 -Jitter 0.2 -ComputerName @("$env:computername","$env:computername") | Measure-Object).count -lt 1) { Throw "Insuffient results returned" } } @@ -652,13 +588,13 @@ Describe "Find-LocalAdminAccess" { Describe "Invoke-EnumerateLocalAdmin" { It "Should accept -ComputerName argument" { - if ( (Invoke-EnumerateLocalAdmin -ComputerName "$env:computername.$env:userdnsdomain" | Measure-Object).count -lt 1) { + if ( (Invoke-EnumerateLocalAdmin -ComputerName "$env:computername" | Measure-Object).count -lt 1) { Throw "Insuffient results returned" } } try { It "Should accept -ComputerFile argument" { - "$env:computername.$env:userdnsdomain","$env:computername.$env:userdnsdomain" | Out-File -Encoding ASCII targets.txt + "$env:computername","$env:computername" | Out-File -Encoding ASCII targets.txt if ( (Invoke-EnumerateLocalAdmin -ComputerFile ".\targets.txt" | Measure-Object).count -lt 1) { Throw "Insuffient results returned" } @@ -668,23 +604,18 @@ Describe "Invoke-EnumerateLocalAdmin" { Remove-Item -Force ".\targets.txt" } It "Should accept -NoPing argument" { - if ( (Invoke-EnumerateLocalAdmin -NoPing -ComputerName "$env:computername.$env:userdnsdomain" | Measure-Object).count -lt 1) { + if ( (Invoke-EnumerateLocalAdmin -NoPing -ComputerName "$env:computername" | Measure-Object).count -lt 1) { Throw "Insuffient results returned" } } It "Should accept -Delay and -Jitter arguments" { - if ( (Invoke-EnumerateLocalAdmin -Delay 5 -Jitter 0.2 -ComputerName @("$env:computername.$env:userdnsdomain","$env:computername.$env:userdnsdomain") | Measure-Object).count -lt 1) { + if ( (Invoke-EnumerateLocalAdmin -Delay 5 -Jitter 0.2 -ComputerName @("$env:computername","$env:computername") | Measure-Object).count -lt 1) { Throw "Insuffient results returned" } } It "Should accept -Outfile argument" { - Invoke-EnumerateLocalAdmin -ComputerName "$env:computername.$env:userdnsdomain" -OutFile "local_admins.csv" + Invoke-EnumerateLocalAdmin -ComputerName "$env:computername" -OutFile "local_admins.csv" ".\local_admins.csv" | Should Exist Remove-Item -Force .\local_admins.csv } - It "Should accept pipeline input" { - if ( ("$env:computername.$env:userdnsdomain" | Invoke-EnumerateLocalAdmin | Measure-Object).count -lt 1) { - Throw "Insuffient results returned" - } - } } |