Penetration Testing mailing list archives

RE: how to Dump users with Dial in rights?

From: wllmundrwd () netscape net (William Underwood)
Date: Thu, 17 Jan 2002 13:57:58 -0500

The following is courtesy of Scott Higgins and the ActiveState Perl 
Win32Admin list (archives at http://aspn.activestate.com/ASPN/ \
Mail/Browse/Threaded/perl-win32-admin):


#       Author: Scott Higgins 
#       Date:   31-OCT-2001 
#       Boo: It's Halloween 
# Dialin_list reads the members of the group domain users, and finds those that have dialin permission 
# 
# 
use Win32::Rasadmin; 
use Win32::NetAdmin; 
use Win32::AdminMisc; 
$Group = "Domain Users"; 
$Domain = "Enter your Domain here"; 
$outfile = "Enter your output file here"; 
open (outfile, ">$outfile") || die "can't create $outfile"; 
Win32::NetAdmin::GetDomainController( '', $Domain, $Server ); 
  # Get the list of group members 
if( ! Win32::NetAdmin::GroupGetMembers( $Server, $Group, \@UserList ) ) 
{ 
    Win32::NetAdmin::LocalGroupGetMembers( $Server, $Group, \@UserList ) || die "There is no group called '$Group'.\n"; 
} 
foreach (@UserList) { 
   $_ = ucfirst; # capitalize first letter only and replace 
} 
@NoMachineList = grep !/\Z\$/, @UserList; 
#@MachineList = grep /\Z\$/, @UserList; 
foreach $User ( sort @NoMachineList ) 
{ 
   { 
  
   chomp $User; 
   #chop $User; 
   Win32::RasAdmin::UserGetInfo($Domain, $User, \%Hash); 
           if ($Hash{Privilege} eq "9") 
           { 
           Win32::AdminMisc::UserGetMiscAttributes("", $User, \%Attribs); 
           
           print "$Attribs{USER_FULL_NAME} $User has dialin privs\n"; 
           print outfile "$Attribs{USER_FULL_NAME},$User\n"; 
           } 
   # print "$User is in the domain $Domain.\n"; 
  } 
} 
close (outfile); 


HTH,
William
-- 
William Underwood
wllmundrwd () netscape net



__________________________________________________________________
Your favorite stores, helpful shopping tools and great gift ideas. Experience the convenience of buying online with 
Shop@Netscape! http://shopnow.netscape.com/

Get your own FREE, personal Netscape Mail account today at http://webmail.netscape.com/


----------------------------------------------------------------------------
This list is provided by the SecurityFocus Security Intelligence Alert (SIA)
Service. For more information on SecurityFocus' SIA service which
automatically alerts you to the latest security vulnerabilities please see:
https://alerts.securityfocus.com/

Current thread:

how to Dump users with Dial in rights? pen test (Jan 17)
- RE: how to Dump users with Dial in rights? Damon Sisola (Jan 17)
- RE: how to Dump users with Dial in rights? Sacha Faust (Jan 18)
- <Possible follow-ups>
- RE:how to Dump users with Dial in rights? Thad Horak (Jan 17)
- RE: how to Dump users with Dial in rights? Block, Edward (Jan 17)
- RE: how to Dump users with Dial in rights? William Underwood (Jan 17)