Script to Check Open Shares Folders in the Network
jetdynamics
Member Posts: 129
in Off-Topic
Issue: We need to run a script on the network to check all the open share folder
Criteria: No special tools needed (i.e nessus,nmap a like not allowed )
Must be able to run even without admin rights to the client computer ( reason we have some machinery computers thats connected to the network w/out admin access )
Must be able to **** the information to csv,excel ideal format would be:
Computer Name or IP address:
Open Folder names:
Reason for this request: Worm is spreading and propagating to those computer that has an open shares although our anti-virus was able to detect and delete but if this worm find any available open shares then it is continously propagating. We would like to be pro-active and identify those computer that has an open shares must be removed, But at least prior to removing them we would want to talk to the user first to know that they might have a legitimate use and provide them alternative solutions.
Thanks for sharing any information that can lead to a better solution.
Criteria: No special tools needed (i.e nessus,nmap a like not allowed )
Must be able to run even without admin rights to the client computer ( reason we have some machinery computers thats connected to the network w/out admin access )
Must be able to **** the information to csv,excel ideal format would be:
Computer Name or IP address:
Open Folder names:
Reason for this request: Worm is spreading and propagating to those computer that has an open shares although our anti-virus was able to detect and delete but if this worm find any available open shares then it is continously propagating. We would like to be pro-active and identify those computer that has an open shares must be removed, But at least prior to removing them we would want to talk to the user first to know that they might have a legitimate use and provide them alternative solutions.
Thanks for sharing any information that can lead to a better solution.
Comments
-
Silentsoul Member Posts: 260not a script but very helpful for finding shares and permissions.
ShareEnum -
RobertKaucher Member Posts: 4,299 ■■■■■■■■■■
ECHO "-------------------------------------------" >> "%userprofile%\Desktop\shares.txt" ECHO %computername% >> "%userprofile%\Desktop\shares.txt" ECHO "-------------------------------------------" >> "%userprofile%\Desktop\shares.txt" NET SHARE >> "%userprofile%\Desktop\shares.txt" ECHO "-------------------------------------------" >> "%userprofile%\Desktop\shares.txt"
You could also use PSExec to run it on all the PCs in the domain. To do it to a CSV ideal would be powershell. You could use WMI to access remote PCs. Would you like me to look at that for you? -
HeroPsycho Inactive Imported Users Posts: 1,940The PowerShell way. You only need PowerShell on a workstation to do this, not on each server. PowerShell will utilize WMI to get the shares
Make a listfile of your servers you want to check, or you can use the Quest AD cmdlets to get a list of servers easily. Assign a variable to the list of servers.
$servers = get-content c:\temp\servers.txt
#Provide an account that has rights to enumerate the shares
$cred = get-credential
get-wmiobject Win32_Share -computer $servers -credential $cred | select __server,name,description,path | export-csv c:\temp\sharereport.csv -notypeGood luck to all! -
jetdynamics Member Posts: 129@RobertKaucher
I run the command you mentioned its nice, Is there a way that we can run this and by just pointing a certain range of IP address then it will **** the same information on the text file as what this current command ****? Reason why IP range is prefer because not all computers are registered in our Active Directory.
@HeroPsycho
We dont need to specify the server just all the computers thats plug into the network, Maybe you have another idea just for the computer by using certain IP range?
Thanks guys for taking time to answer my questions , I really appreciate the help. -
HeroPsycho Inactive Imported Users Posts: 1,940jetdynamics wrote: »@HeroPsycho
We dont need to specify the server just all the computers thats plug into the network, Maybe you have another idea just for the computer by using certain IP range?
Thanks guys for taking time to answer my questions , I really appreciate the help.
Make a listfile of IP's. You can use powershell to do that.
For example, to get 192.168.1.2-254...
$ips = 2..254 | %{"192.168.1." + $_}
Then use $ips for the -computer parameter.
It could be a Chinamen. IT DON'T MATTER!!!Good luck to all! -
RobertKaucher Member Posts: 4,299 ■■■■■■■■■■I like hero's approach better than mine. I had actually written a PowerShell script for you first that did a for loop through every address in the 192.168.1.0 range but I kept getting WMI errors and it didn't work as I expected it to. When I saw his reply, I quit.
I did this:[string]$subnet = "192.168.1." $StartHosts = 100 $EndHost = 200 for($i = $StartHost; $i -le $EndHost; $i++) { $ComputerName = $subnet+$i #Body of script. }
But hero's$ips = 2..254 | %{"192.168.1." + $_}
is more consice.
@Hero - Thanks for almost always teaching me something cool in PoSh with your posts! -
HeroPsycho Inactive Imported Users Posts: 1,940RobertKaucher wrote: »@Hero - Thanks for almost always teaching me something cool in PoSh with your posts!
And here I thought I was newbish with PoSh...Good luck to all! -
RobertKaucher Member Posts: 4,299 ■■■■■■■■■■Yes, but newbish is relative. It just mean I am more newbish than thou!