diff options
| author | clymb3r <bialek.joseph@gmail.com> | 2014-04-16 21:02:50 -0700 |
|---|---|---|
| committer | clymb3r <bialek.joseph@gmail.com> | 2014-04-16 21:02:50 -0700 |
| commit | b783b459c12112509a733253df9f5935e104200c (patch) | |
| tree | e58bce1f7d2f2584d1426262cc609f153d774e51 /Recon | |
| parent | 47b90647c11cb4956c735cfa47628dc7dcb03bb6 (diff) | |
| parent | 946328cf9e6d6c60eca2bb9d71a38e210c1c3b6c (diff) | |
| download | PowerSploit-b783b459c12112509a733253df9f5935e104200c.tar.gz PowerSploit-b783b459c12112509a733253df9f5935e104200c.zip | |
Merge branch 'master' of https://github.com/mattifestation/PowerSploit
Conflicts:
Recon/Get-ComputerDetails.ps1
Recon/Recon.psd1
Diffstat (limited to 'Recon')
| -rw-r--r-- | Recon/Get-ComputerDetails.ps1 | 13 | ||||
| -rw-r--r-- | Recon/Get-HttpStatus.ps1 | 2 | ||||
| -rw-r--r-- | Recon/Invoke-Portscan.ps1 | 2 | ||||
| -rw-r--r-- | Recon/Invoke-ReverseDnsLookup.ps1 | 235 | ||||
| -rw-r--r-- | Recon/Recon.psd1 | 10 | ||||
| -rw-r--r-- | Recon/Recon.psm1 | 2 |
6 files changed, 153 insertions, 111 deletions
diff --git a/Recon/Get-ComputerDetails.ps1 b/Recon/Get-ComputerDetails.ps1 index 37abf3e..88a6216 100644 --- a/Recon/Get-ComputerDetails.ps1 +++ b/Recon/Get-ComputerDetails.ps1 @@ -1,4 +1,8 @@ +<<<<<<< HEAD function Get-ComputerDetails +======= +function Get-ComputerDetails +>>>>>>> 946328cf9e6d6c60eca2bb9d71a38e210c1c3b6c { <# .SYNOPSIS @@ -219,6 +223,11 @@ Github repo: https://github.com/clymb3r/PowerShell } +<<<<<<< HEAD +======= +function Find-4624Logons +{ +>>>>>>> 946328cf9e6d6c60eca2bb9d71a38e210c1c3b6c <# .SYNOPSIS @@ -248,8 +257,12 @@ Find unique 4624 logon events. Blog: http://clymb3r.wordpress.com/ Github repo: https://github.com/clymb3r/PowerShell #> +<<<<<<< HEAD function Find-4624Logons { +======= + +>>>>>>> 946328cf9e6d6c60eca2bb9d71a38e210c1c3b6c Param ( $SecurityLog ) diff --git a/Recon/Get-HttpStatus.ps1 b/Recon/Get-HttpStatus.ps1 index fde3d26..8b60306 100644 --- a/Recon/Get-HttpStatus.ps1 +++ b/Recon/Get-HttpStatus.ps1 @@ -137,4 +137,4 @@ http://www.w3.org/Protocols/rfc2616/rfc2616-sec10.html Write-Output $ScanObject
}
-}
\ No newline at end of file +}
diff --git a/Recon/Invoke-Portscan.ps1 b/Recon/Invoke-Portscan.ps1 index ab03734..99bbb89 100644 --- a/Recon/Invoke-Portscan.ps1 +++ b/Recon/Invoke-Portscan.ps1 @@ -1,4 +1,4 @@ -function Invoke-Portscan +function Invoke-Portscan { <# .SYNOPSIS diff --git a/Recon/Invoke-ReverseDnsLookup.ps1 b/Recon/Invoke-ReverseDnsLookup.ps1 index 1346ae6..5e811ee 100644 --- a/Recon/Invoke-ReverseDnsLookup.ps1 +++ b/Recon/Invoke-ReverseDnsLookup.ps1 @@ -50,146 +50,171 @@ IP HostName Description
-----------
Returns the hostnames of the IP addresses specified by the IP range specified.
