Added logic for checking ipstack.com API Key with some error handling.

T0pCyber · Jan 19, 2025 · 288597d · 288597d
1 parent 21773ac
commit 288597d
Show file tree

Hide file tree

Showing 2 changed files with 116 additions and 74 deletions.
diff --git a/Hawk/internal/functions/Add-HawkAppData.ps1 b/Hawk/internal/functions/Add-HawkAppData.ps1
@@ -28,7 +28,7 @@ Function Add-HawkAppData {
 
     # Test if our HawkAppData variable exists
     if ([bool](get-variable HawkAppData -ErrorAction SilentlyContinue)) {
-        $global:HawkAppData | Add-Member -MemberType NoteProperty -Name $Name -Value $Value
+        $global:HawkAppData | Add-Member -MemberType NoteProperty -Name $Name -Value $Value -Force
     }
     else {
         $global:HawkAppData = New-Object -TypeName PSObject

diff --git a/Hawk/internal/functions/Get-IPGeolocation.ps1 b/Hawk/internal/functions/Get-IPGeolocation.ps1
@@ -1,5 +1,4 @@
-
-<#
+<#
 .SYNOPSIS
     Get the Location of an IP using the freegeoip.net rest API
 .DESCRIPTION
@@ -10,7 +9,7 @@
     Get-IPGeolocation
     Gets all IP Geolocation data of IPs that recieved
 .NOTES
-    General notes (DCODEV was here <-> If you say so, sir!)
+    General notes
 #>
 Function Get-IPGeolocation {
 
@@ -20,89 +19,132 @@ Function Get-IPGeolocation {
         $IPAddress
     )
 
-    # If we don't have a HawkAppData variable then we need to read it in
-    if (!([bool](get-variable HawkAppData -erroraction silentlycontinue))) {
-        Read-HawkAppData
+    begin {
+        # Read in existing HawkAppData
+        if (!([bool](Get-Variable HawkAppData -ErrorAction SilentlyContinue))) {
+            Read-HawkAppData
+        }
     }
 
-    # if there is no value of access_key then we need to get it from the user
-    if ($null -eq $HawkAppData.access_key) {
+    process {
+        try {
+            # if there is no value of access_key then we need to get it from the user
+            if ([string]::IsNullOrEmpty($HawkAppData.access_key)) {
 
-        Out-LogFile "IpStack.com now requires an API access key to gather GeoIP information from their API.`nPlease get a Free access key from https://ipstack.com/ and provide it below." -Information
+                Out-LogFile "IpStack.com now requires an API access key to gather GeoIP information from their API.`nPlease get a Free access key from https://ipstack.com/ and provide it below." -Information
 
-        # get the access key from the user
-        # get the access key from the user
-        Out-LogFile "ipstack.com accesskey" -isPrompt -NoNewLine
-        $Accesskey = (Read-Host).Trim() 
+                Out-LogFile "`nIP Stack API Key Configuration" -Action
+                Out-LogFile "Get your free API key at: https://ipstack.com/`n" -Action
 
-        # add the access key to the appdata file
-        Add-HawkAppData -name access_key -Value $Accesskey
-    }
-    else {
-        $Accesskey = $HawkAppData.access_key
-    }
+                # get the access key from the user
+                Out-LogFile "ipstack.com accesskey " -isPrompt -NoNewLine
+                $AccessKey = (Read-Host "Enter your IP Stack API key").Trim() 
 
