Powershell: Get-HttpStatus Function

Source: Internet
Author: User
Tags ssl connection

Little sister DT said that this year, a lot of powershell stuff has emerged, and a lot of it is found in a search.Get-HttpStatus FunctionThis is good and fun.


Of course, he will not be so bored. The Set: Windows7 Bypassing using Powershell from the past few days proves that he is really powerful in HACK. Thank you, little sister DT. May you crack it soon
Uncle msdn's Bash vs PowerShell is worth watching, with: Presentation: PowerShell for Pen Testers
Post exploit module of Metasploit:Post/windows/manage/powershell/exec_powershellIt is easy to eliminate the virus.
For WIN7, The powershell BYPASS function of SET is used to obtain sessions. Running exec_powershell is a small trick.

Code:
 
Function Get-HttpStatus {
<#
. SYNOPSIS
PowerSploit Module-Get-HttpStatus
 
Returns the HTTP Status Codes and full URL for specified paths.
 
Author: Chris Campbell (@ obscuresec)
License: BSD 3-Clause
 
. DESCRIPTION
A script to check for the existence of a path or file on a webserver.
 
. PARAMETER Target
Specifies the remote web host either by IP or hostname.
 
. PARAMETER Path
Specifies the remost host.
 
. PARAMETER Port
Specifies the port to connect.
 
. PARAMETER UseSSL
Use an SSL connection.
 
. EXAMPLE
PS> Get-HttpStatus-Target www.example.com-Path c: \ dictionary.txt | Select-Object {where StatusCode-eq 20 *}
 
. EXAMPLE
PS> Get-HttpStatus-Target www.example.com-Path c: \ dictionary.txt-UseSSL
 
. NOTES
HTTP Codes: 100-Informational * 200-Success * 300-Redirection * 400-Client Error * 500-Server Error
Status Codes: http://www.w3.org/Protocols/rfc2616/rfc2616-sec10.html
. LINK
 
Http://obscuresecurity.blogspot.com
 
#>
 
[CmdletBinding ()] Param (
[Parameter (Mandatory = $ True)] [String] $ Target,
[Parameter ()] [String] [ValidateNotNullOrEmpty ()] $ Path = '. \ Dictionaries \ admin.txt ',
[Parameter ()] [Int] $ Port,
[Parameter ()] [Switch] $ UseSSL
)
 
If (Test-Path $ Path ){
 
If ($ UseSSL-and $ Port-eq 0 ){
# Default to 443 if SSL is specified but no port is specified
$ Port = 443
} Elseif ($ Port-eq 0 ){
# Default to port 80 if no port is specified
$ Port = 80
}
 
$ TcpConnection = New-Object System. Net. Sockets. TcpClient
Write-Verbose "Path Test Succeeded-Testing Connectivity"
 
Try {
# Validate that the host is listening before scanning
$ TcpConnection. Connect ($ Target, $ Port)
} Catch {
Write-Error "Connection Test Failed-Check Target"
$ Tcpconnection. Close ()
Return
}
 
$ Tcpconnection. Close ()
} Else {
Write-Error "Path Test Failed-Check Dictionary Path"
Return
}
 
If ($ UseSSL ){
$ SSL ='s'
# Ignore invalid SSL certificates
[System. Net. ServicePointManager]: ServerCertificateValidationCallback ={$ True}
} Else {
$ SSL =''
}
 
If ($ Port-eq 80)-or ($ Port-eq 443 )){
$ PortNum =''
} Else {
$ PortNum = ": $ Port"
}
 
# Check Http status for each entry in the doctionary file
Foreach ($ Item in Get-Content $ Path ){
 
$ WebTarget = "http $ ($ SSL): // $ ($ Target) $ ($ PortNum)/$ ($ Item )"
$ URI = New-Object Uri ($ WebTarget)
 
Try {
$ WebRequest = [System. Net. WebRequest]: Create ($ URI)
$ WebResponse = $ WebRequest. GetResponse ()
$ WebStatus = $ WebResponse. StatusCode
$ ResultObject + = $ ScanObject
$ WebResponse. Close ()
} Catch {
$ WebStatus = $ Error [0]. Exception. InnerException. Response. StatusCode
 
If ($ WebStatus-eq $ null ){
# Not every exception returns a StatusCode.
# If that is the case, return the Status.
$ WebStatus = $ Error [0]. Exception. InnerException. Status
}
}
 
$ Result = @ {Status = $ WebStatus;
URL = $ WebTarget}
 
$ ScanObject = New-Object-TypeName PSObject-Property $ Result
 
Write-Output $ ScanObject
 
}
}
More features of niub onlookers here: https://github.com/mattifestation/PowerSploit/

 

Related Article

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.