Powershell Whois

This is a WHOIS powershell cmdlet to perform a WHOIS query on a domain or ip address. You can download it from github at https://github.com/wheelert/whois

# Whois for the power shell
# created by Thomas Wheeler
# thomas@wheelerwire.com
#created by Thomas Wheeler wheelert@wheelerwire.com
Function whois{
 Param (
    [Parameter(Mandatory=$True, HelpMessage="ERROR: You must provide a Hostname or IP!", Position=1, ValueFromPipeline = $true)]


    $port = 43;
    $types = '.com','.org','.net','.edu';

     $_server = "whois.internic.net";
     $_orgserver = "whois.pir.org"; 
     $_ipserver = "whois.arin.net";

    #check for Domain or IP
    foreach($val in $types){
        if($hostname.IndexOf($val) -eq -1){
           $_server = $_ipserver;

    #update to read txt file of TLD whois servers 
    if($hostname.IndexOf(".org") -gt 0){
        $_server = $_orgserver;
        Write-Host "ORG Server" $_orgserver;

    if($hostname.IndexOf(".net") -gt 0){
        $_server = "whois.verisign-grs.com";
    if($hostname.IndexOf(".com") -gt 0){
        $_server = "whois.verisign-grs.com";

    if($hostname.IndexOf(".edu") -gt 0){
        $_server = "whois.verisign-grs.com";

    if($hostname.IndexOf(".gov") -gt 0){
        $_server = "whois.nic.gov";

	Write-Host "using Server" $_server;

    #make connection
    $socket = new-object Net.Sockets.TcpClient;
    $socket.Connect($_server, $port);

        Write-Host "Connected!";
        $stream = $socket.GetStream();
        $writer = new-object System.IO.StreamWriter $stream;
        $line = $hostname;
                Start-Sleep -m 5; 
                #read response
                $buffer = new-object System.Byte[] 1024;
                $encoding = new-object System.Text.AsciiEncoding;
                $stream.ReadTimeout = 1000;
                        $read = $stream.Read($buffer, 0, 1024);
                        if($read -gt 0){ 
                            $foundmore = $true; 
                            $outputBuffer += ($encoding.GetString($buffer, 0, $read));
                        $foundMore = $false; 
                        $read = 0; 
                }while($read -gt 0);
                #display results
        #close Socket        
        Write-Host "Unable to Connect!";

}Code language: PHP (php)
Read full article here

Related posts

Comments 2

  1. Tried this for a specific public IP but got what seems to be some top-level result with a huge range that included the IP I searched.
    NetRange: –

    It’s a result but it’s not the result I was looking for.
    Any suggested fix?

    • the ip seems to be in the range. This tells you that its a vodafone ip

Leave A Comment