aboutsummaryrefslogtreecommitdiff
path: root/Recon
diff options
context:
space:
mode:
authorHarmJ0y <will@harmj0y.net>2016-12-14 19:23:28 -0500
committerHarmJ0y <will@harmj0y.net>2016-12-14 19:23:28 -0500
commitad32d6c75b4e70a6b2e1b56a683a6ba71f1c0683 (patch)
tree37d55ec7d13b26efbeeb183d2bb79f9b5972205b /Recon
parent59e6f94e763d40614284d43823a391cafd384c4c (diff)
downloadPowerSploit-ad32d6c75b4e70a6b2e1b56a683a6ba71f1c0683.tar.gz
PowerSploit-ad32d6c75b4e70a6b2e1b56a683a6ba71f1c0683.zip
For ./Recon/ :
-(More) PSScriptAnalyzering -Tweaking of synopsis blocks in order to support platyPS -Code standardization -Generated docs
Diffstat (limited to 'Recon')
-rw-r--r--Recon/Get-ComputerDetail.ps1 (renamed from Recon/Get-ComputerDetails.ps1)106
-rw-r--r--Recon/Get-HttpStatus.ps162
-rw-r--r--Recon/Invoke-Portscan.ps134
-rw-r--r--Recon/Invoke-ReverseDnsLookup.ps184
-rwxr-xr-xRecon/PowerView.ps12
-rw-r--r--Recon/Recon.psd12
6 files changed, 151 insertions, 139 deletions
diff --git a/Recon/Get-ComputerDetails.ps1 b/Recon/Get-ComputerDetail.ps1
index bd00deb..ef3720c 100644
--- a/Recon/Get-ComputerDetails.ps1
+++ b/Recon/Get-ComputerDetail.ps1
@@ -1,14 +1,14 @@
-function Get-ComputerDetails
+function Get-ComputerDetail
{
<#
.SYNOPSIS
This script is used to get useful information from a computer.
-Function: Get-ComputerDetails
-Author: Joe Bialek, Twitter: @JosephBialek
-Required Dependencies: None
-Optional Dependencies: None
+Function: Get-ComputerDetail
+Author: Joe Bialek, Twitter: @JosephBialek
+Required Dependencies: None
+Optional Dependencies: None
.DESCRIPTION
@@ -25,14 +25,14 @@ Switch: Outputs the data as text instead of objects, good if you are using this
.EXAMPLE
-Get-ComputerDetails
+Get-ComputerDetail
Gets information about the computer and outputs it as PowerShell objects.
-Get-ComputerDetails -ToString
+Get-ComputerDetail -ToString
Gets information about the computer and outputs it as raw text.
.NOTES
-This script is useful for fingerprinting a server to see who connects to this server (from where), and where users on this server connect to.
+This script is useful for fingerprinting a server to see who connects to this server (from where), and where users on this server connect to.
You can also use it to find Powershell scripts and executables which are typically run, and then use this to backdoor those files.
.LINK
@@ -42,6 +42,7 @@ Github repo: https://github.com/clymb3r/PowerShell
#>
+ [Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSShouldProcess', '')]
Param(
[Parameter(Position=0)]
[Switch]
@@ -50,14 +51,12 @@ Github repo: https://github.com/clymb3r/PowerShell
Set-StrictMode -Version 2
-
-
$SecurityLog = Get-EventLog -LogName Security
- $Filtered4624 = Find-4624Logons $SecurityLog
- $Filtered4648 = Find-4648Logons $SecurityLog
- $AppLockerLogs = Find-AppLockerLogs
+ $Filtered4624 = Find-4624Logon $SecurityLog
+ $Filtered4648 = Find-4648Logon $SecurityLog
+ $AppLockerLogs = Find-AppLockerLog
$PSLogs = Find-PSScriptsInPSAppLog
- $RdpClientData = Find-RDPClientConnections
+ $RdpClientData = Find-RDPClientConnection
if ($ToString)
{
@@ -88,29 +87,29 @@ Github repo: https://github.com/clymb3r/PowerShell
}
-function Find-4648Logons
+function Find-4648Logon
{
<#
.SYNOPSIS
-Retrieve the unique 4648 logon events. This will often find cases where a user is using remote desktop to connect to another computer. It will give the
+Retrieve the unique 4648 logon events. This will often find cases where a user is using remote desktop to connect to another computer. It will give the
the account that RDP was launched with and the account name of the account being used to connect to the remote computer. This is useful
for identifying normal authenticaiton patterns. Other actions that will trigger this include any runas action.
