John,
Here's a start on a VB script for you. It will iterate through subnets
you define in the array statement and scan for NetBIOS enabled machines.
Typically, the username will be one of the lines in the response. A
caveat however is that on a Microsoft network, the username only appears
on the first machine logged onto (at least in a domain environment).
So, if Dookie logs into machineA then machineB, Dookie will appear in
the response on machineA but not machineB. (However, if you had a
domain, then you'd already have a solution to your problem, right?)
Use writeline to dump to a text file after creating a file system object
if you want. (VB scripting is easy, check it out).
In the code, use Isaac's recommendation of net use and dump the results
to a text file. You can also readline passwords from another text file.
Here's your loop code:
Set objShell = WScript.CreateObject("WScript.Shell")
Subnets = Array("10.0.1.", "10.0.2.", "10.0.3.")
For Each NET in Subnets
For HOST = 0 to 255
Set objExecObject = objShell.Exec("cmd /c nbtstat -A " & NET & HOST &
"")
Do While Not objExecObject.StdOut.AtEndOfStream
// Mr. Dookie's code goes here
Loop
Next
Next
Best Regards,
Scott Ramsdell
-----Original Message-----
From: listbounce@securityfocus.com [mailto:listbounce@securityfocus.com]
On Behalf Of Mister Dookie
Sent: Tuesday, October 24, 2006 3:55 PM
To: security-basics@securityfocus.com
Subject: Username Discovery
Hello list,
Is there a tool on the market to audit a non-centrally controlled
(every user is the administrator of their own box) network for all
Windows usernames? In other words, is there something that can be used
to harvest the Windows logins that are residing on Windows boxes to
determine who is using the network but also to possibly plug into a
script to quickly iterate through the network to test for blank or
inexcusably weak passwords?
Thanks,
John
------------------------------------------------------------------------
---
This list is sponsored by: Norwich University
EARN A MASTER OF SCIENCE IN INFORMATION ASSURANCE - ONLINE
The NSA has designated Norwich University a center of Academic
Excellence
in Information Security. Our program offers unparalleled Infosec
management
education and the case study affords you unmatched consulting
experience.
Using interactive e-Learning technology, you can earn this esteemed
degree,
without disrupting your career or home life.
http://www.msia.norwich.edu/secfocus
------------------------------------------------------------------------
---
---------------------------------------------------------------------------
This list is sponsored by: Norwich University
EARN A MASTER OF SCIENCE IN INFORMATION ASSURANCE - ONLINE
The NSA has designated Norwich University a center of Academic Excellence
in Information Security. Our program offers unparalleled Infosec management
education and the case study affords you unmatched consulting experience.
Using interactive e-Learning technology, you can earn this esteemed degree,
without disrupting your career or home life.
http://www.msia.norwich.edu/secfocus
---------------------------------------------------------------------------
