If you have admin rights to all the machines on the domain the attached
plug-in is a real nice way to identify and inventory all your machines.
This is a custom plug-in that is not included in the regular nessus
build, so you will have to manually add it. I am going to forward it to
nessus.org for inclusion in future builds, but I am not certain they
will add it.
The plug-in reports all the info:
The following information will be collected:
User, Host, Domain, Owner, Org, OS, Version, Service Pack, Start Time,
Manufacturer, Model, and CPU.
Jeff
Code starts here:
#
# (C) Jeff Adams <[EMAIL PROTECTED]>
#
if(description)
{
script_id(98781);
script_version("$Revision: 1.1 $");
name["english"] = "Host Info Gathering Script";
script_name(english:name["english"]);
desc["english"] = "
This script collects information useful in assisting corporations
(System Administrators) in identifying machines on their local LANs.
It is most useful when used in locating and identifying machines flagged
as vulnerable by other plug-ins.
The following information will be collected:
User, Host, Domain, Owner, Org, OS, Version, Service Pack, Start Time,
Manufacturer, Model, and CPU.
Solution: Info Only
Risk factor: None";
script_description(english:desc["english"]);
summary["english"] = "Host Info Gathering Script";
script_summary(english:summary["english"]);
script_category(ACT_GATHER_INFO);
script_copyright(english:"This script is Copyright (C) 2004 Jeff
Adams");
family["english"] = "Windows";
script_family(english:family["english"]);
script_dependencies("netbios_name_get.nasl",
"smb_login.nasl","smb_registry_full_access.nasl");
script_require_keys("SMB/name", "SMB/login", "SMB/password",
"SMB/registry_full_access");
script_require_ports(139, 445);
exit(0);
}
include("smb_nt.inc");
port = get_kb_item("SMB/transport");
if(!port)port = 139;
user = registry_get_sz(key:"SOFTWARE\Microsoft\Windows
NT\CurrentVersion\Winlogon", item:"DefaultUserName");
domain = registry_get_sz(key:"SOFTWARE\Microsoft\Windows
NT\CurrentVersion\Winlogon", item:"DefaultDomainName");
host =
registry_get_sz(key:"SYSTEM\CurrentControlSet\Services\Tcpip\Parameters"
, item:"Hostname");
owner = registry_get_sz(key:"SOFTWARE\Microsoft\Windows
NT\CurrentVersion", item:"RegisteredOwner");
org = registry_get_sz(key:"SOFTWARE\Microsoft\Windows
NT\CurrentVersion", item:"RegisteredOrganization");
os = registry_get_sz(key:"SOFTWARE\Microsoft\Windows NT\CurrentVersion",
item:"ProductName");
ver = registry_get_sz(key:"SOFTWARE\Microsoft\Windows
NT\CurrentVersion", item:"CurrentVersion");
sp = registry_get_sz(key:"SOFTWARE\Microsoft\Windows NT\CurrentVersion",
item:"CSDVersion");
time = registry_get_sz(key:"SOFTWARE\Microsoft\Windows
NT\CurrentVersion\Prefetcher", item:"StartTime");
make =
registry_get_sz(key:"SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUp
date\OemInfo", item:"WbemOem");
model =
registry_get_sz(key:"SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUp
date\OemInfo", item:"WbemProduct");
cpu =
registry_get_sz(key:"HARDWARE\DESCRIPTION\System\CentralProcessor\0",
item:"ProcessorNameString");
report = string ("This script collects information useful in assisting
corporations (System Administrators) in identifying machines on their
local LANs.
It is most useful when used in locating and identifying machines flagged
as vulnerable by other plug-ins.
The following information was gathered about the remote host:
User: ", user, "
Domain: ", domain, "
Host Name: ", host, "
Registered Owner: ", owner, "
Registrered Org: ", org, "
OS: ", os, "
Version: ", ver, "
Service Pack : ", sp, "
Start Time: ", time, "
Manufacturer: ", make, "
Model: ", model, "
CPU: ", cpu);
security_note(port:port, data:report);
________________________________
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Lepich, Jesse A Mr
GLWACH
Sent: Wednesday, May 12, 2004 10:27 AM
To: [EMAIL PROTECTED]
Subject: Plugin to detect NT?
Hello list, I'm new to Nessus. This is my first post. I'm wondering if
there is a plugin to detect Windows NT machines on the network. I need
to inventory all of the NT system on our network, can nessus help me
with this?
Thanks for any help!
-Jesse
_______________________________________________
Nessus mailing list
[EMAIL PROTECTED]
http://mail.nessus.org/mailman/listinfo/nessus
