Your Free PowerShell code to see which states are serious about securing their election systems.


With the 2020 election coming up, how would you like your own PowerShell code to determine which states are vulnerable to phishing and email spoofing? Thanks to Reddit user lolklolk, here is how to create your own color status overview of each state's DMARC status. Thanks, LOLKLOLK!

The net-net: Mad Max posits that nobody is really serious about election interference, and that the Russia hubbub is just one party trying to deflect their own Russian involvement by beating the other party to the punch and accusing them of collusion first.

So far, Oregon and Alabama are at least trying. And only Alabama has done it right.

Oh, yes: You can also modify this script to check how screwed up the aerospace and healthcare industry is. Just cut and paste domains.

Mad Max
Double-Conspiracy Theorist


#electiontampering #russia #dmarc #conspiracy @lolklolk #lolklolk #powershell #cutandpaste

Private message from /u/lolklolk • view

State DMARC checking script
I was super bored so I made this powershell script to create a CSV file on your desktop, and in the console it will give you a colored status overview of each domain's DMARC status. I literally just spent 3 hours making this for no reason.
# array for states
$states = @("Alabama","Alaska","Arizona","Arkansas","California","Colorado","Connecticut","Delaware","Florida","Georgia","Hawaii","Idaho","Illinois","Indiana","Iowa","Kansas","Kentucky","Louisiana","Maine","Maryland","Massachusetts","Michigan","Minnesota","Mississippi","Missouri","Montana","Nebraska","Nevada","New Hampshire","New Jersey","New Mexico","New York","North Carolina","North Dakota","Ohio","Oklahoma","Oregon","Pennsylvania","Rhode Island","South Carolina","South Dakota","Tennessee","Texas","Utah","Vermont","Virginia","Washington","West Virginia","Wisconsin","Wyoming")

# switch for state matching to domains
function StatesDomains ($state){
    Switch ($state){
    "Alabama" {$domains = @("state.al.us", "alabama.gov", "al.gov")}
    "Alaska" {$domains = @("state.ak.us", "alaska.gov")}
    "Arizona" {$domains = @("state.az.us", "arizona.gov", "az.gov")}
    "Arkansas" {$domains = @("state.ar.us", "arkansas.gov", "ar.gov")}
    "California" {$domains = @("state.ca.us", "california.gov", "ca.gov")}
    "Colorado" {$domains = @("state.co.us", "colorado.gov", "co.gov")}
    "Connecticut" {$domains = @("state.ct.us", "ct.gov")}
    "Delaware" {$domains = @("state.de.us", "delaware.gov", "de.gov")}
    "Florida" {$domains = @("state.fl.us", "florida.gov", "fl.gov")}
    "Georgia" {$domains = @("state.ga.us", "georgia.gov", "ga.gov")}
    "Hawaii" {$domains = @("state.hi.us", "hawaii.gov", "ehawaii.gov", "hi.gov")}
    "Idaho" {$domains = @("state.id.us", "idaho.gov", "id.gov")}
    "Illinois" {$domains = @("state.il.us", "illinois.gov", "il.gov")}
    "Indiana" {$domains = @("state.in.us", "indiana.gov", "in.gov")}
    "Iowa" {$domains = @("state.ia.us", "iowa.gov", "ia.gov")}
    "Kansas" {$domains = @("state.ks.us", "kansas.gov", "ks.gov")}
    "Kentucky" {$domains = @("state.ky.us", "kentucky.gov", "ky.gov")}
    "Louisiana" {$domains = @("state.la.us", "louisiana.gov", "la.gov")}
    "Maine" {$domains = @("state.me.us", "maine.gov", "me.gov")}
    "Maryland" {$domains = @("state.md.us", "maryland.gov", "md.gov")}
    "Massachusetts" {$domains = @("state.ma.us", "mass.gov", "ma.gov", "massachusetts.gov")}
    "Michigan" {$domains = @("state.mi.us", "michigan.gov", "mi.gov")}
    "Minnesota" {$domains = @("state.mn.us", "mn.gov", "minnesota.gov")}
    "Mississippi" {$domains = @("state.ms.us", "mississippi.gov", "ms.gov")}
    "Missouri" {$domains = @("state.mo.us", "missouri.gov", "mo.gov")}
    "Montana" {$domains = @("state.mt.us", "montana.gov", "mt.gov")}
    "Nebraska" {$domains = @("state.ne.us", "nebraska.gov", "ne.gov")}
    "Nevada" {$domains = @("state.nv.us", "nevada.gov", "nv.gov")}
    "New Hampshire" {$domains = @("state.nh.us", "nh.gov")}
    "New Jersey" {$domains = @("state.nj.us", "newjersey.gov", "nj.gov")}
    "New Mexico" {$domains = @("state.nm.us", "newmexico.gov", "nm.gov")}
    "New York" {$domains = @("state.ny.us", "ny.gov")}
    "North Carolina" {$domains = @("state.nc.us", "northcarolina.gov", "nc.gov")}
    "North Dakota" {$domains = @("state.nd.us", "northdakota.gov", "nd.gov")}
    "Ohio" {$domains = @("state.oh.us", "ohio.gov", "oh.gov")}
    "Oklahoma" {$domains = @("state.ok.us", "oklahoma.gov", "ok.gov")}
    "Oregon" {$domains = @("state.or.us", "oregon.gov", "or.gov")}
    "Pennsylvania" {$domains = @("state.pa.us", "pennsylvania.gov", "pa.gov")}
    "Rhode Island" {$domains = @("state.ri.us", "rhodeisland.gov", "ri.gov")}
    "South Carolina" {$domains = @("state.sc.us", "southcarolina.gov", "sc.gov")}
    "South Dakota" {$domains = @("state.sd.us", "sd.gov")}
    "Tennessee" {$domains = @("state.tn.us", "tennessee.gov", "tn.gov")}
    "Texas" {$domains = @("state.tx.us", "texas.gov", "tx.gov")}
    "Utah" {$domains = @("state.ut.us", "utah.gov")}
    "Vermont" {$domains = @("state.vt.us", "vermont.gov", "vt.gov")}
    "Virginia" {$domains = @("state.va.us", "virginia.gov")}
    "Washington" {$domains = @("state.wa.us", "washington.gov", "wa.gov")}
    "West Virginia" {$domains = @("state.wv.us", "wv.gov")}
    "Wisconsin" {$domains = @("state.wi.us", "wisconsin.gov", "wi.gov")}
    "Wyoming" {$domains = @("state.wy.us", "wyoming.gov", "wy.gov")}
    }

