RE: [Plugins-writers] Extracting info from the Windows registry

• Previous message: Morris, Philip (JSY): "[Plugins-writers] Extracting info from the Windows registry"
• In reply to: Morris, Philip (JSY): "[Plugins-writers] Extracting info from the Windows registry"
• Next in thread: Doug Nordwall: "Re: [Plugins-writers] Extracting info from the Windows registry"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

I wrote this plugin YEARS ago, I have no clue if it still works. It did
at one point.
 ......................................................


#
# (C) Jeff Adams <jadams@private>
#
if(description)
{
 script_id(98781);
 script_version("$Revision: 1.1 $");
 name["english"] = "Host Info Gathering Script";
 
 script_name(english:name["english"]);
 
 desc["english"] = "
This script collects information useful in assisting corporations
(System Administrators) in identifying machines on their local LANs.
It is most useful when used in locating and identifying machines flagged
as vulnerable by other plug-ins.
The following information will be collected:
User, Host, Domain, Owner, Org, OS, Version, Service Pack, Start Time,
Manufacturer, Model, and CPU.

Solution: Info Only
Risk factor: None";

 script_description(english:desc["english"]);
 
 summary["english"] = "Host Info Gathering Script";

 script_summary(english:summary["english"]);
 
 script_category(ACT_GATHER_INFO);
 
 script_copyright(english:"This script is Copyright (C) 2004 Jeff
Adams");
 family["english"] = "Windows";
 script_family(english:family["english"]);
 
 script_dependencies("netbios_name_get.nasl",
 		     "smb_login.nasl","smb_registry_full_access.nasl");
 script_require_keys("SMB/name", "SMB/login", "SMB/password",
		     "SMB/registry_full_access");


 script_require_ports(139, 445);
 exit(0);
}

include("smb_nt.inc");
port = get_kb_item("SMB/transport");
if(!port)port = 139;



user = registry_get_sz(key:"SOFTWARE\Microsoft\Windows
NT\CurrentVersion\Winlogon", item:"DefaultUserName");
domain = registry_get_sz(key:"SOFTWARE\Microsoft\Windows
NT\CurrentVersion\Winlogon", item:"DefaultDomainName");
host =
registry_get_sz(key:"SYSTEM\CurrentControlSet\Services\Tcpip\Parameters"
, item:"Hostname");
owner = registry_get_sz(key:"SOFTWARE\Microsoft\Windows
NT\CurrentVersion", item:"RegisteredOwner");
org = registry_get_sz(key:"SOFTWARE\Microsoft\Windows
NT\CurrentVersion", item:"RegisteredOrganization");
os = registry_get_sz(key:"SOFTWARE\Microsoft\Windows NT\CurrentVersion",
item:"ProductName");
ver = registry_get_sz(key:"SOFTWARE\Microsoft\Windows
NT\CurrentVersion", item:"CurrentVersion");
sp = registry_get_sz(key:"SOFTWARE\Microsoft\Windows NT\CurrentVersion",
item:"CSDVersion");
time = registry_get_sz(key:"SOFTWARE\Microsoft\Windows
NT\CurrentVersion\Prefetcher", item:"StartTime");
make =
registry_get_sz(key:"SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUp
date\OemInfo", item:"WbemOem");
model =
registry_get_sz(key:"SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUp
date\OemInfo", item:"WbemProduct");
cpu =
registry_get_sz(key:"HARDWARE\DESCRIPTION\System\CentralProcessor\0",
item:"ProcessorNameString");

report = string ("This script collects information useful in assisting
corporations (System Administrators) in identifying machines on their
local LANs.
It is most useful when used in locating and identifying machines flagged
as vulnerable by other plug-ins.

The following information was gathered about the remote host:
User:   ", user, "
Domain:   ", domain, "
Host Name:   ", host, "
Registered Owner:   ", owner, "
Registrered Org:   ", org, "
OS:   ", os, "
Version:   ", ver, "
Service Pack :   ", sp, "
Start Time:   ", time, "
Manufacturer:   ", make, "
Model:   ", model, "
CPU:   ", cpu);
security_note(port:port, data:report);

________________________________

From: plugins-writers-bounces@private
[mailto:plugins-writers-bounces@private] On Behalf Of Morris,
Philip (JSY)
Sent: Thursday, December 14, 2006 11:26 AM
To: 'plugins-writers@private'
Subject: [Plugins-writers] Extracting info from the Windows registry


Hi,
 
I have had many abortive attempts at trying to get report using the
plug-in mentioned in " Sucking the Machine Name out of the Registry"
from John Eder in 2004 .
 
Does anyone actually have a plug-in that they care to share?  All I am
trying to do is to extract the computer name from our Windows machines'
registry to help with our AV audit that we run each week as our current
naming resolution is a bit ....err .... umm .....on the flaky side ...

Kind Regards

 

Phil

_______________________________________________
Plugins-writers mailing list
Plugins-writers@private
http://mail.nessus.org/mailman/listinfo/plugins-writers

• Previous message: Morris, Philip (JSY): "[Plugins-writers] Extracting info from the Windows registry"
• In reply to: Morris, Philip (JSY): "[Plugins-writers] Extracting info from the Windows registry"
• Next in thread: Doug Nordwall: "Re: [Plugins-writers] Extracting info from the Windows registry"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.3 : Fri Dec 15 2006 - 14:20:07 PST