From 20b647108219c0d097a52e7638ce48b759c5ec5b Mon Sep 17 00:00:00 2001 From: Alexandre MOTTIER Date: Mon, 14 Oct 2024 14:06:38 +0200 Subject: [PATCH] Migration --- CheckGateway.ps1 | 28 ++++++++++++++++++++++++ README.md | 57 +++++++++++++++++++++++++++++++++++++++++++++++- 2 files changed, 84 insertions(+), 1 deletion(-) create mode 100644 CheckGateway.ps1 diff --git a/CheckGateway.ps1 b/CheckGateway.ps1 new file mode 100644 index 0000000..5a128cb --- /dev/null +++ b/CheckGateway.ps1 @@ -0,0 +1,28 @@ +$IP = (Get-WmiObject Win32_NetworkAdapterConfiguration | Where-Object {$_.IPEnabled}).DefaultIPGateway +$MACAddressList = (Get-NetNeighbor -State Reachable) +foreach ($item in $MACAddressList) { +$AdresseIP = $item.IPAddress +$AdresseMAC = $item.LinkLayerAddress +if ($IP -contains $AdresseIP){$GatewayMac = $AdresseMAC ; $GatewayIP = $AdresseIP} +} + + +$PublicIP = ((Resolve-DnsName -Name myip.opendns.com -Server resolver1.opendns.com).IPAddress) + +$MacFreebox = "F4-CA-E5","00-07-CB","00-24-D4","14-0C-76","34-27-92","68-A3-78","70-FC-8F","8C-97-EA","E4-9E-12" +$MacLivebox = "00-37-B7" +$MacApple = "BC-B8-63" +$MacXiaomi = "E0-CC-F8" +$MacFortinet = "08-5B-0E" + +$MacSplit = $GatewayMac -split "-" +$MacPrefix = $MacSplit[0] + "-" + $MacSplit[1] + "-" + $MacSplit[2] + +$Router = (Invoke-WebRequest -Uri "https://api.macvendors.com/$MacPrefix").Content + +$ShodanLink = "https://api.shodan.io/shodan/host/" + $PublicIP + "?key=9r6vVczYqYGR9F3WADASttMPt6fqK2Mm" +$Shodan = Invoke-RestMethod -uri $ShodanLink +$ISP = $Shodan.isp +if ($Router -eq ""){"Gateway vendor is unknown ($GatewayMac). `nLocal IP is $AdresseIP. `nPublic IP is $PublicIP."} +else{ +Write-Host "Gateway vendor is $Router ($GatewayMac). `nLocal IP is $AdresseIP. `nPublic IP is $PublicIP ($ISP)."} diff --git a/README.md b/README.md index 815dcbb..8aca070 100644 --- a/README.md +++ b/README.md @@ -1,2 +1,57 @@ -# CheckGateway +# Check Gateway - RMM script +That script is made for RMM using like Solarwinds MSP, NinjaRMM or others. + +## How it works ? + +First, the script gets the gateway's IP address : + +`$LocalIP = (Get-WmiObject Win32_NetworkAdapterConfiguration | Where-Object {$_.IPEnabled}).DefaultIPGateway` + +Then, with the IP address, the script gets the MAC address of the gateway : + +`$MacAddress = ((Get-NetNeighbor -IPAddress $LocalIP).LinkLayerAddress)` + +And the public IP address with opendns.com : + +`$PublicIP = ((Resolve-DnsName -Name myip.opendns.com -Server resolver1.opendns.com).IPAddress)` + +Next, we got arrays containing the MAC addresses by manufacturer : + +``` +$MacFreebox = "F4-CA-E5","00-07-CB","00-24-D4","14-0C-76","34-27-92","68-A3-78","70-FC-8F","8C-97-EA","E4-9E-12" +$MacLivebox = "00-37-B7" +$MacApple = "BC-B8-63" +$MacXiaomi = "E0-CC-F8" +``` + +The script cuts the MAC address of the gateway by 3 groups (bytes) : + +``` +$MacSplit = $MacAddress -split "-" +$MacPrefix = $MacSplit[0] + "-" + $MacSplit[1] + "-" + $MacSplit[2] +``` + +Next, compares the MAC addresses with arrays : + +``` +if($MacFreebox -contains $MacPrefix) +{$Router = "a Freebox"} +elseif($MacLivebox -contains $MacPrefix) +{$Router = "a Livebox"} +elseif($MacApple -contains $MacPrefix) +{$Router = "an Apple device"} +elseif($MacXiaomi -contains $MacPrefix) +{$Router = "a Xiaomi device"} +else # If router is unknown +{$Router = "Unknown"} +``` + +And give the result of the comparison : + +``` +if ($Router -like 'Unknown') # In the case router is unknown +{Write-Host "Router is unknown ($MacAddress). Maybe a randomized MAC address" ; exit 1} +else +{Write-Host "Gateway is $Router ($MacAddress). `nLocal IP is $LocalIP. `nPublic IP is $PublicIP." ; exit 0} +```