Linux

Get-WindowsOpenPorts and Get-LinuxOpenPorts functions


Get-WindowsOpenPorts and Get-LinuxOpenPorts are 2 functions of the SB-Tools PowerShell module which is available in the PowerShell Gallery. These are not port scanners.

Get-WindowsOpenPorts

This function returns an array of PS object, one for each open port on the target Windows computer. Each object has the following properties:

  • ComputerName: String, such as myPC.mydomain.com
  • Layer3Protocol: String, such as IPv4 or IPv6
  • Layer4Protocol: String, such as TCP or UDP
  • LocalAddress: System.Net.IPAddress, such as 10.11.12.13
  • LocalPort: Int32, such as 80 or 139
  • State: String, such as LISTENING

for example:

$Session = New-PSSession -ComputerName abc3.xyz.klm.com -Credential (Get-SBCredential xyz\myuser) 
$WinPorts = Get-WindowsOpenPorts -Session $Session 
$WinPorts | Format-Table -AutoSize

This cmdlet/function takes a required parameter ‘Session’, which is of type ‘System.Management.Automation.Runspaces.PSSession’ that can be obtained via New-PSSession cmdlet of the ‘Microsoft.PowerShell.Core’ module.

It also takes 2 optional parameters that serve to filter its output:

-Layer3 parameter takes either ‘IPv4’ or ‘IPv6’ values or both, and will output only the records that match this criteria

-Layer4 parameter takes either ‘TCP’ or ‘UDP’ values or both, and will output only the records that match this criteria

By default, this cmdlet will filter on IPv4/TCP only.

This cmdlet uses the IPGlobalProperties.GetActiveTcpListeners() method of the System.Net.NetworkInformation.IPGlobalProperties class. It also parses netstat command output to obtain the Layer4Protocol and State properties.

Get-LinuxOpenPorts

Similarly, this function returns an array of PS object, one for each open port on the target Linux computer. Each object has the following properties:

  • ComputerName: String, such as myPC.mydomain.com
  • LocalAddress: String, such as 10.11.12.13, or ::1 (IPv6)
  • LocalPort: Int, such as 80 or 139
  • Process: String
  • Protocol: String, such as TCP, UDP, TCP6, UDP6, or RAW6
  • RemoteAddress: String, such as 11.12.13.14, or 0.0.0.0, or ::
  • RemotePort: String, such as 389 or *
  • State: String, such as LISTEN, ESTABLISHED, CLOSE_WAIT, TIME_WAIT, or LAST_ACK

for example:

$Session = New-SSHSession -ComputerName abc10.xyz.klm.com -Credential (Get-SBCredential myuser) -AcceptKey
$LinuxPorts = Get-LinuxOpenPorts -Session $Session -Verbose
$LinuxPorts | Format-Table -AutoSize

This cmdlet/function takes a required parameter ‘Session’, which is of type ‘SSH.SshSession’ that can be obtained via New-SSHSession cmdlet of the ‘POSH-SSH’ module.

It also takes 1 optional parameter that serves to filter its output:

-Protocol parameter takes one or more of the following values: TCP, UDP, TCP6, UDP6, RAW6, ALL, and will output only the records that match this criteria

By default, this cmdlet will filter on ‘ALL’

This command invokes ‘netstat -anp’ on the provided Linux host and parses its output to produce the resulting PS objects.


To use the SB-Tools PowerShell module which is available in the PowerShell Gallery, you need PowerShell 5. To view your PowerShell version, in an elevated PowerShell ISE window type

$PSVersionTable

To download and install the latest version of SB-Tools from the PowerShell Gallery, type

Install-Module SB-Tools,POSH-SSH -Force

SB-Tools contains functions that depend on POSH-SSH module, and they’re typically installed together.

To load the SB-Tools and POSH-SSH modules type:

Import-Module SB-Tools,POSH-SSH -DisableNameChecking

To view a list of cmdlets/functions in SB-Tools, type

Get-Command -Module SB-Tools

To view the built-in help of one of the SB-Tools functions/cmdlets, type

help <function/cmdlet name> -show

such as

help Convert-IpAddressToMaskLength -show

Advertisements

Validate-WindowsCredential and Validate-LinuxCredential PowerShell functions


In the course of automation, you might need to validate credentials that a script would use to perform a set of complex tasks before the script is run. The Validate-WindowsCredential and Validate-LinuxCredential PowerShell functions are two of the latest additions to the SB-Tools PowerShell module that simplify this task.

Validate-WindowsCredential

The Validate-WindowsCredential function/cmdlet takes 2 parameters:

  1. ‘Credential’ which is a PSCredential object that can be obtained from the Get-Credential cmdlet of the Microsoft.PowerShell.Security, or the Get-SBCredential function of the SB-Tools PS module.
  2. ‘Session’ which is a PSSession object that can be obtained via the New-PSSession cmdlet of the Microsoft.PowerShell.Core

A simple example may look like:

$Session = New-PSSession -ComputerName test-vm0116.test.domain.com -Credential (Get-SBCredential 'test\superuser')
Validate-WindowsCredential -Credential (Get-SBCredential '.\administrator') -Session $Session

The function returns TRUE if the provided credential (name/password set) was able to successfully authenticate in the provided remote PowerShell session, or FALSE if authentication fails.

The function can validate local accounts presented in the format ‘.\username’ or domain accounts presented in the format ‘domain\username’

The Validate-WindowsCredential function relies on the ValidateCredentials() method of the DirectoryServices.AccountManagement.PrincipalContext class

Validate-LinuxCredential

The Validate-LinuxCredential function/cmdlet is similar to the Validate-WindowsCredential function/cmdlet in that it takes the same 2 parameters:

  1. ‘Credential’ which is the same PSCredential object as before.
  2. ‘Session’ which is an SSH.SshSession object that can be obtained via the New-SSHSession cmdlet of the POSH-SSH PS module

A simple use example would look like:

$Session = New-SSHSession -ComputerName test-vm0112.test.domain.com -Credential (Get-SBCredential 'opsuser') -AcceptKey
Validate-LinuxCredential -Credential (Get-SBCredential 'root') -Session $Session

Similarly, TRUE is returned if authentication is successful or FALSE if authentication fails.

It also displays additional information to the console such as the account hash.

Unlike the Validate-WindowsCredential cmdlet, the Validate-LinuxCredential cmdlet relies on reading and parsing the /etc/shadow file that has the hashes of user accounts of this Linux machine. The current revision of the cmdlet is designed to validate MD5 hashed accounts only. A possible enhancement is to add functionality to validate accounts hashed with other algorithms such as Blowfish and SHA


To use the SB-Tools PowerShell module which is available in the PowerShell Gallery, you need PowerShell 5. To view your PowerShell version, in an elevated PowerShell ISE window type

$PSVersionTable

To download and install the latest version of SB-Tools from the PowerShell Gallery, type

Install-Module SB-Tools,POSH-SSH -Force

SB-Tools contains functions that depend on POSH-SSH module, and they’re typically installed together.

To load the SB-Tools and POSH-SSH modules type:

Import-Module SB-Tools,POSH-SSH -DisableNameChecking

To view a list of cmdlets/functions in SB-Tools, type

Get-Command -Module SB-Tools

To view the built-in help of one of the SB-Tools functions/cmdlets, type

help <function/cmdlet name> -show

such as

help Convert-IpAddressToMaskLength -show