Here is a Perl script that will find users in the local admins group
other than the Administrator and Domain Admins.. It reads machine names
from a text file named machines.txt and outputs to a file named
localadmins.txt.
************************************
use Win32::NetAdmin;
open (MACHINEFILE, "machines.txt");
@Machines=<MACHINEFILE>;
close (MACHINEFILE);
open (OUTFILE, ">localadmins.txt");
print OUTFILE "Local Administrators Audit\n";
foreach $Machine(@Machines){
chomp $Machine;
if (`ping -n 2 -l 1 -w 50 $Machine` =~ /Reply/){
Win32::NetAdmin::LocalGroupGetMembers($Machine,
'Administrators', \@admins) || die "$^E\n";
foreach $user(@admins){
unless ($user =~ /administrator|domain
admins/i){
print OUTFILE "$Machine\t$user\n";
}
}
}else {
print OUTFILE "$Machine\tDown or not found\n";
}
}
close OUTFILE;
print "Done! Press Enter to Exit";
<>;
************************************
Good luck
Jason Weir
Systems Administrator
New Hampshire Retirement System
Concord, NH 03301
-----Original Message-----
From: listbounce@securityfocus.com [mailto:listbounce@securityfocus.com]
On Behalf Of Bud Gordon
Sent: Thursday, September 14, 2006 5:20 PM
To: pen-test@securityfocus.com
Subject: User group tool
I am looking for a tool or script that will let me ferret out users that
are members of the admin group (preferably from a command line). I have
google'd and use pwdump for lists etc; I also use net user and net group
to show me the users and groups, but I need to see who is admin.
Thoughts?
Thank you!!
------------------------------------------------------------------------
This List Sponsored by: Cenzic
Need to secure your web apps?
Cenzic Hailstorm finds vulnerabilities fast.
Click the link to buy it, try it or download Hailstorm for FREE.
http://www.cenzic.com/products_services/download_hailstorm.php
------------------------------------------------------------------------