-Function: Find-4648Logons
-Author: Joe Bialek, Twitter: @JosephBialek
-Required Dependencies: None
-Optional Dependencies: None
+Function: Find-4648Logon
+Author: Joe Bialek, Twitter: @JosephBialek
+Required Dependencies: None
+Optional Dependencies: None
.DESCRIPTION
-Retrieve the unique 4648 logon events. This will often find cases where a user is using remote desktop to connect to another computer. It will give the
+Retrieve the unique 4648 logon events. This will often find cases where a user is using remote desktop to connect to another computer. It will give the
the account that RDP was launched with and the account name of the account being used to connect to the remote computer. This is useful
for identifying normal authenticaiton patterns. Other actions that will trigger this include any runas action.
.EXAMPLE
-Find-4648Logons
+Find-4648Logon
Gets the unique 4648 logon events.
.NOTES
@@ -120,11 +119,12 @@ Gets the unique 4648 logon events.
Blog: http://clymb3r.wordpress.com/
Github repo: https://github.com/clymb3r/PowerShell
#>
+
Param(
$SecurityLog
)
- $ExplicitLogons = $SecurityLog | Where {$_.InstanceID -eq 4648}
+ $ExplicitLogons = $SecurityLog | Where-Object {$_.InstanceID -eq 4648}
$ReturnInfo = @{}
foreach ($ExplicitLogon in $ExplicitLogons)
@@ -216,7 +216,7 @@ Github repo: https://github.com/clymb3r/PowerShell
return $ReturnInfo
}
-function Find-4624Logons
+function Find-4624Logon
{
<#
.SYNOPSIS
@@ -224,10 +224,10 @@ function Find-4624Logons
Find all unique 4624 Logon events to the server. This will tell you who is logging in and how. You can use this to figure out what accounts do
network logons in to the server, what accounts RDP in, what accounts log in locally, etc...
-Function: Find-4624Logons
-Author: Joe Bialek, Twitter: @JosephBialek
-Required Dependencies: None
-Optional Dependencies: None
+Function: Find-4624Logon
+Author: Joe Bialek, Twitter: @JosephBialek
+Required Dependencies: None
+Optional Dependencies: None
.DESCRIPTION
@@ -236,7 +236,7 @@ network logons in to the server, what accounts RDP in, what accounts log in loca
.EXAMPLE
-Find-4624Logons
+Find-4624Logon
Find unique 4624 logon events.
.NOTES
@@ -250,7 +250,7 @@ Github repo: https://github.com/clymb3r/PowerShell
$SecurityLog
)
- $Logons = $SecurityLog | Where {$_.InstanceID -eq 4624}
+ $Logons = $SecurityLog | Where-Object {$_.InstanceID -eq 4624}
$ReturnInfo = @{}
foreach ($Logon in $Logons)
@@ -362,17 +362,17 @@ Github repo: https://github.com/clymb3r/PowerShell
}
-function Find-AppLockerLogs
+function Find-AppLockerLog
{
<#
.SYNOPSIS
Look through the AppLocker logs to find processes that get run on the server. You can then backdoor these exe's (or figure out what they normally run).
-Function: Find-AppLockerLogs
-Author: Joe Bialek, Twitter: @JosephBialek
-Required Dependencies: None
-Optional Dependencies: None
+Function: Find-AppLockerLog
+Author: Joe Bialek, Twitter: @JosephBialek
+Required Dependencies: None
+Optional Dependencies: None
.DESCRIPTION
@@ -380,7 +380,7 @@ Look through the AppLocker logs to find processes that get run on the server. Yo
.EXAMPLE
-Find-AppLockerLogs
+Find-AppLockerLog
Find process creations from AppLocker logs.
