Monday, January 19, 2009

Identifying the current logged in user of a remote host

Here's a short and simple script to check for the currently logged-in user of a remote computer. This script has been tested on Windows XP and Vista; it may or may not work for older Windows OSes. Save the script as check-user.vbs and pass the remote host (or IP address) as an argument when launching the script (ie, check-user.vbs remote_host). You have to be an administrator of the remote machine being queried in order for the script to run properly.

Posted by Salvador Manaois III at 6:17 PM 0 comments Links to this post
Labels:

Thursday, January 8, 2009

Conficker.vbs - Conficker (Worm_DownAD) Detector

Heard from the grapevine that the Conficker (Worm_DownAD) worm is still in the wild (http://msforums.ph/forums/t/50980.aspx). This worm generates randomly named services which makes it a tad difficult to detect and contain. Here's a short script I created to detect for possible rogue services triggered by this worm. The usual disclaimer applies:



The code should be self-explanatory. =)



Posted by Salvador Manaois III at 9:26 PM 0 comments Links to this post
Labels: ,
Subscribe to: Posts (Atom)