[Dshield] Change windows local passwords remotely

Al Reust areust at comcast.net
Thu Apr 15 01:32:12 GMT 2004


Matt

You are operating with two assumptions:

1. You have explicit permission to do what you described. This may be in 
the form of "acceptable use policy" or you have been directed by 
"management" to insure that all machines are brought to current standards 
(corporate assets).

2. You have administrative rights on "All" machines. If they are joined to 
a domain then the Enterprise or Domain Administrator account can do what 
you ask.

Otherwise, "You" are at risk! But then it is only a job.. or jail..

If you are a "Win" Admin and have purchased the Sever Resource Kit, if not 
DO SO NOW! it has a utility called cusrmgr.exe

<QUOTE>
C:\Program Files\Resource Kit>cusrmgr.exe /?
CUsrMgr Ver 1.0 Jan98 by G.Zanzen (c) MCS Central Europe
Sets a random password to a user
usage: -u UserName [-m \\MachineName] \\ default LocalMachine
   Resetting Password Function
        -p Set to a random password
        -P xxx Sets password to xxx
   User Functions
        -r xxx Renames user to xxx
        -d xxx deletes user xxx
   Group Functions
        -rlg xxx yyy Renames local group xxx to yyy
        -rgg xxx yyy Renames global group xxx to yyy
        -alg xxx Add user (-u UserName) to local group xxx
        -agg xxx Add user (-u UserName) to global group xxx
        -dlg xxx deletes user (-u UserName) from local group xxx
        -dgg xxx deletes user (-u UserName) from global group xxx
   SetProperties Functions
        -c xxx sets Comment to xxx
        -f xxx sets Full Name to xxx
        -U xxx sets UserProfile to xxx
        -n xxx sets LogonScript to xxx
        -h xxx sets HomeDir to xxx

        -H x   sets HomeDirDrive to x

        +s xxxx sets property xxxx
        -s xxxx resets property xxxx
        where xxxx can be any of the following properties:
               MustChangePassword
               CanNotChangePassword
               PasswordNeverExpires
               AccountDisabled
               AccountLockout
               RASUser
returns 0 on success
<End Quote>

with a "cmd" prompt under "Domain Admin Creds" you can then use a "for 
loop" to call "cusrmgr" to change the Administrator password on each 
machine. You can also check to see if the machine acknowledged the change 
via checking the "error level." The other thing that you need to go is go 
purchased the book on Windows Script Host. It provides tons of examples for 
what you may need to do. If you run DHCP for all the hosts it can be used 
to populate the machine names or Wins (because you have not killed NetBIOS 
over TCP/IP)

IF you see my previous post on the topic I gave several examples that can 
be modified to fit the need. IF you have the "tool" I could write the 
script. The only question would be, what did you learn?

usage:
cusrmgr -u administrator [-m \\computer] -P NewPassword \\ works

cusrmgr -u administrator [-m \\%i] -P MynewPassword \\ with the proper for 
loop running it

References: I did a quick search at Technet: "scripts" yes some lines may 
wrap.. cut and paste time

http://search.microsoft.com/search/results.aspx?st=a&View=en-us&s=5&qu=scripts

Several results that I was actually looking for under Technical Resources:

TechNet Script Center
http://www.microsoft.com/technet/community/scriptcenter/default.mspx

Tales from the Script: Columns by the Microsoft TechNet Scripting Guys
http://www.microsoft.com/technet/community/columns/scripts/sgarch.mspx

How Scripts Extension Works - Management Services: %PRODUCT%
http://www.microsoft.com/resources/documentation/WindowsServ/2003/all/techref/en-us/Default.asp?url=/resources/documentation/WindowsServ/2003/all/techref/en-us/W2K3TR_gpscr_how.asp

More Technical Resources results
http://search.microsoft.com/search/results.aspx?View=en-us&p=1&s=5&c=4&st=a&qu=scripts&na=30

Microsoft Windows 2000 Scripting Guide
http://www.microsoft.com/resources/documentation/windows/2000/server/scriptguide/en-us/default.mspx

Microsoft Windows 2000 Scripting Guide - Running WSH Scripts
http://www.microsoft.com/resources/documentation/windows/2000/server/scriptguide/en-us/sas_wsh_kumh.mspx

TechNet Scripts: Sample Scripts
http://www.microsoft.com/technet/community/scriptcenter/sampscr.mspx

Microsoft Press
Microsoft® Windows® Scripting Self-Paced Learning Guide
http://www.microsoft.com/MSPress/books/6789.asp

R/

Al

At 01:31 PM 4/14/2004 -0400, you wrote:
>Matt;
>
>             I was trying to reply to the email at:
>http://www.dshield.org/pipermail/list/2004-March/030779.php
><http://www.dshield.org/pipermail/list/2004-March/030779.php>  however I
>wasn't able to. I am looking to do the same thing that Danny is trying to
>do. I need code that will change local passwords of users on a network. My
>goal is to be able to build a program that will survey our network for
>computers (that piece I have already built), test the Admin account on each
>computer trying to see if I can log in with a standard password. If I can
>log into the box, I need to be able to change the password to a stronger
>password.
>
>             Do you have source code that can do this or can you point me in
>some direction? I am currently building my application in c#.
>
>
>
>Thanks,
>
>Peter Yungel
>
>Eclipsys Corporation
>
>678-256-4709
>
>
>
>
>
>NOTICE: This email contains confidential or proprietary information which
>may be legally privileged. It is intended only for the named recipient(s).
>If an addressing or transmission error has misdirected the email, please
>notify the author by replying to this message. If you are not the named
>recipient, you are not authorized to use, disclose, distribute, copy, print
>or rely on this email, and should immediately delete it from your computer
>system.
>
>
>
>_______________________________________________
>list mailing list
>list at lists.dshield.org
>To change your subscription options (or unsubscribe), see: 
>http://www.dshield.org/mailman/listinfo/list



More information about the list mailing list