.NOTES
@@ -390,9 +390,10 @@ Find process creations from AppLocker logs.
Blog: http://clymb3r.wordpress.com/
Github repo: https://github.com/clymb3r/PowerShell
#>
+
$ReturnInfo = @{}
- $AppLockerLogs = Get-WinEvent -LogName "Microsoft-Windows-AppLocker/EXE and DLL" -ErrorAction SilentlyContinue | Where {$_.Id -eq 8002}
+ $AppLockerLogs = Get-WinEvent -LogName "Microsoft-Windows-AppLocker/EXE and DLL" -ErrorAction SilentlyContinue | Where-Object {$_.Id -eq 8002}
foreach ($Log in $AppLockerLogs)
{
@@ -434,10 +435,10 @@ Function Find-PSScriptsInPSAppLog
Go through the PowerShell operational log to find scripts that run (by looking for ExecutionPipeline logs eventID 4100 in PowerShell app log).
You can then backdoor these scripts or do other malicious things.
-Function: Find-AppLockerLogs
-Author: Joe Bialek, Twitter: @JosephBialek
-Required Dependencies: None
-Optional Dependencies: None
+Function: Find-AppLockerLog
+Author: Joe Bialek, Twitter: @JosephBialek
+Required Dependencies: None
+Optional Dependencies: None
.DESCRIPTION
@@ -456,12 +457,12 @@ Find unique PowerShell scripts being executed from the PowerShell operational lo
Blog: http://clymb3r.wordpress.com/
Github repo: https://github.com/clymb3r/PowerShell
#>
+
$ReturnInfo = @{}
- $Logs = Get-WinEvent -LogName "Microsoft-Windows-PowerShell/Operational" -ErrorAction SilentlyContinue | Where {$_.Id -eq 4100}
+ $Logs = Get-WinEvent -LogName "Microsoft-Windows-PowerShell/Operational" -ErrorAction SilentlyContinue | Where-Object {$_.Id -eq 4100}
foreach ($Log in $Logs)
{
- $ContainsScriptName = $false
$LogDetails = $Log.Message -split "`r`n"
$FoundScriptName = $false
@@ -506,27 +507,26 @@ Github repo: https://github.com/clymb3r/PowerShell
}
-Function Find-RDPClientConnections
+Function Find-RDPClientConnection
{
<#
.SYNOPSIS
-Search the registry to find saved RDP client connections. This shows you what connections an RDP client has remembered, indicating what servers the user
+Search the registry to find saved RDP client connections. This shows you what connections an RDP client has remembered, indicating what servers the user
usually RDP's to.
-Function: Find-RDPClientConnections
-Author: Joe Bialek, Twitter: @JosephBialek
-Required Dependencies: None
-Optional Dependencies: None
+Function: Find-RDPClientConnection
+Author: Joe Bialek, Twitter: @JosephBialek
+Required Dependencies: None
+Optional Dependencies: None
.DESCRIPTION
-Search the registry to find saved RDP client connections. This shows you what connections an RDP client has remembered, indicating what servers the user
-usually RDP's to.
+Search the registry to find saved RDP client connections. This shows you what connections an RDP client has remembered, indicating what servers the user usually RDP's to.
.EXAMPLE
-Find-RDPClientConnections
+Find-RDPClientConnection
Find unique saved RDP client connections.
.NOTES
@@ -550,7 +550,7 @@ Github repo: https://github.com/clymb3r/PowerShell
{
$Server = $Server.PSChildName
$UsernameHint = (Get-ItemProperty -Path "HKU:\$($UserSid)\Software\Microsoft\Terminal Server Client\Servers\$($Server)").UsernameHint
-
+
$Key = $UserSid + "::::" + $Server + "::::" + $UsernameHint
if (!$ReturnInfo.ContainsKey($Key))
diff --git a/Recon/Get-HttpStatus.ps1 b/Recon/Get-HttpStatus.ps1
index 8b60306..b271efd 100644
--- a/Recon/Get-HttpStatus.ps1
+++ b/Recon/Get-HttpStatus.ps1
@@ -5,11 +5,11 @@ function Get-HttpStatus
Returns the HTTP Status Codes and full URL for specified paths.
