Get TCP response via PowerShell (class Telnet)

In general, in order to detect whether the specified TCP port is alive, we are determined by the port specified by Telnet to see if there is a response, but by default WIN8 system does not install Telnet. Imagine if you hacked into a server without Telnet, but in order to penetrate into the intranet, you need to detect if the internal server specific port is open, and you are not willing to install Telnet, for the attention of administrators. Well, in this case you need my this script. Since it is the original ecological PowerShell statement completed, the wood has telnet you can still detect the situation of the TCP port.

The following is the first code, followed by the explanation:

===== file name: get-tcpresponse.ps1=====Function get-tcpresponse {<# author:fuhj (powershell#live.cn, http://fuhaijun.com).        Synopsis Tests TCP Port of remote or local system and returns a response header if applicable .            DESCRIPTION Tests TCP Port of remote or local system and returns a response header if applicable If server has no default response and then Response property would be NULL. PARAMETER Computername Local or remote system to test connection. PARAMETER Port TCP port to connect to. PARAMETER tcptimeout time until connection should abort.         EXAMPLE get-tcpresponse-computername pop.126.com-port computername:pop.126.com Port : Isopen:true Response: +ok Welcome to Coremail Mail Pop3 Server (126COMS[75C606D72BF436DFB        Ce6 ...]) Description-----------Checks Port a mail server and displays header reSponse. #> [OutputType (' Net.tcpresponse ')] [Cmdletbinding ()] Param ([Parameter (valuefrompipeline,valuefrompipe Linebypropertyname)] [Alias (' __server ', ' IPAddress ', ' IP ', ' domain ')] [string[]] $Computername = $env: Computerna  Me, [int[]] $Port =, [int] $TCPTimeout = +) Process {ForEach ($Computer in $Computername) {ForEach ($_port in $Port) {$stringBuilder = New-object text.stringbuilder $TC Pclient = new-object System.Net.Sockets.TCPClient $connect = $tcpClient. BeginConnect ($Computer, $_port, $null , $null) $wait = $connect. Asyncwaithandle.waitone ($TCPtimeout, $false) If (-not $wait) {$object = [pscustomobject ] @{Computername = $Computer Port = $_port IsOpen =   $False Response = $Null}} Else {                 while ($True) {#Let buffer start-sleep-milliseconds 1000 Write-verbose "Bytes available: $ ($tcpClient. Available)" If ([Int64] $tcpClie Nt. Available-gt 0) {$stream = $TcpClient. GetStream () $bindResponseBuf fer = New-object byte[]-argumentlist $tcpClient. Available [Int] $response = $stream. Read ($bindResponseBuffer, 0, $bindResponseBuffer. Count) $Null = $stringBuilder. Append ($bindR Esponsebuffer |                        ForEach {[char][int]$_}]-join ')} Else {break                        }} $object = [Pscustomobject] @{Computername = $Computer Port = $_port IsOpen = $True Response = $stringBuilde    R.tostring ()                }} $object. pstypenames.insert (0, ' net.tcpresponse ') write-out Put $object If ($Stream) {$stream. Close () $stream.    Dispose ()} $tcpClient. Close () $tcpClient. Dispose ()}} }}

First create a System.Net.Sockets.TCPClient object, to connect to the specified domain name and port, the instant disconnection is that the server did not open that port, directly rejected, if not refused, then wait for the server to respond to you, and then read the byte stream stitching up to parse.

Finally, it needs to be emphasized that the open stream and TCP connections need to be shut down in order to free resources

The calling method is as follows:

Get-tcpresponse-computername Pop.126.com-port 110

and compare the results of Telnet.

The result is the same, no telnet in the future can not live with everyone, have fun! ^_^

Author: Pay the Navy
Source: http://fuhj02.cnblogs.com
Copyright: This article is owned by the author and the blog Park
Reprint: Welcome reprint, in order to preserve the author's passion for Creation, please "reprint" according to the requirements, thank you
Requirements: This statement must be retained without the consent of the author; the original text must be connected in the article, otherwise the legal liability will be
Personal website: http://www.fuhaijun.com/

Get TCP response via PowerShell (class Telnet)