Public/Invoke-Phase09ReconnaissancePriviledged.ps1
|
function Invoke-Phase09ReconnaissancePriviledged { ################################################################################ ##### ##### ##### Run the Attack Phase - Brute Force Account ##### ##### ##### ################################################################################ Param ( [switch]$UnAttended, [switch]$Continue, [Switch]$EnableLogging, [switch]$SkipImages, [switch]$SkipClearHost, [switch]$AS2GoDemo ) $CurrentFunction = Get-FunctionName Write-Log -Message "### Start Function $CurrentFunction ###" $StartRunTime = (Get-Date).ToString($Script:DateFormatLog) #################### main code | out- host ##################### If (-not $AS2GoDemo) { Set-NewColorSchema -NewStage $Script:InitialStart Get-forestinfo } If (-not $SkipClearHost) { Clear-Host } Update-WindowTitle -NewTitle $Script:Phase09 #Set-KeyValue -key "LastStage" -NewValue $Script:Phase06 If (-not $SkipImages) { Show-Phases -Phase "phase_009.html" } Do { # If ($skipstep) { break } If (-not $SkipClearHost) { Clear-Host } Write-Host "____________________________________________________________________`n" Write-Host " Attack Phase - RECONNAISSANCE " Write-Host " try to collect reconnaissance and configuration data " Write-Host "____________________________________________________________________`n" If ($UnAttended) { $answer = $yes } else { $question = "Would you like to run this step - Y or N? Default " $answer = Get-Answer -question $question -defaultValue $Yes } If ($answer -eq $yes) { If (-not $SkipClearHost) { Clear-Host } Write-Host "____________________________________________________________________`n" Write-Host " Show Services and Processes on Logon Server " Write-Host "____________________________________________________________________`n" $server = $env:LOGONSERVER.replace("\", "") Write-Host -NoNewline " Commands: " Write-Highlight -Text " Get-Service ", "-ComputerName ", "$server ", "| " , "Out-GridView ", "-Title " , "Services on $server"` -Color $fgcC, $fgcS, $fgcV, $fgcF, $fgcC, $fgcS, $fgcV Write-Host -NoNewline " " Write-Highlight -Text " Get-Process ", "-ComputerName ", "$server ", "| " , "Out-GridView ", "-Title " , "Processes on $server"` -Color $fgcC, $fgcS, $fgcV, $fgcF, $fgcC, $fgcS, $fgcV Write-Host "" If ($UnAttended) { $answer = $no } else { $question = "Do you want to run these steps - Y or N? Default " $answer = Get-Answer -question $question -defaultValue $Yes } If ($answer -eq $yes) { #Get-Service -ComputerName $server | Sort-Object status | Out-GridView -Title "Services on $server" #Get-Process -ComputerName $server | Out-GridView -Title "Processes on $server" Invoke-Command -ComputerName $server -ScriptBlock { Get-Service | Sort-Object Name } | Out-GridView -Title "Services on $server" Invoke-Command -ComputerName $server -ScriptBlock { Get-Process | Sort-Object Name } | Out-GridView -Title "Processes on $server" } If ($UnAttended) { $answer = $reconnaissance } else { $question = "Further reconnaissance tasks - Y or N? Default " $answer = Get-Answer -question $question -defaultValue $yes } If ($answer -eq $yes) { Start-ReconnaissanceExtended } } elseIf ($answer -eq $exit) { Stop-AS2GoDemo } else { } If (-not $SkipClearHost) { Clear-Host } Write-Host "____________________________________________________________________`n" Write-Host " ??? REPEAT | Attack Phase - RECONNAISSANCE ??? " Write-Host "____________________________________________________________________`n" If ($UnAttended) { $repeat = $no } else { $question = "Would you like to repeat this attack phase? Please enter Y or N. Default " $repeat = Get-Answer -question $question -defaultValue $no } } Until ($repeat -eq $no) ######################## main code ############################ $runtime = Get-RunTime -StartRunTime $StartRunTime Write-Log -Message " Run Time: $runtime [h] ###" Write-Log -Message "### End Function $CurrentFunction ###" } |