-PowerSploit Function: Get-HttpStatus
-Author: Chris Campbell (@obscuresec)
-License: BSD 3-Clause
-Required Dependencies: None
-Optional Dependencies: None
+PowerSploit Function: Get-HttpStatus
+Author: Chris Campbell (@obscuresec)
+License: BSD 3-Clause
+Required Dependencies: None
+Optional Dependencies: None
.DESCRIPTION
@@ -42,7 +42,7 @@ C:\PS> Get-HttpStatus -Target www.example.com -Path c:\dictionary.txt -UseSSL
.NOTES
HTTP Status Codes: 100 - Informational * 200 - Success * 300 - Redirection * 400 - Client Error * 500 - Server Error
-
+
.LINK
http://obscuresecurity.blogspot.com
@@ -64,49 +64,54 @@ http://www.w3.org/Protocols/rfc2616/rfc2616-sec10.html
[Switch]
$UseSSL
)
-
+
if (Test-Path $Path) {
-
+
if ($UseSSL -and $Port -eq 0) {
# Default to 443 if SSL is specified but no port is specified
$Port = 443
- } elseif ($Port -eq 0) {
+ }
+ elseif ($Port -eq 0) {
# Default to port 80 if no port is specified
$Port = 80
}
-
+
$TcpConnection = New-Object System.Net.Sockets.TcpClient
Write-Verbose "Path Test Succeeded - Testing Connectivity"
-
+
try {
# Validate that the host is listening before scanning
$TcpConnection.Connect($Target, $Port)
- } catch {
+ }
+ catch {
Write-Error "Connection Test Failed - Check Target"
$Tcpconnection.Close()
- Return
+ Return
}
-
+
$Tcpconnection.Close()
- } else {
+ }
+ else {
Write-Error "Path Test Failed - Check Dictionary Path"
Return
}
-
+
if ($UseSSL) {
$SSL = 's'
# Ignore invalid SSL certificates
[System.Net.ServicePointManager]::ServerCertificateValidationCallback = { $True }
- } else {
+ }
+ else {
$SSL = ''
}
-
+
if (($Port -eq 80) -or ($Port -eq 443)) {
$PortNum = ''
- } else {
+ }
+ else {
$PortNum = ":$Port"
}
-
+
# Check Http status for each entry in the doctionary file
foreach ($Item in Get-Content $Path) {
@@ -117,24 +122,23 @@ http://www.w3.org/Protocols/rfc2616/rfc2616-sec10.html
$WebRequest = [System.Net.WebRequest]::Create($URI)
$WebResponse = $WebRequest.GetResponse()
$WebStatus = $WebResponse.StatusCode
- $ResultObject += $ScanObject
$WebResponse.Close()
