#
# This script was written by John Eder - john at solaero com
#    Copied heavily from Renaud Deraison's <deraison@private> "SMB Registry : missing winreg" (Plugin 10431)
#
# All licensing belong to the Nessus team and Renaud.
#

if(description)
{
 script_id(  ****TBD****  );
 script_version ("$Revision: 1.13 $");
 
 name["english"] = "SMB Registry : get machine name";
 
 script_name(english:name["english"]);
 
 desc["english"] = "

The registry key HKLM\System\CurrentControlSet\Control\ComputerName\ComputerName\ComputerName provides the machines name out of the registry.  This comes in handy when the machine is DHCP and you don't want to probe the machine through Netbios.

This script was specifically written to return the machine name for remediation findings out of Nessus.  Like others, our network is DHCP, and just returning the IP address of desktops isn't sufficient for hunting them down.  (As a side note, we also block 137 on some segments and couldn't get the name out of plugin 10150 - "Using NetBIOS to retrieve information from a Windows host" to determine the machine name.)

Risk factor : Note";


 script_description(english:desc["english"]);
 
 summary["english"] = "Determines the machine name from the registry";
 
 script_summary(english:summary["english"]);
 
 script_category(ACT_GATHER_INFO);
 
 script_copyright(english:"This script is Copyright (C) 2004 John Eder and Renaud Deraison");
 family["english"] = "Windows";
 script_family(english:family["english"]);
 
 script_dependencies("netbios_name_get.nasl",
 		     "smb_login.nasl", "smb_registry_full_access.nasl");
 script_require_keys("SMB/transport", "SMB/name", "SMB/login", "SMB/password","SMB/registry_full_access");
 script_exclude_keys("SMB/Win2K/ServicePack");
 script_require_ports(139, 445);
 exit(0);
}

include("smb_nt.inc");
port = get_kb_item("SMB/transport");
if(!port)port = 139;


version = get_kb_item("SMB/WindowsVersion");
if(!version)exit(0);
# false positive on win2k - they must protect it or something - mss
if(egrep(pattern:"^5.",string:version))exit(0);

key = "HKLM\System\CurrentControlSet\Control\ComputerName\ComputerName";
item = "ComputerName";

value = registry_get_sz(key:key, item:item);
if(!value)
{
 security_hole(port);
  exit(0);
}