mirror of
https://dev.azure.com/effectory/Survey%20Software/_git/Cloud%20Engineering
synced 2026-02-28 03:02:19 +01:00
Published version of Subdomain Takeover check
This commit is contained in:
Jurjen Ladenius
@@ -20,6 +20,7 @@ function Get-BlobEffectoryDomainResources {
|
||||
Get-AzStorageBlobContent -Context $context -CloudBlob $blob.ICloudBlob -Destination "$Env:temp/$($blob.Name).history.csv" -Force >$null
|
||||
$loadedResources = Import-CSV "$Env:temp/$($blob.Name).history.csv"
|
||||
Remove-Item -Path "$Env:temp/$($blob.Name).history.csv"
|
||||
Write-Verbose "Retrieved resources from $($blob.Name)"
|
||||
}
|
||||
|
||||
$loadedResources
|
||||
|
||||
@@ -29,10 +29,10 @@ function Get-EffectoryDomainResources {
|
||||
$subscriptionId = $currentContext.Subscription
|
||||
}
|
||||
|
||||
Write-Host "Processing subscription $($currentContext.Name)"
|
||||
Write-Verbose "Processing subscription $($currentContext.Name)"
|
||||
|
||||
# ------------------------------------------------------------------------------------------------------------------
|
||||
Write-Host "Checking WebApps and WebApp Slots for subscription $($currentContext.Name)"
|
||||
Write-Verbose "Checking WebApps and WebApp Slots for subscription $($currentContext.Name)"
|
||||
$webApps = Get-AzWebApp
|
||||
[int]$webAppCounter = 0
|
||||
[int]$webAppSlotCounter = 0
|
||||
@@ -53,10 +53,10 @@ function Get-EffectoryDomainResources {
|
||||
}
|
||||
}
|
||||
}
|
||||
Write-Host "Found $($webAppCounter) WebApps and $($webAppSlotsCounter) WebApp Slots for subscription $($currentContext.Name)"
|
||||
Write-Verbose "Found $($webAppCounter) WebApps and $($webAppSlotsCounter) WebApp Slots for subscription $($currentContext.Name)"
|
||||
|
||||
# ------------------------------------------------------------------------------------------------------------------
|
||||
Write-Host "Checking FrontDoor Endpoints for subscription $($currentContext.Name)"
|
||||
Write-Verbose "Checking FrontDoor Endpoints for subscription $($currentContext.Name)"
|
||||
$frontDoors = Get-AzFrontDoor
|
||||
[int]$frontDoorEndPointCounter = 0
|
||||
|
||||
@@ -65,10 +65,10 @@ function Get-EffectoryDomainResources {
|
||||
$frontDoorEndPointCounter += $itemsFrontDoors.Count
|
||||
$result += $itemsFrontDoors
|
||||
}
|
||||
Write-Host "Found $($frontDoorEndPointCounter) FrontDoor Endpoints for subscription $($currentContext.Name)"
|
||||
Write-Verbose "Found $($frontDoorEndPointCounter) FrontDoor Endpoints for subscription $($currentContext.Name)"
|
||||
|
||||
# ------------------------------------------------------------------------------------------------------------------
|
||||
Write-Host "Checking Storage Accounts for subscription $($currentContext.Name)"
|
||||
Write-Verbose "Checking Storage Accounts for subscription $($currentContext.Name)"
|
||||
$storageAccounts = Get-AzStorageAccount | Where-Object { $_.CustomDomain.Name -like $effectoryDomainPattern } # storage accounts
|
||||
[int]$storageCounter = 0
|
||||
|
||||
@@ -77,10 +77,10 @@ function Get-EffectoryDomainResources {
|
||||
$storageCounter += $itemsStorage.Count
|
||||
$result += $itemsStorage
|
||||
}
|
||||
Write-Host "Found $($storageCounter) Storage Accounts for subscription $($currentContext.Name)"
|
||||
Write-Verbose "Found $($storageCounter) Storage Accounts for subscription $($currentContext.Name)"
|
||||
|
||||
# ------------------------------------------------------------------------------------------------------------------
|
||||
Write-Host "Checking Cdn Endpoints for subscription $($currentContext.Name)"
|
||||
Write-Verbose "Checking Cdn Endpoints for subscription $($currentContext.Name)"
|
||||
$cdnProfiles = Get-AzCdnProfile
|
||||
[int]$cdnCounter = 0
|
||||
|
||||
@@ -89,10 +89,10 @@ function Get-EffectoryDomainResources {
|
||||
$cdnCounter += $itemsCdn.Count
|
||||
