How to Build Your Own Website Uptime Monitoring Script using VBScript: Part 1

Website Uptime Monitoring: The Basics

There are lots of website uptime monitoring services out there but all the components you need to build your own website monitoring tool can be found in good ole’ Microsoft VBScript.

Stop laughing, I’m not kidding!

In this article, I’ll share with you some scripts and tips I’ve used successfully in the past for monitoring website uptime even if your website is running in a complex load balanced enterprise environment which some of mine are.

VBScript Components for Uptime Monitor

Most people don’t know that VBScript can make Ajax HTTP calls but it can.

We will use VBScript’s ability to make Ajax HTTP calls to our website to see if it responds then put some simple logic around that response to log the results in a text/csv file.

It really is amazingly simple once you get all the code components together.

The ISWebSiteUp Function

The ISWebsiteUp function takes a URL string and makes an Ajax HTTP call to see if we get a HTTP code 200 or 404 returned meaning website loaded OK.

Once we get our 200 or 404 HTTP response code that, script returns true in the form of a text message box or if script times out you’ll get a false in an error message box.

You might be saying to yourself about now, what about the 404 response code for page not found. Yes, you might want to add some more code to handle that differently than a 2oo OK response but for this script, we just want to know if server is up. If we are pointing to a page at the root of a domain, we don’t typically get 404 errors in reality.

The Script Code

To use this code, copy it in to a text file and save it with a .vbs file extension for VBScript. Once you have the .vbs file, double click on it and you should get a message box with the names of the logged in user on the specified Windows PC on your network.


'isWebsiteUp: Takes String URL 
'isWebsiteUp: Returns strMessage in Message Box
Function isWebsiteUp(strURL)

	On Error Resume Next

	Set http = CreateObject("MSXML2.ServerXMLHTTP")
 	'Set http = CreateObject("Microsoft.XmlHttp")
	http.open "GET", strURL, False
	http.send ""

	'Only check for error of the HTTP Get request for 200 or 404 code returned. If any status is returned then the server is up
	if http.responseText <> "" AND err.number = 0 then
		'Commented out showing the response text. Use this for troubleshooting or exploring.
		'msgbox(http.responseText)
		isWebsiteUp = true
		strMessage = "is up"
	else
		isWebsiteUp = false
		strMessage = "is down"
	end if
	Set http = Nothing	

	msgbox(strURL & ":" & strMessage)
	err.clear
End Function

call isWebsiteUp("https://www.google.com") 

What the Web Server Sees in the HTTP call: WinHTTPRequest User Agent

The VBScript Ajax HTTP call to the web server presents itself as a web browser asking for the home page.

In the server logs a server admin may see this “User Agent” in their logs.

Mozilla/4.0 (compatible; Win32; WinHttp.WinHttpRequest.5)

Script Errors & Blocked HTTP Calls

This script works out of the box. Google is the most open website in the world in terms of IPs that their servers accept traffic from as they are in the business of collecting data about everything including every system that connects to it.

Other web servers, like ones I run, may not be so forgiving. Many server admins use many tools at their disposal to filter HTTP request at various levels.

Here are some examples of tools Windows Server Admin have at their disposal to block or filter your script from connecting to their web servers.

Windows Server Admin Tools for Handling HTTP Traffic

  • Firewall IP Restrictions (Window Server Admin)
  • HTTP Response Filtering (IIS Application Server Admin)
  • IP Restrictions (IIS Application Server Admin)

Google Dorking? Yeah, it’s a thing. Search Google for Hidden Files

Let me start by saying the title might be a little off, as the files are not technically hidden as much as they are obscure.

While most of us would consider ourselves pretty good Googler searchers these days but the truth is, there is so much more to Google searching than meets the eye.

Introducing… “Google Dorking”

Yes, I said it Google Dorking and it’s not what you might think. Sounds dirty, right? It’s not just me. LOL

Google Dorking also known as Google hacking is about searching Google in a way that filters and brings all sorts or OSINT and InfoSec goodies floating to the top.

Think Before You Dork!!!

Although the information my be available on Google, it does not mean you can use that information to try and hack or gain unauthorized access to a system or individual computer.

Hacking is illegal, don’t do it, don’t talk about it.

With that being said, please be careful, be responsible and please enjoy these Google Dorking Examples for educational purposes.

Searching Google for user names and password in log files

allintext:username filetype:log

Searching Google for Open FTP Servers

intitle:"index of" inurl:ftp

Searching Google for Open Web Cams

Intitle:"webcamXP 5"

inurl:view/index.shtml 

Searching Goolge for Database Passwords

db_password filetype:env

Searching Google for Git-hub Resources

filetype:inc php -site:github.com -site:sourceforge.net

Searching Google for PHP Variables

filetype:php "Notice: Undefined variable: data in" -forum

Search Google for Server Configuration Files

intitle:"WAMPSERVER homepage" "Server Configuration" "Apache Version"

Search Google for Nessus Scan Reports

intitle:"report" ("qualys"|"acunetix"|"nessus"|"netsparker"|"nmap") filetype:pdf

Search Google for Networking Xls Files

ext:xls netoworking

Search Google for FrontPage Servers w/ Admin Info

"#-Frontpage-" inurl:administrators.pwd

Search Google for Unprotected Cameras

inurl:view/index.shtml

Search Google for Hidden Login Pages

Username password site:com filetype:txt DomainName.com

Google Dorking Video by Null Byte

Hope this helps somebody!
~Cyber Abyss

VBScript WMI: How to Get Computer Serial Number from Local or Remote Windows PC

This Windows WMI script using VBScript, retrieves the serial number of the local or networked computer.