return $domains
}


# set export variable headers
$expvar = @("State,Domain,DMARC")

# Loop for states
foreach($state in $states){

    # get state domains
    $statedomains = StatesDomains($state)

    # Loop for domains
    foreach($domain in $statedomains){

        # null DMARC variable every loop
        $dmarc = $null
        # get DMARC record for domain
        $dmarc = Resolve-DnsName -Type TXT -Name "_dmarc.$domain" -errorvariable err -erroraction silentlycontinue

        # sort based on DMARC record data, extremely rudimentry.
        if($dmarc -eq $null){
            write-host -foregroundcolor magenta $state - $domain - No DMARC record exists!
            $expvar += $state + "," + $domain + "," + "No DMARC record exists!"
        }
        elseif($dmarc.strings -like "*; p=none;*" -or $dmarc.strings -like "*sp=none*"){
            write-host -foregroundcolor red $state - $domain - $dmarc.strings
            $expvar += $state + "," + $domain + "," + '"' + $dmarc.strings + '"'
        }
        elseif($dmarc.strings -like "*; p=quarantine;*" -or $dmarc.strings -like "*sp=quarantine*"){
            write-host -foregroundcolor yellow $state - $domain - $dmarc.strings
            $expvar += $state + "," + $domain + "," + '"' + $dmarc.strings + '"'
        }
        elseif($dmarc.strings -like "*; p=reject;*"){
            write-host -foregroundcolor green $state - $domain - $dmarc.strings
            $expvar += $state + "," + $domain + "," + '"' + $dmarc.strings + '"'
        }           
    }
}

    # I hate manipulating object data into CSV files. 
    $expvar | Out-File $env:userprofile\desktop\tempcsv.csv
    $tempvar = Import-Csv $env:userprofile\desktop\tempcsv.csv
    $tempvar | Export-Csv $env:userprofile\desktop\stateDMARC.csv -NoTypeInformation
    remove-item $env:userprofile\desktop\tempcsv.csv

Comments

Popular Posts