iamtheky Posted April 11, 2016 Share Posted April 11, 2016 (edited) Netstat -f is slow as balls so I wrote this 3 parter to add to my AuditShot which runs substantially quicker in my testing. 1) runs netstat -n, 2) uniques the foreign addresses 3) runs those through nslookup As always, improvements and/or berating inefficiencies are both welcome: *Fixed IPv6 fail expandcollapse popup;netstat -f replacement v2 (potential IPv6 fix) #include<array.au3> $sCommand = "netstat -n" $iPID = run($sCommand, "" , @SW_HIDE , $stdout_child) $sOutput = "" $sNSLookupOut = "" local $aNSfinal[0] local $aNSLookupFinal[0] While 1 $sOutput &= StdoutRead($iPID) If @error Then ExitLoop WEnd ProcessClose($iPID) $aOut = stringsplit($sOutput , @LF , 2) For $i = 4 to ubound($aOut) - 1 $aLine = stringsplit($aOut[$i] , " " , 2) For $k = ubound($aLine) - 1 to 0 step - 1 If stringstripWS($aLine[$k] , 8) = "" Then _ArrayDelete($aLine , $k) Next ;~ msgbox(0, '' , stringleft($aLine[2] , stringinstr($aLine[2] , ":" , 0 , -1) - 1)) If ubound($aLine) > 1 Then _ArrayAdd($aNSfinal , stringleft($aLine[2] , stringinstr($aLine[2] , ":" , 0 , -1) - 1)) $aUniqueNS = _ArrayUnique($aNSfinal) _ArrayDelete($aUniqueNS , 0) Next ;_ArrayDisplay($aUniqueNS) For $k = 0 to ubound($aUniqueNS) - 1 $iPID = run("nslookup " & $aUniqueNS[$k] , "" , @SW_HIDE , $stdout_child) While 1 $sNSLookupOut &= StdoutRead($iPID) If @error Then ExitLoop WEnd ProcessClose($iPID) $aNSLookup = stringsplit($sNSLookupOut , @LF , 2) _ArrayDelete($aNSLookup , "0-2") _ArrayAdd($aNSLookupFinal , $aNSLookup) $sNSLookupOut = "" Next _ArrayDisplay($aNSLookupFinal , "Final") Edited April 13, 2016 by iamtheky spelng and grmmr argumentum and GuyFromNJo 2 ,-. .--. ________ .-. .-. ,---. ,-. .-. .-. .-. |(| / /\ \ |\ /| |__ __||| | | || .-' | |/ / \ \_/ )/ (_) / /__\ \ |(\ / | )| | | `-' | | `-. | | / __ \ (_) | | | __ | (_)\/ | (_) | | .-. | | .-' | | \ |__| ) ( | | | | |)| | \ / | | | | | |)| | `--. | |) \ | | `-' |_| (_) | |\/| | `-' /( (_)/( __.' |((_)-' /(_| '-' '-' (__) (__) (_) (__) Link to comment Share on other sites More sharing options...
JohnOne Posted April 11, 2016 Share Posted April 11, 2016 Well it certainly is faster. AutoIt Absolute Beginners Require a serial Pause Script Video Tutorials by Morthawt ipify Monkey's are, like, natures humans. Link to comment Share on other sites More sharing options...
iamtheky Posted April 11, 2016 Author Share Posted April 11, 2016 just tested on my ipv6 friendly box and splitting on the colon was not wise, i will have to fix that. ,-. .--. ________ .-. .-. ,---. ,-. .-. .-. .-. |(| / /\ \ |\ /| |__ __||| | | || .-' | |/ / \ \_/ )/ (_) / /__\ \ |(\ / | )| | | `-' | | `-. | | / __ \ (_) | | | __ | (_)\/ | (_) | | .-. | | .-' | | \ |__| ) ( | | | | |)| | \ / | | | | | |)| | `--. | |) \ | | `-' |_| (_) | |\/| | `-' /( (_)/( __.' |((_)-' /(_| '-' '-' (__) (__) (_) (__) Link to comment Share on other sites More sharing options...
iamtheky Posted April 12, 2016 Author Share Posted April 12, 2016 (edited) Fix confirmed, edited post #1 Edited April 13, 2016 by iamtheky duplicate ,-. .--. ________ .-. .-. ,---. ,-. .-. .-. .-. |(| / /\ \ |\ /| |__ __||| | | || .-' | |/ / \ \_/ )/ (_) / /__\ \ |(\ / | )| | | `-' | | `-. | | / __ \ (_) | | | __ | (_)\/ | (_) | | .-. | | .-' | | \ |__| ) ( | | | | |)| | \ / | | | | | |)| | `--. | |) \ | | `-' |_| (_) | |\/| | `-' /( (_)/( __.' |((_)-' /(_| '-' '-' (__) (__) (_) (__) Link to comment Share on other sites More sharing options...
JohnOne Posted April 13, 2016 Share Posted April 13, 2016 ipv6 appears to work ok. iamtheky 1 AutoIt Absolute Beginners Require a serial Pause Script Video Tutorials by Morthawt ipify Monkey's are, like, natures humans. Link to comment Share on other sites More sharing options...
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now