none
Trying to work with an array of custom objects from an API call. RRS feed

  • Question

  • Hello, 

    I'm building out a PowerShell script to extract useful information from an API that scans vulnerabilities on servers.  The API returns the data as JSON, which I'm assigning to a Variable and letting Powershell do most of the work for me. 

    most of the data in the object works just fine and is stored as easy to parse hash tables.  However, the member that contains the details (names and descriptions) of the data I want, seems to be stored as 3 custom objects. 

    Is there some way to separate these custom objects out? I have tried several methods, such as a for loop of the array, and exporting/converting, but so far haven't had any luck.

    Any suggestions?

    I Included some of the outputs below for visibility

    ~~~~~~~~~~~~~~~

    PS /> $vulns = Invoke-RestMethod -header "accept" = "application/json" -URI [APIURL]

    PS /> $vulndetails = $vulns.data.[servername].details

        

     PS /> $vulndetails

    generic-icmp-timestamp
    ----------------------
    The remote host responded to an ICMP timestamp request. The ICMP timestamp response contains the remote host's date and time. This information could theoretically be used against some systems to exploit weak time-bas…

     PS /> $vulndetails.count                                   
    3

     PS /> for ($i = 0; $i -lt $vulndetails.GetUpperBound(0); $i++) {$vulndetails[$i]}

    generic-icmp-timestamp
    ----------------------
    The remote host responded to an ICMP timestamp request. The ICMP timestamp response contains the remote host's date and time. This information could theoretically be used against some systems to exploit weak time-bas…

    PS /> $vulndetails | Format-Custom

    class PSCustomObject
    {
      generic-icmp-timestamp = The remote host responded to an ICMP timestamp request. The ICMP timestamp response contains the remote host's date and time. This information could theoretically be used against some 
      systems to exploit weak time-based random number generators in other services.

      In addition, the versions of some operating systems can be accurately fingerprinted by analyzing their responses to invalid ICMP timestamp requests.
    }

    class PSCustomObject
    {
      generic-tcp-timestamp = The remote host responded with a TCP timestamp. The TCP timestamp response can be used to approximate the remote host's uptime, potentially aiding in further attacks. Additionally, some 
      operating systems can be fingerprinted based on the behavior of their TCP timestamps.
    }

    class PSCustomObject
    {
      msft-cve-2017-5715 = NOTE This advisory was revised on July 10, 2018. Some content has been removed for simplicity and because it is no longer relevant. You can view the archived content for ADV180002 in the FAQ 
      section following the Affected Products table. Executive Summary Microsoft is aware of a new publicly disclosed class of vulnerabilities referred to as “speculative execution side-channel attacks” that affect many 
      modern processors and operating systems including Intel, AMD, and ARM. Note: this issue will affect other systems such as Android, Chrome, iOS, MacOS, so we advise customers to seek out guidance from those vendors...
    }




    • Edited by Jim Burber Thursday, July 18, 2019 10:33 PM formatting
    Thursday, July 18, 2019 8:52 PM

All replies

  • Once again - please edit you post and post your code using the code posting tool provided on the edit bar. What you have posted is mostly unreadable in most browsers and cannot be copied without errors. That is why we provide the tool.


    \_(ツ)_/

    Thursday, July 18, 2019 10:14 PM