I wanted to start keeping a running sheet on who was logged in where so I wrote this guy up. Dumps a list from net view and parses it out then does a for loop to run a wmic command to see who's actively logged on to a computer.
-=The Script=-
@echo off
if exist C:\list2.txt del /f /q C:\list2.txt
net view >> C:\list.txt
for /F "skip=3 tokens=1" %%c IN (C:\list.txt) DO echo %%c >> c:\parsed0.txt
for /f %%G in (C:\parsed0.txt) do if NOT %%G==The echo %%G >> C:\parsed1.txt
for /F "delims=\\ tokens=1" %%g IN (C:\parsed1.txt) DO echo %%g >> C:\list2.txt
del /f /q C:\parsed0.txt > nul
del /f /q C:\parsed1.txt > nul
del /f /q C:\list.txt
echo List Generated
for /f %%i in (C:\list2.txt) do (
for /f "skip=1" %%v in ('wmic /failfast:2000 /node:%%i computersystem get username') do (
for /f "tokens=2 delims=\" %%c in ("%%v") do (
for /f "tokens=3,4" %%f in ('net user %%c /domain ^|find /i "Full Name"') do echo %%i %%v %%f %%g >> C:\whosthere.txt
)
)
)
)
echo Done.
del /f /q C:\list2.txt
Pause > nul
Showing posts with label Users. Show all posts
Showing posts with label Users. Show all posts
Thursday, March 22, 2012
Retrieve logon name from Human Name
I hate it when I can't do something in pure batch. But, sometimes you just gotta bite the bullet and use another language. Here's a (choke, vomit) VBS script to return the logon name given a users human name.
And right now all of you that are saying "well that's retarded their username is just first initial last name" well not everyone rolls like that. Sometimes users get assigned random ass strings as their logon names and it gets pretty freaking annoying having to connect to the DC, find the user, look up their logon name.
You'll need to modify the LDAP address in the second to last part.
Now that I think about this I may have swiped this from somewhere else, I don't remember. If so sorry about not giving credit where credit is due...
-=The Script=-
On Error Resume Next
Const ADS_SCOPE_SUBTREE = 2
strAnswer = InputBox("Please enter in Display Name for User you want Logon Name for:", _
"Logon Name")
Set objConnection = CreateObject("ADODB.Connection")
Set objCommand = CreateObject("ADODB.Command")
objConnection.Provider = "ADsDSOObject"
objConnection.Open "Active Directory Provider"
Set objCommand.ActiveConnection = objConnection
objCommand.Properties("Page Size") = 1000
objCommand.Properties("Searchscope") = ADS_SCOPE_SUBTREE
objCommand.CommandText = _
"SELECT sAMAccountName FROM 'LDAP://dc=ACME,dc=local' WHERE objectCategory='user' " & _
"AND displayName = '" & strAnswer & "'"
Set objRecordSet = objCommand.Execute
objRecordSet.MoveFirst
Do Until objRecordSet.EOF
Wscript.Echo objRecordSet.Fields("sAMAccountName").Value
objRecordSet.MoveNext
Loop
Now that I think about it, I think I can do this in batch... I'll update this if I get time to do it.
And right now all of you that are saying "well that's retarded their username is just first initial last name" well not everyone rolls like that. Sometimes users get assigned random ass strings as their logon names and it gets pretty freaking annoying having to connect to the DC, find the user, look up their logon name.
You'll need to modify the LDAP address in the second to last part.
Now that I think about this I may have swiped this from somewhere else, I don't remember. If so sorry about not giving credit where credit is due...
-=The Script=-
On Error Resume Next
Const ADS_SCOPE_SUBTREE = 2
strAnswer = InputBox("Please enter in Display Name for User you want Logon Name for:", _
"Logon Name")
Set objConnection = CreateObject("ADODB.Connection")
Set objCommand = CreateObject("ADODB.Command")
objConnection.Provider = "ADsDSOObject"
objConnection.Open "Active Directory Provider"
Set objCommand.ActiveConnection = objConnection
objCommand.Properties("Page Size") = 1000
objCommand.Properties("Searchscope") = ADS_SCOPE_SUBTREE
objCommand.CommandText = _
"SELECT sAMAccountName FROM 'LDAP://dc=ACME,dc=local' WHERE objectCategory='user' " & _
"AND displayName = '" & strAnswer & "'"
Set objRecordSet = objCommand.Execute
objRecordSet.MoveFirst
Do Until objRecordSet.EOF
Wscript.Echo objRecordSet.Fields("sAMAccountName").Value
objRecordSet.MoveNext
Loop
Now that I think about it, I think I can do this in batch... I'll update this if I get time to do it.
