# Usage: # 1. Edit script, change $ip, $mask, $outpitFile, and $rewriteFile parameters # 2. Start script # 3. Check the output file $ip = "192.168.1.1" $mask = "255.255.255.0" $outputFile = "C:\wmi\computers.txt" $rewriteFile = 1 #--------------------------------------------- Function for print messages to $LogFile and screen ------------------------------------------------------------------------------------------------------------------------------ function print_message($File, [string]$Text) { Write-Host $Text Add-Content $File $Text } #--------------------------------------------------------------------------------------------------------------------------------- Function ConvertTo-DecimalIP { <# .Synopsis Converts a Decimal IP address into a 32-bit unsigned integer. .Description ConvertTo-DecimalIP takes a decimal IP, uses a shift-like operation on each octet and returns a single UInt32 value. .Parameter IPAddress An IP Address to convert. #> [CmdLetBinding()] Param( [Parameter(Mandatory = $True, Position = 0, ValueFromPipeline = $True)] [Net.IPAddress]$IPAddress ) Process { $i = 3; $DecimalIP = 0; $IPAddress.GetAddressBytes() | ForEach-Object { $DecimalIP += $_ * [Math]::Pow(256, $i); $i-- } Return [UInt32]$DecimalIP } } Function ConvertTo-DottedDecimalIP { <# .Synopsis Returns a dotted decimal IP address from either an unsigned 32-bit integer or a dotted binary string. .Description ConvertTo-DottedDecimalIP uses a regular expression match on the input string to convert to an IP address. .Parameter IPAddress A string representation of an IP address from either UInt32 or dotted binary. #> [CmdLetBinding()] Param( [Parameter(Mandatory = $True, Position = 0, ValueFromPipeline = $True)] [String]$IPAddress ) Process { Switch -RegEx ($IPAddress) { "([01]{8}\.){3}[01]{8}" { Return [String]::Join('.', $( $IPAddress.Split('.') | ForEach-Object { [Convert]::ToUInt32($_, 2) } )) } "\d" { $IPAddress = [UInt32]$IPAddress $DottedIP = $( For ($i = 3; $i -gt -1; $i--) { $Remainder = $IPAddress % [Math]::Pow(256, $i) ($IPAddress - $Remainder) / [Math]::Pow(256, $i) $IPAddress = $Remainder } ) Return [String]::Join('.', $DottedIP) } default { Write-Error "Cannot convert this format" } } } } Function Get-NetworkAddress { <# .Synopsis Takes an IP address and subnet mask then calculates the network address for the range. .Description Get-NetworkAddress returns the network address for a subnet by performing a bitwise AND operation against the decimal forms of the IP address and subnet mask. Get-NetworkAddress expects both the IP address and subnet mask in dotted decimal format. .Parameter IPAddress Any IP address within the network range. .Parameter SubnetMask The subnet mask for the network. #> [CmdLetBinding()] Param( [Parameter(Mandatory = $True, Position = 0, ValueFromPipeline = $True)] [Net.IPAddress]$IPAddress, [Parameter(Mandatory = $True, Position = 1)] [Alias("Mask")] [Net.IPAddress]$SubnetMask ) Process { Return ConvertTo-DottedDecimalIP ((ConvertTo-DecimalIP $IPAddress) -BAnd (ConvertTo-DecimalIP $SubnetMask)) } } function check_open_port($ip, $port, $con_timeout) { $tcpclient = new-object Net.Sockets.TcpClient $Connection = $tcpclient.BeginConnect($ip, $port, $null, $null) $TimeOut = $Connection.AsyncWaitHandle.WaitOne($con_timeout,$false) if(!$TimeOut) { $TCPclient.Close() return 0 } else { try { $TCPclient.EndConnect($Connection) | out-Null $TCPclient.Close() return 1 } catch { ## Machine actively refused the connection. The port is not open but $TimeOut was still true return 0 } } } if ($rewriteFile) { Remove-Item $outputFile } $mm = "255.255.255.255" $dmm = ConvertTo-DecimalIP $mm $first = Get-NetworkAddress $ip $mask $dmask = ConvertTo-DecimalIP $mask $dfirst = [long](ConvertTo-DecimalIP $first) + 1 $n = [long]$dmm - [long]$dmask for ($i=0; $i -le ($n - 2); $i++) { $new = ConvertTo-DottedDecimalIP $dfirst $Port135Open = check_open_port $new "135" "1000" if ($Port135Open) {print_message $outputFile $new} $dfirst ++ } |