+
+.EXAMPLE
+
+PS C:\> Write-Output "74.125.228.1,74.125.228.0/29" | Invoke-ReverseDnsLookup
+
+IP HostName
+-- --------
+74.125.228.1 iad23s05-in-f1.1e100.net
+74.125.228.1 iad23s05-in-f1.1e100.net
+74.125.228.2 iad23s05-in-f2.1e100.net
+74.125.228.3 iad23s05-in-f3.1e100.net
+74.125.228.4 iad23s05-in-f4.1e100.net
+74.125.228.5 iad23s05-in-f5.1e100.net
+74.125.228.6 iad23s05-in-f6.1e100.net
+
+Description
+-----------
+Returns the hostnames of the IP addresses piped from another source.
+
.LINK
http://www.exploit-monday.com
+https://github.com/mattifestation/PowerSploit
#>
Param (
- [Parameter(Position = 0, Mandatory = $True)]
+ [Parameter(Position = 0, Mandatory = $True,ValueFromPipeline=$True)]
[String]
$IpRange
)
- function Parse-IPList ([String] $IpRange)
- {
-
- function IPtoInt
+ BEGIN {
+
+ function Parse-IPList ([String] $IpRange)
{
- Param([String] $IpString)
+
+ function IPtoInt
+ {
+ Param([String] $IpString)
- $Hexstr = ""
- $Octets = $IpString.Split(".")
- foreach ($Octet in $Octets) {
- $Hexstr += "{0:X2}" -f [Int] $Octet
+ $Hexstr = ""
+ $Octets = $IpString.Split(".")
+ foreach ($Octet in $Octets) {
+ $Hexstr += "{0:X2}" -f [Int] $Octet
+ }
+ return [Convert]::ToInt64($Hexstr, 16)
}
- return [Convert]::ToInt64($Hexstr, 16)
- }
- function InttoIP
- {
- Param([Int64] $IpInt)
- $Hexstr = $IpInt.ToString("X8")
- $IpStr = ""
- for ($i=0; $i -lt 8; $i += 2) {
- $IpStr += [Convert]::ToInt64($Hexstr.SubString($i,2), 16)
- $IpStr += '.'
+ function InttoIP
+ {
+ Param([Int64] $IpInt)
+ $Hexstr = $IpInt.ToString("X8")
+ $IpStr = ""
+ for ($i=0; $i -lt 8; $i += 2) {
+ $IpStr += [Convert]::ToInt64($Hexstr.SubString($i,2), 16)
+ $IpStr += '.'
+ }
+ return $IpStr.TrimEnd('.')
}
- return $IpStr.TrimEnd('.')