- } catch {
+ }
+ catch {
$WebStatus = $Error[0].Exception.InnerException.Response.StatusCode
-
- if ($WebStatus -eq $null) {
+
+ if (-not $WebStatus) {
# Not every exception returns a StatusCode.
# If that is the case, return the Status.
$WebStatus = $Error[0].Exception.InnerException.Status
}
- }
-
+ }
+
$Result = @{ Status = $WebStatus;
URL = $WebTarget}
-
+
$ScanObject = New-Object -TypeName PSObject -Property $Result
-
+
Write-Output $ScanObject
-
}
}
diff --git a/Recon/Invoke-Portscan.ps1 b/Recon/Invoke-Portscan.ps1
index 6f059e2..7e28709 100644
--- a/Recon/Invoke-Portscan.ps1
+++ b/Recon/Invoke-Portscan.ps1
@@ -5,11 +5,11 @@ function Invoke-Portscan
Simple portscan module
-PowerSploit Function: Invoke-Portscan
-Author: Rich Lundeen (http://webstersProdigy.net)
-License: BSD 3-Clause
-Required Dependencies: None
-Optional Dependencies: None
+PowerSploit Function: Invoke-Portscan
+Author: Rich Lundeen (http://webstersProdigy.net)
+License: BSD 3-Clause
+Required Dependencies: None
+Optional Dependencies: None
.DESCRIPTION
@@ -114,7 +114,7 @@ Force Overwrite if output Files exist. Otherwise it throws exception
.EXAMPLE
-C:\PS> Invoke-Portscan -Hosts "webstersprodigy.net,google.com,microsoft.com" -TopPorts 50
+Invoke-Portscan -Hosts "webstersprodigy.net,google.com,microsoft.com" -TopPorts 50
Description
-----------
@@ -122,7 +122,7 @@ Scans the top 50 ports for hosts found for webstersprodigy.net,google.com, and m
.EXAMPLE
-C:\PS> echo webstersprodigy.net | Invoke-Portscan -oG test.gnmap -f -ports "80,443,8080"
+echo webstersprodigy.net | Invoke-Portscan -oG test.gnmap -f -ports "80,443,8080"
Description
-----------
@@ -130,7 +130,7 @@ Does a portscan of "webstersprodigy.net", and writes a greppable output file
.EXAMPLE
-C:\PS> Invoke-Portscan -Hosts 192.168.1.1/24 -T 4 -TopPorts 25 -oA localnet
+Invoke-Portscan -Hosts 192.168.1.1/24 -T 4 -TopPorts 25 -oA localnet
Description
-----------
@@ -141,7 +141,13 @@ Scans the top 20 ports for hosts found in the 192.168.1.1/24 range, outputs all
http://webstersprodigy.net
#>
- [CmdletBinding()]Param (
+ [Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSUseShouldProcessForStateChangingFunctions', '')]
+ [Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSUseSingularNouns', '')]
+ [Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSUseApprovedVerbs', '')]
+ [Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSShouldProcess', '')]
+ [Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSUseLiteralInitializerForHashtable', '')]
+ [CmdletBinding()]
+ Param (
#Host, Ports
[Parameter(ParameterSetName="cmdHosts",
@@ -748,9 +754,9 @@ http://webstersprodigy.net
#TODO deal with output
Write-PortscanOut -comment $startMsg -grepStream $grepStream -xmlStream $xmlStream -readableStream $readableStream
- #converting back from int array gives some argument error checking
- $sPortList = [string]::join(",", $portList)
- $sHostPortList = [string]::join(",", $hostPortList)
+ # #converting back from int array gives some argument error checking
+ # $sPortList = [string]::join(",", $portList)
+ # $sHostPortList = [string]::join(",", $hostPortList)
########
#Port Scan Code - run on a per host basis
@@ -840,7 +846,6 @@ http://webstersprodigy.net
$sockets[$p] = new-object System.Net.Sockets.TcpClient
}
-
$scriptBlockAsString = @"
#somewhat of a race condition with the timeout, but I don't think it matters
@@ -885,8 +890,7 @@ http://webstersprodigy.net
$timeouts[$p].Enabled = $true
$myscriptblock = [scriptblock]::Create($scriptBlockAsString)
- $x = $sockets[$p].beginConnect($h, $p,(New-ScriptBlockCallback($myscriptblock)) , $null)
-
+ $Null = $sockets[$p].beginConnect($h, $p,(New-ScriptBlockCallback($myscriptblock)) , $null)
}
function PortScan-Alive
diff --git a/Recon/Invoke-ReverseDnsLookup.ps1 b/Recon/Invoke-ReverseDnsLookup.ps1
index 5e811ee..36e6398 100644
--- a/Recon/Invoke-ReverseDnsLookup.ps1
+++ b/Recon/Invoke-ReverseDnsLookup.ps1
@@ -5,23 +5,23 @@ function Invoke-ReverseDnsLookup
Perform a reverse DNS lookup scan on a range of IP addresses.
