Re: [PEN-TEST] open windows shares (was no topic)

[Jose Nazario <jose () BIOCSERVER BIOC CWRU EDU>]

On Mon, 27 Nov 2000, Galileo wrote:

> I wanted to se how vulnerable local internet users are to this. I had
> in mind to make a statistic about how many percent of machines have
> open guest shares. Now I can find how many machines have open shares
> with nbtscan and with a little help of grep I can exclude win NT /2000
> machines but how to find out if they are guest shares with write
> permissions ? It would be to slow to try and check all manually. Any
> ideas ?

a friend wrote some code that used perl, CIFS code in C++ and samba to
catalog open shares or try weak passwords. it ran from FRreeBSD. with some
tweaking, it could be changed from its normal job (catalogging a ging the
Windows network for a searchable database) to a simple open or weak share
reporter.

it used to be available at http://cwrubert.cwru.edu/, but itappears
unreachable. you can license the code from the author, icc (at) cwru.edu
(ian is his name). in the past he's been pretty amenable to that.

____________________________
jose nazario                                                 jose () cwru edu
                     PGP: 89 B0 81 DA 5B FD 7E 00  99 C3 B2 CD 48 A0 07 80
                                       PGP key ID 0xFD37F4E5 (pgp.mit.edu)