Re: VBScript to audit shares and share permissions
From: `blah (agorachat_at_free.fr)
Date: 09/24/04
- Previous message: Laura A. Robinson: "RE: Items within XP SP2 and Win2003"
- In reply to: Jim Harrison (ISA): "RE: VBScript to audit shares and share permissions"
- Next in thread: Kresna Prawira: "RE: VBScript to audit shares and share permissions"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
To: "Jim Harrison (ISA)" <jmharr@microsoft.com>, "Klenke, Brian" <Brian.Klenke@53.com>, "wnorth" <wnorth@verizon.net>, <focus-ms@securityfocus.com> Date: Fri, 24 Sep 2004 02:56:34 +0200
Hi,
You can also use SRVCHECK tool included in Windows Server Resources Kit.
A simple script will allow you to scan all your network.
The bad side is that, by myself, I could see that sometime it seems not to
see all shares. Don't know if I'm alone to have this problem.
But usually, it lists most of shares with Group/user access and type of
access.
Rgds,
Jesse ADAM.
----- Original Message -----
From: "Jim Harrison (ISA)" <jmharr@microsoft.com>
To: "Klenke, Brian" <Brian.Klenke@53.com>; "wnorth" <wnorth@verizon.net>;
<focus-ms@securityfocus.com>
Sent: Thursday, September 23, 2004 6:55 AM
Subject: RE: VBScript to audit shares and share permissions
http://isatools.org/isainfo/isainfo.hta includes code to enumerate
shares on the local machine, share permissions, the shared folder and
its permissions as well.
The HTA only scans an ISA 2004 server (surprised?), but you can C&P from
it to your heart's desire.
There are several functions / pseudo-classes involved since its part of
an overall server data-gathering tool, but you should be able to
identify the relevant parts.
I know it's not VBScript, but it does include what you're asking for...
Jim Harrison
MCP(NT4/2K), A+, Network+
Security Business Unit (ISA SE)
"The the last 10 years of Internet usage has disproven
the theory that a million monkeys typing on a million
typewriters would eventually produce the complete
works of Shakespeare. ..or maybe it only works for
typewriters..."
(unclaimed)
-----Original Message-----
From: Klenke, Brian [mailto:Brian.Klenke@53.com]
Sent: Tuesday, September 21, 2004 11:22 AM
To: 'wnorth'; focus-ms@securityfocus.com
Subject: RE: VBScript to audit shares and share permissions
Wes/Lucas
Thanks for both of your responses.
Wes, in looking over the Perl Script, unless I am missing it, the code
doesn't appear to list Share and Directory permissions for each share,
which
is really the thing that I'm after. If I missed the line(s) of code, I
apologize in advance.
Lucas, these shares aren't published in AD to my knowledge so I think
I'm
out of luck using your script.
I need a good way to automate the process of checking a list of hosts
for
shares that allow Everyone access at the share level and Everyone access
at
file system level (and maybe some other permissions). I can get this
info
from Dumpsec, but one host at a time, and it's a manual process.
I am also trying to avoid writing this myself, since I don't have,
what's it
called? Free time? :)
I hope I can find a script or a package that will do this already (I've
tried picking through various Nessus plugins and such).
-----Original Message-----
From: wnorth [mailto:wnorth@verizon.net]
Sent: Monday, September 20, 2004 2:54 PM
To: 'Klenke, Brian'; focus-ms@securityfocus.com
Subject: RE: VBScript to audit shares and share permissions
You can use a Perl script that produces the same output, and more
(includes
account enumeration etc.):
http://www.roth.net/perl/scripts/scripts.asp?Null.pl
-Wes
>I am looking for a VBScript that will return a list of shares of a
given
computer, along with each share's share
>permissions and NTFS permissions...
>
>Brian Klenke, CISSP CCNA
------------------------------------------------------------------------
--- ------------------------------------------------------------------------ --- This e-mail transmission contains information that is confidential and may be privileged. It is intended only for the addressee(s) named above. If you receive this e-mail in error, please do not read, copy or disseminate it in any manner. If you are not the intended recipient, any disclosure, copying, distribution or use of the contents of this information is prohibited. Please reply to the message immediately by informing the sender that the message was misdirected. After replying, please erase it from your computer system. Your assistance in correcting this error is appreciated. ------------------------------------------------------------------------ --- ------------------------------------------------------------------------ --- --------------------------------------------------------------------------- --------------------------------------------------------------------------- --------------------------------------------------------------------------- ---------------------------------------------------------------------------
- Previous message: Laura A. Robinson: "RE: Items within XP SP2 and Win2003"
- In reply to: Jim Harrison (ISA): "RE: VBScript to audit shares and share permissions"
- Next in thread: Kresna Prawira: "RE: VBScript to audit shares and share permissions"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
