RE: how to Dump users with Dial in rights?

From: William Underwood (wllmundrwdat_private)
Date: Thu Jan 17 2002 - 10:57:58 PST

Next message: Sacha Faust: "RE: how to Dump users with Dial in rights?"

Previous message: Pete Finnigan: "Re: Port 1521 aka "Unbreakable" Oracle Server"
Maybe in reply to: pen test: "how to Dump users with Dial in rights?"
Next in thread: Sacha Faust: "RE: how to Dump users with Dial in rights?"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

The following is courtesy of Scott Higgins and the ActiveState Perl 
Win32Admin list (archives at http://aspn.activestate.com/ASPN/ \
Mail/Browse/Threaded/perl-win32-admin):


#       Author: Scott Higgins 
#       Date:   31-OCT-2001 
#       Boo: It's Halloween 
# Dialin_list reads the members of the group domain users, and finds those that have dialin permission 
# 
# 
use Win32::Rasadmin; 
use Win32::NetAdmin; 
use Win32::AdminMisc; 
$Group = "Domain Users"; 
$Domain = "Enter your Domain here"; 
$outfile = "Enter your output file here"; 
open (outfile, ">$outfile") || die "can't create $outfile"; 
Win32::NetAdmin::GetDomainController( '', $Domain, $Server ); 
  # Get the list of group members 
if( ! Win32::NetAdmin::GroupGetMembers( $Server, $Group, \@UserList ) ) 
{ 
    Win32::NetAdmin::LocalGroupGetMembers( $Server, $Group, \@UserList ) || die "There is no group called '$Group'.\n"; 
} 
foreach (@UserList) { 
   $_ = ucfirst; # capitalize first letter only and replace 
} 
@NoMachineList = grep !/\Z\$/, @UserList; 
#@MachineList = grep /\Z\$/, @UserList; 
foreach $User ( sort @NoMachineList ) 
{ 
   { 
  
   chomp $User; 
   #chop $User; 
   Win32::RasAdmin::UserGetInfo($Domain, $User, \%Hash); 
           if ($Hash{Privilege} eq "9") 
           { 
           Win32::AdminMisc::UserGetMiscAttributes("", $User, \%Attribs); 
           
           print "$Attribs{USER_FULL_NAME} $User has dialin privs\n"; 
           print outfile "$Attribs{USER_FULL_NAME},$User\n"; 
           } 
   # print "$User is in the domain $Domain.\n"; 
  } 
} 
close (outfile); 


HTH,
William
-- 
William Underwood
wllmundrwdat_private



__________________________________________________________________
Your favorite stores, helpful shopping tools and great gift ideas. Experience the convenience of buying online with Shop@Netscape! http://shopnow.netscape.com/

Get your own FREE, personal Netscape Mail account today at http://webmail.netscape.com/


----------------------------------------------------------------------------
This list is provided by the SecurityFocus Security Intelligence Alert (SIA)
Service. For more information on SecurityFocus' SIA service which
automatically alerts you to the latest security vulnerabilities please see:
https://alerts.securityfocus.com/

Next message: Sacha Faust: "RE: how to Dump users with Dial in rights?"
Previous message: Pete Finnigan: "Re: Port 1521 aka "Unbreakable" Oracle Server"
Maybe in reply to: pen test: "how to Dump users with Dial in rights?"
Next in thread: Sacha Faust: "RE: how to Dump users with Dial in rights?"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Thu Jan 17 2002 - 17:30:17 PST