diff --git a/Powershell/Modules/Effectory.Dns/Effectory.Dns/private/CheckIpAddresses.ps1 b/Powershell/Modules/Effectory.Dns/Effectory.Dns/private/CheckIpAddresses.ps1 new file mode 100644 index 0000000..aaaaebe --- /dev/null +++ b/Powershell/Modules/Effectory.Dns/Effectory.Dns/private/CheckIpAddresses.ps1 @@ -0,0 +1,33 @@ +function CheckIpAddresses() { + param( + [Parameter(Mandatory)] + [Microsoft.Azure.Commands.Profile.Models.Core.PSAzureContext]$subscription, + [Parameter(Mandatory)] + [Microsoft.Azure.Commands.Network.Models.PSPublicIpAddress[]] $ipAddresses, + [Parameter(Mandatory)] + [string]$effectoryDomainPattern + ) + [EffectoryDomainNameCheck[]]$Result = @() + + # public ip => Assume binding if an IP has a domain name. + + foreach($ipAddress in $ipAddresses) { + $resource = Get-AzResource -ResourceId $ipAddress.Id + $domainNameCheck = [EffectoryDomainNameCheck] @{ + SubscriptionId = $subscriptionId; + SubscriptionName = $subscription.Name; + ResourceId = $ipAddress.Id; + ResourceName = $ipAddress.Name; + ResourceType = $resource.ResourceType; + ResourceGroupName = $resource.ResourceGroupName; + DomainName = $ipAddress.DnsSettings.DomainNameLabel; + Tag_Team = $resource.Tags.team + Tag_Product = $resource.Tags.product + Tag_Environment = $resource.Tags.environment + Tag_Data = $resource.Tags.data + } + $Result += $domainNameCheck + } + + $Result +} \ No newline at end of file diff --git a/Powershell/Modules/Effectory.Dns/Effectory.Dns/private/CheckTrafficManagers.ps1 b/Powershell/Modules/Effectory.Dns/Effectory.Dns/private/CheckTrafficManagers.ps1 new file mode 100644 index 0000000..c98b07c --- /dev/null +++ b/Powershell/Modules/Effectory.Dns/Effectory.Dns/private/CheckTrafficManagers.ps1 @@ -0,0 +1,33 @@ +function CheckTrafficManagers() { + param( + [Parameter(Mandatory)] + [Microsoft.Azure.Commands.Profile.Models.Core.PSAzureContext]$subscription, + [Parameter(Mandatory)] + [Microsoft.Azure.Commands.TrafficManager.Models.TrafficManagerProfile[]] $trafficManagers, + [Parameter(Mandatory)] + [string]$effectoryDomainPattern + ) + [EffectoryDomainNameCheck[]]$Result = @() + + # traffic manager => Assume binding + + foreach($trafficManager in $trafficManagers) { + $resource = Get-AzResource -ResourceId $trafficManager.Id + $domainNameCheck = [EffectoryDomainNameCheck] @{ + SubscriptionId = $subscriptionId; + SubscriptionName = $subscription.Name; + ResourceId = $trafficManager.Id; + ResourceName = $trafficManager.Name; + ResourceType = $resource.ResourceType; + ResourceGroupName = $resource.ResourceGroupName; + DomainName = $trafficManager.RelativeDnsName; + Tag_Team = $resource.Tags.team + Tag_Product = $resource.Tags.product + Tag_Environment = $resource.Tags.environment + Tag_Data = $resource.Tags.data + } + $Result += $domainNameCheck + } + + $Result +} \ No newline at end of file diff --git a/Powershell/Modules/Effectory.Dns/Effectory.Dns/public/Get-EffectoryDomainResources.ps1 b/Powershell/Modules/Effectory.Dns/Effectory.Dns/public/Get-EffectoryDomainResources.ps1 index c854206..2bda8de 100644 --- a/Powershell/Modules/Effectory.Dns/Effectory.Dns/public/Get-EffectoryDomainResources.ps1 +++ b/Powershell/Modules/Effectory.Dns/Effectory.Dns/public/Get-EffectoryDomainResources.ps1 @@ -31,27 +31,27 @@ function Get-EffectoryDomainResources { # ------------------------------------------------------------------------------------------------------------------ Write-Host "Checking WebApps and WebApp Slots for subscription $($currentContext.Name)" - # $webApps = Get-AzWebApp - # [int]$webAppCounter = 0 - # [int]$webAppSlotCounter = 0 + $webApps = Get-AzWebApp + [int]$webAppCounter = 0 + [int]$webAppSlotCounter = 0 - # if ($null -ne $webApps) { - # # check webapps - # $itemsWebApps = CheckWebApps -subscription $currentContext -webApps $webApps -effectoryDomainPattern $effectoryDomainPattern - # $webAppCounter += $itemsWebApps.Count - # $result += $itemsWebApps + if ($null -ne $webApps) { + # check webapps + $itemsWebApps = CheckWebApps -subscription $currentContext -webApps $webApps -effectoryDomainPattern $effectoryDomainPattern + $webAppCounter += $itemsWebApps.Count + $result += $itemsWebApps - # # check webapp slots - # foreach ($webApp in $webApps) { - # $slot = Get-AzWebAppSlot -WebApp $webApp - # if ($null -ne $slot) { - # $itemsWebAppSlots = CheckWebApps -subscription $currentContext -webApps $slot -effectoryDomainPattern $effectoryDomainPattern - # $webAppSlotCounter += $itemsWebAppSlots.Count - # $result += $itemsWebAppSlots - # } - # } - # } - # Write-Host "Found $($webAppCounter) WebApps and $($webAppSlotsCounter) WebApp Slots for subscription $($currentContext.Name)" + # check webapp slots + foreach ($webApp in $webApps) { + $slot = Get-AzWebAppSlot -WebApp $webApp + if ($null -ne $slot) { + $itemsWebAppSlots = CheckWebApps -subscription $currentContext -webApps $slot -effectoryDomainPattern $effectoryDomainPattern + $webAppSlotCounter += $itemsWebAppSlots.Count + $result += $itemsWebAppSlots + } + } + } + Write-Host "Found $($webAppCounter) WebApps and $($webAppSlotsCounter) WebApp Slots for subscription $($currentContext.Name)" # ------------------------------------------------------------------------------------------------------------------ Write-Host "Checking FrontDoor Endpoints for subscription $($currentContext.Name)" @@ -89,9 +89,46 @@ function Get-EffectoryDomainResources { } Write-Host "Found $($cdnCounter) Cdn Endpoints for subscription $($currentContext.Name)" - + # ------------------------------------------------------------------------------------------------------------------ + Write-Host "Checking public IP addresses for subscription $($currentContext.Name)" + $ipAddresses = Get-AzPublicIpAddress | Where-Object DnsSettings -ne $null | Where-Object { $_.DnsSettings.DomainNameLabel -ne "" } + [int]$ipCounter = 0 + + if ($null -ne $ipAddresses) { + $itemsIpAddresses = CheckIpAddresses -subscription $currentContext -ipAddresses $ipAddresses -effectoryDomainPattern $effectoryDomainPattern + $ipCounter += $itemsIpAddresses.Count + $result += $itemsIpAddresses + } + Write-Host "Found $($ipCounter) public IP addresses for subscription $($currentContext.Name)" + + # ------------------------------------------------------------------------------------------------------------------ + Write-Host "Checking Traffic Managers for subscription $($currentContext.Name)" + $trafficManagers = Get-AzTrafficManagerProfile + [int]$trafficManagerCounter = 0 + + if ($null -ne $trafficManagers) { + $itemsTrafficManagers = CheckTrafficManagers -subscription $currentContext -trafficManagers $trafficManagers -effectoryDomainPattern $effectoryDomainPattern + $trafficManagerCounter += $itemsTrafficManagers.Count + $result += $itemsTrafficManagers + } + Write-Host "Found $($trafficManagerCounter) Traffic Managers for subscription $($currentContext.Name)" + + # ------------------------------------------------------------------------------------------------------------------ + Write-Host "Checking Container groups for subscription $($currentContext.Name)" + $containerInstances = Get-AzContainerGroup + + if ($null -ne $containerInstances) { + throw "Container groups are not implemented yet." + } + + # ------------------------------------------------------------------------------------------------------------------ + Write-Host "Checking API Management for subscription $($currentContext.Name)" + $apiManagementServices = Get-AzApiManagement + + if ($null -ne $apiManagementServices) { + throw "API Management services are not implemented yet." + } + + # ------------------------------------------------------------------------------------------------------------------ $result -} - - - +} \ No newline at end of file diff --git a/Powershell/Modules/Effectory.Dns/test.csv b/Powershell/Modules/Effectory.Dns/test.csv index 321d05b..dcea89c 100644 --- a/Powershell/Modules/Effectory.Dns/test.csv +++ b/Powershell/Modules/Effectory.Dns/test.csv @@ -6,3 +6,9 @@ "a134faf1-7a89-4f2c-8389-06d00bd5e2a7","Survey Software Production (a134faf1-7a89-4f2c-8389-06d00bd5e2a7) - jurjen.ladenius@effectory.com","/subscriptions/a134faf1-7a89-4f2c-8389-06d00bd5e2a7/resourceGroups/Default-Storage-WestEurope/providers/Microsoft.Storage/storageAccounts/mailingstore","Default-Storage-WestEurope","mailingstore","Microsoft.Storage/storageAccounts","mailstore.effectory.com","pink","general","prod","internal" "a134faf1-7a89-4f2c-8389-06d00bd5e2a7","Survey Software Production (a134faf1-7a89-4f2c-8389-06d00bd5e2a7) - jurjen.ladenius@effectory.com","/subscriptions/a134faf1-7a89-4f2c-8389-06d00bd5e2a7/resourcegroups/my-effectory-europe/providers/Microsoft.Cdn/profiles/effectorybranding/endpoints/effectorybranding/customdomains/styleguide-effectory-com","my-effectory-europe","styleguide-effectory-com","Microsoft.Cdn/profiles/endpoints/customdomains","styleguide.effectory.com","orange","my-effectory","prod","n/a" "a134faf1-7a89-4f2c-8389-06d00bd5e2a7","Survey Software Production (a134faf1-7a89-4f2c-8389-06d00bd5e2a7) - jurjen.ladenius@effectory.com","/subscriptions/a134faf1-7a89-4f2c-8389-06d00bd5e2a7/resourcegroups/tech-effectory/providers/Microsoft.Cdn/profiles/tech-effectory/endpoints/techeffectory/customdomains/tech-effectory-com","tech-effectory","tech-effectory-com","Microsoft.Cdn/profiles/endpoints/customdomains","tech.effectory.com","to","tech.effectory.com","prod","public" +"a134faf1-7a89-4f2c-8389-06d00bd5e2a7","Survey Software Production (a134faf1-7a89-4f2c-8389-06d00bd5e2a7) - jurjen.ladenius@effectory.com","/subscriptions/a134faf1-7a89-4f2c-8389-06d00bd5e2a7/resourceGroups/postbode_arm/providers/Microsoft.Network/publicIPAddresses/PostbodePIP","postbode_arm","PostbodePIP","Microsoft.Network/publicIPAddresses","postbode","pink","mailings","prod","personally identifiable" +"a134faf1-7a89-4f2c-8389-06d00bd5e2a7","Survey Software Production (a134faf1-7a89-4f2c-8389-06d00bd5e2a7) - jurjen.ladenius@effectory.com","/subscriptions/a134faf1-7a89-4f2c-8389-06d00bd5e2a7/resourceGroups/Default-TrafficManager/providers/Microsoft.Network/trafficManagerProfiles/customer-extranet","Default-TrafficManager","customer-extranet","Microsoft.Network/trafficManagerProfiles","customer-extranet","lime","survey","prod","personally identifiable" +"a134faf1-7a89-4f2c-8389-06d00bd5e2a7","Survey Software Production (a134faf1-7a89-4f2c-8389-06d00bd5e2a7) - jurjen.ladenius@effectory.com","/subscriptions/a134faf1-7a89-4f2c-8389-06d00bd5e2a7/resourceGroups/Default-TrafficManager/providers/Microsoft.Network/trafficManagerProfiles/questionnaire","Default-TrafficManager","questionnaire","Microsoft.Network/trafficManagerProfiles","questionnaire","orange","ece","prod","n/a" +"a134faf1-7a89-4f2c-8389-06d00bd5e2a7","Survey Software Production (a134faf1-7a89-4f2c-8389-06d00bd5e2a7) - jurjen.ladenius@effectory.com","/subscriptions/a134faf1-7a89-4f2c-8389-06d00bd5e2a7/resourceGroups/Default-TrafficManager/providers/Microsoft.Network/trafficManagerProfiles/questionnairelogin","Default-TrafficManager","questionnairelogin","Microsoft.Network/trafficManagerProfiles","questionnairelogin","orange","survey","test","n/a" +"a134faf1-7a89-4f2c-8389-06d00bd5e2a7","Survey