Archive for December, 2017

Get-WindowsOpenPorts and Get-LinuxOpenPorts functions


Get-WindowsOpenPorts and Get-LinuxOpenPorts are 2 functions of the SB-Tools PowerShell module which is available in the PowerShell Gallery. These are not port scanners.

Get-WindowsOpenPorts

This function returns an array of PS object, one for each open port on the target Windows computer. Each object has the following properties:

  • ComputerName: String, such as myPC.mydomain.com
  • Layer3Protocol: String, such as IPv4 or IPv6
  • Layer4Protocol: String, such as TCP or UDP
  • LocalAddress: System.Net.IPAddress, such as 10.11.12.13
  • LocalPort: Int32, such as 80 or 139
  • State: String, such as LISTENING

for example:

$Session = New-PSSession -ComputerName abc3.xyz.klm.com -Credential (Get-SBCredential xyz\myuser) 
$WinPorts = Get-WindowsOpenPorts -Session $Session 
$WinPorts | Format-Table -AutoSize

This cmdlet/function takes a required parameter ‘Session’, which is of type ‘System.Management.Automation.Runspaces.PSSession’ that can be obtained via New-PSSession cmdlet of the ‘Microsoft.PowerShell.Core’ module.

It also takes 2 optional parameters that serve to filter its output:

-Layer3 parameter takes either ‘IPv4’ or ‘IPv6’ values or both, and will output only the records that match this criteria

-Layer4 parameter takes either ‘TCP’ or ‘UDP’ values or both, and will output only the records that match this criteria

By default, this cmdlet will filter on IPv4/TCP only.

This cmdlet uses the IPGlobalProperties.GetActiveTcpListeners() method of the System.Net.NetworkInformation.IPGlobalProperties class. It also parses netstat command output to obtain the Layer4Protocol and State properties.

Get-LinuxOpenPorts

Similarly, this function returns an array of PS object, one for each open port on the target Linux computer. Each object has the following properties:

  • ComputerName: String, such as myPC.mydomain.com
  • LocalAddress: String, such as 10.11.12.13, or ::1 (IPv6)
  • LocalPort: Int, such as 80 or 139
  • Process: String
  • Protocol: String, such as TCP, UDP, TCP6, UDP6, or RAW6
  • RemoteAddress: String, such as 11.12.13.14, or 0.0.0.0, or ::
  • RemotePort: String, such as 389 or *
  • State: String, such as LISTEN, ESTABLISHED, CLOSE_WAIT, TIME_WAIT, or LAST_ACK

for example:

$Session = New-SSHSession -ComputerName abc10.xyz.klm.com -Credential (Get-SBCredential myuser) -AcceptKey
$LinuxPorts = Get-LinuxOpenPorts -Session $Session -Verbose
$LinuxPorts | Format-Table -AutoSize

This cmdlet/function takes a required parameter ‘Session’, which is of type ‘SSH.SshSession’ that can be obtained via New-SSHSession cmdlet of the ‘POSH-SSH’ module.

It also takes 1 optional parameter that serves to filter its output:

-Protocol parameter takes one or more of the following values: TCP, UDP, TCP6, UDP6, RAW6, ALL, and will output only the records that match this criteria

By default, this cmdlet will filter on ‘ALL’

This command invokes ‘netstat -anp’ on the provided Linux host and parses its output to produce the resulting PS objects.


To use the SB-Tools PowerShell module which is available in the PowerShell Gallery, you need PowerShell 5. To view your PowerShell version, in an elevated PowerShell ISE window type

$PSVersionTable

To download and install the latest version of SB-Tools from the PowerShell Gallery, type

Install-Module SB-Tools,POSH-SSH -Force

SB-Tools contains functions that depend on POSH-SSH module, and they’re typically installed together.

To load the SB-Tools and POSH-SSH modules type:

Import-Module SB-Tools,POSH-SSH -DisableNameChecking

To view a list of cmdlets/functions in SB-Tools, type

Get-Command -Module SB-Tools

To view the built-in help of one of the SB-Tools functions/cmdlets, type

help <function/cmdlet name> -show

such as

help Convert-IpAddressToMaskLength -show

Advertisements