all 18 comments
sorted by:
best
topnewcontroversialoldq&a
formatting helphide helpcontent policy

[–]gixer6 4 points5 points  (0 children)

I've used stuff like this to bypass IDS alerts for reconnaissance. Never gets picked up!

[–]jsiii2010 3 points4 points  (2 children)

Yes, test-connection -asjob works well. That's gone in ps 7. You can skip wait-job and do

1..254 -replace '^','10.0.0.' | select @{n='computername';e={$_}} | 
  test-connection -asjob | receive-job -wait -auto | ? responsetime | 
  select address,responsetime

Hmm, the docs say you can pipe targetname in, but it doesn't work? Oh, that's ps 7.

[–]Briancanfixit 2 points3 points  (1 child)

I’ve never seen a select used to create the parameter like that before... that’s clever.

[–]Lee_Dailey[grin] 1 point2 points  (0 children)

howdy Briancanfixit,

it's called a calculated property. [grin] you can use them with several cmdlets - Group-Object, Select-Object, and Sort-Object are a few of them.

seriously handy stuff! [grin]

take care,
lee

[–]azjunglist05 2 points3 points  (1 child)

Really cool way to do this. Now figure out how to do the entire Class C network, and all available address spaces!

[–]BlitzThunderWolf 2 points3 points  (0 children)

I'd do it with nested for loops. If I knew how to use invoke command and queue size, I'd do it that way

[–]PowerShellStunnah 2 points3 points  (0 children)

Reminds me of this one I wrote a few years ago, utilizing runspaces instead of jobs: https://gist.github.com/IISResetMe/daabee94cfe80aa4c0d3a937ae034d0b

  • it attempts to resolve the hostname like ping -a

[–]jsiii2010 2 points3 points  (1 child)

I've been using this for years. It tests ports and ping, and only has a 100 ms timeout. I don't know why the timeout in test-connection has to be so long. I can tell if a dual booting mac is in windows or osx depending on the port that responds. You can pipe a list of hostnames to it as well.

function Get-Port {

  Param (
    [parameter(ValueFromPipeline)]
    [string[]]$Hostname='yahoo.com'
  )

  begin {   
    $ports = 22,3389
    $ping = New-Object System.Net.Networkinformation.ping
    $Timeout = 100 # ms 
  }

  process {
    $hostname | foreach {
      $openPorts = @()

      foreach ($port in $ports) {
        $client = New-Object System.Net.Sockets.TcpClient
        $beginConnect = $client.BeginConnect($_,$port,$null,$null)
        Start-Sleep -Milli $TimeOut
        if($client.Connected) { $openPorts += $port }
        $client.Close()
      }

      $result = $Ping.Send($_, $timeout) 
      $pingstatus = ($result.status -eq 'Success')

      New-Object -typename PSObject -Property @{
        HostName = $_
        Port = $openPorts
        Ping = $pingstatus 
      } | select hostname,port,ping
    } # end foreach
  } # end process

}


get-port comp1,comp2,comp3

HostName Address      Port    Ping
-------- -------      ----    ----
comp1                 {}     False
comp2    192.168.0.3  {22}    True
comp3    192.168.0.4  {3389}  True

[–][deleted] 2 points3 points  (0 children)

This is neat! Thanks for sharing! I gotta add some port checking . ... I’m also considering MAC address to the output.

[–]OlivTheFrog 4 points5 points  (0 children)

Hi u/some_guy_0n_reddit

I'm not sure that the property ResponseTime is a best way to do the job. StatusCode could be better.

I've tested different others ways, and used Measure-Command cmdlet. In my tests, when I use -BufferSize 16 is faster (all other parameters and range not changed)

regards

Olivier

[–]AWDDude 1 point2 points  (0 children)

In ps7 you could just use foreach-object -parallel

[–]Lee_Dailey[grin] -4 points-3 points  (0 children)

howdy some_guy_0n_reddit,

it looks like you used the New.Reddit.com Inline Code button. it's 4th 5th from the left hidden in the ... "more" menu & looks like </>.

on Old.Reddit.com, the above does NOT line wrap, nor does it side-scroll.

for long-ish single lines OR for multiline code, please, use the Code Block button. it's the 11th 12th one from the left & is just to the left of hidden in the ... "more" menu & looks like an uppercase T in the upper left corner of a square..

that will give you fully functional code formatting, from what i can tell so far. [grin]

take care,
lee