djamel/Powershell_IPScan
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
ac5797cb6c5b3c32614d43a270682ac5017afa9c
Powershell_IPScan/scan.ps1
T
djamel 3a5c753df3 Ajouter scan.ps1
2024-10-03 14:46:04 +02:00

634 lines
22 KiB
PowerShell
Raw Blame History

###############################################################################################################
# Language : PowerShell 4.0
# Filename : IPv4NetworkScan.ps1
# Autor : BornToBeRoot (https://github.com/BornToBeRoot)
# Description : Powerful asynchronus IPv4 Network Scanner
# Repository : https://github.com/BornToBeRoot/PowerShell_IPv4NetworkScanner
###############################################################################################################
<#
.SYNOPSIS
Powerful asynchronus IPv4 Network Scanner
.DESCRIPTION
This powerful asynchronus IPv4 Network Scanner allows you to scan every IPv4-Range you want (172.16.1.47 to 172.16.2.5 would work). But there is also the possibility to scan an entire subnet based on an IPv4-Address withing the subnet and a the subnetmask/CIDR.
The default result will contain the the IPv4-Address, Status (Up or Down) and the Hostname. Other values can be displayed via parameter.
.EXAMPLE
.\IPv4NetworkScan.ps1 -StartIPv4Address 192.168.178.0 -EndIPv4Address 192.168.178.20
IPv4Address Status Hostname
----------- ------ --------
192.168.178.1 Up fritz.box
.EXAMPLE
.\IPv4NetworkScan.ps1 -IPv4Address 192.168.178.0 -Mask 255.255.255.0 -DisableDNSResolving
IPv4Address Status
----------- ------
192.168.178.1 Up
192.168.178.22 Up
.EXAMPLE
.\IPv4NetworkScan.ps1 -IPv4Address 192.168.178.0 -CIDR 25 -EnableMACResolving
IPv4Address Status Hostname MAC Vendor
----------- ------ -------- --- ------
192.168.178.1 Up fritz.box XX-XX-XX-XX-XX-XX AVM Audiovisuelles Marketing und Computersysteme GmbH
192.168.178.22 Up XXXXX-PC.fritz.box XX-XX-XX-XX-XX-XX ASRock Incorporation
.LINK
https://github.com/BornToBeRoot/PowerShell_IPv4NetworkScanner/blob/master/README.md
#>
[CmdletBinding(DefaultParameterSetName = 'CIDR')]
Param(
[Parameter(
ParameterSetName = 'Range',
Position = 0,
Mandatory = $true,
HelpMessage = 'Start IPv4-Address like 192.168.1.10')]
[IPAddress]$StartIPv4Address,
[Parameter(
ParameterSetName = 'Range',
Position = 1,
Mandatory = $true,
HelpMessage = 'End IPv4-Address like 192.168.1.100')]
[IPAddress]$EndIPv4Address,
[Parameter(
ParameterSetName = 'CIDR',
Position = 0,
Mandatory = $true,
HelpMessage = 'IPv4-Address which is in the subnet')]
[Parameter(
ParameterSetName = 'Mask',
Position = 0,
Mandatory = $true,
HelpMessage = 'IPv4-Address which is in the subnet')]
[IPAddress]$IPv4Address,
[Parameter(
ParameterSetName = 'CIDR',
Position = 1,
Mandatory = $true,
HelpMessage = 'CIDR like /24 without "/"')]
[ValidateRange(0, 31)]
[Int32]$CIDR,
[Parameter(
ParameterSetName = 'Mask',
Position = 1,
Mandatory = $true,
Helpmessage = 'Subnetmask like 255.255.255.0')]
[ValidateScript({
if ($_ -match "^(254|252|248|240|224|192|128).0.0.0$|^255.(254|252|248|240|224|192|128|0).0.0$|^255.255.(254|252|248|240|224|192|128|0).0$|^255.255.255.(254|252|248|240|224|192|128|0)$") {
return $true
}
else {
throw "Enter a valid subnetmask (like 255.255.255.0)!"
