RE: Network Scan

["Jimmy Sansi" <jsansi () ritzfoodservice com>]

Ok, I know this isn't a Perl group, but consider the
following:

use File::List;

  my $search = new File::List("x:/");
  my @files  = @{ $search->find("\.jpg\$")};


  foreach $file (@files)
  {
    print $file, "\n";
  }


This is pretty simplistic (and requires you you to have drive x
mapped to to the remote machine) but would do exactly what your
looking for. Although you would probably want to add a few features
to it.

-Jimmy


-----Original Message-----
From: shawnmer [mailto:shawnmer () io com]
Sent: Wednesday, January 15, 2003 9:16 AM
To: WhtWlf2001
Cc: security-basics () securityfocus com
Subject: Re: Network Scan


Hmmm...thoughts on the following?

1.  Run a SSH server on each Windows station
2.  Upload Cygwin's Find program and needed DLLs
3.  Schedule an AT command on the Windows station (remotely through the
SSH connection) to look, using find, for the file extensons you're looking
for and output results to a file.
4.  Use smbclient to retrieve the output file.
5.  Reschedule the AT command.

-scm


W:WhtWlf2001

W>All,
W>
W>I'm looking to find a tool or the best way to accomplish the following:
W>
W>Scan WindowsNT machines on the local network, authenticate with a known
admin password, and search
W>for specific files on the local hard drive, log success, failures and file
information. In this
W>first pass I am looking for .jpg and .mpg type files (we have an internal
porn issue) but later I
W>envision using this tool to search for other specific files or file types,
evidence of trojan
W>files etc...
W>
W>Ideally this tool would be able to handle either 1 IP address or a range
of addresses and work in
W>an automated fashion. Optionally to be able to dictionary attack those
machines that don't have
W>the default admin password would be helpful as well.
W>
W>Anyone know of such a tool or developed a custom script for this type of
"audit"?
W>
W>Thanks.
W>