Author Posts

July 13, 2015 at 7:35 pm

So, I made this little script as a way to quickly check several different websites for the reputation on an IP address. I do have a question though........well 2

First, run the script, and see how I had to open up several different IE browser windows. Is there a way to keep all of this in one window, and still input the necessary info?

Also, I have an issue with a website that really needs to be able to be queried, it's one of our real go to guys.

http://www.dnsbl.info

Any suggestions on how to get to query this website like the other ones listed in this script? I am new to powershell, so any advice would help.

And if anyone else does IT security, this script has definitely been a pretty quick and easy way to tell if an IP is malicious or not.

====================================================================
$host.ui.rawui.ForegroundColor="Red"
$a = (Get-Host).UI.RawUI
$b = $a.WindowSize
$b.Width = 50
$b.Height = 20
$a.WindowSize = $b
$global=$name = Read-Host 'Which IP do you want to scan?'
$ie = New-Object -com InternetExplorer.Application
$ie.visible=$true

start-sleep 1

$ie.navigate2("http://www.ipvoid.com")
$ie.top = 0; $ie.width = 600; $ie.height = 600; $ie.Left = 0
while($ie.ReadyState -ne 4) {start-sleep -m 100}
$ie.document.getElementById("ip_address").value= "$name"
start-sleep 1
$submit = $ie.Document.getElementsByTagName('button') | where-object {$_.type -eq "submit"}
$submit.Click()

$ie = New-Object -com InternetExplorer.Application
$ie.visible=$true
$ie.navigate("http://www.trustedsource.org/")
$ie.top = 0; $ie.width = 600; $ie.height = 600; $ie.Left = 600
while($ie.ReadyState -ne 4) {start-sleep -m 100}
$ie.document.getElementById("q").value= "$name"
start-sleep 1
$ie.document.getElementById("dummy").Click()

$ie = New-Object -com InternetExplorer.Application
$ie.visible=$true
$ie.navigate("http://urlquery.net")
$ie.top = 0; $ie.width = 600; $ie.height = 600; $ie.Left = 1200
while($ie.ReadyState -ne 4) {start-sleep -m 100}
$ie.document.getElementById("url").value= "$name"
start-sleep 1
$ie.document.getElementById("url-submit").Click()

$ie = New-Object -com InternetExplorer.Application
$ie.visible=$true
$ie.navigate("http://whois.domaintools.com")
$ie.top = 600; $ie.width = 600; $ie.height = 600; $ie.Left = 0
while($ie.ReadyState -ne 4) {start-sleep -m 100}
$ie.document.getElementById("landing-whois").value= ("$name")
start-sleep 1
$ie.document.getElementById("whois-search").Click()

$ie = New-Object -com InternetExplorer.Application
$ie.visible=$true
$ie.navigate("zulu.zscaler.com")
$ie.top = 600; $ie.width = 600; $ie.height = 600; $ie.Left = 600
while($ie.ReadyState -ne 4) {start-sleep -m 100}
$ie.document.getElementById("submission_submission").value= "$name"
start-sleep 1
$submit = $ie.Document.getElementsByTagName('input') | where-object {$_.type -eq "image"}
$submit.Click()

$ie = New-Object -com InternetExplorer.Application
$ie.visible=$true
$ie.navigate("http://www.borderware.com")
$ie.top = 600; $ie.width = 600; $ie.height = 600; $ie.Left = 1200
while($ie.ReadyState -ne 4) {start-sleep -m 100}
$ie.document.getElementById("ip").value= ("$name")
start-sleep 1
$ie.document.getElementById("submit").Click()

July 14, 2015 at 12:02 am

instead of using IE you can use Invoke-WebRequest like this
PS D:\> Invoke-WebRequest -Uri http://www.dnsbl.info/dnsbl-database-check.php -Method Post -Body @{'ip'='8.8.8.8'}
and analyze returned object.
but you make your own dnsbl checker –
to check for example 87.242.67.15 by b.barracudacentral.org you can use
[system.net.dns]::resolve('15.67.242.87.b.barracudacentral.org')
and so you can use other dnsbl services.
It is fair play 🙂

July 14, 2015 at 4:40 am

To answer your question about browser tabs, you can pass a BrowserNavConstant (navOpenInNewTab = 2048) to the .Navigate method.

$ie = New-Object -com InternetExplorer.Application
$ie.visible=$true
$ie.navigate("http://www.google.com")
$ie.navigate("http://www.yahoo.com", 2048)

July 16, 2015 at 12:18 am

Thanks for the help guys. I was able to get some help and query all information I needed. Great tool.