- }
- $Ip = [System.Net.IPAddress]::Parse("127.0.0.1")
+ $Ip = [System.Net.IPAddress]::Parse("127.0.0.1")
- foreach ($Str in $IpRange.Split(","))
- {
- $Item = $Str.Trim()
- $Result = ""
- $IpRegex = "\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3}"
-
- # First, validate the input
- switch -regex ($Item)
+ foreach ($Str in $IpRange.Split(","))
{
- "^$IpRegex/\d{1,2}$"
- {
- $Result = "cidrRange"
- break
- }
- "^$IpRegex-$IpRegex$"
- {
- $Result = "range"
- break
- }
- "^$IpRegex$"
- {
- $Result = "single"
- break
- }
- default
+ $Item = $Str.Trim()
+ $Result = ""
+ $IpRegex = "\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3}"
+
+ # First, validate the input
+ switch -regex ($Item)
{
- Write-Warning "Inproper input"
- return
+ "^$IpRegex/\d{1,2}$"
+ {
+ $Result = "cidrRange"
+ break
+ }
+ "^$IpRegex-$IpRegex$"
+ {
+ $Result = "range"
+ break
+ }
+ "^$IpRegex$"
+ {
+ $Result = "single"
+ break
+ }
+ default
+ {
+ Write-Warning "Inproper input"
+ return
+ }
}
- }
- #Now, start processing the IP addresses
- switch ($Result)
- {
- "cidrRange"
+ #Now, start processing the IP addresses
+ switch ($Result)
{
- $CidrRange = $Item.Split("/")
- $Network = $CidrRange[0]
- $Mask = $CidrRange[1]
+ "cidrRange"
+ {
+ $CidrRange = $Item.Split("/")
+ $Network = $CidrRange[0]
+ $Mask = $CidrRange[1]
- if (!([System.Net.IPAddress]::TryParse($Network, [ref] $Ip))) { Write-Warning "Invalid IP address supplied!"; return}
- if (($Mask -lt 0) -or ($Mask -gt 30)) { Write-Warning "Invalid network mask! Acceptable values are 0-30"; return}
+ if (!([System.Net.IPAddress]::TryParse($Network, [ref] $Ip))) { Write-Warning "Invalid IP address supplied!"; return}
+ if (($Mask -lt 0) -or ($Mask -gt 30)) { Write-Warning "Invalid network mask! Acceptable values are 0-30"; return}
- $BinaryIP = [Convert]::ToString((IPtoInt $Network),2).PadLeft(32,'0')
- #Generate lower limit (Excluding network address)
- $Lower = $BinaryIP.Substring(0, $Mask) + "0" * ((32-$Mask)-1) + "1"
- #Generate upperr limit (Excluding broadcast address)
- $Upper = $BinaryIP.Substring(0, $Mask) + "1" * ((32-$Mask)-1) + "0"
- $LowerInt = [Convert]::ToInt64($Lower, 2)
- $UpperInt = [Convert]::ToInt64($Upper, 2)
- for ($i = $LowerInt; $i -le $UpperInt; $i++) { InttoIP $i }
- }
- "range"
- {
- $Range = $item.Split("-")
+ $BinaryIP = [Convert]::ToString((IPtoInt $Network),2).PadLeft(32,'0')
+ #Generate lower limit (Excluding network address)
+ $Lower = $BinaryIP.Substring(0, $Mask) + "0" * ((32-$Mask)-1) + "1"
+ #Generate upperr limit (Excluding broadcast address)
+ $Upper = $BinaryIP.Substring(0, $Mask) + "1" * ((32-$Mask)-1) + "0"
+ $LowerInt = [Convert]::ToInt64($Lower, 2)
+ $UpperInt = [Convert]::ToInt64($Upper, 2)
+ for ($i = $LowerInt; $i -le $UpperInt; $i++) { InttoIP $i }
+ }
+ "range"
+ {
+ $Range = $item.Split("-")
- if ([System.Net.IPAddress]::TryParse($Range[0],[ref]$Ip)) { $Temp1 = $Ip }
- else { Write-Warning "Invalid IP address supplied!"; return }
+ if ([System.Net.IPAddress]::TryParse($Range[0],[ref]$Ip)) { $Temp1 = $Ip }
+ else { Write-Warning "Invalid IP address supplied!"; return }
- if ([System.Net.IPAddress]::TryParse($Range[1],[ref]$Ip)) { $Temp2 = $Ip }
- else { Write-Warning "Invalid IP address supplied!"; return }
+ if ([System.Net.IPAddress]::TryParse($Range[1],[ref]$Ip)) { $Temp2 = $Ip }
+ else { Write-Warning "Invalid IP address supplied!"; return }
- $Left = (IPtoInt $Temp1.ToString())
- $Right = (IPtoInt $Temp2.ToString())
+ $Left = (IPtoInt $Temp1.ToString())
+ $Right = (IPtoInt $Temp2.ToString())
- if ($Right -gt $Left) {
- for ($i = $Left; $i -le $Right; $i++) { InttoIP $i }
- }
- else { Write-Warning "Invalid IP range. The right portion must be greater than the left portion."; return}
+ if ($Right -gt $Left) {
+ for ($i = $Left; $i -le $Right; $i++) { InttoIP $i }
+ }
+ else { Write-Warning "Invalid IP range. The right portion must be greater than the left portion."; return}
- break
- }
- "single"
- {
- if ([System.Net.IPAddress]::TryParse($Item,[ref]$Ip)) { $Ip.IPAddressToString }
- else { Write-Warning "Invalid IP address supplied!"; return }
- break
- }
- default
- {
- Write-Warning "An error occured."