To use this code, copy it in to a text file and save it with a .vbs file extension for VBScript. Once you have the .vbs file, double click on it and you should get a message box with the names of the logged in user on the specified Windows PC on your network.

Windows WMI VBScript

Function GetComputerSerialNumber(strComputer)
	Set objWMIService = GetObject("winmgmts:" _
		& "{impersonationLevel=impersonate}!\\" & strComputer & "\root\cimv2") 

	Set colComputer = objWMIService.ExecQuery _
		("SELECT * FROM Win32_ComputerSystemProduct",,48)
	 
	For Each objComputer in colComputer
		GetComputerSerialNumber = objComputer.IdentifyingNumber
	Next	
	
End Function

'strComputer = "XPS1234"
strComputer = "."

' Pass a . to run this on your own PC or add a string value for another on your network
call msgbox(GetComputerSerialNumber(strComputer))

VBScript WMI: How to Get Logged in User from a Windows PC

If your in need of finding out who is logged on to a specific Windows PC on your network, run the VBScript below.

When executed, you’ll see a message box with the name of the account currently logged in the computer specified.

The VBScript Code

To use this code, copy it in to a text file and save it with a .vbs file extension for VBScript. Once you have the .vbs file, double click on it and you should get a message box with the names of the logged in user on the specified Windows PC on your network.

Function GetLoggedinUser(strComputer)
	Set objWMIService = GetObject("winmgmts:" _
		& "{impersonationLevel=impersonate}!\\" & strComputer & "\root\cimv2") 

	Set colComputer = objWMIService.ExecQuery _
		("Select * from Win32_ComputerSystem")
	 
	For Each objComputer in colComputer
		Wscript.Echo "Logged-on user: " & objComputer.UserName
	Next	
	
End Function

' Pass a . to run this on your own PC or add a string value name for PC on your network
'strComputer = "XPS1234"
strComputer = "."

call msgbox(GetLoggedinUser(strComputer))

Stay tuned for more scripts in upcoming blog posts!

Hope this helps somebody!
~Cyber Abyss

VBScript WMI: Get List of Administrators from Windows PC

I’m breaking down a large VBScript I wrote as part of a larger computer inventory system prototype I built for what later became a much larger company.

This project was a big time investment for me that provided a lot of value to the company until they went out and purchased a commercial product and even then, the commercial product had things it did not do as well as my prototype.

The scanning volume eventually got so big that I had to run copies of the script on different parts of Active Directory at the same time to try and scale the scanning of computers on the network with all the data being stored in a SQL database backend.

This script and others I’ll be sharing in this series were contained within a loop of Active Directory computer records for a good size enterprise with about 10,000 desktops and laptops for some Active Directory OUs.

This script leverages Windows Management Instrumentation (WMI) to query what’s going on with this Windows network PC.

The first piece of code I’m sharing is for querying the Windows WMI to get a list of Administrators from a Windows PC. This code was used as part of a project to determine if any computers had unauthorized admin accounts we didn’t know about.

GetAdminstrators Function

To use this code, copy it in to a text file and save it with a .vbs file extension for VBScript. Once you have the .vbs file, double click on it and you should get a message box with the names of the admin accounts from the target device.

Function GetAdministrators(strComputerName)
On Error Resume Next

    Dim objWMIService, strQuery, colItems, Path, strMembers, strAdminList, iCounter
	iCounter = 0
    Set objWMIService = GetObject("winmgmts:{impersonationLevel=impersonate}!\\" & strComputerName & "\root\cimv2")
    strQuery = "select * from Win32_GroupUser where GroupComponent = " & chr(34) & "Win32_Group.Domain='" & strComputerName & "',Name='Administrators'" & Chr(34)
    Set ColItems = objWMIService.ExecQuery(strQuery,,48)
    strMembers = ""
    For Each Path In ColItems
		Dim strMemberName, NamesArray, strDomainName, DomainNameArray
        NamesArray = Split(Path.PartComponent,",")
		strMemberName = Replace(Replace(NamesArray(1),Chr(34),""),"Name=","")
		DomainNameArray = Split(NamesArray(0),"=")
        strDomainName = Replace(DomainNameArray(1),Chr(34),"")
        If strDomainName <> strComputerName Then
            strMemberName = strDomainName & "\" & strMemberName
			if iCounter = 0 then
				strAdminList =  strMemberName
			else
				strAdminList = strAdminList & " > " & strMemberName 
			end if
			iCounter = iCounter + 1
			
        End If
	Next
	
	GetAdministrators = strAdminList
End Function
' Pass a . to run this on your own PC or add a string value for another on your network
call msgbox(GetAdministrators("."))
call msgbox(GetAdministrators("NetworkComputer1"))

Stay tuned for more scripts in upcoming blog posts!