}
})]
[String]$Mask,
[Parameter(
Position = 2,
HelpMessage = 'Maxmium number of ICMP checks for each IPv4-Address (Default=2)')]
[Int32]$Tries = 2,
[Parameter(
Position = 3,
HelpMessage = 'Maximum number of threads at the same time (Default=256)')]
[Int32]$Threads = 256,
[Parameter(
Position = 4,
HelpMessage = 'Resolve DNS for each IP (Default=Enabled)')]
[Switch]$DisableDNSResolving,
[Parameter(
Position = 5,
HelpMessage = 'Resolve MAC-Address for each IP (Default=Disabled)')]
[Switch]$EnableMACResolving,
[Parameter(
Position = 6,
HelpMessage = 'Get extendend informations like BufferSize, ResponseTime and TTL (Default=Disabled)')]
[Switch]$ExtendedInformations,
[Parameter(
Position = 7,
HelpMessage = 'Include inactive devices in result')]
[Switch]$IncludeInactive
)
Begin {
Write-Verbose -Message "Script started at $(Get-Date)"
$OUIListPath = "$PSScriptRoot\Resources\oui.txt"
function Convert-Subnetmask {
[CmdLetBinding(DefaultParameterSetName = 'CIDR')]
param(
[Parameter(
ParameterSetName = 'CIDR',
Position = 0,
Mandatory = $true,
HelpMessage = 'CIDR like /24 without "/"')]
[ValidateRange(0, 32)]
[Int32]$CIDR,
[Parameter(
ParameterSetName = 'Mask',
Position = 0,
Mandatory = $true,
HelpMessage = 'Subnetmask like 255.255.255.0')]
[ValidateScript({
if ($_ -match "^(254|252|248|240|224|192|128).0.0.0$|^255.(254|252|248|240|224|192|128|0).0.0$|^255.255.(254|252|248|240|224|192|128|0).0$|^255.255.255.(255|254|252|248|240|224|192|128|0)$") {
return $true
}
else {
throw "Enter a valid subnetmask (like 255.255.255.0)!"
}
})]
[String]$Mask
)
Begin {
}
Process {
switch ($PSCmdlet.ParameterSetName) {
"CIDR" {
# Make a string of bits (24 to 11111111111111111111111100000000)
$CIDR_Bits = ('1' * $CIDR).PadRight(32, "0")
# Split into groups of 8 bits, convert to Ints, join up into a string
$Octets = $CIDR_Bits -split '(.{8})' -ne ''
$Mask = ($Octets | ForEach-Object -Process { [Convert]::ToInt32($_, 2) }) -join '.'
}
"Mask" {
# Convert the numbers into 8 bit blocks, join them all together, count the 1
$Octets = $Mask.ToString().Split(".") | ForEach-Object -Process { [Convert]::ToString($_, 2) }
$CIDR_Bits = ($Octets -join "").TrimEnd("0")
# Count the "1" (111111111111111111111111 --> /24)
$CIDR = $CIDR_Bits.Length
}
}
[pscustomobject] @{
Mask = $Mask
CIDR = $CIDR
}
}
End {
}
}
# Helper function to convert an IPv4-Address to Int64 and vise versa
function Convert-IPv4Address {
[CmdletBinding(DefaultParameterSetName = 'IPv4Address')]
param(
[Parameter(
ParameterSetName = 'IPv4Address',
Position = 0,
Mandatory = $true,
HelpMessage = 'IPv4-Address as string like "192.168.1.1"')]
[IPaddress]$IPv4Address,
[Parameter(
ParameterSetName = 'Int64',
Position = 0,
Mandatory = $true,
HelpMessage = 'IPv4-Address as Int64 like 2886755428')]
[long]$Int64
)
Begin {
}
Process {
switch ($PSCmdlet.ParameterSetName) {
# Convert IPv4-Address as string into Int64
"IPv4Address" {
$Octets = $IPv4Address.ToString().Split(".")
$Int64 = [long]([long]$Octets[0] * 16777216 + [long]$Octets[1] * 65536 + [long]$Octets[2] * 256 + [long]$Octets[3])
}
# Convert IPv4-Address as Int64 into string
"Int64" {
$IPv4Address = (([System.Math]::Truncate($Int64 / 16777216)).ToString() + "." + ([System.Math]::Truncate(($Int64 % 16777216) / 65536)).ToString() + "." + ([System.Math]::Truncate(($Int64 % 65536) / 256)).ToString() + "." + ([System.Math]::Truncate($Int64 % 256)).ToString())
}
}
[pscustomobject] @{
IPv4Address = $IPv4Address
Int64 = $Int64
}
}
End {
}
}
# Helper function to create a new Subnet
function Get-IPv4Subnet {
[CmdletBinding(DefaultParameterSetName = 'CIDR')]
param(
[Parameter(
Position = 0,
Mandatory = $true,
HelpMessage = 'IPv4-Address which is in the subnet')]
[IPAddress]$IPv4Address,
[Parameter(
ParameterSetName = 'CIDR',
Position = 1,
Mandatory = $true,
HelpMessage = 'CIDR like /24 without "/"')]
[ValidateRange(0, 31)]
[Int32]$CIDR,
[Parameter(
ParameterSetName = 'Mask',
Position = 1,
Mandatory = $true,
Helpmessage = 'Subnetmask like 255.255.255.0')]
[ValidateScript({
if ($_ -match "^(254|252|248|240|224|192|128).0.0.0$|^255.(254|252|248|240|224|192|128|0).0.0$|^255.255.(254|252|248|240|224|192|128|0).0$|^255.255.255.(254|252|248|240|224|192|128|0)$") {
return $true
}
else {
throw "Enter a valid subnetmask (like 255.255.255.0)!"