- return
+ break
+ }
+ "single"
+ {
+ if ([System.Net.IPAddress]::TryParse($Item,[ref]$Ip)) { $Ip.IPAddressToString }
+ else { Write-Warning "Invalid IP address supplied!"; return }
+ break
+ }
+ default
+ {
+ Write-Warning "An error occured."
+ return
+ }
}
}
- }
+ }
}
-
- Parse-IPList $IpRange | ForEach-Object {
- try {
- $Temp = [System.Net.Dns]::GetHostEntry($_)
+
+ PROCESS {
+ Parse-IPList $IpRange | ForEach-Object {
+ try {
+ Write-Verbose "Resolving $_"
+ $Temp = [System.Net.Dns]::GetHostEntry($_)
- $Result = @{
- IP = $_
- HostName = $Temp.HostName
- }
+ $Result = @{
+ IP = $_
+ HostName = $Temp.HostName
+ }
- New-Object PSObject -Property $Result
- } catch [System.Net.Sockets.SocketException] {}
+ New-Object PSObject -Property $Result
+ } catch [System.Net.Sockets.SocketException] {}
+ }
}
-
}
diff --git a/Recon/Recon.psd1 b/Recon/Recon.psd1 index 50b6fc6..5a776eb 100644 --- a/Recon/Recon.psd1 +++ b/Recon/Recon.psd1 @@ -1,4 +1,4 @@ -@{
+@{
# Script module or binary module file associated with this manifest.
ModuleToProcess = 'Recon.psm1'
@@ -72,9 +72,13 @@ AliasesToExport = '' # List of all modules packaged with this module.
ModuleList = @(@{ModuleName = 'Recon'; ModuleVersion = '1.0.0.0'; GUID = '7e775ad6-cd3d-4a93-b788-da067274c877'})
-# List of all files packaged with this module +# List of all files packaged with this module
FileList = 'Recon.psm1', 'Recon.psd1', 'Get-HttpStatus.ps1', 'Invoke-ReverseDnsLookup.ps1',
+<<<<<<< HEAD 'Invoke-Portscan.ps1', 'Get-ComputerDetails', 'Usage.md' +======= + 'Invoke-Portscan.ps1', 'Get-ComputerDetails.ps1', 'Usage.md'
+>>>>>>> 946328cf9e6d6c60eca2bb9d71a38e210c1c3b6c # Private data to pass to the module specified in RootModule/ModuleToProcess
# PrivateData = ''
@@ -85,4 +89,4 @@ FileList = 'Recon.psm1', 'Recon.psd1', 'Get-HttpStatus.ps1', 'Invoke-ReverseDnsL # Default prefix for commands exported from this module. Override the default prefix using Import-Module -Prefix.
# DefaultCommandPrefix = ''
-}
\ No newline at end of file +}
diff --git a/Recon/Recon.psm1 b/Recon/Recon.psm1 index e5234fb..81d3818 100644 --- a/Recon/Recon.psm1 +++ b/Recon/Recon.psm1 @@ -1 +1 @@ -Get-ChildItem (Join-Path $PSScriptRoot *.ps1) | % { . $_.FullName}
\ No newline at end of file +Get-ChildItem (Join-Path $PSScriptRoot *.ps1) | % { . $_.FullName} |