Hi.
I have a problem that has been frustrating for me for
some time. I've reduced my script to focus on what I
think the issue is. The script uses win32 perms to
get the permissions on the registry then uses win32
perms again to get shares permission on the shares on
the server.
The script seems to run fine if I run it against one
box. If I put a list of boxes (2 is enough) in a file
called 'machines.txt' in the current working directory
I can then see the failure.
What happens is that I get 'connected to winreg key!'
echoed to screen and then perl crashes (dr watsons).
This point of failure seems to be at the creation of
the perms object used to check permission on the
registry for the next server. Can anyone help me out
with this?
Thanks,
PJ
* * * * * * * * *
use Win32::Perms;
use Win32::Lanman;
use Win32::AdminMisc;
use Win32::TieRegistry( Delimiter=>"#" );
$current_working_directory = Win32::GetCwd;
open (MACHINES,
"$current_working_directory/machines.txt");
while ($node = <MACHINES>) {
chop($node);
print " node is $node - initial...\n";
$Register =
"SYSTEM#CurrentControlSet#Control#ProductOptions";
if ($hkey_connect = $Registry->Connect($node,
"LMachine#", {Access=>KEY_READ})) {
print "successful connection to $node ...\n";
# # # get remote registry info
print " getting remote registry permissions..\n";
$_ = undef for $remote_registry_permissions, @List,
@Permissions;
$winreg_connect = 0;
$winreg_acl_list = "";
$everyone_winreg_acl_entry = 0;
$winreg_account_permissions_cache_array_counter = 0;
$Register9 =
"SYSTEM#CurrentControlSet#Control#SecurePipeServers#Winreg";
if ($winreg = $hkey_connect->{"$Register9"}) {
$winreg_connect = 1;
print " connected to winreg key!\n";
my $Perm;
if ($Perm = new Win32::Perms(
"registry:\\\\$node\\HKEY_LOCAL_MACHINE\\SYSTEM\\CurrentControlSet\\Control\\SecurePipeServers\\Winreg",
PERM_TYPE_REGISTRY )) {
print " successfully created registry perm
object..\n";
} else {
print " unable to create registry perm object!\n";
}
}
# # # Check shares that have everyone full access
print "Getting info on vulnerable shares...\n\n";
undef @share_list;
if (Win32::Lanman::NetShareEnum( $node, [EMAIL PROTECTED]
)) {
@share_list = sort{$a->{netname} cmp
$a->{netname}} @share_list;
foreach my $Share ( @share_list ) {
$dacl_entry = 0;
$share_ntfs_permissions = "";
my $sharename = $Share->{netname};
my $sharetype = $Share->{type};
print " sharename is $sharename -\n";
# print " sharetype is $sharetype -\n";
unless ($sharename eq "" or $sharename =~
/^[A-Z]\$$/ or $sharename =~
/(^IPC\$|^ADMIN\$|^REPL\$)/i or $sharetype == 1) {
# next if $sharename =~ /^[A-Z]\$$/;
#
Skip C$ etc drive shares
# next if $sharename =~
/(^IPC\$|^ADMIN\$|^REPL\$)/i; # Skip Admin shares
print " share:\\\\$node\\$sharename\n";
my $share_perm;
if ($share_perm = new Win32::Perms(
"share:\\\\$node\\$sharename", PERM_TYPE_SHARE)) {
} else {
print " unable to get share info!\n";
}
}
}
}
print "\n end of vulnerable shares check\n";
}
# # # End of check shares that have everyone full
access
}
* * * * *
http://mobile.yahoo.com.au - Yahoo! Mobile
- Check & compose your email via SMS on your Telstra or Vodafone mobile.
_______________________________________________
Perl-Win32-Admin mailing list
[EMAIL PROTECTED]
To unsubscribe: http://listserv.ActiveState.com/mailman/mysubs