}
})]
[String]$Mask
)
Begin {
}
Process {
# Convert Mask or CIDR - because we need both in the code below
switch ($PSCmdlet.ParameterSetName) {
"CIDR" {
$Mask = (Convert-Subnetmask -CIDR $CIDR).Mask
}
"Mask" {
$CIDR = (Convert-Subnetmask -Mask $Mask).CIDR
}
}
# Get CIDR Address by parsing it into an IP-Address
$CIDRAddress = [System.Net.IPAddress]::Parse([System.Convert]::ToUInt64(("1" * $CIDR).PadRight(32, "0"), 2))
# Binary AND ... this is how subnets work.
$NetworkID_bAND = $IPv4Address.Address -band $CIDRAddress.Address
# Return an array of bytes. Then join them.
$NetworkID = [System.Net.IPAddress]::Parse([System.BitConverter]::GetBytes([UInt32]$NetworkID_bAND) -join ("."))
# Get HostBits based on SubnetBits (CIDR) // Hostbits (32 - /24 = 8 -> 00000000000000000000000011111111)
$HostBits = ('1' * (32 - $CIDR)).PadLeft(32, "0")
# Convert Bits to Int64
$AvailableIPs = [Convert]::ToInt64($HostBits, 2)
# Convert Network Address to Int64
$NetworkID_Int64 = (Convert-IPv4Address -IPv4Address $NetworkID.ToString()).Int64
# Convert add available IPs and parse into IPAddress
$Broadcast = [System.Net.IPAddress]::Parse((Convert-IPv4Address -Int64 ($NetworkID_Int64 + $AvailableIPs)).IPv4Address)
# Change useroutput ==> (/27 = 0..31 IPs -> AvailableIPs 32)
$AvailableIPs += 1
# Hosts = AvailableIPs - Network Address + Broadcast Address
$Hosts = ($AvailableIPs - 2)
# Build custom PSObject
[pscustomobject] @{
NetworkID = $NetworkID
Broadcast = $Broadcast
IPs = $AvailableIPs
Hosts = $Hosts
}
}
End {
}
}
}
Process {
# Calculate Subnet (Start and End IPv4-Address)
if ($PSCmdlet.ParameterSetName -eq 'CIDR' -or $PSCmdlet.ParameterSetName -eq 'Mask') {
# Convert Subnetmask
if ($PSCmdlet.ParameterSetName -eq 'Mask') {
$CIDR = (Convert-Subnetmask -Mask $Mask).CIDR
}
# Create new subnet
$Subnet = Get-IPv4Subnet -IPv4Address $IPv4Address -CIDR $CIDR
# Assign Start and End IPv4-Address
$StartIPv4Address = $Subnet.NetworkID
$EndIPv4Address = $Subnet.Broadcast
}
# Convert Start and End IPv4-Address to Int64
$StartIPv4Address_Int64 = (Convert-IPv4Address -IPv4Address $StartIPv4Address.ToString()).Int64
$EndIPv4Address_Int64 = (Convert-IPv4Address -IPv4Address $EndIPv4Address.ToString()).Int64
# Check if range is valid
if ($StartIPv4Address_Int64 -gt $EndIPv4Address_Int64) {
Write-Error -Message "Invalid IP-Range... Check your input!" -Category InvalidArgument -ErrorAction Stop
}
# Calculate IPs to scan (range)
$IPsToScan = ($EndIPv4Address_Int64 - $StartIPv4Address_Int64)
Write-Verbose -Message "Scanning range from $StartIPv4Address to $EndIPv4Address ($($IPsToScan + 1) IPs)"
Write-Verbose -Message "Running with max $Threads threads"
Write-Verbose -Message "ICMP checks per IP: $Tries"
# Properties which are displayed in the output
$PropertiesToDisplay = @()
$PropertiesToDisplay += "IPv4Address", "Status"
if ($DisableDNSResolving -eq $false) {
$PropertiesToDisplay += "Hostname"
}
if ($EnableMACResolving) {
$PropertiesToDisplay += "MAC"
}
# Check if it is possible to assign vendor to MAC --> import CSV-File
if ($EnableMACResolving) {
if (Test-Path -Path $OUIListPath -PathType Leaf) {
$OUIHashTable = @{ }
Write-Verbose -Message "Read oui.txt and fill hash table..."
