At work sometimes we have to create nested queries with a handful of different IPs. I am not going to name the product for Operational Security reasons. But anyways I was tired of having to manually add all the IPs into a nested format like: ( ( addr.dst in ‘1.1.1.1’ ) or ( addr.dst in ‘2.2.2.2’ ) . I created this easy and simple PowerShell script to make it easy.
$count = Read-Host "Enter Count"
$out = ""
For ($i = 0; $i -lt $count; $i++) {
$ip = Read-Host "Enter IP"
$check = $count -le $i +1
If ($check -eq $true) {
$out += "( addr.dst in '$ip' )"
}
else {
$out += "( addr.dst in '$ip' ) or "
}
}
Write-Host "(" $out ")"First the script asks the user how many IPs they want to add to the query. It will then continue to loop until the count is matched. During each loop it will ask the user to input the IPs. Next it will check to see if it is the last loop and depending if it is or not it will add the IP to the “$out” string, and add the “or” statement to the query. Lastly it will print out the query.
An example of the output can be seen below.
(( addr.dst in '127.0.0.1') or (addr.dst in '127.0.0.2'))The code below does essentially the same function as the script above but with this script, the user will enter a URL ( no Https ) and the script will perform a DNS lookup and get the IPs. It will then loop through all the IPs and create the nested query. Lastly it will copy the output into the user’s clipboard.
$site = Read-Host "Enter site"
$ips = [System.Net.Dns]::GetHostAddresses($site)
$count = $ips.count
$out = ""
$i =0
Foreach($item in $ips) {
$i += 1
If ($i -eq $count) {
$out += "( addr.dst in '$item' ) "
}
else {
$out += "( addr.dst in '$item' ) or "
}
}
Write-Host "(" $out ")"
$clip = "(" + $out + ")"
Set-Clipboard -Value $clip
Leave a Reply