Find domain users who changed their passwords today
Wrote this one up just to see if I could. Thought it might make for a good post exploit drop in case you wanted to monitor which users changed their passwords, maybe have it trigger a fresh dump of the domain hashes and mail them to you or post them somewhere. Whatever.
Spits out some errors about user names not found sometimes but it seems to get the job done.
-=The Script=-
@echo off
Echo +Getting User List
for /f "tokens=1,2,3 skip=6" %%a in ('net user /domain') do echo %%a >> C:\people.txt && echo %%b >> C:\people.txt && echo %%c >> C:\people.txt
Echo +Cleaning User List
for /f "tokens=*" %%d in (C:\people.txt) do if not "%%d" == "ECHO is on." if not "%%d" == "ECHO is off." if not "%%d" == "The " if not "%%d" == "command " if not "%%d" == "completed " echo %%d >> C:\cleanpeople.txt
del /f /q C:\people.txt
Echo +Setting Time Variables
if 0 == %date:~4,1% set mn=%date:~5,1%
if not 0 == %date:~4,1% set mn=%date:~4,2%
if 0 == %date:~7,1% set dy=%date:~8,1%
if not 0 == %date:~7,1% set dy=%date:~7,2%
set now=%mn%/%dy%/%date:~10,4%
Echo +Finding Active Accounts
for /f %%g in (C:\cleanpeople.txt) do for /f "tokens=3" %%h in ('net user %%g /domain ^| find /i "Account Active"') do if %%h == Yes echo %%g >> C:\activecleanpeople.txt
del /f /q C:\cleanpeople.txt
cls
Echo +Finding Users Who Changed Their Passords Today
for /f %%e in (C:\activecleanpeople.txt) do for /f "tokens=4" %%f in ('net user %%e /domain ^| find /i "Password last set"') do if %%f == %now% echo %%e changed their password today
del /f /q C:\activecleanpeople.txt
Echo Finished.
pause > nul
Spits out some errors about user names not found sometimes but it seems to get the job done.
-=The Script=-
@echo off
Echo +Getting User List
for /f "tokens=1,2,3 skip=6" %%a in ('net user /domain') do echo %%a >> C:\people.txt && echo %%b >> C:\people.txt && echo %%c >> C:\people.txt
Echo +Cleaning User List
for /f "tokens=*" %%d in (C:\people.txt) do if not "%%d" == "ECHO is on." if not "%%d" == "ECHO is off." if not "%%d" == "The " if not "%%d" == "command " if not "%%d" == "completed " echo %%d >> C:\cleanpeople.txt
del /f /q C:\people.txt
Echo +Setting Time Variables
if 0 == %date:~4,1% set mn=%date:~5,1%
if not 0 == %date:~4,1% set mn=%date:~4,2%
if 0 == %date:~7,1% set dy=%date:~8,1%
if not 0 == %date:~7,1% set dy=%date:~7,2%
set now=%mn%/%dy%/%date:~10,4%
Echo +Finding Active Accounts
for /f %%g in (C:\cleanpeople.txt) do for /f "tokens=3" %%h in ('net user %%g /domain ^| find /i "Account Active"') do if %%h == Yes echo %%g >> C:\activecleanpeople.txt
del /f /q C:\cleanpeople.txt
cls
Echo +Finding Users Who Changed Their Passords Today
for /f %%e in (C:\activecleanpeople.txt) do for /f "tokens=4" %%f in ('net user %%e /domain ^| find /i "Password last set"') do if %%f == %now% echo %%e changed their password today
del /f /q C:\activecleanpeople.txt
Echo Finished.
pause > nul
Subscribe to:
Posts (Atom)