Powershell Whois

This is a WHOIS powershell cmdlet to perform a WHOIS query on a domain or ip address. You can download it from github at https://github.com/wheelert/whois

#
# Whois for the power shell
# created by Thomas Wheeler
# thomas@wheelerwire.com
#
#created by Thomas Wheeler wheelert@wheelerwire.com
Function whois{
[CmdletBinding()]
 Param (
    [Parameter(Mandatory=$True, HelpMessage="ERROR: You must provide a Hostname or IP!", Position=1, ValueFromPipeline = $true)]
        [string]$hostname,

    [Parameter(Position=2)]
        [alias("server")]
        [string]$_server      
 )

    $port = 43;
    $types = '.com','.org','.net','.edu';

    #servers
     $_server = "whois.internic.net";
     $_orgserver = "whois.pir.org"; 
     $_ipserver = "whois.arin.net";

    #check for Domain or IP
    foreach($val in $types){
    
        if($hostname.IndexOf($val) -eq -1){
           $_server = $_ipserver;
           break;
        }
    
    }

    #update to read txt file of TLD whois servers 
    if($hostname.IndexOf(".org") -gt 0){
        $_server = $_orgserver;
        Write-Host "ORG Server" $_orgserver;
    }

    if($hostname.IndexOf(".net") -gt 0){
        $_server = "whois.verisign-grs.com";
    }
    
    if($hostname.IndexOf(".com") -gt 0){
        $_server = "whois.verisign-grs.com";
    }

    if($hostname.IndexOf(".edu") -gt 0){
        $_server = "whois.verisign-grs.com";
    }

    if($hostname.IndexOf(".gov") -gt 0){
        $_server = "whois.nic.gov";
    }


	
	Write-Host "using Server" $_server;

    #make connection
    $socket = new-object Net.Sockets.TcpClient;
    $socket.Connect($_server, $port);

    if($socket.Connected){
        Write-Host "Connected!";
        $stream = $socket.GetStream();
    
        $writer = new-object System.IO.StreamWriter $stream;
        $line = $hostname;
                $writer.WriteLine($line); 
                $writer.Flush(); 
                Start-Sleep -m 5; 
                #read response
                $buffer = new-object System.Byte[] 1024;
                $encoding = new-object System.Text.AsciiEncoding;
                $stream.ReadTimeout = 1000;
           
                do{ 
                    try{ 
                        $read = $stream.Read($buffer, 0, 1024);
               
                        if($read -gt 0){ 
                            $foundmore = $true; 
                            $outputBuffer += ($encoding.GetString($buffer, 0, $read));
                        } 
                    }catch{ 
                        $foundMore = $false; 
                        $read = 0; 
                    } 
                }while($read -gt 0);
                #display results
                $outputBuffer;
        #close Socket        
        $socket.Close();
 
    }else{
        Write-Host "Unable to Connect!";
    }


}Code language: PHP (php)

Read full article here

Related posts

Comments 2

  1. Diego Jan 22, 2020

    Tried this for a specific public IP but got what seems to be some top-level result with a huge range that included the IP I searched.
    NetRange: 178.0.0.0 – 178.255.255.255

    It’s a result but it’s not the result I was looking for.
    Any suggested fix?

    Reply
    • wheelert Jan 22, 2020

      the ip seems to be in the 178.0.0.0/12 range. This tells you that its a vodafone ip

      Reply

Leave A Comment