Saturday, September 11, 2010

Powershell Wake-OnLan Function

Me and my colleague were discussing just before the left for the weekend and at one point he said he said; "I always switch off my PC before the weekend and it's always switched on when I come back on Monday. It didn't used to do that so they (the desktop operations team) must have deployed Wake-on-Lan". This triggered a thought in my head, how does Wake-on-Lan work. So after my colleague left I googled around a bit and found this piece of java code. After seeing how easy it is to send a Wake-on-Lan magic packet I couldn't stop myself from spending another half an hour at work to build a powershell Wake-on-Lan function.

To wake a PC up just run the following:

PS C:\PS> Wake-OnLan -BroadCastAddress 192.168.0.255 -MacAddress 32:2D:F4:32:7D:E5

Where -BroadCastAddress is the IP Address subnet address and where -MacAddress is the mac address of the computer to wake up. The -MacAddress parameter takes the address in either the colon (32:24:F4:32:7D:E5) or the dash (32-24-F4-32-7D-E5) format. Here is the function...

Function Wake-OnLan {
param(
  [string]$BroadCastAddress=$(throw "Mandatory -Parameter -BroadCastAddress missing, for example 192.168.0.255"),
  [string]$MacAddress=$(throw "Mandatory -Parameter -MacAddress missing, for example 32:2D:F4:32:7D:E5 or 32-2D-F4-32-7D-E5")
  )
  [void][System.Reflection.Assembly]::LoadWithPartialName("System.Net")
  [void][System.Reflection.Assembly]::LoadWithPartialName("System.Net.Sockets")
  $udpClient = new-object System.Net.Sockets.UdpClient
  $endPoint = new-object System.Net.IPEndPoint $([System.Net.IPAddress]::Parse($BroadCastAddress)),10000

  $MacAddress = $MacAddress.Replace(":","-")
  [byte[]]$macBytes = $macAddress.split("-") | %{[byte]"0x$_"}
  [byte[]]$bytes = new-object "byte[]" $(6 + 16 * $($macBytes.length))
  for ($i = 0; $i -lt 6; $i++) {
    $bytes[$i] = [byte] 0xff
  }
  for ($i = 6; $i -lt $bytes.length; $i += $macBytes.length) {
    for($j = 0; $j -lt $macBytes.length; $j++){
      $bytes[$i + $j] = $macBytes[$j]
    }
  }
  $udpClient.connect($endPoint)
  [void]$udpClient.Send($bytes,$bytes.length)
  Write-Host "Magic packet has been sent"
}


Please enjoy!

Friday, September 10, 2010

Get Certificate Chain from any port with Powershell

Some time back I needed to dump the certificate chain from an LDAP server. I cobbled together a small function to connect to any SSL/TLS port and download the certificate chain.

The function takes 3 parameters, -Server, -Port and -ToBase64. I think all of them are self describing. Without the -ToBase64 the function returns a X509Certificate2 object from which you can get the Subject, Issuer, Thumbprint (...) fields.

Sample execution:

PS C:\> Get-CertificateChain -server lon001 -Port 636 -ToBase64 > c:\cert.cer

I used the function to collect all certificates from all our Domain Controller in our Active Directory domain, lo and behold, we had a few Domain Controllers with old certs. So it was very useful. Here's the function...



Function Get-CertificateChain {
param(
[string]$server=$(throw "Mandatory parameter -Server is missing."),
[int]$port=$(throw "Mandatory parameter -Port is missing."),
[switch]$ToBase64
)
$code=@"
using System;
using System.Collections;
using System.Net;
using System.Net.Security;
using System.Net.Sockets;
using System.Security.Authentication;
using System.Text;
using System.Security.Cryptography.X509Certificates;
using System.IO;
using System.Threading;
namespace CosmosKey.Powershell
{
  public class SslUtility
  {
    private static byte[] CertChain;
    private static object Lock = new object();
    private static Hashtable certificateErrors = new Hashtable();
    public static bool ValidateServerCertificate(
        object sender,
        X509Certificate certificate,
        X509Chain chain,
        SslPolicyErrors sslPolicyErrors)
    {
      byte[] data = certificate.Export(X509ContentType.Cert);
      lock (Lock)
      {
        CertChain = data;
        Monitor.Pulse(Lock);
      }
      return true;
    }
    public static byte[] GetCertificate(string serverName, int port)
    {
      TcpClient client = new TcpClient(serverName,port);
          SslStream sslStream = new SslStream(
          client.GetStream(),
          false,
          new RemoteCertificateValidationCallback (ValidateServerCertificate),
          null
        );
      try
      {
        lock (Lock)
        {
          sslStream.BeginAuthenticateAsClient(serverName,null,null);
          bool didTimeout = Monitor.Wait(Lock);
        }
      }
      finally
      {
        client.Close();
      }
      return CertChain;
    }
  }
}
"@
  Add-Type $code
  [byte[]]$certData = [CosmosKey.Powershell.SslUtility]::GetCertificate($server,$port)
  if($ToBase64){
    [convert]::ToBase64String($certData)
  } else {
    $cert = new-object System.Security.Cryptography.X509Certificates.X509Certificate2
    $cert.import($certData)
    $cert
  }
}

Please enjoy!