Software Production (a134faf1-7a89-4f2c-8389-06d00bd5e2a7) - jurjen.ladenius@effectory.com","/subscriptions/a134faf1-7a89-4f2c-8389-06d00bd5e2a7/resourceGroups/myresults/providers/Microsoft.Network/trafficManagerProfiles/myresults","myresults","myresults","Microsoft.Network/trafficManagerProfiles","myresults","green","my-feedback","prod","secret" +"a134faf1-7a89-4f2c-8389-06d00bd5e2a7","Survey Software Production (a134faf1-7a89-4f2c-8389-06d00bd5e2a7) - jurjen.ladenius@effectory.com","/subscriptions/a134faf1-7a89-4f2c-8389-06d00bd5e2a7/resourceGroups/respondent/providers/Microsoft.Network/trafficManagerProfiles/signin","respondent","signin","Microsoft.Network/trafficManagerProfiles","signin","lime","survey","prod","secret" diff --git a/Powershell/RunBooks/SubdomainTakeOver.ps1 b/Powershell/RunBooks/SubdomainTakeOver.ps1 deleted file mode 100644 index 37a2456..0000000 --- a/Powershell/RunBooks/SubdomainTakeOver.ps1 +++ /dev/null @@ -1,83 +0,0 @@ -Import-Module Az.Accounts -Import-Module Az.Websites -Import-Module Az.FrontDoor -Import-Module Az.Storage -Import-Module Az.Cdn -Import-Module Az.Network -Import-Module Az.TrafficManager -Import-Module Az.ContainerInstance - -class DomainNameCheck { - [string] $SubscriptionId = "" - [string] $SubscriptionName = "" - [string] $ResourceId = "" - [string] $ResourceGroupName = "" - [string] $ResourceName = "" - [string] $ResourceType = "" - [string] $DomainName = "" - [string] $Tag_Team = "" - [string] $Tag_Product = "" - [string] $Tag_Environment = "" - [string] $Tag_Data = "" -} - -$subscriptions = Get-AzSubscription | Where-Object State -eq "Enabled" - - -foreach ($subscription in $subscriptions) -{ - context = Set-AzContext -SubscriptionId $subscription.Id - - $webApps = get-azwebapp - $webAppsEffectory = $webApps | Where-Object {@($_.HostNames) -like "*.effectory.com"} # app service - - foreach ($webApp in $webApps) { - $slot = Get-AzWebAppSlot -WebApp $webApp - if ($slotHostNames = $slot | Where-Object {@($_.HostNames) -like "*.effectory.com"}) { - # app service slots - } - } - - $frontDoors = Get-AzFrontDoor - foreach($frontDoor in $frontDoors) { - if ($endPointHostNames = $frontDoor.FrontendEndpoints | Where-Object HostName -like "*.effectory.com") { - # frontdoor - } - } - - $effectoryStorage = Get-AzStorageAccount | Where-Object { $_.CustomDomain.Name -like "*.effectory.com" } # storage accounts - - $cdnProfiles = Get-AzCdnProfile - foreach($cdnProfile in $cdnProfiles) { - $cdnEndPoints = Get-AzCdnEndpoint -ProfileName $cdnProfile.Name -ResourceGroupName $cdnProfile.ResourceGroupName - foreach($cdnEndPoint in $cdnEndPoints) { - $cdnEffectory = Get-AzCdnCustomDomain -CdnEndpoint $cdnEndPoint | Where-Object HostName -Like "*.effectory.com" # cdn endpoints - } - } - - $ipAddresses = Get-AzPublicIpAddress | Where-Object DnsSettings -ne $null | Where-Object { $_.DnsSettings.DomainNameLabel -ne "" } # public ip => Assume binding ? - - $trafficManagers = Get-AzTrafficManagerProfile - foreach ($trafficManager in $trafficManagers) { - #$trafficManager.RelativeDnsName - # traffic manager - } - - $containerInstances = Get-AzContainerGroup - foreach ($containerInstance in $containerInstances) { - #$containerInstance.Fqdn - #container instance - } -} - -## TODO - - -## Azure API Management microsoft.apimanagement/service abc.azure-api.net - - - - -#Set-AzContext -SubscriptionId "a134faf1-7a89-4f2c-8389-06d00bd5e2a7" -#Set-AzContext -SubscriptionId "750d0421-da63-42fb-9f89-74aeb5dfe05b" -