Skip to content

Commit 9d055e5

Browse files
bab29bab29
authored
Fix for IP address (#4)
1 parent 5031571 commit 9d055e5

File tree

1 file changed

+14
-10
lines changed

1 file changed

+14
-10
lines changed

aam-ccp-harden.ps1

Lines changed: 14 additions & 10 deletions
Original file line numberDiff line numberDiff line change
@@ -35,7 +35,7 @@ do {
3535

3636
# Create hash table for New-PASSession parameters
3737
$pasAuth = @{
38-
BaseURI = $pasBaseURI.Trim().ToLower()
38+
BaseURI = $pasBaseURI.Trim().ToLower()
3939
}
4040

4141
# Switch case depending on authentication method chosen
@@ -110,7 +110,7 @@ if (!$(Get-PASApplication -AppID AIMWebService)) {
110110
Write-Output "==> [FAILED] could not create AIMWebService App ID" | Color Red
111111
exit 1
112112
}
113-
# If AIMWebService App ID IS found...
113+
# If AIMWebService App ID IS found...
114114
} else {
115115
Write-Output "==> [SKIPPED] detected AIMWebService App ID" | Color Yellow
116116
}
@@ -122,7 +122,7 @@ Add-PASApplicationAuthenticationMethod -AppID AIMWebService -path "C:\inetpub\ww
122122
Write-Output "==> [SUCCESS] Added Path Authentication" | Color Green
123123

124124
# # Add OSUser Authentication
125-
Add-PASApplicationAuthenticationMethod -AppID AIMWebService -osuser "IISAPPPOOL\DefaultAppPool"
125+
Add-PASApplicationAuthenticationMethod -AppID AIMWebService -osUser "IISAPPPOOL\DefaultAppPool"
126126
Write-Output "==> [SUCCESS] Added OSUser Authentication" | Color Green
127127

128128
# # Add Hash Authentication
@@ -135,12 +135,16 @@ Add-PASApplicationAuthenticationMethod -AppID AIMWebService -hash $aamHashValue[
135135
Write-Output "==> [SUCCESS] Added Hash Authentication" | Color Green
136136

137137
# # Add Machine Address Authentication
138-
# # # Find local host's IP address from ipconfig
139-
$aamMachineAddress = ipconfig | findstr /i IPv4 | Out-String
140-
# # # Trim off starting and ending notation
141-
$aamMachineAddress = $aamMachineAddress.TrimStart("IPv4 Address. . . . . . . . . . . : ")
142-
$aamMachineAddress = $aamMachineAddress.TrimEnd("`r`n")
143-
Add-PASApplicationAuthenticationMethod -AppID AIMWebService -machineAddress $aamMachineAddress -ErrorAction SilentlyContinue
144-
Write-Output "==> [SUCCESS] Added Machine Address Authentication" | Color Green
138+
# # # Find local host's IP address from Get-NetIPAddress
139+
$aamMachineIP = (Get-NetIPAddress -AddressState Preferred -AddressFamily IPv4).IPAddress
140+
141+
# # # Loop thru returned addresses and omit loopback
142+
foreach( $ip in $aamMachineIP){
143+
if ("127.0.0.1" -ne $ip) {
144+
# # # Add IP address
145+
Add-PASApplicationAuthenticationMethod -AppID AIMWebService -machineAddress $ip -ErrorAction SilentlyContinue
146+
Write-Output "==> [SUCCESS] Added $ip to Machine Address Authentication" | Color Green
147+
}
148+
}
145149

146150
Write-Output "`r`n`r`n*** Completed AIMWebService hardening successfully. ***" | Color Cyan

0 commit comments

Comments
 (0)