Penetration Testing mailing list archives
RE: Info collection
From: "Jack Cullen" <jack_cullen () hotmail com>
Date: Tue, 10 Aug 2004 18:03:37 -0400
I have used PSEXEC with batch file that can remotely log onto a fileserver share from the host in question, run command-line utilites from the share and then dump the results to another fileserver share, thus minimizing the "impact" or files that have to be written to the host in question. All the data is dumped into sub-category reports and then is finally compiled into one report. Some of the categories and utilites are as follows. (Wouldn't it be nice to have links to all the tools that people list here??? :-) ) I started out to have this monster command-line based reporting script dump every piece of info imaginable but alas.... The Microsoft resource kits (NT, 2K, BackOffice) have some decent utilities. I haven't looked at this in a bit so...
***** BY COMPANY / TOOL ***** * BINDVIEW enum.exe ifids.exe lsaacl.exe lsadump2.exe ngrep.exe pipeacl.exe pipeaclui.exe pwdump2.exe rpcdump.exe samacl.exe strace.exe walksam.exe * FOUNDSTONE AFind.exe Audited.exe DACLchk.exe FileStat.exe Fport.exe fport133.exe HFind.exe Hunt.exe SFind.exe sl.exe * ISS StreamFind.exe * MICROSOFT hfnetchk.exe mbsacli.exe NET.EXE oh.exe PortQry.exe PSTAT.EXE pulist.exe REGDMP.EXE REGEDIT.EXE REGEDT32.EXE sc.exe sclist.exe SET shutdown.exe srvinfo.exe TLIST.EXE * SHAVLIK CommandLine.exe hfnetchk.exe hfnetchkpro.exe qchain.exe * SYSINTERNALS handle.exe listdlls.exe PIPELIST.EXE PSEXEC.EXE psfile.exe Psinfo.exe pskill.exe pslist.exe psloggedon.exe ***** BY CATEGORY ***** * MULTI NET.EXE * DLLS LISTDLLS.EXE * ENVIRONMENT SET * ETC TYPE HOSTS TYPE SERVICES * FILES PSFILE.EXE * HANDLES HANDLE.EXE * NETBIOS NBTSTAT.EXE * CONNECTIONS NETSTAT.EXE * PATCHES HFNETCHK.EXE MSBACLI.EXE * PIPES PIPELIST.EXE * PORTS FPORT.EXE NETSTAT.EXE * PROCESSES PSLIST.EXE PSTAT.EXE PULIST.EXE * REGISTRY REGDMP.EXE REGEDIT.EXE REGEDT32.EXE * SERVER SRVINFO.EXE PSINFO.EXE * SERVICES SC.EXE SCLIST.EXE * TASKS TLIST.EXE * TCPIP IPCONFIG.EXE * USERS PSLOGGEDON.EXE _________________________________________________________________Dont just search. Find. Check out the new MSN Search! http://search.msn.click-url.com/go/onm00200636ave/direct/01/
Current thread:
- Info collection Jeff Gercken (Aug 05)
- RE: Info collection Israel Torres (Aug 09)
- Re: Info collection Ali-Reza Anghaie (Aug 09)
- <Possible follow-ups>
- Re: Info collection H Carvey (Aug 09)
- RE: Info collection Michael Shirk (Aug 09)
- RE: Info collection Petr . Kazil (Aug 10)
- RE: Info collection Jeff Gercken (Aug 09)
- RE: Info collection Frank Knobbe (Aug 10)
- Re: Info collection Martin Mačok (Aug 11)
- RE: Info collection Frank Knobbe (Aug 10)
- Re: Info collection H Carvey (Aug 10)
- RE: Info collection Jack Cullen (Aug 11)
- Re: Info collection H Carvey (Aug 12)