foreach ($Line in Get-Content -Path $OUIListPath) {
if (-not([String]::IsNullOrEmpty($Line))) {
try {
$HashTableData = $Line.Split('|')
$OUIHashTable.Add($HashTableData[0], $HashTableData[1])
}
catch [System.ArgumentException] { } # Catch if mac is already added to hash table
}
}
$AssignVendorToMAC = $true
$PropertiesToDisplay += "Vendor"
}
else {
$AssignVendorToMAC = $false
Write-Warning -Message "No OUI-File to assign vendor with MAC-Address found! Execute the script ""Create-OUIListFromWeb.ps1"" to download the latest version. This warning does not affect the scanning procedure."
}
}
if ($ExtendedInformations) {
$PropertiesToDisplay += "BufferSize", "ResponseTime", "TTL"
}
# Scriptblock --> will run in runspaces (threads)...
[System.Management.Automation.ScriptBlock]$ScriptBlock = {
Param(
$IPv4Address,
$Tries,
$DisableDNSResolving,
$EnableMACResolving,
$ExtendedInformations,
$IncludeInactive
)
# +++ Send ICMP requests +++
$Status = [String]::Empty
for ($i = 0; $i -lt $Tries; i++) {
try {
$PingObj = New-Object System.Net.NetworkInformation.Ping
$Timeout = 1000
$Buffer = New-Object Byte[] 32
$PingResult = $PingObj.Send($IPv4Address, $Timeout, $Buffer)
if ($PingResult.Status -eq "Success") {
$Status = "Up"
break # Exit loop, if host is reachable
}
else {
$Status = "Down"
}
}
catch {
$Status = "Down"
break # Exit loop, if there is an error
}
}
# +++ Resolve DNS +++
$Hostname = [String]::Empty
if ((-not($DisableDNSResolving)) -and ($Status -eq "Up" -or $IncludeInactive)) {
try {
$Hostname = ([System.Net.Dns]::GetHostEntry($IPv4Address).HostName)
}
catch { } # No DNS
}
# +++ Get MAC-Address +++
$MAC = [String]::Empty
if (($EnableMACResolving) -and (($Status -eq "Up") -or ($IncludeInactive))) {
$Arp_Result = (arp -a).ToUpper().Trim()
foreach ($Line in $Arp_Result) {
if ($Line.Split(" ")[0] -eq $IPv4Address) {
$MAC = [Regex]::Matches($Line, "([0-9A-F][0-9A-F]-){5}([0-9A-F][0-9A-F])").Value
}
}
}
# +++ Get extended informations +++
$BufferSize = [String]::Empty
$ResponseTime = [String]::Empty
$TTL = $null
if ($ExtendedInformations -and ($Status -eq "Up")) {
try {
$BufferSize = $PingResult.Buffer.Length
$ResponseTime = $PingResult.RoundtripTime
$TTL = $PingResult.Options.Ttl
}
catch { } # Failed to get extended informations
}
# +++ Result +++
if (($Status -eq "Up") -or ($IncludeInactive)) {
[pscustomobject] @{
IPv4Address = $IPv4Address
Status = $Status
Hostname = $Hostname
MAC = $MAC
BufferSize = $BufferSize
ResponseTime = $ResponseTime
TTL = $TTL
}
}
else {
$null
}
}
Write-Verbose -Message "Setting up RunspacePool..."
# Create RunspacePool and Jobs
$RunspacePool = [System.Management.Automation.Runspaces.RunspaceFactory]::CreateRunspacePool(1, $Threads, $Host)
$RunspacePool.Open()
[System.Collections.ArrayList]$Jobs = @()
Write-Verbose -Message "Setting up jobs..."
