/// <summary>
/// Execute a process on a remote system using the WMI Win32_Process.Create method.
/// </summary>
/// <param name="ComputerNames">ComputerNames of remote systems to execute process.</param>
/// <param name="Command">Command to execute on remote system.</param>
/// <param name="Username">Username to authenticate as to the remote system.</param>
/// <param name="Password">Password to authenticate the user.</param>
/// <returns>Bool. True if execution succeeds, false otherwise.</returns>
public static SharpSploitResultList <WmiExecuteResult> WMIExecute(List <string> ComputerNames, string Command, string Username, string Password)
{
SharpSploitResultList <WmiExecuteResult> results = new SharpSploitResultList <WmiExecuteResult>();
results.AddRange(ComputerNames.Select(CN => WMIExecute(CN, Command, Username, Password)));
return(results);
}
public void TestPortScanCidrThreaded()
{
List <string> hosts = new List <string> {
"127.0.0.1", "8.8.8.8/24"
};
List <int> ports = new List <int> {
80, 443, 445
};
SharpSploitResultList <Network.PortScanResult> results1 = Network.PortScan(hosts, ports, true, 8000, 120);
SharpSploitResultList <Network.PortScanResult> results2 = Network.PortScan(hosts, ports, true, 10000, 1);
Assert.IsNotNull(results1);
Assert.IsNotNull(results2);
Assert.AreEqual(results1.Count, results2.Count);
Assert.AreEqual(results1.Where(R => R.IsOpen).Count(), results2.Where(R => R.IsOpen).Count());
Assert.AreEqual(String.Join(",", results1.Select(R => R.ComputerName).OrderBy(C => C).ToArray()), String.Join(",", results2.Select(R => R.ComputerName).OrderBy(C => C).ToArray()));
results1.AddRange(results2);
foreach (Network.PortScanResult result in results1)
{
Assert.IsNotNull(result);
Assert.AreNotEqual(result.ComputerName, "");
Assert.IsInstanceOfType(result.ComputerName, typeof(string));
Assert.IsInstanceOfType(result.IsOpen, typeof(bool));
}
}
/// <summary>
/// Conducts a port scan of specified ComputerNames on specified ports and reports open ports.
/// </summary>
/// <param name="ComputerNames">ComputerNames to port scan.</param>
/// <param name="Ports">Ports to scan.</param>
/// <param name="Ping">Optional switch. If true, pings the ComputerNames to ensure each is up before port scanning.</param>
/// <param name="Timeout">Timeout (in milliseconds) before a port is considered down.</param>
/// <param name="Threads">Number of threads with which to portscan simultaneously</param>
/// <returns>List of PortScanResults</returns>
public static SharpSploitResultList <PortScanResult> PortScan(IList <string> ComputerNames, IList <int> Ports, bool Ping = true, int Timeout = 250, int Threads = 100)
{
IList <string> scanAddresses = Utilities.ConvertCidrToIPs(ComputerNames).Distinct().ToList();
IList <int> scanPorts = Ports.Where(P => P > 1 && P < 65536).Distinct().ToList();
if (Ping)
{
SharpSploitResultList <PingResult> pingResults = Network.Ping(scanAddresses, Timeout, Threads);
scanAddresses = pingResults.Where(PR => PR.IsUp).Select(PR => PR.ComputerName).ToList();
}
IList <PortScanResult> portScanResults = new List <PortScanResult>();
using (CountdownEvent waiter = new CountdownEvent(scanAddresses.Count * Ports.Count))
{
object portScanResultsLock = new object();
int runningThreads = 0;
foreach (string ComputerName in scanAddresses)
{
foreach (int Port in scanPorts)
{
TcpClient client = null;
if (!Utilities.IsIP(ComputerName))
{
client = new TcpClient();
}
else
{
IPAddress.TryParse(ComputerName, out IPAddress address);
client = new TcpClient(address.AddressFamily);
}
PortScanResult portScanResult = new PortScanResult(ComputerName, Port, true);
while (runningThreads >= Threads)
{
waiter.WaitOne(Timeout);
runningThreads--;
}
IAsyncResult asyncResult = client.BeginConnect(ComputerName, Port, new AsyncCallback((state) => {
try
{
client.EndConnect(state);
client.Close();
}
catch
{
portScanResult.IsOpen = false;
}
if (portScanResult.IsOpen)
{
lock (portScanResultsLock)
{
portScanResults.Add(portScanResult);
}
}
((CountdownEvent)state.AsyncState).Signal();
}), waiter);
runningThreads++;
}
}
waiter.Wait(Timeout * scanAddresses.Count * Ports.Count);
}
SharpSploitResultList <PortScanResult> results = new SharpSploitResultList <PortScanResult>();
results.AddRange(portScanResults);
return(results);
}