-PowerSploit Function: Invoke-ReverseDnsLookup
-Author: Matthew Graeber (@mattifestation)
-License: BSD 3-Clause
-Required Dependencies: None
-Optional Dependencies: None
-
+PowerSploit Function: Invoke-ReverseDnsLookup
+Author: Matthew Graeber (@mattifestation)
+License: BSD 3-Clause
+Required Dependencies: None
+Optional Dependencies: None
+
.DESCRIPTION
-Invoke-ReverseDnsLookup scans an IP address range for DNS PTR records. This script is useful for performing DNS reconnaisance prior to conducting an authorized penetration test.
-
+Invoke-ReverseDnsLookup scans an IP address range for DNS PTR records. This script is useful for performing DNS reconnaissance prior to conducting an authorized penetration test.
+
.PARAMETER IPRange
Specifies the IP address range. The range provided can be in the form of a single IP address, a low-high range, or a CIDR range. Comma-delimited ranges may can be provided.
-
+
.EXAMPLE
-C:\PS> Invoke-ReverseDnsLookup 74.125.228.0/29
+Invoke-ReverseDnsLookup 74.125.228.0/29
IP HostName
-- --------
@@ -31,29 +31,29 @@ IP HostName
74.125.228.4 iad23s05-in-f4.1e100.net
74.125.228.5 iad23s05-in-f5.1e100.net
74.125.228.6 iad23s05-in-f6.1e100.net
-
+
Description
-----------
Returns the hostnames of the IP addresses specified by the CIDR range.
-
+
.EXAMPLE
-C:\PS> Invoke-ReverseDnsLookup '74.125.228.1,74.125.228.4-74.125.228.6'
-
+Invoke-ReverseDnsLookup '74.125.228.1,74.125.228.4-74.125.228.6'
+
IP HostName
-- --------
74.125.228.1 iad23s05-in-f1.1e100.net
74.125.228.4 iad23s05-in-f4.1e100.net
74.125.228.5 iad23s05-in-f5.1e100.net
74.125.228.6 iad23s05-in-f6.1e100.net
-
+
Description
-----------
Returns the hostnames of the IP addresses specified by the IP range specified.
.EXAMPLE
-PS C:\> Write-Output "74.125.228.1,74.125.228.0/29" | Invoke-ReverseDnsLookup
+Write-Output "74.125.228.1,74.125.228.0/29" | Invoke-ReverseDnsLookup
IP HostName
-- --------
@@ -69,13 +69,15 @@ Description
-----------
Returns the hostnames of the IP addresses piped from another source.
-
.LINK
http://www.exploit-monday.com
https://github.com/mattifestation/PowerSploit
#>
+ [Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSShouldProcess', '')]
+ [Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSUseApprovedVerbs', '')]
+ [CmdletBinding()]
Param (
[Parameter(Position = 0, Mandatory = $True,ValueFromPipeline=$True)]
[String]
@@ -83,14 +85,14 @@ https://github.com/mattifestation/PowerSploit
)
BEGIN {
-
+
function Parse-IPList ([String] $IpRange)
{
-
+
function IPtoInt
{
Param([String] $IpString)
-
+
$Hexstr = ""
$Octets = $IpString.Split(".")
foreach ($Octet in $Octets) {
@@ -98,7 +100,7 @@ https://github.com/mattifestation/PowerSploit
}
return [Convert]::ToInt64($Hexstr, 16)
}
-
+
function InttoIP
{
Param([Int64] $IpInt)
@@ -110,15 +112,15 @@ https://github.com/mattifestation/PowerSploit
}
return $IpStr.TrimEnd('.')