$result += $itemsCdn
|
||||
}
|
||||
Write-Host "Found $($cdnCounter) Cdn Endpoints for subscription $($currentContext.Name)"
|
||||
Write-Verbose "Found $($cdnCounter) Cdn Endpoints for subscription $($currentContext.Name)"
|
||||
|
||||
# ------------------------------------------------------------------------------------------------------------------
|
||||
Write-Host "Checking public IP addresses for subscription $($currentContext.Name)"
|
||||
Write-Verbose "Checking public IP addresses for subscription $($currentContext.Name)"
|
||||
$ipAddresses = Get-AzPublicIpAddress | Where-Object DnsSettings -ne $null | Where-Object { $_.DnsSettings.DomainNameLabel -ne "" }
|
||||
[int]$ipCounter = 0
|
||||
|
||||
@@ -101,10 +101,10 @@ function Get-EffectoryDomainResources {
|
||||
$ipCounter += $itemsIpAddresses.Count
|
||||
$result += $itemsIpAddresses
|
||||
}
|
||||
Write-Host "Found $($ipCounter) public IP addresses for subscription $($currentContext.Name)"
|
||||
Write-Verbose "Found $($ipCounter) public IP addresses for subscription $($currentContext.Name)"
|
||||
|
||||
# ------------------------------------------------------------------------------------------------------------------
|
||||
Write-Host "Checking Traffic Managers for subscription $($currentContext.Name)"
|
||||
Write-Verbose "Checking Traffic Managers for subscription $($currentContext.Name)"
|
||||
$trafficManagers = Get-AzTrafficManagerProfile
|
||||
[int]$trafficManagerCounter = 0
|
||||
|
||||
@@ -113,10 +113,10 @@ function Get-EffectoryDomainResources {
|
||||
$trafficManagerCounter += $itemsTrafficManagers.Count
|
||||
$result += $itemsTrafficManagers
|
||||
}
|
||||
Write-Host "Found $($trafficManagerCounter) Traffic Managers for subscription $($currentContext.Name)"
|
||||
Write-Verbose "Found $($trafficManagerCounter) Traffic Managers for subscription $($currentContext.Name)"
|
||||
|
||||
# ------------------------------------------------------------------------------------------------------------------
|
||||
Write-Host "Checking Container groups for subscription $($currentContext.Name)"
|
||||
Write-Verbose "Checking Container groups for subscription $($currentContext.Name)"
|
||||
$containerInstances = Get-AzContainerGroup
|
||||
|
||||
if ($null -ne $containerInstances) {
|
||||
@@ -124,7 +124,7 @@ function Get-EffectoryDomainResources {
|
||||
}
|
||||
|
||||
# ------------------------------------------------------------------------------------------------------------------
|
||||
Write-Host "Checking API Management for subscription $($currentContext.Name)"
|
||||
Write-Verbose "Checking API Management for subscription $($currentContext.Name)"
|
||||
$apiManagementServices = Get-AzApiManagement
|
||||
|
||||
if ($null -ne $apiManagementServices) {
|
||||
|
||||
@@ -18,7 +18,7 @@ function Set-BlobEffectoryDomainResources {
|
||||
)
|
||||
|
||||
[string] $fileName = "$((Get-Date).ToString("yyyy-MM-dd HH-mm-ss")) - resources.csv"
|
||||
Write-Host "Storing resources to $($fileName)"
|
||||
Write-Verbose "Storing resources to $($fileName)"
|
||||
|
||||
$context = New-AzStorageContext -ConnectionString $connectionString
|
||||
|
||||
|
||||
@@ -25,7 +25,7 @@ function VerifyEffectoryDomainResources {
|
||||
[bool] $hasErrors = $false
|
||||
|
||||
# ----------------------------------------------------------------------------------------------------------
|
||||
Write-Information "Comparing found resources with previously stored resources to find records that should've been deleted."
|
||||
Write-Verbose "Comparing found resources with previously stored resources to find records that should've been deleted."
|
||||
foreach ($oldResource in $effectoryResourcesPrevious) {
|
||||
$currentItem = $effectoryResources.Where({$_.DomainName -eq $oldResource.DomainName}, 'First')
|
||||
|
||||
|
||||
Reference in New Issue
Block a user