Teh Tech » Security http://tehtech.com Being an Admin is Hard Enough Wed, 14 Jul 2010 16:14:56 +0000 en hourly 1 http://wordpress.org/?v=3.0 Scripted Enumeration of Accounts with Local Admin Rights http://tehtech.com/sripted-enumeration-of-accounts-with-local-admin-rights/ http://tehtech.com/sripted-enumeration-of-accounts-with-local-admin-rights/#comments Sun, 18 Apr 2010 16:15:39 +0000 admin http://tehtech.com/?p=333 Beefing up security on networks keeps you from having issues in the long run. An hour today can save you three later. In a effort to improve network security and individual computer security I came up with this fancy little kaseya script.  It enumerates the local administrators on a computer and exports them to a text file named whatever the target computer has been named. This can also be run through a batch login script. In the example below “g:” is a admin share on my local server, you can make this what ever you want or use a get file in kaseya to snatch the text file from the computer.


[ad]

Script Name: Get Local Administrators
Script Description: Enumerates what users are members of the local admin group.
IF True
THEN
Execute Shell Command
Parameter 1 : net localgroup administrators >> gadmin_audit%computername%.txt
Parameter 2 : 1
OS Type : 0
ELSE

Here is the same thing in a batch file with mapping a share:

Net use g: \server01admin_share
net localgroup administrators >> gadmin_audit%computername%.txt
net use g: /delete

[ad]

]]> http://tehtech.com/sripted-enumeration-of-accounts-with-local-admin-rights/feed/ 0 Adding ‘Lock My Computer’ Shortcut to The Desktop http://tehtech.com/adding-lock-my-computer-shortcut-to-the-desktop/ http://tehtech.com/adding-lock-my-computer-shortcut-to-the-desktop/#comments Fri, 09 Apr 2010 01:14:55 +0000 admin http://tehtech.com/?p=287 In a effort to increase security at one of my healthcare providers they requested a quick way their employees can lock their computers when they walk away from their computers.  I found Mklnk, it is a very tiny free utility that lets you make shortcuts from command line.  I decided to use this to accomplish this task.  I did some research and found that the following command will lock your computer.

rundll32.exe user32.dll,LockWorkStation


So I used this with mklnk.exe to make a shortcut on the users desktop, with a lock icon.  Below is the batch file I used.  G: is a network share containing mklnk.exe.

g:mklnk.exe -a user32.dll,LockWorkStation -i %SystemRoot%system32SHELL32.dll -n 47 %SystemRoot%system32rundll32.exe “%ALLUSERSPROFILE%DesktopLock”

What this does it it passes the arguments user32.dll,LockWorkStation to the rundll32.exe, and the result is a shortcut on the all user desktop called “lock” that uses shell icon 47 (a cute lock graphic).

To use this with kaseya you have to upload mklnk.exe to the kserver, and then import the following script.  Be sure to change the red to match the location you have uploaded mklnk.exe.

Script Name: Lock Computer Icon on Desktop
Script Description: Creates a Lock icon on the all user desktop silently 

IF True
THEN
Execute Shell Command
Parameter 1 : md c:temp
Parameter 2 : 0
OS Type : 0
Write File
Parameter 1 : c:tempmklnk.exe
Parameter 2 : adminutilmklnk.exe
OS Type : 0
Execute Shell Command
Parameter 1 : c:tempmklnk.exe -a user32.dll,LockWorkStation -i %SystemRoot%system32SHELL32.dll -n 47 %SystemRoot%system32rundll32.exe “%ALLUSERSPROFILE%DesktopLock My Computer”
Parameter 2 : 1
OS Type : 0
Delete File
Parameter 1 : c:tempmklnk.exe
OS Type : 0
ELSE

[ad]

]]> http://tehtech.com/adding-lock-my-computer-shortcut-to-the-desktop/feed/ 0