# Set up jobs for each IP...
for ($i = $StartIPv4Address_Int64; $i -le $EndIPv4Address_Int64; $i++) {
# Convert IP back from Int64
$IPv4Address = (Convert-IPv4Address -Int64 $i).IPv4Address
# Create hashtable to pass parameters
$ScriptParams = @{
IPv4Address = $IPv4Address
Tries = $Tries
DisableDNSResolving = $DisableDNSResolving
EnableMACResolving = $EnableMACResolving
ExtendedInformations = $ExtendedInformations
IncludeInactive = $IncludeInactive
}
# Catch when trying to divide through zero
try {
$Progress_Percent = (($i - $StartIPv4Address_Int64) / $IPsToScan) * 100
}
catch {
$Progress_Percent = 100
}
Write-Progress -Activity "Setting up jobs..." -Id 1 -Status "Current IP-Address: $IPv4Address" -PercentComplete $Progress_Percent
# Create new job
$Job = [System.Management.Automation.PowerShell]::Create().AddScript($ScriptBlock).AddParameters($ScriptParams)
$Job.RunspacePool = $RunspacePool
$JobObj = [pscustomobject] @{
RunNum = $i - $StartIPv4Address_Int64
Pipe = $Job
Result = $Job.BeginInvoke()
}
# Add job to collection
[void]$Jobs.Add($JobObj)
}
Write-Verbose -Message "Waiting for jobs to complete & starting to process results..."
# Total jobs to calculate percent complete, because jobs are removed after they are processed
$Jobs_Total = $Jobs.Count
# Process results, while waiting for other jobs
Do {
# Get all jobs, which are completed
$Jobs_ToProcess = $Jobs | Where-Object -FilterScript { $_.Result.IsCompleted }
# If no jobs finished yet, wait 500 ms and try again
if ($null -eq $Jobs_ToProcess) {
Write-Verbose -Message "No jobs completed, wait 250ms..."
Start-Sleep -Milliseconds 250
continue
}
# Get jobs, which are not complete yet
$Jobs_Remaining = ($Jobs | Where-Object -FilterScript { $_.Result.IsCompleted -eq $false }).Count
# Catch when trying to divide through zero
try {
$Progress_Percent = 100 - (($Jobs_Remaining / $Jobs_Total) * 100)
}
catch {
$Progress_Percent = 100
}
Write-Progress -Activity "Waiting for jobs to complete... ($($Threads - $($RunspacePool.GetAvailableRunspaces())) of $Threads threads running)" -Id 1 -PercentComplete $Progress_Percent -Status "$Jobs_Remaining remaining..."
Write-Verbose -Message "Processing $(if($null -eq $Jobs_ToProcess.Count){"1"}else{$Jobs_ToProcess.Count}) job(s)..."
# Processing completed jobs
foreach ($Job in $Jobs_ToProcess) {
# Get the result...
$Job_Result = $Job.Pipe.EndInvoke($Job.Result)
$Job.Pipe.Dispose()
# Remove job from collection
$Jobs.Remove($Job)
# Check if result contains status
if ($Job_Result.Status) {
if ($AssignVendorToMAC) {
$Vendor = [String]::Empty
# Check if MAC is null or empty
if (-not([String]::IsNullOrEmpty($Job_Result.MAC))) {
# Split it, so we can search the vendor (XX-XX-XX-XX-XX-XX to XXXXXX)
$MAC_VendorSearch = $Job_Result.MAC.Replace("-", "").Substring(0, 6)
$Vendor = $OUIHashTable.Get_Item($MAC_VendorSearch)
}
[pscustomobject] @{
IPv4Address = $Job_Result.IPv4Address
Status = $Job_Result.Status
Hostname = $Job_Result.Hostname
MAC = $Job_Result.MAC
Vendor = $Vendor
BufferSize = $Job_Result.BufferSize
ResponseTime = $Job_Result.ResponseTime
TTL = $ResuJob_Resultlt.TTL
} | Select-Object -Property $PropertiesToDisplay
}
else {
$Job_Result | Select-Object -Property $PropertiesToDisplay
}
}
}
} While ($Jobs.Count -gt 0)
Write-Verbose -Message "Closing RunspacePool and free resources..."
# Close the RunspacePool and free resources
$RunspacePool.Close()
$RunspacePool.Dispose()
Write-Verbose -Message "Script finished at $(Get-Date)"
}
End {
}
Reference in New Issue View Git Blame Copy Permalink