Penetration Testing mailing list archives

RE: User group tool

From: "Weir, Jason" <jason.weir () nhrs org>
Date: Fri, 15 Sep 2006 07:57:20 -0400

Here is a Perl script that will find users in the local admins group
other than the Administrator and Domain Admins..  It reads machine names
from a text file named machines.txt and outputs to a file named
localadmins.txt.


************************************

use Win32::NetAdmin;

open (MACHINEFILE, "machines.txt");
@Machines=<MACHINEFILE>;
close (MACHINEFILE);

open (OUTFILE, ">localadmins.txt");
print OUTFILE "Local Administrators Audit\n";
foreach $Machine(@Machines){
        chomp $Machine;
        if (`ping -n 2 -l 1 -w 50 $Machine` =~ /Reply/){
                Win32::NetAdmin::LocalGroupGetMembers($Machine,
'Administrators', \@admins) || die "$^E\n";
                foreach $user(@admins){
                        unless ($user =~ /administrator|domain
admins/i){
                                print OUTFILE "$Machine\t$user\n";
                        }
                }
        }else {
                print OUTFILE "$Machine\tDown or not found\n";
        }
}

close OUTFILE;
print "Done! Press Enter to Exit";
<>;

************************************

Good luck
Jason Weir
Systems Administrator
New Hampshire Retirement System
Concord, NH 03301


-----Original Message-----
From: listbounce () securityfocus com [mailto:listbounce () securityfocus com]
On Behalf Of Bud Gordon
Sent: Thursday, September 14, 2006 5:20 PM
To: pen-test () securityfocus com
Subject: User group tool


I am looking for a tool or script that will let me ferret out users that
are members of the admin group (preferably from a command line).  I have
google'd and use pwdump for lists etc; I also use net user and net group
to show me the users and groups, but I need to see who is admin.

Thoughts?

Thank you!!

------------------------------------------------------------------------
This List Sponsored by: Cenzic

Need to secure your web apps?
Cenzic Hailstorm finds vulnerabilities fast.
Click the link to buy it, try it or download Hailstorm for FREE.
http://www.cenzic.com/products_services/download_hailstorm.php
------------------------------------------------------------------------

Current thread:

Re: custom xp_cmdshell on SQL Server, (continued)
- Re: custom xp_cmdshell on SQL Server Steven M Gill (Sep 15)
- Re: custom xp_cmdshell on SQL Server Stefano Zanero (Sep 15)
- RE: custom xp_cmdshell on SQL Server Victor Chapela (Sep 17)
  - RE: custom xp_cmdshell on SQL Server Andy Lester (Sep 18)
    - RE: custom xp_cmdshell on SQL Server Victor Chapela (Sep 20)
- Re: custom xp_cmdshell on SQL Server Zed Qyves (Sep 14)
  - User group tool Bud Gordon (Sep 14)
    - Re: User group tool Tim (Sep 14)
    - Re: User group tool John Skinner (Sep 15)
    - RE: User group tool ballares (Sep 15)
    - RE: User group tool Weir, Jason (Sep 15)
- RE: custom xp_cmdshell on SQL Server Andy Lester (Sep 18)