Permalink
Switch branches/tags
Nothing to show
Find file Copy path
Fetching contributors…
Cannot retrieve contributors at this time
39 lines (31 sloc) 1.39 KB
<#
.SYNOPSIS
Downloads the latest malware domains listing from www.malwaredomains.com, uncompresses the zip, takes only the domain
names and outputs it to a file called domains_only.txt. The file can then be read into DNS using Jason Fossen's
script (https://cyber-defense.sans.org/blog/2010/08/31/windows-dns-server-blackhole-blacklist).
.REQUIREMENTS
At least PowerShell v3
#>
# Downloads the domains.zip the the local directory
$url = "http://malware-domains.com/files/domains.zip"
$current_user = [Environment]::UserName
$output = "c:\users\$current_user\desktop\domains.zip"
Invoke-WebRequest -Uri $url -OutFile $output
# Unzips the zip and stores it on the user's desktop
$shell = new-object -com shell.application
$zip = $shell.NameSpace("domains.zip”)
foreach($item in $zip.items())
{
$shell.Namespace(“c:\users\$current_user\desktop”).copyhere($item)
}
# Returns only the website names within the file
$sites_spaces = Get-Content .\domains.txt | select -skip 4 | Foreach {($_ -split '\s+',4)[0..1]}
# Removes empty (blank) lines
$just_sites = $sites_spaces | where {$_ -ne ""}
# Count the number of lines in the file
$total_lines = $just_sites.count
# Created the file with just the domains
Add-Content -Path "domains_only.txt" -Value ($just_sites)
# cleanup
Remove-Item C:\users\$current_user\desktop\domains.txt
Remove-Item C:\users\$current_user\desktop\domains.zip