}
-
+
$Ip = [System.Net.IPAddress]::Parse("127.0.0.1")
-
+
foreach ($Str in $IpRange.Split(","))
{
$Item = $Str.Trim()
$Result = ""
$IpRegex = "\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3}"
-
+
# First, validate the input
switch -regex ($Item)
{
@@ -139,11 +141,11 @@ https://github.com/mattifestation/PowerSploit
}
default
{
- Write-Warning "Inproper input"
+ Write-Warning "Improper input"
return
}
}
-
+
#Now, start processing the IP addresses
switch ($Result)
{
@@ -152,14 +154,14 @@ https://github.com/mattifestation/PowerSploit
$CidrRange = $Item.Split("/")
$Network = $CidrRange[0]
$Mask = $CidrRange[1]
-
+
if (!([System.Net.IPAddress]::TryParse($Network, [ref] $Ip))) { Write-Warning "Invalid IP address supplied!"; return}
if (($Mask -lt 0) -or ($Mask -gt 30)) { Write-Warning "Invalid network mask! Acceptable values are 0-30"; return}
-
+
$BinaryIP = [Convert]::ToString((IPtoInt $Network),2).PadLeft(32,'0')
#Generate lower limit (Excluding network address)
$Lower = $BinaryIP.Substring(0, $Mask) + "0" * ((32-$Mask)-1) + "1"
- #Generate upperr limit (Excluding broadcast address)
+ #Generate upper limit (Excluding broadcast address)
$Upper = $BinaryIP.Substring(0, $Mask) + "1" * ((32-$Mask)-1) + "0"
$LowerInt = [Convert]::ToInt64($Lower, 2)
$UpperInt = [Convert]::ToInt64($Upper, 2)
@@ -168,21 +170,21 @@ https://github.com/mattifestation/PowerSploit
"range"
{
$Range = $item.Split("-")
-
+
if ([System.Net.IPAddress]::TryParse($Range[0],[ref]$Ip)) { $Temp1 = $Ip }
else { Write-Warning "Invalid IP address supplied!"; return }
-
+
if ([System.Net.IPAddress]::TryParse($Range[1],[ref]$Ip)) { $Temp2 = $Ip }
else { Write-Warning "Invalid IP address supplied!"; return }
-
+
$Left = (IPtoInt $Temp1.ToString())
$Right = (IPtoInt $Temp2.ToString())
-
+
if ($Right -gt $Left) {
for ($i = $Left; $i -le $Right; $i++) { InttoIP $i }
}
else { Write-Warning "Invalid IP range. The right portion must be greater than the left portion."; return}
-
+
break
}
"single"
@@ -193,28 +195,30 @@ https://github.com/mattifestation/PowerSploit
}
default
{
- Write-Warning "An error occured."
+ Write-Warning "An error occurred."
return
}
}
}
-
}
}
-
+
PROCESS {
Parse-IPList $IpRange | ForEach-Object {
try {
Write-Verbose "Resolving $_"
$Temp = [System.Net.Dns]::GetHostEntry($_)
-
+
$Result = @{
IP = $_
HostName = $Temp.HostName
}
-
+
New-Object PSObject -Property $Result
- } catch [System.Net.Sockets.SocketException] {}
+ }
+ catch [System.Net.Sockets.SocketException] {
+ Write-Verbose "Error: $_"
+ }
}
}
}
diff --git a/Recon/PowerView.ps1 b/Recon/PowerView.ps1
index eecf62f..49ee9c7 100755
--- a/Recon/PowerView.ps1
+++ b/Recon/PowerView.ps1
@@ -859,7 +859,7 @@ function Export-PowerViewCSV {
<#
.SYNOPSIS
-Converts objects into a series of comma-separated (CSV) strings and saves the
+Converts objects into a series of comma-separated (CSV) strings and saves the
strings in a CSV file in a thread-safe manner.
Author: Will Schroeder (@harmj0y)
diff --git a/Recon/Recon.psd1 b/Recon/Recon.psd1
index 71667c0..d0a4148 100644
--- a/Recon/Recon.psd1
+++ b/Recon/Recon.psd1
@@ -98,7 +98,7 @@ FunctionsToExport = @(
'Get-DomainForeignUser',
'Get-DomainForeignGroupMember',
'Get-DomainTrustMapping',
- 'Get-ComputerDetails',
+ 'Get-ComputerDetail',
'Get-HttpStatus',
'Invoke-Portscan',
'Invoke-ReverseDnsLookup'
generated by cgit v1.2.3 (git 2.39.1) at 2025-05-25 19:43:42 +0000