Monday 18 April 2011

Remotely & Secretly auditing a PC (without user intervention)

Entering WMIC as domain administrator
  1. From Start -- Run "runas /domain\user cmd"
  2. You'll be shown a new command prompt window - now you are ready to use the WMIC   
  3. "Windows Command Line Interface" 

Pulling installed software, name and versions from Remote PC's
  1. To list software installed on a remote machine use the following syntax
wmic /node"PCNAME"  product get name, version, vendor >c:\somename.csv

Or you can pipe to .txt file for easier import into xls.

You will be shown the list of software installed on a PC & their versions: ie: and this will be piped to your c drive




 Remote audit with a pipe out to c:\


The output file










http://isc.sans.edu/diary.html?storyid=1229
Posted by at No comments:
Labels: ,

Wednesday 13 April 2011

Ubuntu 10.04 - add a persistent route


route add [-net|-host] netmask gw dev X
Example
route add -net 10.10.10.0 netmask 255.255.255.0 gw 192.168.1.1 dev eth0
route add -host 10.10.1.1 netmask 255.255.255.0 gw 192.168.1.1 dev eth0
Posted by at No comments:
Labels: ,

Thursday 7 April 2011

Avaya Site Manager 5.0 - setup using Wine on Ubuntu 10.04

  • Install Wine
  • Install Winetricks
  • Install Avaya Site Manager
  • Open Winetricks

-- Click on "select a default wine prefix"
---- Click on "Install a windows .dll or component"
------- Select msdac32

If you don't install msdac32 you'll get this error:


marnast@ict-marna:~/.wine/dosdevices/c:/Program Files/Avaya/Site Administration/bin$ wine ASA.exe
fixme:atl:AtlModuleInit SEMI-STUB (0x100100b8 0x1000d1b0 0x10000000)
err:module:attach_process_dlls "odbc32.dll" failed to initialize, aborting
err:module:LdrInitializeThunk Main exe initialization for L"C:\\Program Files\\Avaya\\Site Administration\\bin\\ASA.exe" failed, status c0000005
marnast@ict-marna:~/.wine/dosdevices/c:/Program Files/Avaya/Site Administration/bin$ wine ASA.exefixme:atl:AtlModuleInit SEMI-STUB (0x100100b8 0x1000d1b0 0x10000000)
fixme:win:LockWindowUpdate (0x10200), partial stub!
fixme:win:LockWindowUpdate ((nil)), partial stub!
fixme:shell:MLSetMLHInstance (0x71590000,0x7ed40000) stub
fixme:shell:MLClearMLHInstance (0x71590000)stub
fixme:commdlg:ChooseFontW : unimplemented flag (ignored)
fixme:shell:MLSetMLHInstance (0x71590000,0x7ed40000) stub
fixme:shell:MLClearMLHInstance (0x71590000)stub

Posted by at 2 comments:
Labels: , ,
Subscribe to: Posts (Atom)