Hope this helps somebody!
~Cyber Abyss

Joining MP4 Files Together Using the Windows Command Line

I have two MP4 files that I need to merge together into one single file.

You might think that you would need a special piece of software to combine two MP4 video files but all it takes is a single command from the Windows command line to do the job.

copy /b "C:\File1.mp4" + "C:\File2.mp4" NewCombinedMoveFile.mp4
 

That’s it, that’s all it takes to combine two MP4 movies files in to one since file.

Hope this helps sombody!

~ CyberAbyss

SQL – How to Update Records in a Table Using a Loop and Cursor

This article is a popular re-post from my Blogger blog from November of 2011 but is still relevant today.

I had a challenge yesterday that I would normally solve using some Visual Basic code but had to do it in pure SQL on a SQL 2005 server.

THE CHALLENGE:
Loop through all the records in a table and then update the table based on some logic or condition.

THE SOLUTION:

Using a SQL Cursor, I was able to loop through all the records in a table and then run an SQL update command for certain records that matched a particular criteria.

Here is the code:

DECLARE @myEmpID int
DECLARE MyCursor CURSOR FOR
SELECT DISTINCT  EmployeeID FROM Employees WHERE Company=64

OPEN myCursor
--Read the initial emploee id value from the cursor
FETCH NEXT FROM myCursor
INTO @myEmpID

WHILE @@FETCH_STATUS = 0
BEGIN

--Update goes here 
UPDATE Employees 
SET [Status] = 'T'
WHERE EmployeeID = @myEmpID AND Company=54
FETCH NEXT FROM MyCursor
INTO @myEmpID
END
CLOSE MyCursor

Hope this helps someone!

Regards,
Cyber Abyss

VBScript Error – MSXML3.dll error ‘800C0005’

This is a popular re-post from my old Blogger blog.

I’m working on  a website up-time monitoring script.

After I had my initial prototype working, I received more requirements for logging output to CSV in addition to storing output in Access DB and decided to add CPU usage percentages to the logging.

Once I had all that done, I started getting odd errors when solution should be detecting a down-time event.

Testing the script with older version of Microsoft.XmlHttp had issues where certain but not all websites the script would call were incorrectly displaying HTTP status code 404 but a 200 OK was really sent back verified by using Fiddler.  Very odd behavior.

The error is related to VBScript’s use of the older version of the Microsoft.XmlHttp object.

The Code

Function isPortalOffline(strURL)
 'Set WshShell = WScript.CreateObject("WScript.Shell")
 Set http = CreateObject("Microsoft.XmlHttp")

 http.open "GET", strURL, False
 http.send 
 
 'Only check for error of the http Get request
 if err.Number <> 0 Then
  isPortalOffline = True
 Else
  'Wscript.Echo "error" & Err.Number & ": " & Err.Description
  isPortalOffline = False
 End If

 'Clear the error after setting isPortalOffline
 err.clear
 'set WshShell = Nothing
 Set http = Nothing 

 ReportError("isPortalOffline")
End Function

Error: MSXML3.dll error ‘800C0005’ The System cannot locate the resource

Changed MSXML Objects.

The Fixed Code

Replaced Microsoft.XmlHttp with MSXML2.ServerXMLHTTP.

Function isPortalOffline(strURL)
 'Set WshShell = WScript.CreateObject("WScript.Shell")
 Set http = CreateObject("MSXML2.ServerXMLHTTP")

 http.open "GET", strURL, False
 http.send
 
 'Only check for error of the http Get request
 if err.Number <> 0 Then
  isPortalOffline = True
 Else
  'Wscript.Echo "error" & Err.Number & ": " & Err.Description
  isPortalOffline = False
 End If

 'Clear the error after setting isPortalOffline
 err.clear
 'set WshShell = Nothing
 Set http = Nothing 

 ReportError("isPortalOffline")
End Function

This resolved my issues!

I hope this helps someone. 🙂

InfoSec Tip: What’s in those web server 404 NOT FOUND errors?

Catching Bad Guys using Web Server 404 Errors!

404 NOT FOUND pages in your web server logs are often the earliest sign of surveillance, foot printing or reconnaissance.

This probing event I caught was using the IP, bypassing DNS while probing for non-existent file called “/admin/config.php” all the way from Ramallah Palestine. #Infosec#OSINT#cybersecurity

Hope this helps someone!

Regards,
Rick

Creating Comment Lines in C# Razor Syntax

Razor Syntax Comments in C#

Every programming language has it’s own way to do comments.

C# has it’s own native comment markup for comments and so does C# Razor syntax.

While C# mirrors JavaScript on how you markup comments with // for single line comments and /* */ for multi Line comments.

Razor use @* comment *@. Think JavaScript but replace the / with an @.

That’s all for today, thanks for reading.