3 posts categorized "powershell"

02/27/2013

Powershell Two-Liner to Get External IP

It has been a while since I've had a Windows machine to play with but I get requests from developers quite often who want to know the external IP a partner will see when one of our servers are accessing that partner's site. On Unix and Unix-like servers, you can just run curl ifconfig.me (assuming curl is installed) and you're done, (curl -x [protocol][proxy_server][:port] ifconfig.me if you need to declare an anonymous outbound proxy server).

Windows server administrators though don't seem to install curl on their servers too often but there is a very good chance Powershell will be installed on it. If you're looking for a way to grab your external IP from the command line on Windows, the following Powershell 3.0 two-liner will work, (it definitely works on Windows 8):

$resp = Invoke-WebRequest -Uri http://ifconfig.me/ip -Method Get
Write-Output $resp.ParsedHtml.body.innerHtml

If you need to declare an outbound proxy (which does not require authentication), add -Proxy [proxy_server][:port] after -Method Get. Save it in a new script named something like "Get-MyExtIP.ps1" and you are all set.

Yes, one could just fire up Internet Explorer from a Terminal Services session and go to one of those external IP sites but this is a powershell post. :)

Posted by Chris Mahns at 6:03 AM in powershell | Permalink | Comments (0) | TrackBack (0)

08/27/2008

Updated Powershell Script to Test For Trace 

This article has been superseded by this one. 
No further updates will be made to this article.


In a previous post, I posted a basic powershell script that would test a site to see whether the TRACE method was enabled or not. I've updated that script so now you can test for other methods. Here is the updated script:

## USAGE: ./testURL.ps1 <http-method-to-test> <site-to-test-without-trailing-slash>
##
## Not sure why, but this script returns true if you use a URL like http://www.apache.org
## but fails if you use the correct URI syntax (http://www.apache.org/ << note trailing slash

param ($method,$url)

trap{
Write-Host $_
#clean up the current request
$request.Abort()
#an error occurred. ignore it and continue to returning false.
continue
}

$request = [System.Net.WebRequest]::Create($url)
$request.Method = $method
$request.TimeOut = 5000
if ($request.GetResponse().StatusCode -eq "OK")
{
#clean up the current request
$request.GetResponse().Close()
return $true
}
#should get here only if we got an error for our web request
return $false


Running the script is a matter of typing in the method you want to execute followed by the URL of the site you want to test: ".\testURLv2.ps1 %HTTPMETHOD% %URL%"

Enjoy! This script allows you to test to see if Methods like TRACK and OPTIONS work in additon to simply testing that the TRACE method works.

Posted by Chris Mahns at 12:00 AM in apache, Disable TRACE, PCI Compliance, powershell, sysadmin | Permalink | Comments (0) | TrackBack (0)

08/02/2008

PowerShell Script to Test for TRACE method 

This article has been superseded by this one. 
No further updates will be made to this article.

UPDATE: This script has been slightly updated to allow you to test for other methods. See here for more details. 

In a previous post, I described an iRule for BigIP that will allow you to disable the TRACE method, which you can attach to your VIPs instead of manually checking your hundreds of servers to verify whether the TRACE method is enabled or disabled.  Most modern web servers, including Apache, IIS 6+, tomcat 5.5+) ship with the TRACE method disabled, however.

I described in another post a theory as to why the PCI scanner keeps flagging your sites as being vulnerable because it is not actually running a TRACE but is executing an OPTIONS method instead and scraping the Response Headers.  You could ask your third-party auditer yourself but they may not know or won't tell you.  This makes verification that the vulnerability has really been remedied up to you.

The following PowerShell script, which was only slightly adapted from the very good book Pro Windows PowerShell published by Apress (so author Hristo Deshev deserves all the credit) will allow you to test to see what happens when executing a TRACE method against your newly irule-protected sites. Executing "./testSiteForTrace.ps1 <url>" will return True if TRACE requests work and False if they fail.  It also has the added bonus of posting the message received from the server when a False is generated.  I do not yet understand why the script returns false when a trailing slash is added to the URL though.  For example, testSiteForTrace.ps1 http://www.apache.org returns True but testSiteForTrace.ps1 http://www.apache.org/returns False. If anyone knows, let me know please.

param ($url)
trap{
Write-Host $_

$request.Abort()

continue
}

$request = [System.Net.WebRequest]::Create($url)
$request.Method = "TRACE"
$request.TimeOut = 5000
if ($request.GetResponse().StatusCode -eq "200"){

$request.GetResponse().Close()
return $true
}

return $false

Running this against one of my sites, I get the following message:
The underlying connection was closed: An unexpected error occurred on a receive. Which is perfect!

Posted by Chris Mahns at 12:00 AM in Disable TRACE, powershell, sysadmin, weekend post | Permalink | Comments (2) | TrackBack (0)