I needed a quick script to gather the process name and executable path on multiple computers. The following are the sites that I referenced:
http://stackoverflow.com/questions/17408185/vbscript-check-for-running-process-on-multiple-computers
http://www.hamiltonitblog.com/vbscript-get-list-of-running-processes-and-executable-path/
https://msdn.microsoft.com/en-us/library/aa394599%28v=vs.85%29.aspx
Below is the script that was mashed together:
strComputer = "."
Set fso = CreateObject("Scripting.FileSystemObject")
Set f = fso.OpenTextFile("list.txt")
Do Until f.AtEndOfStream
strComputer = f.ReadLine
On Error Resume Next
Set objWMIService = GetObject("winmgmts:" _
& "{impersonationLevel=impersonate}!\\" _
& strComputer & "\root\cimv2")
Set colProcessList = objWMIService.ExecQuery _
("Select * from Win32_Process")
For Each objProcess in colProcessList
Wscript.Echo """" & objProcess.Name & """,""" _
& objProcess.ExecutablePath & """,""" & strComputer & """"
Next
Loop
f.Close
Then with the following site I came up with a script to pull in information about services running on the computers. I used the below sources:
https://social.technet.microsoft.com/Forums/scriptcenter/en-US/890b3bea-c4ff-4bc2-a17f-ddfa92cafc62/vbscript-to-get-service-info?forum=ITCG
https://msdn.microsoft.com/en-us/library/aa394418%28v=vs.85%29.aspx
Script is below:
strComputer = "."
Set fso = CreateObject("Scripting.FileSystemObject")
Set f = fso.OpenTextFile("list.txt")
Do Until f.AtEndOfStream
strComputer = f.ReadLine
On Error Resume Next
Set objWMIService = GetObject("winmgmts:" _
& "{impersonationLevel=impersonate}!\\" _
& strComputer & "\root\cimv2")
Set colProcessList = objWMIService.ExecQuery _
("Select * from Win32_Service")
For Each objProcess in colProcessList
Wscript.Echo """" & objProcess.Name & """,""" _
& objProcess.DisplayName & """,""" & objProcess.PathName _
& """,""" & strComputer & """"
Next
Loop
f.Close
Subscribe to:
Post Comments (Atom)
-
Here is a quick walk through of GetBoo. The first item that I found was you can harvest the usernames of the existing users that are regist... -
As I was glancing through the logs of my honeypots I spent some time to look at the following logs. In the past I have just overlooked them... -
I thought I would work through a few of these web applications provided by OWASP on their broken web applications VM. The first one I th... -
Today looking at the logs of the honeypots, I became curious based on the whois of the IP Addresses attempting to login to SSH which country...
-
Recently I was doing some scanning with a tool that is available on github called masscan. The tool allows you to configure a configuration...
No comments:
Post a Comment