Powershell Guru needed please!

[Whiskey]

I'm working on a recon payload, something to grab a bunch of info about a machine that could be useful in future payloads.  One of the things I'm attempting to grab is network adapter info with MACs and IPs.  However I run in to two issues.  The first is I only want to return the IPv4 addresses, but all the workarounds to this known to me break my code.  Second, if I try to pass more info to my output table, the info in concatenated with ellipses (...) those things.

Here's the code snippet (minus extra outputs causing ellipses):

Get-WmiObject Win32_NetworkAdapterConfiguration | where { $_.MACAddress -notlike $null }  | select Index, Description, IPAddress, MACAddress | Format-Table Index, Description, IPAddress, MACAddress

Can anyone tell me how to only grab IPv4 from the output of Win32_NetworkAdapterConfiguration?  Thank you!

As for the ellipses, fixing that would be a bonus, but it's not crucial to what I'm working on.

I'll share my QuickRecon payload here as soon as it's working - even though it's nothing "new", just a combination of the best parts of existing recon payloads.

[Bob123]

Well maybe this will help, maybe it won't.  But if you type this into powershell: 

Get-WmiObject Win32_NetworkAdapterConfiguration | where { $_.MACAddress -notlike $null }  | Select-String -InputObject {$_.IPAddress} -Pattern '\b\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3}\b'

It'll grab / display the IPv4 and IPv6 only.  I still can't figure out how to cut the IPv6 part and it's really bugging me.

Then if you type this:

Get-WmiObject Win32_NetworkAdapterConfiguration | where { $_.MACAddress -notlike $null }  | Select-String -InputObject {$_.IPAddress} -Pattern '\b\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3}\b' | Out-File ./test.txt

It'll do the same thing but save it to a file.

Hope this helps a little.  I don't do much with powershell so this is a learning experience for me.  Would like to see the whole payload when you have it complete.

[Bob123]

This is why I scratch my head to powershell.  Again not sure if this helps or not but this:

Get-WmiObject Win32_NetworkAdapterConfiguration | where { $_.MACAddress -notlike $null }  | Select-String -InputObject {$_.IPAddress} -Pattern '\b\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3}\b' -AllMatches |%{$_.Matches}|%{$_.Value}

Only displays IPv4 addresses.  Yay if nothing else I learned a lot.

[Whiskey]

Thanks.  I've already tried a very similar string with no success.  I'll keep poking at this, but since you asked, I've dropped this payload on my github for anyone to take a look and help.

https://github.com/ciavolella/BashBunny/tree/main/QuickRecon

In the info.ps1 file is the line from my original post.  If you modify it to add say "DefaultIPGateway", then the output gets concatenated in the outputted table.

Also, in the payload.txt I'm using the loop function to detect when the script finishes to display the proper LED color, however this isn't working and I don't know why.  It's the exact same loop used in many other payloads, so I'm at a loss.