-    # Check the global IP cache and see if we already have the IP there
-    if ($IPLocationCache.ip -contains $IPAddress) {
-        return ($IPLocationCache | Where-Object { $_.ip -eq $IPAddress } )
-        Write-Verbose ("IP Cache Hit: " + [string]$IPAddress)
-    }
-    elseif ($IPAddress -eq "<null>"){
-        write-Verbose ("Null IP Provided: " + $IPAddress)
-                $hash = @{
-                IP               = $IPAddress
-                CountryName      = "NULL IP"
-                RegionName       = "Unknown"
-                RegionCode       = "Unknown"
-                ContinentName    = "Unknown"
-                City             = "Unknown"
-                KnownMicrosoftIP = "Unknown"
+                # Validate key format (basic check)
+                if ([string]::IsNullOrWhiteSpace($AccessKey)) {
+                    Out-LogFile "API key cannot be empty or whitespace." -isError
+                    throw | Out-Null
+                }
+
+                # If testing is requested, validate the key
+                if ($AccessKey) {
+                    Out-LogFile "Testing API key against Google DNS..." -Action 
+                    $testUrl = "http://api.ipstack.com/8.8.8.8?access_key=$AccessKey"
+
+                    try {
+                        $response = Invoke-RestMethod -Uri $testUrl -Method Get
+                        if ($response.success -eq $false) {
+                            Out-LogFile "API key validation failed: $($response.error.info)" -isError
+                            throw | Out-Null
+                        }
+                        Out-LogFile "API key validated successfully!" -Information
+
+                        # Save to disk
+                        Out-HawkAppData
+                    }
+                    catch {
+                        Out-LogFile "API key validation failed: $_" -isError
+                        throw | Out-Null
+
+                    }
+                }
+
+                # The ipstack API key is valid. Add the access key to the appdata file
+                Add-HawkAppData -name access_key -Value $AccessKey
             }
-    }
-    # If not then we need to look it up and populate it into the cache
-    else {
-        # URI to pull the data from
-        $resource = "http://api.ipstack.com/" + $ipaddress + "?access_key=" + $Accesskey
-
-        # Return Data from web
-        $Error.Clear()
-        $geoip = Invoke-RestMethod -Method Get -URI $resource -ErrorAction SilentlyContinue
-
-        if (($Error.Count -gt 0) -or ($null -eq $geoip.type)) {
-            Out-LogFile ("Failed to retreive location for IP " + $IPAddress) -isError
-            $hash = @{
-                IP               = $IPAddress
-                CountryName      = "Failed to Resolve"
-                RegionName       = "Unknown"
-                RegionCode       = "Unknown"
-                ContinentName    = "Unknown"
-                City             = "Unknown"
-                KnownMicrosoftIP = "Unknown"
+            else {
+                $AccessKey = $HawkAppData.access_key
             }
         }
+        catch {
+            Out-LogFile "Failed to update IP Stack API key: $_" -isError
+            throw | Out-Null
+        }
+
+
+
+        # Check the global IP cache and see if we already have the IP there
+        if ($IPLocationCache.ip -contains $IPAddress) {
+            return ($IPLocationCache | Where-Object { $_.ip -eq $IPAddress } )
+            Write-Verbose ("IP Cache Hit: " + [string]$IPAddress)
+        }
+        elseif ($IPAddress -eq "<null>"){
+            write-Verbose ("Null IP Provided: " + $IPAddress)
+                    $hash = @{
+                    IP               = $IPAddress
+                    CountryName      = "NULL IP"
+                    RegionName       = "Unknown"
+                    RegionCode       = "Unknown"
+                    ContinentName    = "Unknown"
+                    City             = "Unknown"
+                    KnownMicrosoftIP = "Unknown"
+                }
+        }
+        # If not then we need to look it up and populate it into the cache
         else {
-            # Determine if this IP is known to be owned by Microsoft
-            [string]$isMSFTIP = Test-MicrosoftIP -IPToTest $IPAddress -type $geoip.type
-            if ($isMSFTIP){
-                $MSFTIP =  $isMSFTIP
+            # URI to pull the data from
+            $resource = "http://api.ipstack.com/" + $ipaddress + "?access_key=" + $AccessKey
+
+            # Return Data from web
+            $Error.Clear()
+            $geoip = Invoke-RestMethod -Method Get -URI $resource -ErrorAction SilentlyContinue
+
+            if (($Error.Count) -or ([string]::IsNullOrEmpty($geoip.type))) {
+                Out-LogFile ("Failed to retreive location for IP " + $IPAddress) -isError
+                $hash = @{
+                    IP               = $IPAddress
+                    CountryName      = "Failed to Resolve"
+                    RegionName       = "Unknown"
+                    RegionCode       = "Unknown"
+                    ContinentName    = "Unknown"
+                    City             = "Unknown"
+                    KnownMicrosoftIP = "Unknown"
+                }
             }
-            # Push return into a response object
-            $hash = @{
-                IP               = $geoip.ip
-                CountryName      = $geoip.country_name
-                ContinentName    = $geoip.continent_name
-                RegionName       = $geoip.region_name
-                RegionCode       = $geoip.region_code
-                City             = $geoip.City
-                KnownMicrosoftIP = $MSFTIP
+            else {
+                # Determine if this IP is known to be owned by Microsoft
+                [string]$isMSFTIP = Test-MicrosoftIP -IPToTest $IPAddress -type $geoip.type
+                if ($isMSFTIP){
+                    $MSFTIP = $isMSFTIP
+                }
+                # Push return into a response object
+                $hash = @{
+                    IP               = $geoip.ip
+                    CountryName      = $geoip.country_name
+                    ContinentName    = $geoip.continent_name
+                    RegionName       = $geoip.region_name
+                    RegionCode       = $geoip.region_code
+                    City             = $geoip.City
+                    KnownMicrosoftIP = $MSFTIP
+                }
+                $result = New-Object PSObject -Property $hash
             }
-            $result = New-Object PSObject -Property $hash
-        }
 
-        # Push the result to the global IPLocationCache
-        [array]$Global:IPlocationCache += $result
+            # Push the result to the global IPLocationCache
+            [array]$Global:IPlocationCache += $result
 
-        # Return the result to the user
-        return $result
+            # Return the result to the user
+            return $result
+        }
     }
 }